Your computer may not be as secure as you think, thanks to 'spyware'

Stars and Stripes ^ | October 29, 2002 | Rick Chernitzer

[Nachum]

YOKOSUKA NAVAL BASE, Japan — Spies could be lurking through the corridors of your computer, taking note of what you type, where you surf and with whom you talk online.

They could be reporting this information to numerous companies and individuals, amassing huge secret files about you and your family.

And possibly the most galling thing about this is that you may have given them permission to be there.

“Spyware,” as they’re called in computer jargon, are tiny programs that bury themselves deep in the recesses of your computer, not taking up much space but playing Big Brother to everything you do online.

Kevin Monis, a network administrator at Yokosuka Naval Base, Japan, said these programs, supposedly used for market research, can be utilized for darker purposes.

“The potential is there,” he said. “From the standpoint of a terrorist looking for information, if they were able to easily break into something, they could see what measures the base is taking to respond to a specific attack.

“If you disrupt the base communications … while at the same time maybe physically attacking the base, it could just be a catastrophe.”

Monis said the base network takes “very strong protective measures” to ward off such intrusive programs. He declined to specify but said the measures are “along the lines of what every company should be doing.”

But for the most part, Monis said, programmers tend to be more interested in information they can market to others, selling it to companies that have interest in your Web-surfing habits.

“I call it dishonest,” he said. “You think you’re getting this, but in reality, you’re getting that and some other things you didn’t want.”

Spyware’s advent really took hold when computer users began demanding more from Internet sites they visited, Monis said.

“The users have demanded whiz-bang interfaces … nice gee-whiz kind of screens like you might see on CNN.com … people want to see real-time information on their screens,” he said.

Among the easiest ways to do this is to create programs that interact with the Web browser or software that allows users to access the Internet.

Programs are downloaded that tell the browser what to do. They also can instruct other parts of your computer to do things, such as keep a log of your keystrokes, access records of Web sites you’ve visited and send that information through your modem or other Internet connection to specific Web sites.

“So I give permission for this program to be installed, but I didn’t read the fine print where it says I said it was OK to track my demographics,” he said.

The programs also use your Internet connection to transmit the information back to whomever is asking for it. This transfer takes up your bandwidth, which can slow Internet access.

“That’s the most insulting part of it,” Monis said.

He said it doesn’t usually happen on computers with network firewalls, which restrict access by allowing only certain information to pass and only through particular portals, or electronic routes that allow access, either to Web sites or individual computers.

“You got a much better situation when you’re behind the firewall,” Monis added.

But breaching a firewall does happen occasionally, he admitted, adding that many computer users are unaware of the dangers these programs can present.

“The average person takes no precautions whatsoever,” he said. “They don’t know there are ways to protect themselves against some forms of these programs.”

The simplest is to adjust your browser’s security level, he said: “When you go to the Web sites that have this type of spyware, because your security is closed tighter, it won’t be able to get into your computer.”

Another defense mechanism, if you use high-speed access such as DSL, is a network router, Monis said. It masks your computer’s “IP address,” an identifying number every computer must have to be recognized and allowed to connect to the Internet.

“It’s not foolproof but far and away one of the easiest ways to cut down your exposure to malicious attack,” he said.

Users also can delete the tiny bits of information some sites leave on your computer to remember you, called “cookies.”

On the surface, they are very convenient, Monis admits: They remember certain settings, or your name, thus speeding time needed to get what you want from the site — but the information also could be used to target you.

“I’m guilty of it myself … I hate like heck to dump my cookies, even though it’s a good idea to dump them every one or two weeks,” he said.

“If people used just a little bit of caution, they wouldn’t have all these problems,” he added. “There are lots of bright people out there who are trying to crash through your front door.”

[martin_fierro]

Remove Spyware with AdAware

[Sir Gawain]

Yep.

[Jean S]

Thanks Martin. You forgot to mention that AdAware is free. It's a great program.

[Vidalia]

Bingo...

[I still care]

Thanks for the reminder. It's been a week since I ran my ad aware, and just found 29 components BESIDES my cookies.

[mostlyundecided]

I use AD-AWARE to get rid of spyware:

Ad-aware is a free multi spyware removal utility designed for all Win9x / ME / NT40 / W2000 platforms. It scans your system for components of known spyware parasites and lets you remove them safely. Feel free to email if you have further questions : support@lavasoftUSA.com

To download a copy of Ad-aware go to www.lavasoftUSA.com

Another option is: SPYBOT, go to www.voiceofthepublic.com

[Senator Pardek]

Dude, when I check what processes are running on my box, I find a few executables I do not recognize. How do I find out what they are (XP user)?

[Ciexyz]

Can't think of anything any site is tracking on me, except the fact I buy conservative-topic books online.

[agitator]

I had to chew out a client this afternoon over that. Misleading windoze messenger service messages were popping up on every computer, including their server, as if norton anti-virus had detected something but it was in fact spam generated by that [expletive deleted] Gator spam-ware.

I asked, "What software have you installed lately that didn't originally come with the computer I left on your desk?" The answer was a "neat little 'FREE' date manager with lots of nifty little features!"

I asked, "Did you read the ENTIRE license agreement when you installed it?" She replied "No! Nobody ever reads that stuff!"

"Well, had you bothered to read it, you would have noticed that you agreed to allow the installation of software that contacts its home base from your computer, retrieves spam, and then annoys you by popping up system messages in your face. Now that I've killed a half hour of my time, and we're going to kill another half hour of OUR time while we remove that [expletive deleted] spamware off your computer, was that thing really FREE?"

Unfortunately, I can't prohibit the client from installing software on their machines or I would have. As it is that neat little bit of "free" software was anything but "free."

[Sir Gawain]

Just start ending processes. Start with explorer.exe and go from there.

[Sir Gawain]

kidding

[FreedomPoster]

Ad-aware is on every machine I touch, set to do a complete scan on boot-up. It looks like we have a strong consensus on this thread.

Full setup at home:

Router appliance
Ad-aware everywhere
auto-updating Norton AV everywhere
Often running Zonealarm (it's been a little flakey under XP - anyone have anything better?)

[Nachum]

I just downloaded it and ran it. Interesting program, thanks.

[FlyVet]

Remove Spyware with AdAware

I run AdAware daily, and typically find four spyware cookies on my computater. What I wonder is, why isn't this junk made ILLEGAL? Know of any rebellious movements toward this goal?

[Gracey]

Thank you. You're a gem.

[Cicero]

Sometimes if a running executable is named, you can search for it on your computer and tell from its location or its Properties what it is. That isn't a bad idea, because it's good to know what your computer is up to.

I also use AdAware regularly, because my kids seem to visit sites that plant advertising spyware in my computer.

[Cicero]

Gator is certainly one of the worst of them. And Comet Cursor.

[Senator Pardek]

I use AdWare too, and there's still some weird stuff there. Good advice - I'll check where the .exe stuff is located.

[Jean S]

Start with explorer.exe and go from there.

lol, you are not a nice person.