Skip navigation

Spyware and the Danger of Numbers

A recent report by the Pew Internet & American Life Project proves what most of us have suspected for some time: Spyware, malicious software that's typically installed on your system surreptitiously and can perform any number of unwanted actions, is changing the way people use the Internet.

The numbers are astonishing. According to the report, 91 percent of Internet users have changed their browsing habits to avoid spyware, 81 percent have stopped opening email attachments unless they're sure the attachments are safe, almost half have stopped visiting certain Web sites because they're afraid those sites are silently installing spyware on their PCs, and 25 percent have stopped downloading music and other files from peer-to-peer (P2P) file-sharing networks. (One has to wonder why that last figure isn't higher.)

Like terrorism and global warming, spyware has created an aura of fear about it, but unlike those examples, spyware is all too often the fear of the known, not the unknown. As far back as October 2004, most Internet users had had some form of spyware installed on their PCs. That figure is likely much higher today.

Aside from the obvious problem--the theft of crucial information, including credit card numbers and passwords--spyware materially affects the PC experience. Infected computers run slower, freeze, or crash. New desktop icons and applications begin appearing. Your Microsoft Internet Explorer (IE) home page changes, or new IE toolbars appear.

I've written about spyware a lot since suffering my first Trojan attack in May 2005 while testing the Windows XP Service Pack 2 (SP2) beta. In March 2005, I addressed the spyware problem in two Windows IT Pro UPDATE articles, "Spyware: The Greatest Threat Yet to the Corporate Desktop?" and "Microsoft Takes Action Against Malware" (See URLs below). So what's changed since then? Sadly, a lot has changed.

First, spyware is now a fact of life on the Windows platform, and if you administer Windows systems, you're responsible for ensuring that spyware doesn't make it to your users' desktops. That means you need a managed antispyware solution in place sooner rather than later. Like antivirus and other electronic protections, antispyware is now part of the equation. If you don't have a way of stopping it, you're not doing your job.

Second, you need a plan to deal with electronic attacks that succeed. What happens when spyware has already infected users' systems? What happens when intruders have already stolen crucial data? Data theft is a terrifying concern for individuals but what about a corporation's data? Is your CEO's laptop adequately protected?

Finally, the spyware scourge, which the Pew Internet & American Life Project survey says is changing the population's computer using habits, is causing a more fundamental change. Most Windows IT Pro UPDATE readers are likely familiar with Apple Computer's stunningly successful iPod MP3 player. Heck, many of you probably own an iPod. I happen to own several, although that's a different story altogether. Many analysts and industry pundits had predicted that a "halo effect" from the iPod would cause customers to consider Apple's other major product, the Macintosh computer, as well. The halo effect, they said, would lead to increased Mac sales and, perhaps, change the dynamics of the computer market.

So far, it's impossible to prove that the halo effect is real. But Mac sales grew 43 percent in the first quarter of 2005 and 35 percent in the second quarter, much higher than the PC industry average of 14 percent during the first half of 2005. Analysts are now wondering aloud whether the spyware problem that bedevils Windows-based PCs--but not Macs or Linux machines--is a contributing factor to Apple's sudden success with the Mac. Some suggest it's the single biggest factor--far more relevant to new users than the iPod halo effect.

The evidence is compelling. For the first time, PC users are simply throwing out computers that are infested with spyware, rather than trying to fix them. The problem is that spyware-infested PCs are often impossible to fix. Instead, you need to wipe out the system and start over again. In managed environments, this isn't a huge problem beyond backing up crucial data, but for individuals, it's a nightmare. With PC prices now starting at less than $300--or about $500 for an entry-level Mac mini--consumers are just starting over. It's simpler.

When the personal computing market first kicked into high gear in the early 1980s, computer enthusiasts were responsible for getting big business excited about the technology. First, VisiCalc-equipped Apple II computers began appearing in businesses, followed by IBM PCs running Lotus 1-2-3. Today, Mac laptops--called PowerBooks--are beginning to appear more and more often in the planes, Internet cafes, and press rooms I frequent around the country. Tech enthusiasts--what we might call tech influencers--are turning, increasingly, to the Mac.

For Microsoft and its Windows-using customers, this change could be a problem. Or, if you're interested in a safer computing experience, it could be a solution. Although many business users require Windows-specific applications that won't run on the Mac, a good percentage of Windows users today require only very basic services, including word processing, email, and Web browsing. These needs are well served by a Mac or even by a Linux-based PC, both of which are arguably safer today than Windows machines.

Questions emerge, of course. Is a more heterogeneous environment really safer, or is that just an added layer of complexity? And are Windows alternatives more secure because they're better designed or because so few hackers attempt to infiltrate those machines? These are questions for the ages, I suppose. But in a world where spyware is only the most recent attempt at tearing down the House of Windows, I'm beginning to wonder whether the alternatives don't make some sense.

Pew Internet & American Life Project Spyware Report (PDF)

Spyware: The Greatest Threat Yet to the Corporate Desktop?

Microsoft Takes Action Against Malware

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.