What is spyware?
To explain what spyware is, we'll first explain what adware is. Adware is
'freeware', whereby ads are embedded in the program. These ads will show
up when you open the program. Most adware authors provide the free version
with ads and a registered version whereby the ads are disabled. As such,
you the user have the choice, you either use the freeware with ads served
or you purchase the registered version.
Spyware, however, is published as 'freeware' or as 'adware', but the fact
that an analysis and tracking program (which reports your activities to
the advertising providers' web site for storage and analysis, the
'spyware' agent) is also installed on your system when you install this
so-called 'freeware', is usually not mentioned. Even though the name may
indicate so, spyware is not an illegal type of software in any way (see
our analogy). But what the adware and spyware providers do with the
collected information and what they're going to 'feed' you with, is beyond
your control. And in some cases it all happens without your consent!
Hardware spyware
Nowadays spyware can even be found accompanying hardware you buy and
install in your system. Yes, the software you install with hardware
purchased from certain manufacturers (some even well-known) may include
spyware agents.
Spyware categories
Adware networks
The backbone for big time spyware are ad serving networks that pay
publishers of games, utilities and music/video players per download, to
include their ad serving programs. Ad serving networks are DoubleClick,
Web3000, Radiate, SaveNow, GAIN.
Stalking horses
A number of programs that enable the adware networks to function on
desktops are bundled in many popular programs and often (not always!)
presented in installation disclosure screens as desirable add-ons to their
Trojan horse hosts. All collect information. Included in TopText, Cydoor,
OnFlow, Medialoads, Delfin, WebHancer, New.net.
Trojan horses
These popular Internet downloads usually come with the ad serving network
basic software and at least one stalking horse. Included in KaZaa,
Grokster, Morpheus, Limewire, AudioGalaxy, iMesh, DivX.
Backdoor Santas
Stand-alone programs that incorporate similar approaches have no links to
ad serving networks and collect information from users. Included in Alexa,
Hotbar, Comet Cursor, eWallet, CuteFTP, BonziBuddy.
Cookies
Netscape Navigator and Internet Explorer will still send out existing
cookies even after disabling cookies in the browser settings. You must
manually delete any/all cookie files on your system to eliminate being
tracked by third-party ad networks or spyware or adware providers.
Spyware threats
Spyware threats come in different flavors. The spyware agent can be
malware (modifies system settings, and can perform undesirable tasks on
your system), hijacker (redirects your browser to web sites), dialer
(dials a service, most likely porn sites, for which you are billed!),
trojan horse (is attached to a program, and performs undesirable tasks on
your system), collectware (collects information about you and your surfing
habits). WOW!
In addition to doing a detailed check of your browser history, spyware can
install DLLs and other executables files, send continuous data to the
parent, leave a backdoor open for hackers to intercept your personal data
or enter your computer, can install other programs directly on to your
computer without your knowledge, can send/receive cookies to other spyware
programs and invite them into your computer (even if you have cookies
disabled), and they can add Trojan horses to your system. Most spyware and
adware programs are independent executable files which take on the
authorization abilities of the victim. They include auto install and auto
update capabilities and can report on any attempts to remove or modify
them. WOW!
Spyware programs can reset your auto signature, disable or bypass your
uninstall features, monitor your keystrokes, scan files on your drive,
access your applications, change homepages in addition to displaying
advertising content online or offline. They can read, write and delete
files and even reformat your hard drive and they do this while sending a
steady stream of information back to the advertising and marketing
companies. The majority of these programs once installed can not easily be
deleted from your system by normal methods and often leave components
behind to continue to monitor your behavior and reinstall themselves. WOW!
In addition to being included with software products many spyware programs
can get installed on your computer while you surf the Internet! WOW!
------------
Any software that covertly gathers user information through the user's
Internet connection without his or her knowledge, usually for advertising
purposes. Spyware applications are typically bundled as a hidden component
of freeware or shareware programs that can be downloaded from the
Internet; however, it should be noted that the majority of shareware and
freeware applications do not come with spyware. Once installed, the
spyware monitors user activity on the Internet and transmits that
information in the background to someone else. Spyware can also gather
information about e-mail addresses and even passwords and credit card
numbers.
Spyware is similar to a Trojan horse in that users unwittingly install the
product when they install something else. A common way to become a victim
of spyware is to download certain peer-to-peer file swapping products that
are available today.
Aside from the questions of ethics and privacy, spyware steals from the
user by using the computer's memory resources and also by eating bandwidth
as it sends information back to the spyware's home base via the user's
Internet connection. Because spyware is using memory and system resources,
the applications running in the background can lead to system crashes or
general system instability.
Because spyware exists as independent executable programs, they have the
ability to monitor keystrokes, scan files on the hard drive, snoop other
applications, such as chat programs or word processors, install other
spyware programs, read cookies, change the default home page on the Web
browser, consistently relaying this information back to the spyware author
who will either use it for advertising/marketing purposes or sell the
information to another party.
Licensing agreements that accompany software downloads sometimes warn the
user that a spyware program will be installed along with the requested
software, but the licensing agreements may not always be read completely
because the notice of a spyware installation is often couched in obtuse,
hard-to-read legal disclaimers.
Fresh from penning our
Firewall and Virus Alert article, PCStats would like to present the
second part of our beginners guide to the less savoury aspects of the
internet experience; dealing with the subject of "Spyware."
If you've installed a peer-to-peer sharing program such as 'Kazaa Media
Desktop' or 'Morpheus', or accidentally said yes to a 'Gator'
pop-up, or gone on an excursion to some of the
darker corners of the Internet, chances are
your PC has developed an internet life of its own through one or more
spyware applications.
What is Spyware?
While the actual definition of what constitutes
Spyware is somewhat vague, there are a few distinguishing points that are
generally agreed on. The most common definition of Spyware is a program
that sends information from your computer to another destination on the
Internet without your knowledge and without your explicit consent. The
information can potentially include just about anything stored on, or
accessible by your computer. In reality, most
spyware
programs limit themselves to sending specific types of
demographic information, such as the URLs you visit on the Internet, IP
and
email
addresses, or even something as mundane as a cookie.
The potential of these kinds of programs is rather
frightening though. On a modern
Windows
XP based computer, any program installed by a system
administrator (that is, any of the users created during the install
process, as well as the built in administrator account) has access to all
files on the system. This allows all sorts of mischief to be committed
with your implied permission.
Permission really is at the heart of the issue when
it comes to spyware, since to separate themselves from the makers of
viruses and 'trojan horse' programs, creators of spyware need your okay to
install their products on your system. Of course, standard operating
procedure is to make this request as obscure as possible, so as to insure
a large installed base of users.
Some software uses a cerificate window request to
attempt to gain your permission, as seen most famously with the Gator
Corporation, whose ubiquitous ads are launched by any number of sponsored
web-sites and software installation packages. If you click "ok" to the
request, the Gator software will be installed on your computer.
Others, as is commonly seen with spyware packages
included along with common file sharing applications like Kazaa Media
Desktop, use passages in the End User Licensing Agreement (EULA) to gain
your acceptance.
Since these legal agreements are rarely read by
computer users and can be torturously worded, they are an easy vector for
spyware to be installed as a component of a popular freeware programs.
Once installed, spyware software can easily send
any required information out to the Internet using the system's current
connection. Such transactions occur in the background and are difficult to
notice or trace, since most firewall hardware and software, including
Windows XP's built in firewall, does not interfere with information going
out of the protected computer or network.
|
