Spyware on FreeBSD!?
frank at esperance-linux.co.uk
Tue Feb 8 12:16:00 PST 2005
On Tue, Feb 08, 2005 at 06:39:48PM +0000, Mark Ovens wrote:
> Frank Shute wrote:
> >Bad news, looks like my machine has been infected with some Spyware.
> >I noticed that on surfing to: http://news.bbc.co.uk/ or anything under
> >that domain, I was getting some outgoing activity and Firefox was
> >after a URL (as shown by the status bar) somewhere under the domain:
> >A quick Google on 2o7.net confirmed my worst fears: spyware!
> >and a 2o7.net cookie planted on my machine.
> >I cached some pages in my proxy <excerpt>:
> >Looks like some sort of perl script which returns a 2x2 gif, whilst
> >harvesting your browsing habits (and screen & windowsize - by calling
> % whois 2o7.net
> Omniture, Inc. (2O41-DOM)
> 550 East Timpanogos Cir
> Building G
> Orem, UT 84097
> From BBC's Privacy and Cookies Policy (there's a link at the bottom of
> the main page) http://www.bbc.co.uk/privacy/
> 2. Visitor Information
> "The BBC also uses a company called Omniture to track and analyse
> non-personally identifiable usage and statistical information about
> volume of visitors to the BBC News pages on bbc.co.uk in order to
> measure the effectiveness of the BBC News web pages and improve services
> to users. Please note that this is not personal information, only
> general summaries of the activities of visitors to bbc.co.uk. If you
> wish to reject the Omniture cookies, you can use the process set out
> below in point 7. Further information regarding Omniture's privacy
> statement can be found at http://www.omniture.com/policy.html#cookies."
> Blocking the cookies does not stop the site working.
Cheers Mark. I looked at that page too, skim read it and missed it. It
was only in the last few days that I'd noticed the behaviour I
described. It's probably been like that for months but I was too drunk
to notice it or something :)
Huge relief. I thought I'd installed a nefarious XPI - if such things
Apologies to all for any alarm caused! I think I'm a bit paranoid ATM
due to some unpleasant personal circumstances.
print "f r a n k @ e s p e r a n c e - l i n u x . c o . u k" | sed 's/ //g'
--->PGP keyID: 0x10BD6F4B<---
More information about the freebsd-chat