Interesting People mailing list archives
New Internet marketing tool combines both leading annoyances
From: Dave Farber <dave () farber net>
Date: Sat, 19 Oct 2002 18:32:36 -0400
------ Forwarded Message From: Ari Ollikainen <Ari () OLTECO com> Date: Sat, 19 Oct 2002 15:21:41 -0700 To: Dave Farber <dave () farber net> Subject: New Internet marketing tool combines both leading annoyances The first time I encountered one of these Windows Messenger pop-ups on a Win2K system recently, I immediately checked and discovered Messenger service active. Disabling Messenger stops this somewhat clever but annoying exploit using port 135... Posted on Fri, Oct. 18, 2002 http://www.siliconvalley.com/mld/siliconvalley/4316557.htm New Internet marketing tool combines both leading annoyances NEW YORK (AP) - As if junk e-mail and pop-up ads weren't annoying enough on their own, now there's a combination. A developer of bulk-mail software has figured out how to blast computers with pop-up spam over the Internet through a messaging function on many Windows operating systems. The function was designed for use by computer network technicians to, for instance, warn people on their systems of a planned shutdown. The pop-up messages appear on recipients' computers in separate windows, similar to pop-up ads that appear when a user goes to a Web site. But there's a difference: Anyone can send the messages, and there's no need for the user to have an Internet browser open. Gary Flynn, a security engineer at James Madison University, where several messages were received, calls the technique worse than e-mail spam. ``This pops up on the screen,'' he said. ``It's almost like somebody barging in your office and interrupting you.'' Zoltan Kovacs, founder of the company that makes the new software, officially condemns spamming but acknowledges that some customers buy it for that. ``If some people use it for bad things, they should take their own responsibility, but it's their own problem,'' Kovacs said. He said his tool can help system administrators send alert notices to network users more efficiently. However, his Web site touts the software's advertising and marketing potential. He said he has sold more than 200 copies since his $699.99 product was released two months ago. The new spam technique, first reported by Wired.com, represents the latest attempt to bypass the increasingly sophisticated e-mail spam filters employed by leading Internet service providers and individual users. It also circumvents state and other laws designed to curb junk e-mail, Kovacs said. Kovacs said his company is based in Romania. A demo copy of the software contains a Plantation, Fla., address, but he said that was old. Kovacs refused to discuss his location, other than saying he is in the United States. In recent weeks, Internet users have reported receiving pop-up messages such as one touting university degrees without classes or books. Security firm myNetWatchman.com, which monitors some 1,400 computer networks worldwide, also detected unsolicited connection attempts of the pattern used by Kovacs' software, DirectAdvertiser. Unlike e-mail, recipients can only receive messages if their computers are on while the messages are being sent. And the software can only send text -- not images or clickable links as are found in pop-up ads and e-mail. The software itself does not hack into computers. Rather, it uses the Messenger service that comes turned on by default with many Windows systems, including 2000 and XP, said Philip Sloss, an independent security consultant in San Diego. Messenger, not to be confused with the MSN Messenger instant-messaging program, is meant for system administrators to broadcast service notices. But if a system administrator can use Messenger, so can someone connecting through the Internet from the outside, said Lawrence Baldwin, president of myNetWatchman.com. Flynn worries that hackers might one day use the technique to persuade users to change their passwords or otherwise compromise security. The DirectAdvertiser software finds Messenger-enabled computers by running through ranges of numeric Internet Protocol addresses used to identify computers on the Internet. The software, however, may not work if a computer is behind a security firewall or if multiple computers share the same numeric address using a traffic router. The pop-up messages it sends are much more difficult to trace -- and thus block -- than e-mail spam, Baldwin said. The software's Web site says the messages are ``completely anonymous and virtually untraceable,'' a claim Baldwin confirms. Users can disable Messenger through their operating system's control panel, although doing so could interfere with some anti-virus and other applications that send such messages. Kovacs even provides instructions on his Web site. <[ http://www.directadvertiser.com/optout.html ]> Kovacs claims his software can send more than 10,000 messages an hour through high-speed cable modems and DSL connections. Using a more expensive T1 line increases the capacity threefold. Kovacs, who refused to disclose his customers, said he has heard from people wishing to buy the software and well as those wishing to turn off the Messenger functions. Every few days, Kovacs said, an irate caller addresses him ``using bad words.'' ``We just hang up the phone,'' he said. -- +----------------------------------------------+ | You need only two tools: WD-40 and duct tape.| | If it doesn't move and it should, use WD-40. | | If it moves and shouldn't, use duct tape. | +----------------------------------------------+ ------ End of Forwarded Message ------------------------------------- You are subscribed as interesting-people () lists elistx com Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- New Internet marketing tool combines both leading annoyances Dave Farber (Oct 19)