Adware programmer explains slide into evil

toolbars2.png

Fantastic interview over at Philosecurity with Matt Knox, a Ruby instructor and coder who happened to find himself writing adware for Direct Revenue, which was directly responsible for infecting millions of computers with invasive pop-ups.

He’s repented, though.

I was utterly and grindingly broke for a little while. I started working on SPAM filtering software. That work got noticed by [Direct Revenue], who hired me to analyze their distribution chain. For a little while, the site through which all their ads ran was something like top 20 in Alexa. Monstrous, really huge traffic. Maybe 4 or 5 months into my tenure there, a virus came out that was disabling some of the machines that we had adware on. I said, “I know enough C that I could kick the virus off the machines,” and I did. They said “Wow, that was really cool. Why don’t you do that again?” Then I started kicking off other viruses, and they said, “That’s pretty cool that you kicked all the viruses off. Why don’t you kick the competitors off, too?”

It was funny. It really showed me the power of gradualism. It’s hard to get people to do something bad all in one big jump, but if you can cut it up into small enough pieces, you can get people to do almost anything.

I’ll tell you, we’ve got some community projects planned for BBG over the course of the next year, and that’s exactly what we’re counting on.

Interview with an Adware author [Philo Security via Hack A Day]

This entry was posted in Uncategorized. Bookmark the permalink.

18 Responses to Adware programmer explains slide into evil

  1. sworm says:

    I love my mac.

    Ever since I’ve switched, I’ve saved DAYS I would otherwise have spent on spyware removing.

    The best way to avoid spyware is still switching to a unix alike(linux,osx, ubuntu). Not because it’s better, but because less ppl use it.

  2. Ari B. says:

    That photo’s kinda scary.

  3. Camillo Miller says:

    Count me in.

  4. zuzu says:

    Is this also how Colin Powell found himself before the UN Security Council talking about “yellow cake” and “aluminum tubes”?

  5. TJ S says:

    I have a very strong urge to run SpyBot S&D on that computer…

  6. zuzu says:

    Worms, botnets, and spyware fascinate me because they’re like the bacteria colonies of cyberspace. Multiple infections spurs thoughts of spyware cross-breeding* to become super-worms, possibly surviving spyware removal software like antibiotic-resistant bacteria, and then one day evolving into SkyNet.

    *Especially the varieties that seek to remove competitors’ spyware and themselves defend against removal by competitors. Symbiosis is inevitable on a long enough timeline and with a very large number of computers on the Net.

    Also, there’s the theory that the only reason sexual reproduction was prompted into evolution was to out-race parasitic infection. Where are the immune systems and reactive firewalls for personal computers? (ala Ghost in the Shell)

    Jonathan Zittrain and Richard Clarke have the right ideas generally about the future of information warfare.

    We aren’t dealing with ordinary machines here.
    These are highly complicated pieces of equipment almost as complicated as living organisms. In some cases, they’ve been designed by other computers. We don’t know exactly how they work.

    Westworld

  7. Halloween Jack says:

    Just don’t bring back that awful rainbowtopia thing that you did.

  8. dculberson says:

    NOBODY DENIGRATES INFOMERCIA!

  9. se7a7n7 says:

    The image that stupid Bonzai Buddy monkey makes me angry. I made the mistake of installing it several years ago and it was the most annoying thing ever. The best feature of the program was the uninstall.

  10. Anonymous says:

    See vitalsecurity.org for a post offering the corresponding outsiders view: http://www.vitalsecurity.org/2009/01/direct-revenue-twisting-history.html

  11. TJ S says:

    Infomercia ruled.

  12. Enochrewt says:

    I love my mac.

    Ever since I’ve switched, I’ve saved DAYS I would otherwise have spent on spyware removing.

    Oh stop it with the Mac stuff. If you get spyware on a PC it’s because you don’t know what the hell your doing anyway, and are clicking on dangerous links and randomly installing things you shouldn’t. When people claim that Macs are the cure for spyware I hear:

    “I’m not smart or responsible enough to not click on that Czechoslovakian porn site promising penile enlargement, so I’ll buy a Mac.”

  13. zuzu says:

    …I’ve been clicking and clicking, but still no free lobster dinner… :(

    http://www.yzzerdd.com/

    You could have won a Porche!

  14. Anonymous says:

    He should be telling this to Congress, and everyone involved should be in prison.

  15. OM says:

    …Repenting doesn’t count. I still say he deserves tar and feathering in the original form: coat him with hot tar, dump the feathers on him, light the feathers and turn him loose a distance from the nearest lake that’s relative to the crime. In this case, said crime demands that he be ignited somewhere in the dead center of the Sahara Desert.

  16. HaltingPoint says:

    @17:

    While I am normally the first to agree, it is indeed possible to get infected even with some smarts. I still have no clue how I possibly became infected with the Downadup worm recently.

    That said, when I have become infected in the past, its not a huge deal…I’ve been able to manually deal with nasty viruses in my past.

    It takes some common sense to avoid them though and frankly many people new to the web or who aren’t hardcore don’t understand basic things like checking the actual URL (not the link name), not downloading .exe’s from unknown sources, avoiding torrents of games that should be a couple gigs but are less than a meg, etc.

  17. pork musket says:

    The only way he can repent is to die in a fire.

  18. devophill says:

    …I’ve been clicking and clicking, but still no free lobster dinner… :(

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

 

More BB

Boing Boing Video

Flickr Pool

Digg

Wikipedia

Advertise

Displays ads via FM Tech

RSS and Email

This work is licensed under a Creative Commons License permitting non-commercial sharing with attribution. Boing Boing is a trademark of Happy Mutants LLC in the United States and other countries.

FM Tech