windows newsletter
 
 
Home
Latest newsletter
Previous
All newsletters
 

subscribe - it's free!

Free Windows Newsletter 55,000+ subscribers!

Tell me more about it!





 
 
 

 
The Archiving Ultimate Guide: All about WinZIP, WinRAR, and WinACE.
 
 
 

essential reading
 
Free reports
Windows Primer
 
 
 

 
How to Re | Install Windows: The Ultimate downloadable video and eBook guide.
 
 
 

what's cooking
 
About
Contact
 
 
 

free windows video tutorials
 
Windows tutorials
Buy Dennis' videos and eBooks
 
 
 

 
Windows Primer: The Definitive guide for new and Intermediate computer users.
 
 
 

recommended sites
 
Java Magic
Beyond the Black Stump
 
 
 

purchases
 
Enter Unlock Code

 

Membership Login (purchases only):

 


 
 
 
 
Keyboard Secrets: Increase productivity without the need to reach for the mouse.
 
 
 

newbie clues
 
PC and Internet Companion
Windows Registry For Newbies
DigiCam Magic
MS Word Magic I
MS Word Magic II
First Website Builder Course
Windows For Newbies
 
 
 

advertise
 
Advertise
 
 
 

 
How to Install a Hard Drive: Need more storage on your computer?  Find out how.
 
 
 

'Spy Detect' software -- is it a scam?

Category: The Internet
by Dennis Faas, infopackets editor
http://www.infopackets.com
 

Dear Dennis,

First of all, thanks for all the great info.

I have a security question for windows.  With all the security I have, such as a firewall, and virus protection, I thought I was pretty safe when online.

However, the other day I stumbled upon a web site that had the contents of my hard drive revealed to me through a link.  The software is called SPY DETECT:

www.spydetect.com/pscan/pscan.shtml

This is from a security firm that is selling software to stop this sort of thing from happening.  I would like to know -- is my computer at risk?

My Response:

This is a scam that preys on the fact that people are ignorant to Java Script tricks and Microsoft Security exploits in Internet Explorer.  The funny thing is that this particular web site claims that what they're showing you is not trick.

When I viewed the Document Source, I noticed that there was a lot of Java Code placed throughout the page.  While I did not spent a great deal of time analyzing exactly how they made the files on my hard drive magically appear on the Internet Explorer, the one thing that really caught my eye was that the "report number" (displayed on the HTML page) was simply a randomly generated number produced by the Java Code.  This fact alone was enough to indicate to me that this web site was less than honest.

You can what I'm referring to here in their HTML document code:

//report
var randomnumber = Math.floor(Math.random()*99999)
document.write("Report <b>")
document.write(randomnumber)
document.write("</b> created on ")

Anyway, don't waste your time visiting this web site.

Afterthoughts

Originally when I visited the site, I was able to view the contents of my hard drive through their Java Script exploit.  However, the latest Microsoft Java Virtual Machine security patch (September 18, 2002) seems to have taken care of this problem.

--

PS: If anyone needs a FREE virus scanner and firewall, be sure to grab my free report on How to Stop Hackers and Viruses from Malicious Intent.  And of course, don't forget to keep your Windows up to date!

 
 
 




This article was taken from our free Windows newsletter.

Join our e-mail email list today -- it's free!

45,000 subscribers can't be wrong.

Click here to view our archive of newsletters.

Copyright 2003 | Dennis Faas, infopackets editor |
http://www.infopackets.com |Computer 411 

This article may be freely distributed in email or other online publications, providing that it is not modified in any way.The article must ALSO include the above line which gives credit to/and includes the URL referring to infopackets.com.



top | home | windows newsletter |contact | subscribe (free) | refund policy | privacy policy

Computer 411 • 2356 Hall Avenue • Windsor, ON • Canada • N8W 2L9 • Telephone (519) 564-7005