Monday 22 December 2003

Dangers of recommending software

This snippet of an article posted in a newsgroup might explain how the openwares patch caught the major software testers offguard.

Fortunately, the links originally endorsing the patch seem to have all been pulled:

"Don't you test...?" OK, are we talking about testing on Win95, Win98, Win98se, WinME, NT4, any of the several flavors of Win2K, or any of the flavors of XP? Which service packs? What security settings, firewalls or antivirus tools are in use? Which blends of other software have been installed? How has the system been maintained? Which of the thousands of brands, models, and builds of PCs are we talking about? How much memory is installed? What's the hard drive set up? What's the skill level of the user? On and on...

Testing the openwares patch on a system running a rules based firewall such as Kerio 2.1.5 would have caught it phoning home, there has also been accounts of The Cleaner labelling the patch as a Trojan and Ad-aware labelling it as spyware.


Related Entry