INTERVIEW WITH AN ADWARE author
Philosecurity has an interview with [Matt Knox], a former coder for direct Revenue, an adware business which was sued in 2006 by new York governor Eliot Spitzer. The interview includes some fascinating details of exactly how the adware code worked internally: it produced a browser Helper Object, then guaranteed that the browser Helper item stayed up by producing a poller to inspect every ten seconds as well as regenerate the browser Helper item if it had stopped running. The poller ingeniously masked itself partly by exploiting Windows’ produce Remote thread function to run itself as a series of threads instead of as an executable.
The really interesting bit of the interview is exactly how [Knox] defies your preliminary suspicion that he’s a total scumbag; he started off composing spam filtering software, was hired by direct income to do web traffic analysis, started composing small bits of code to enhance the adware, as well as ultimately wound up knee-deep in the code. [Knox] notes that you can get normal people to do extremely distasteful things if you break those things into little sufficient pieces as well as introduce them gradually.
[via Waxy]
[photo: xcaballe]