RSS Search

 News  Feeds  Tags  Search Shortcuts

FeedsFarm.com > Battle without Honour or Humanity: The Fourth Wall is Live!

Battle without Honour or Humanity: The Fourth Wall is Live!

14th Nov 2006, 21:00 GMT

I've been teasing you mercilessly for the past few weeks over something called "The Fourth Wall" - well, wait no longer, because it has indeed arrived. But what is it?Well, in my experience there are two main sources of misery online:A) Jimmy leet hax and his equally leet hax friends, generally characterised by dank, smelly rooms, clown costumes and an unhealthy obsession with children's birthday parties.B) Adware companies that are supposedly "legit", yet continue to get on your nerves with spurious installs, deceptive practices and an all-too-loose approach to the way their affiliates operate and represent them in the big, wide world.Whenever party A becomes aware of party B, they suddenly get all excited over the vast amounts of money they stand to make for very little effort..especially when those efforts are decidedly dubious. As we all know, the bad actors from party B are pretty much driving the underground economy by making it easier than ever to make some serious dough. And when it all goes wrong, the parent company just blames the affiliates and all is right with the World once more.In recent months, we have seen the coming of numerous anti-something or other groups, and they all pretty much focus exclusively on the "sexy" stuff - got a Botnet that needs whacking? Hm, you'd better see the Shadowserver guys. Endless amounts of Spam getting on your nerves? Check out the Fried Phish effort. Malware on your doorstep with no idea how to get it taken down? You'll be wanting the newly formed MIRT, then.Yet....something is missing here, and that would be a grassroots group that tackles the Adware vendors. There's a rather obvious disconnect in all of the above efforts - nobody is examing the antics of the leet hax affiliates and their Patron Saints, the money spinning Adware companies who are totally awesome now, honest they are. Sun shining out of their backsides and everything. Because of this failiure to really stick it to the Adware guys, we just go round and round cleaning up the neighbourhood block by block, while we become swamped by endless amounts of hackers and a ton of stupid Adware companies that should know better. It's like extracting pieces of shrapnel from someone's leg while the enemy continues to drop Atom bombs on your face - we should be looking to systematically tackle the supposedly "legit" companies first THEN mop up the leet hax guys afterwards. With a severely reduced amount of financial incentive to do what they do, you'll likely find a lot of these hacker wannabes simply get bored and go do something else entirely making the task at hand even easier.As a random example - a while ago, on some Brazilian forums I was seeing the same bunch of nasty Spyware installed on tons of different PCs. While the bundle itself was a standard data-theft Trojan, the REALLY interesting part was that a well known Adware vendor - all cleaned up now, M'Lud - kept appearing in all of the HiJack This logs.What does this say to you? It says to me that1) At a bare minimum, that Adware vendor's software is being installed along with whatever else has emerged from that particular bundle. In other words, their affiliates still suck. This is notable, newsworthy and can potentially be used by law enforcement, the FTC, the CDT and whoever else wants it to effect some sort of change for the better.2) There is then the possibility that the Adware vendor's software is being hacked and installed without permission - that is, whatever installer prompts they have in place are being bypassed somehow. This is even MORE notable, newsworthy and can potentially be used by law enforcement, the FTC, the CDT and whoever else wants it to effect some sort of change for the better. It also makes a complete mockery of the idea that company x, y and z has "cleaned up", and exposes the PR spin for what it is - garbage....but what does the person charged with removing the infections do?Ask what URL the payload came from? Set in motion a series of events where evidence is collected, people are notified and the Adware vendor is made to look sucktacular?Nope, they simply clean out the PC without bothering to address the fact that a supposedly "reformed" company is sitting in that hijack and at that point, THE ADWARE VENDOR HAS GOT AWAY WITH MURDER.Kind of.At the very least, it's a clear message to anyone that might be listening that, actually, Company X still has a long way to go. Company X is actually in a rather shaky position right now. Company X is about to be sued off the face of the planet for repeatedly indulging in acts of wanton boobery. Company X.......well, you get the idea. Every time I see an opportunity like the above go begging, it makes me howl. And yet it happens every single day on Security Forums and we're still not addressing the issue. I suppose there was no real need for this logging of installs back in the day, because at that point in time the idea of Adware companies being hauled in front of the FTC would have seemed like some net-nerd's wet dream. But look - it's happening all the time now. And the evidence served up on security sites is often invaluable to these people (look how many security blogs and researchers were listed in the Direct Revenue thing a while ago!) In fact, there's lots of things we're not addressing so with that in mind, I present to you:The Fourth Wall.Put simply, The Fourth Wall is a fully mobile black ops army, that functions entirely over IM, and attempts to address some of these major disconnects in the security community - disconnects that could be put to great use.That's right - Instant Messaging. You don't have to register on yet another damn forum to get involved, because we all know doing that is probably the most annoying thing on the Internet, ever. All you need is your IM Client - by default, I use MSN Messenger (for it's offline message sending capabilities and a few other things) but I have GAIM for all those other crazy IM services too.I want the security experts on forums out there to start actually asking these people where the infections came from, next time they see any of the "big name" Adware vendors showing up in their logs - feed that information back to me via IM (or simply use the Meebo Client on the frontpage) and I promise you that particular act of should-know-better will not go unpunished. I know European and American forums have a "thing" about putting infection links on their forums (it's interesting to note that Brazilian forums don't seem to mind, no idea why) so it is of course perfectly fine to ask the victim via PM where they picked up their bundle of "joy". Whatever fits in with the rules of your particular forum, I don't fancy your site Admins turning up outside my house with bricks and guns and stuff.It's my intention that we'll soon start to get a better picture of just how cleaned up these companies really are, as opposed to them just telling us "we're all better now". You might never have to do anything other than send me one simple message, but that one message could be the difference between someone getting away with murder and being hammered with a snowstorm of bad press, fines and all the other awesome stuff that's long overdue.However, this isnt where it ends. The success of this project relies on those people who effectively first discover infections - the general public - getting involved. If you're infected by something or hijacked in a drive-by, simply ping me using the Meebo Chatbox on the frontpage to report it. I figure, why limit my eyes and ears to a limited number of security experts when I can get the whole damn Net to start flagging this stuff too?But oh, thats not all. I've spent a long time cultivating the notion that hey, hacking people is bad, m'kay on various Hacker forums - and I now have a veritable army (well, more than twenty at any rate) scattered across the hidden sections of leet hax0r boards keeping an eye out for dodgy Adware vendor affiliate stuff. When they see it, they'll report back to me and then things will really start to kick off. Man, if they can get hold of the info - and they probably can - I'll have no qualms whatsoever about splashing everything on this site from their name to their underpant size before turning that information over to whoever needs it. Think you're anonymous, Johnny Leet Hax? Think you can hide behind a numerical, untraceable affiliate ID forevermore? Think again. You'll be busted slowly, painfully and methodically and frankly I'll be enjoying every single second of it.It's time to drag these punks out of their beds and make them cry like big sissy girls.It's time to bring the hammer down on all the mealy-mouthed Adware vendors who say one thing and do something entirely different, usually while trying to make you choke down a pile of PR-spun garbage.Are you game? if so, it's time to join the battle and get things moving. Add me to your IM Client with this address, or use the Meebo client on the frontpage. If you don't use MSN Messenger, fire me a Meebo Message and tell me what client you do use.Of course, there's more to The Fourth Wall than what's outlined above - but it's a good enough introduction to what you can expect from this little venture of mine. I'm also trying to keep things as simple and as basic as possible, because the biggest cause of DOA for these kind of efforts is needless overcomplication. Just remember:Once you break The Fourth Wall, there's no going back ;)

View full story at feeds.feedburner.com

Battle without Honour or Humanity: The Fourth Wall is Live! related news:

Latest news from Vitalsecurity.org - A Revolution is the Solution: