# Do you trust......VeriSign eTrust?



## MicroBell

You know the deal....visit a website and then *BANG*...you get a popup window telling you to view this site...you must install an active X control, always trust.....bla..bla...bla. These things are offical looking and even have text that says *"Published Authenticity Verifyed By Verisign".*..so you think..hey..must be ok..as Versign says....



> VeriSign hates spyware—or so suggests CEO Stratton Sclavos in a recent interview. Even his daughter’s computer got infected with scores of unwanted programs, Sclavos explains, but he says VeriSign is helping to solve this problem


Well...*YOUR WRONG!!*

So who are some of these partners that VeriSign have as a member list and gives certificates issued by VeriSign too??? Besides some legit sites...these ones stick out....

*abetterinternet.com
cursormania.com
direct-revenue.com (creators of Aurora and nail.exe)
ebates.com
ezula.com
funbuddyicons.com
funwebproducts.com
hotbar.com
iwon.com
mypctuneup.com
myway.com
mywebsearch.com
sex.com
smileycentral.com
weatherbug.com
webhancer.com
whenu.com*

These are all documented adware/spyware related companies or their associates. So if you say YES....you'll be infected with adaware/spyware quicker then you can say... "Oh NOOOOOOOOOOOOO!"

Lesson for today.... *TRUST NO ONE* ...but yourself. Read *BEFORE* you click......otherwise we be seeing you shortly in the hijackthis forum....


----------



## POADB

Can't we inform VerSign of these absolute STUPID mistake?

I'm sure Stratton Sclavos would like to know what kind of an a$s he's making out of himself?


----------



## Detah

NEVER click OK. Thats my motto. 
* I always DENY when my Spybot resident asks about registry changes.
* I always click CANCEL (actually, I first try to CTRL + ALT + DEL end the Active X window, if that doesnt work, then I rightclick the item on the taskbar, if that doesnt work, I click the X in the top right corner.) for all Active X prompts. Can you tell Ive been burned by these things before? And to avoid this nonsense in the first place, I have a popupstopper, IESpyAd and custom Hosts file. I just dread when I have to accept one for Windows Update and an online virusscanner. I usually do a quicky HJT fix immediately after to clean up those things when Im done. 

I bet dollars to donuts that old Stratton knows very well that his product supports those sites. Furthermore, Id also bet that his daughter has tons of spyware on her machine, which was caused by one of those good folks listed above. Old boy Stratton doesnt care if it infects his daughter's computer! Hes only concerned about how much revenue he's raking in from all those sites. He doesn't care one bit who hes infected or to whom hes spreading it.
Just think, hes making enough money that he could easily scrap her whole spyware-ridden computer and just buy her another one every time she gets infected.


----------



## MicroBell

Hahaha..You bet he knows. It's all about $$$$$$$$$$$$$$$$$$$$$$$$$ for those folks.


----------



## POADB

Then I hope his daughter never tries to come here for the FREE tech support..:grin:


----------



## MicroBell

Another interesting tidbit. AOL (Owner of Netscape) is already getting "FLACK" from security experts on the new Netscape Naviagtor 8.0 browser. Seams the new version as a *"Tusted Sites" * option by default that allows sites in there to accept and run activeX on the site without prompting the user...

So when you hit those listed adware/spware sites above..Netscape 8.0 considers them safe and allows the install of adware/spyware componets from the site. Pretty nice of them....huh?


----------



## whodat

fox mulder:
*"trust no one"*


----------



## BMR777

Verisign sucks. Be like me and never see another Verisign pop-up. Disable ActiveX downloads in IE!!!


BMR777


----------



## POADB

MicroBell said:


> Another interesting tidbit. AOL (Owner of Netscape) is already getting "FLACK" from security experts on the new Netscape Naviagtor 8.0 browser. Seams the new version as a *"Tusted Sites" * option by default that allows sites in there to accept and run activeX on the site without prompting the user...
> 
> So when you hit those listed adware/spware sites above..Netscape 8.0 considers them safe and allows the install of adware/spyware componets from the site. Pretty nice of them....huh?


Some people :4-thatsba


----------



## BMR777

*aol = Evil* 

Bmr777


----------



## V0lt

Verisign is a freakin joke. remember their sneaky deal last year where they made every incorrectly typed address resolve to a page full of sponsored links? What a crappy company.


----------



## Spatcher

Detah said:


> I bet dollars to donuts that old Stratton knows very well that his product supports those sites. Furthermore, Id also bet that his daughter has tons of spyware on her machine, which was caused by one of those good folks listed above. Old boy Stratton doesnt care if it infects his daughter's computer! Hes only concerned about how much revenue he's raking in from all those sites. He doesn't care one bit who hes infected or to whom hes spreading it.
> Just think, hes making enough money that he could easily scrap her whole spyware-ridden computer and just buy her another one every time she gets infected.



I bet he's rich enough to hire someone to build her a *custom* computer each time. Look at what their website says 



Verisign.com said:


> If you have encountered software signed by a VeriSign code signing certificate that you believe is being used for malicious or harmful purposes, please report it to VeriSign using this form.
> 
> Examples of misuses of a VeriSign code signing certificate include but are not limited to:
> 
> * the code acts as “spyware”
> * the code is included as part of a “phishing” scheme
> * misleading descriptions in the code
> * the code is used for "man-in-the-middle” attacks
> 
> VeriSign code signing certificates are used by software publishers to assure their customers that software they distribute has not been altered or damaged after it is signed. When you accept software signed by a VeriSign code signing certificate, you have the assurance that VeriSign has authenticated the identity of the publisher of that software. However, VeriSign does not perform any review of that software and makes no representations or warranties concerning the quality of that software.
> 
> Before VeriSign issues a code signing certificate, the software publisher must agree not to distribute malicious or harmful software of any kind. If VeriSign confirms that a software publisher is distributing malicious or harmful software, VeriSign reserves the right to immediately revoke any code signing or other certificate(s) it may have issued to such publisher.


----------

