Download Purchases - Then Scanned?

Discussion in 'ProcessGuard' started by boleyd, Jan 29, 2006.

Thread Status:
Not open for further replies.
  1. boleyd

    boleyd Registered Member

    Joined:
    Oct 14, 2005
    Posts:
    19
    From an unrelated forum I found that some companies that sell software via downloads also scan your PC for previous installs that might be illegal, or for other reasons. This appears to be a "Sony type thing"??

    My question is:

    When we download software some number of programs are started and held by PG for specific permission. Somewhere there may be scanning code in these programs. The best way to plant the code would probably be within the legitimate download program and then erase it when completed.

    Setting aside the issue of trust, faith, need, etc. is there a way to prevent scanning code from from going beyond its implied intent? Can't it scan for keywords in specific system areas, go to the targeted files, grab juicy info, package it, and then send to the data collection point. All this without any hint as to the activities occurring!

    Seems that downloading is a very dangerous practiceo_O Actually if you have given permanent permission, via PG, to allow it to function, the nasty little code could set there and collect and distribute all kinds of data by doing periodic sophisticated scans. It does not log keystrokes but relies on scanning. How wonderful, and profitable, if it finds a file with saved passwords that is not security encoded. I bet that a lot of PC users keep serious info in open files. Mine is encrypted.

    Is there a protection methodology to prevent a scanner from collecting and sending "interesting" files to a data mining systemo_O?

    I would not be surprised if the NSA plants such code on suspects PCs to keep an eye on them! Indeed this is a dangerous and very complicated world....
     
  2. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    A program could easily scan any file it has access to - almost the entire disk. It could also scan almost the entire registry, get the computer name and other variables, and also read the BIOS and possibly CPU ID number.

    To prevent this, you would want to try all software on TEST systems first. This is what some techs do, and I quite often do. Having ProcessGuard fully enabled will mean DLL/process injection can't occur, nor can PhysicalMemory access or a driver be installed. But as I said above, they will have access to nearly any file..
     
Thread Status:
Not open for further replies.