Spyware, Part 2

In Spyware, Part 1, I discussed how spyware can be an unwelcome intrusion in your small office/home office (SOHO) computer system. By integrating code with shareware, freeware, or other publicly accessible programs, spyware monitors your computer activities and reports the tracking data to a third party. In Part 2, I'll show you some solutions for getting rid of these intrusion problems.

Spyware-Detection Resources
One comprehensive resource you can use to search for computer spyware is Gibson Resource Corporation Web site. Steve Gibson, an assembly language programmer and noted advocate for consumer privacy on the Internet, has created a set of pages and programs called OptOut that are designed to investigate, analyze, and delete spyware. In OptOut, Gibson lists and analyzes known products with integrated spyware. He also includes a section on suspected spyware, where users can report probable and suspicious programs. Gibson examines each suspicious program for active spyware.

SpyChecker Web site is another resource you can use to detect and erase spyware. SpyChecker offers an extensive list of known spyware and other information of interest about spyware. You can also find spyware-detection information at Spyware list.

Detecting Spyware
How can you detect spyware on your SOHO systems? ZoneAlarm 2.1 is one of the free personal firewall products that can intercept phone-home requests from spyware code. (ZoneAlarm is free for personal and nonprofit use; business users must purchase a valid end-user license after 60 days in order to continue using the software. However, the purchase price is only $19.95.) You can configure other firewalls to monitor and catch these phone-home requests, but Zone Labs created ZoneAlarm specifically to deny all outbound requests by default and to let users subsequently decide what goes out. However, ZoneAlarm doesn't catch the Aureate Browser Parasite technology, which can infiltrate a Web browser's protected memory area, letting the Aureate software run with the same unrestricted Internet access as your Web browser. To help you detect this surreptitious code on your computers, Gibson Resource offers the OptOut utility, which comes with an option (Quick Check at Startup) that examines the registry when you boot your computer. Ad-aware and Ad-watch are two more tools you can use to detect and remove spyware. See the LAVASOFT Web site for more information.

To examine traffic in detail, most seasoned network administrators use a packet sniffer on a regular basis to ensure that no Trojan horse or other security-breaching program resides on their network. You can follow this practice in your SOHO environment, too. Because the network transmits all information in short bursts called packets, a packet sniffer can decode this information and show you exactly what's is traveling over your network connection. You can buy software designed specifically for packet sniffing to use in your SOHO. (Gibson lists a couple of programs he recommends on the OptOut pages.)

What Does It All Mean?
Some SOHO users aren't concerned about spyware and Internet privacy—it's a fleeting concept to them, and I can certainly respect that opinion. Other users, however, believe strongly that their activities over an Internet connection that they pay for are solely their own business. As more people use the Internet, more users conduct daily business over the Web, and the information we relinquish—on a voluntary or involuntary basis—is a data gold mine for companies who create profiles, track usage, and gather a variety of otherwise private data.

Take a moment to think about the ramifications of Internet privacy. Recently, I ordered business cards online from Office Depot to distribute to various exhibitors at an upcoming PC convention. To create those business cards, I had to give my personal information to a remote site with no assurance that they wouldn't use this data for other (perhaps, nefarious) purposes. In fact, one site told me that they would save my contact information for 2 years in case I wanted to order the same cards again. A marketing company can gather a lot of information from that data, including my occupation, where I live, my phone numbers, and other personal details. Previously, I had given this private data only to select individuals and companies with which I do business; now I have made the data available to a third party and possibly others. I imagine you've done the same.

Search engines are often plagued with privacy breaches. Although it's difficult to track each of the millions of strings searched every day, a persistent cookie provides someone with an easy way to match search data with names and addresses. Think of the process this way: An online shopping service stores your name, address, and other personal information in a cookie that stays with your computer even when you surf to other sites. When you browse to a search engine and enter a query, advertising code embedded on the Web site searches for cookies with your personal information like the one stored from the shopping site. The advertiser has successfully matched your profile information with data on what you search for and what you buy. DoubleClick was performing this practice before modifying its privacy policy, but it's not illegal, and another marketing company might be doing the exact same thing.

Internet users need to let software companies, marketing groups, and other data-mining companies know that privacy is a very important issue. Companies need to provide plain and simple privacy policies stored in accessible places for each Web site that collects personal information. Better yet, Web sites shouldn't collect personal information unless absolutely necessary. Internet users also need better laws to protect our Internet privacy, because without the government's involvement, the rules of our privacy will be left up to the companies and businesses whose interests drive their data collection policies. The US Senate is now looking at the problem with spyware and other surreptitious software, including a bill that would require manufacturers and developers to indicate that their software has monitoring code integrated into it. That's a step in the right direction, but SOHO users need to keep the pressure on to protect our Internet privacy from spyware.

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.