CARMA: Council of Advocates for Relief from Malware Assimilation, Inc

News and updates on CARMA and its progress from the beginning and pertinent news from the security/antispyware community.

My Photo
Location: Statesville, North Carolina, United States

I entered the dark world of malware like many others: by experiencing major problems with my pc because of a number of pests that had found their way (quite easily, I'm ashamed to admit) onto my system. With the help of experts, and further education on my part, I found that the majority of users are either unaware, or don't believe they need more protection than just an AV program or firewall. I made it my mission to try to reach as many of the 'clueless' as I could. This site, CARMA, is one of the ways I have to try to help those who have been victimised by malware. I hope you will join me in this endeavor, in whatever way you are able.

Saturday, July 23, 2005

New Forum

As I reported in an earlier post last month, CARMA has aquired a dedicated server and the website is now located there, with a new look . The forum software from Invision Power Board has been purchased and installed. With the help of the owner of InvisionFree, where the board was located originally and the technicians at IPS, the new board is now up and running.

But not without some glitches and problems. I had hoped to use some beautiful skins for the board, but the images will not display. And I haven't been able to figure out why. Also, minor problems such as email notifications of new posts seem to plague some of the members. I, myself, wasn't receiving ANY notifs at all.....for pm's or posts. That is resolved, although a few members report they are still having problems being notified.

Since this is my server, I'm learning a lot in that area, as well as running the forum (InvisionFree hosted the board and took care of the servers and a lot of other stuff in the back) that I didn't have access to before. More control, but a lot more to learn....much of which I am ignorant of at the moment. But I'm working hard to learn what I need's just going to take time, as there is an overwhelming amount in different areas I need to know. Fortunately, I've got some very good friends to help with this, til I get more adept at it. Please stop by the forums and check it out. I hope to be able to get it the way I want for the members to enjoy and learn.

On a personal note, this past week I was MIA, so to speak, as my daughter had to be admitted to the hospital with a severe kidney infection. Because of that, I spent the better part of the week at her home (no internet access there) babysitting two of my grandchildren. Although I made the trip home each day to check on my cats and my dog, there was very little time to do much more thatn check the board and make sure all was going well. At least that was my hope....seems the glitches knew what was going on and chose that time to make themselves known. I think my cats were convinced I had abandoned them....and the ants apparently were convinced I had and staged a coup....but nothing that a little insecticide couldn't fix. LOL. They are still trying to make a comeback, but their efforts are in vain.

I'll be busy the next few weeks trying to get things ironed out with the server and the board. Don't get me wrong, the board is working pretty good for the most part. Just need to get the glitches worked out and try to get the other things I wanted for it in place.

Thanks for reading :)

Wednesday, June 22, 2005

Latest shocking news from Papeghost on MMG

Paperghost has posted the latest on the BitTorrent/MMG epic:

Why Underage Porn is Bad PR

Read it, folks.

Riding on Coattails

Green-eyed Monster?

Paperghost of has been a busy dude the past few months, as I wrote about in the last entry. Devoting much of his waking (and, I believe, sleeping) hours to tracking down spyware such as Aurora.....and doing a damn good job of it too. His efforts have garnered him much acclaim and praise, as well as a Microsoft MVP award for his selfless work.

But with fame, there come the naysayers, who, for no other reason, it seems, want to trash his name and his work. The latest is one John C Dvorak, contributing editor for PC Mag. His latest "article" cries that Bit Torrent was unjustly, and unfairly treated and defamed. Rubbish. Pure and simple. Anyone with any sense at all and actually read the article could see that. Well, anyone, apparently except Mr. Dvorak.

But Chris Boyd, aka Paperghost, isn't bothered by this. He's addressed Mr. Dvorak's outrageous ramblings in his latest blog entry: Simple Facts, told as Lies; Simple Lies, told as Fact. A much better read, IMO. And he's promised us more later today. :)

Guess maybe it was a slow news day, huh, Mr. Dvorak?


On a lighter note, I wish to announce that CARMA has acquired a dedicated server whereupon the website will be moved and a new forum installed. Well, the forum won't be 'new', just a new location, new look, and upgraded to IPB. The license will be purchased shortly, thanks to donations from kind users and an auction held by members of the forum.

I want to thank all the members there, as you've made the CARMA forums a special place. This new move to this server is exciting and I'm learning a lot already. Though, I do have to say, it may take me some time to get all this done. The website will be moved first, then the forum. Announcements will be made on the forum as things develop and finalize.

Friday, June 10, 2005

A Brief History

He's been at it for quite a few years now.

After his first site went off the Net, he returned to begin anew.

From the hard-to-remove Ceres.dll to 100+ Malware installs and 65MB malware downloads to an exploit that uses FireFox to infect IE and an XPi installer as well, it was on to Spazbox and a murky foray in a dark world to uncover it's source only to revisit them later on.

But our hero wasn't satisfied with that. Ever diligent and determined, he drew a bead on Direct Revenue, warning them that he had them in his sights. Scoffing at them, he explored Aurora, then called for a revolution.

Victory seemed to be at hand, but our hero wasn't satisfied until he dug up the source of the Aurora install that had eluded everyone for so long.

Paperghost from and the Last Son of Toshogu is still on the hunt. Though side trips have taken him to San Francisco and 180 solutions' pleas for help, but squirming in the barrage of questions and though his efforts have garnered him an MSVP for 2005, he is still on the prowl, determined to ferret out that which chooses to remain hidden in order to damage one's pc, or try to get your money or information...or both.

Move over Batman....Ghost is at the wheel now.

Tuesday, May 17, 2005

Worst Browser Threats May Not Be Security Holes

Recommended reading;

May 17, 2005
By Brian Livingston

Experts in combating "spyware" and "adware" are now warning that the widely publicized security holes that plague Internet Explorer and other Web browsers may not be the most common ways unwanted software gets into computer users' PCs.

Eric Howes, a frequent contributor to and a consultant to antispyware companies, says the media focus on security holes is overshadowing a larger issue. It's true that hackers can take advantage of weaknesses in browsers to secretly install spyware programs on users' PCs, Howes agrees. But equally important is the fact that spyware programs are often installed because users are fooled into clicking "Yes" by dialog boxes that look like official Windows notices, he says.

Interestingly, Howes asserts that the latest version of Windows XP, which includes an upgrade called Service Pack 2 (SP2), makes Microsoft's Internet Explorer (IE) browser handle such threats better than Firefox, the fast-growing open-source software distributed by the Mozilla Foundation. Let's examine this claim.

How Spyware Tricks Users Into Installing It

The Firefox browser offers at least four ways to install new forms of software, Howes says. He feels two of these ways are fairly safe, while the other two are open to abuse by spyware authors.

Click here to learn more

Sunday, May 15, 2005

US anti-spyware bill rises from the ashes

Declan McCullagh
May 12, 2005, 09:35 BST

After dying an untimely death last year, a bill seeking to ban spyware has been brought back to life by the US congress

The US Congress didn't quite get around to approving an anti-spyware bill last year — such a bill died while awaiting a Senate floor vote.

Now members of the Senate Commerce Committee are promising to avoid a repeat of last year's lapse. During a hearing on Wednesday, politicians said spyware was a growing threat that required prompt action by Congress.

These are "insidious programs that install themselves on users' computers", said senator Barbara Boxer, a Democrat from California. "It's hard to use analogies with this, but it's sort of like somebody walking around your house, kind of invisibly."

Read the full article

Thursday, May 05, 2005

Interview with the Spyware Stalker

C/Net News did an excellent article on Ben Edelman, one of the most tenacious and vocal enemies of the spyware makers. Here is an exerpt and link to the article.

Spying on the spyware makers

May 4, 2005, 4:00 AM PT
By Declan McCullagh
Staff Writer, CNET

Ben Edelman may be spyware's most dangerous enemy.

The 25-year-old researcher has spent years analyzing how spyware and adware programs work and publicizing his findings. That often results in red faces and, occasionally, lawsuit threats from companies like WhenU and Claria, formerly known as Gator.

When testing spyware and adware, Edelman isn't about to sacrifice his own Windows XP computer. So he uses the VMware utility to create a virtual Windows box.

"I infect the hell out of it," he says. "It destroys the infected machine."

A law student at Harvard University, Edelman is also working on a doctoral degree in economics. CNET caught up with him after he spoke at a conference in San Francisco sponsored by's sister site,

Q: What got you interested in spyware in the first place?
Edelman: I took a call from the plaintiffs in the Washington Post case against Gator. They thought what Gator was doing was absolutely destructive to the availability of free content on the Web. After all, if advertisers could buy ads from Gator to reach the Washington Post's audience, who would buy ads from The Washington Post?

I happened to think they were right. But the case settled out of court on the eve of trial, so we didn't find out for sure whether Gator's business was legit.

Read the 2 page article

Wednesday, May 04, 2005

The State of the Union...Spyware Style

Webroot Releases Industry's First Comprehensive Report on Spyware

BOULDER, Colo., May 3 /PRNewswire/

Webroot Software, the leading provider of anti-
spyware software and other security technologies
for consumers and enterprises, today released the
anti-spyware industry's first comprehensive report
on spyware, The State of Spyware Report, an in-depth
review and analysis of the impact of spyware, adware
and unwanted software on consumers and enterprises.

Included in the report is concise data of the perva-
siveness of adware and the rise of system monitors
throughout 2004 and for the first quarter of 2005.
The report indicates that the spyware industry is
generating billions of dollars in annual revenue and
now represents a substantial portion of overall online

Read the complete report here

The Remedy for Spyware is not in sight...yet

Here is a report on the CNet
Anti-Spyware Workshop, held today in San Francisco, CA.

ZDNet-Posted by Dan Farber @ 12:34 pm

Lydia Parnes, director of the Bureau of Consumer
Protection at the Federal Trade Commission, kicked off
the CNET Anti-Spyware Workshop saying that in defining
spyware “it all depends.” And, a year after the FTC held
a spyware workshop, the spyware and adware companies and
their anti counterparts are still battling and consumers
are caught in the middle.

A State of Spyware Report, issued today by the security
firm Webroot, claims that nearly 90 percent of consumers
and business computers harbored some form of unwanted
software during the first quarter of 2005.

Parnes said the most useful way to deal with spyware and
adware is to focus on two concepts: notice and harm.
Malevolent software, which can be spyware, doesn’t raise
difficult legal issues for the FTC–drive-by installations,
hijacking browsers, keystroke logging and adding bookmarks
surreptitiously, for example, violate a range of laws
including criminal statutes, she said. Adware, which is
usually in the form of pop ups, is not inherently wrong,
Parnes said, but without proper notice and disclosure can be
illegal and potentially harmful, such as causing a system to
slow to a crawl or crash. She said the recent case against
Intermix brought by the New York attorney general Elliot
Spitzer is a textbook case of deception assuming the
allegations are true.

Get the full report here