Re: Spyware question

Todd H. wrote:

"Sebastian G." <seppi@xxxxxxxxx> writes:

John wrote:

I surf ebay a lot. They say they do not support spyware. From my
research it seems this tribalfusion spyware is big and it it planted
in banner ads on ebays web pages.

Banners ads can't possibly contain any spyware in executable
fashion.

Really? So what magical pendantic definition of "spyware" and
"executable fashion" do you ahve on your mind to back that up. There is no shortage of reports to the contrary:

http://blog.washingtonpost.com/securityfix/2006/07/myspace_ad_served_adware_to_mo.html
http://www.malwarehelp.org/news/article-6210.html
http://weblog.infoworld.com/securityadviser/archives/2007/02/malwareunwanted.html
http://apcmag.com/5382/microsoft_apologises_for_serving_malware_to_customers
http://news.netcraft.com/archives/2004/11/22/the_register_among_sites_serving_banner_malware.html

http://www.google.com/search?q=banner+malware


Actually this quite supports my statement: You can embed executable binary or script code, but it won't get actually execute unless you explicitly demand it - like, for example, by abusing MSIE as a webbrowser. On a real webbrowser, such attempts are inherently futile.
.