Monday, May 07, 2007

Drive-by downloads in a different perspective

Drive-by downloading is a catch-all name for software downloaded on your computer without your knowledge or intervention. Drive-by downloading is different than phishing, which misleads users by using authentic-appearing sites that deceive users into entering sensitive information, and different than pop-ups, which fool users into agreeing to download software. Drive-by downloads sneak onto computers without the user’s knowledge or permission.
Some of the most common drive-by download carriers are songs from free music share sites, free screensavers, etc. Many of these install spyware that monitors your surfing habits, and then displays pop-ups that match your habits. For example, if you invest a good chunk of your Internet time cruising sport sites, the spyware detects this, and it could then splash sporting apparel ads on your monitor.
And it's a real problem ... Didier Stevens a friend-blogger did a test which he blogged today at
What did he do?
Well he's been running a Google Adwords campaign for 6 months now as an experiment…
He bought the domain. He set up a web server to display a simple page saying “Thank you for your visit!” and to log each request. That’s all. He wanted to be absolutely clear about this: no malware or other scripts/code were ever hosted on this server. No PCs were harmed in this experiment.
He started a Google Adwords campaign with several combinations of the words “drive by download”, etc ... He designed his ad to make it suspicious, but even then it was accepted by Google without problem and he got no complaints to date. And many users clicked on it.
I am not surprised by this.
Of course this is just 'normal human behaviour', isn't it.
The human mind is like that, even if you think it could be harmful you will be testing it. So why worry about it.
Well at least there are free solutions like McAfee's SiteAdvisor ( ) or TrendMicro's TrendProtect ( ) which are giving you indications to your surfing habits. Of course these are not foolproof but at least they give you a possible solution. The only problem: Not everybody is using those new techniques and some of us think that such tools are just annoying. Shame on you!