News: Spyware con ATi Control Panel?
Inviato: 17 gen 2003, 16:50<br>
Sembra che gli ultimi drivers control panel di ATi contengano uno spyware, che provi a connettersi ad un sito della microsoft.<br>
Tale news è stata <a href="http://www.rage3d.com/board/showthread.php?s=b0823e5986dc6551e3d7b3631f8b326b&threadid=33659937">rilevata</a> da alcuni utenti del forum di Rage3d.<br>
Quindi non confermiamo in alcun modo quanto detto sopra, riporto comunque a riguardo alcuni post presi dal link sopra, tanto più che molti monitorando le connessioni sui propri pc non hanno notato nulla di strano.
<p><center><i><blockquote>
Ok, here are the facts:
<p>
- Catalyst 3.0a (6.14.01.6255) + CPanel 6.14.10.4012<br>
- Every D3D application you start will try to open a connection to crl.microsoft.com<br>
- OGL Aplications won't<br>
- DX8, 8.1, 9 doesn't matter<br>
- WMP6, 8, 9 doesn't matter<br>
- AntiSpy used or not doesn't matter<br>
- XP SP1 or not doesn't matter<br>
- FW: Tiny, Outpost, Sygate, ... doesn't matter ;P<br>
added - XP Antispy used + additional tweaking to be sure nothing connects home<br>
added - happened after installing CPanel, stoped after uninstalling it<br>
<p>
It hasnt tried to access the net when I launched any programs, but it did when I opend the ATI control panel which was unusual.
<p>
I see absolutely no sign of the alleged report using Cat 3.0's (6255) + DX 9.0.
Using both tcpdump and ntop on my gateway server, there is no internet activity while launching the control panel, advanced display properties, making changes... nor when I launched and ran 3DMark or launched and ran Morrowind.
It sounds more like someone has XP's auto-update notification, time synchronization enabled on the system clock, or a virus running off an activeX object (i.e. these can ride on IE background processes which can hit MS incorrectly as some are hacked versions of the windows update process)
Sembra che gli ultimi drivers control panel di ATi contengano uno spyware, che provi a connettersi ad un sito della microsoft.<br>
Tale news è stata <a href="http://www.rage3d.com/board/showthread.php?s=b0823e5986dc6551e3d7b3631f8b326b&threadid=33659937">rilevata</a> da alcuni utenti del forum di Rage3d.<br>
Quindi non confermiamo in alcun modo quanto detto sopra, riporto comunque a riguardo alcuni post presi dal link sopra, tanto più che molti monitorando le connessioni sui propri pc non hanno notato nulla di strano.
<p><center><i><blockquote>
Ok, here are the facts:
<p>
- Catalyst 3.0a (6.14.01.6255) + CPanel 6.14.10.4012<br>
- Every D3D application you start will try to open a connection to crl.microsoft.com<br>
- OGL Aplications won't<br>
- DX8, 8.1, 9 doesn't matter<br>
- WMP6, 8, 9 doesn't matter<br>
- AntiSpy used or not doesn't matter<br>
- XP SP1 or not doesn't matter<br>
- FW: Tiny, Outpost, Sygate, ... doesn't matter ;P<br>
added - XP Antispy used + additional tweaking to be sure nothing connects home<br>
added - happened after installing CPanel, stoped after uninstalling it<br>
<p>
It hasnt tried to access the net when I launched any programs, but it did when I opend the ATI control panel which was unusual.
<p>
I see absolutely no sign of the alleged report using Cat 3.0's (6255) + DX 9.0.
Using both tcpdump and ntop on my gateway server, there is no internet activity while launching the control panel, advanced display properties, making changes... nor when I launched and ran 3DMark or launched and ran Morrowind.
It sounds more like someone has XP's auto-update notification, time synchronization enabled on the system clock, or a virus running off an activeX object (i.e. these can ride on IE background processes which can hit MS incorrectly as some are hacked versions of the windows update process)