D
David
On 2010-07-24 I uninstalled ActiveState Perl and installed Strawberry
Perl v5.10.1.2, largely on the strength of the webpage's implied
indorsement by Larry Wall: "When I'm on Windows, I use Strawberry
Perl." I hope you don't really use this implementation, Larry, because
a couple weeks after the install I got a call from American Express
about several bogus charges to my card--including a $1 charge by a
site called strawberry.com (not strawberryperl.com, the site from
which I downloaded the product). $1 charges seem to be the preferred
method used by scammers to test a card's validity: if the small charge
goes through, these dudes pounce and run it up to the max in an hour
or so. Amex is wise to the trick so they immediately cancelled the
card and sent me a new one with a different number.
I ran ZoneAlarm against the installation and it found bad boys called
Worm.Win32.c* in both xmlcatalog.exe and \bin\dmake.exe. Naturally
when I installed the product I didn't think too much about giving it
'Net access for auto-update purposes, which probably explains how it
was able to grab a credit card number and call home without detection.
*Don't use this product!* I've gone back to ActiveState and I intent
to stay with it.
Perl v5.10.1.2, largely on the strength of the webpage's implied
indorsement by Larry Wall: "When I'm on Windows, I use Strawberry
Perl." I hope you don't really use this implementation, Larry, because
a couple weeks after the install I got a call from American Express
about several bogus charges to my card--including a $1 charge by a
site called strawberry.com (not strawberryperl.com, the site from
which I downloaded the product). $1 charges seem to be the preferred
method used by scammers to test a card's validity: if the small charge
goes through, these dudes pounce and run it up to the max in an hour
or so. Amex is wise to the trick so they immediately cancelled the
card and sent me a new one with a different number.
I ran ZoneAlarm against the installation and it found bad boys called
Worm.Win32.c* in both xmlcatalog.exe and \bin\dmake.exe. Naturally
when I installed the product I didn't think too much about giving it
'Net access for auto-update purposes, which probably explains how it
was able to grab a credit card number and call home without detection.
*Don't use this product!* I've gone back to ActiveState and I intent
to stay with it.