It's that time of year again. Time to eat excess amounts of turkey (or a suitable vegetarian equivalent -- we're open-minded around here). Time to spend excess amounts of time watching sports on TV. Time to sleep late. Time to abstain from technology -- except for those us tasked with fixing family members' computers over this weekend. Monday's a bye week for my Web chat, and I'll keep this letter a little shorter than usual as well.
My experience researching yesterday's review of America Online's AOL 9.0 Security Edition release was a bit of a slap in the face -- giving me an up-close introduction to the problems too many Windows users face. I've spoken with dozens of people whose computers had been infected through browser hijacks and drive-by downloads, and I'd even visited a few known hijacking sites to try to pin down how this type of attack works (see my Feb. 29 column, "For Windows Users, 'Browser Hijacking' Is Only the Latest Threat").
| | | | __ Subscribe Now __  You are reading the weekly Fast Forward E-letter. Written by Washington Post personal technology columnist Rob Pegoraro, the e-mail version of this feature includes links to all the top personal tech stories from the previous week.
• Click Here for Free Sign-up
| | | | | | |
|
But I'd never seen an attack happen so fast, and so effectively, until I loaded AOL 9 SE on a Dell laptop with a brand-new installation of Windows XP. I hit a certain site (I won't list its address, just in case anybody's tempted to click through to it, but it is mentioned in a spyware report cited previously in this newsletter) and saw the same push sequence of pop-up alerts, inviting me to install one ActiveX control after another in the browser. In each case, after I'd click "no," I'd get a second alert, insisting that I had to click the "OK" button to view the site. I closed out of each of these alerts and thought myself a street-smart user to dodge that bullet.
At no point had I seen any sign of anything getting installed, and the laptop's copy of IE did have all the security fixes in Microsoft's Service Pack 2 for Windows XP, so I thought my odds of being infected were low.
Then, as I wrote in yesterday's column, I rebooted the laptop and noticed I had a few more icons on the desktop and in the system tray (the bottom right-hand corner of the screen, where third-party programs love to stash mostly irrelevant icons). None of them looked like anything AOL would have installed. Then came the extra pop-up ads, in spite of AOL 9's own built-in pop-up blocking.
Most annoying were the pop-up alerts, telling me that I needed to run some program I'd never heard of "NOW!" or spyware would keep tracking my Internet use. This particular alert showed up four times in a row; each time I turned this oh-so-generous offer down, the demand was phrased more insistently. (A Mafia enforcer could not have been all that much pushier: "Nice computer you've got there. Shame if anything happens to it.")
It's a dismaying feeling when you realize you can't trust a strange program because it offers to fix a problem. If karma has any meaning, the author of this worthless little program will be reincarnated as a slug.
AOL itself suddenly became a lot less stable. I couldn't get the firewall to install on the laptop, and these pop-up ads kept erupting, blocking my view of AOL's spyware scanner at work. That was pretty said.
As I mentioned elsewhere in the column, that spyware scanner did find 17 or so outbreaks of spyware and claimed to have blocked all of them, but on the next scan (following a restart) it found another 10.
At that point, I decided this little detour had to end, so I could get back to trying out AOL 9 SE itself. Enter one of my favorite Windows components -- System Restore. I fired up this utility, picked the oldest restore point available, and in a minute or so had my computer yanked back to the state it was in just before installing AOL 9 SE. (To run this program, go to the Start Menu, click All Programs, then Accessories, then System Tools -- or, in help-manual shorthand, "Start Menu: All Programs: Accessories: System Tools.")
Even if that hadn't worked, I didn't have anything at risk; this was a machine going back to The Post the next day to get its hard drive wiped, and I had no personal data on it. But still, it was distressing and depressing to see this brand-new machine get bowled over so completely by one Web site. My condolences to anyone who's seen this happen; you can bet we're going to keep covering this problem, including ways to avoid it ever happening.
-- Rob Pegoraro (rob@twp.com)
P.S. Don't miss our 2004 Holiday Tech Buying Guide or Leslie Walker's annual guide to online shopping.
