General discussion

  • Creator
  • #2258073



    by dracnoc ·

    blog root

All Comments

  • Author
    • #3227152 scare-mongering? maybe…. maybe not.

      by dracnoc ·

      In reply to Clueless

      Apparently, I’ve got spyware.

      Now, we’ve all seen the adverts on websites

      “Spyware was found on your computer! Click here!”

      or, if you’ve ever bothered to read those unsolicited messages zipping across the ‘net:

      “STOP! Windows has found 55 critical errors on your system! Go to and download now!”

      Blah, blah, blah. Seen it all.

      Yesterday though, I got one from a legitimate company – and I don’t think they know they’e doing it. are offering a free spyware sweep on your system. All you have to do it to download a small piece of software and click on the “Get Results” button from the download site when it’s done. Anyone can do this, here’s the link

      This is where the problems began for me. It’s a Windows download, not the best thing for a Linux box, so I decided to not bother, but the “Get Results” box was still looking at me. With it’s bright orange sheen and cheerful curves it tempted me into clicking….. and I was a little surprised.

      Apparently, I have spyware. It’s only on “low”, but “Spyware was found within your Enterprise” was a little surprising.

      I haven’t got all the certs to make me an IT pro, and you won’t find a Cisco cert hanging up on my office wall, but I know that don’t make for an accurate result on ANY computer. I’ve emailed for a possible explanation as to why this happens. Hopefully, it’s a minor oversight which will be easily corrected.

      I’m just glad I’m not a company boss who hasn’t got a clue about computers, and would probably scream at the fact I’ve spent perfectly good money on a security package that now appears not to work!

      If this is an example of bad design, then it’s very bad.

      By being able to click the “Get Result” button and get a result without the need to run the software, I’ve shown that their own systems point out a method of getting spyware onto your system in the first instance – what our team call “blinkered selection”. This is where someone will repeatedly do the same action to get a result, without regard to other consequences. In computer terms, this normally involves ageeing to the EULA without actually reading it. Did you check to see what else was installed along with the freeware? No? Didn’t think so….

      The audit webpage shows exactly what can go wrong when basic checks are not put in place. In this instance, it doesn’t even bother checking to see if the software was actually run. Next time you boot your computer, don’t bother checking to see if your AV and firewall booted up with it….. yeah, seriously, like any of us are going to do that.

      Hopefully will get back to me with a good reason, but at the moment their exam paper is gonna get a big, fat, red “F” stamped on it. I’ll keep you all posted.

      • #3204579 scare-mongering? maybe…. maybe not.

        by dracnoc ·

        In reply to scare-mongering? maybe…. maybe not.

        OK, I got a reply back to day from…

            “Thank you for bringing this item to our attention.  We rely on feedback
        from our customers to improve our products and service. Thank you for
        taking the time to share your findings with us.”

        Yep, that’s it! I almost feel sorry for disturbing their coffee break on this little oversight. Mind you, the whole email reads like an automated response, so I suspect nobody in their Customer Service office actually lost any sleep on this.

        Like I said in my original blog, some people could see this test as a flaw in their security setup and make an expensive mistake. It’s still there, I tried it about five minutes before writing this blog, so this hasn’t improved – or do they want it to stay stagnant? Is this real proof that companies are misleading less-than-knowledgable users into believing their systems are infected? Personally, I don’t think that is the case, but there’s nothing there to prove they’re innocent either. If this was a genuine mistake, then they’ve wasted five days to correct a relatively simple problem. This sort of thing can make or break the reputation of a company, I would have jumped on it within the first 24 hours.

        So, their “F” grade had been changed to a “See Me After Class”.

Viewing 0 reply threads