Skip to comments.Your computer may not be as secure as you think, thanks to 'spyware'
Posted on 10/28/2002 7:12:41 PM PST by Nachum
YOKOSUKA NAVAL BASE, Japan Spies could be lurking through the corridors of your computer, taking note of what you type, where you surf and with whom you talk online.
They could be reporting this information to numerous companies and individuals, amassing huge secret files about you and your family.
And possibly the most galling thing about this is that you may have given them permission to be there.
Spyware, as theyre called in computer jargon, are tiny programs that bury themselves deep in the recesses of your computer, not taking up much space but playing Big Brother to everything you do online.
Kevin Monis, a network administrator at Yokosuka Naval Base, Japan, said these programs, supposedly used for market research, can be utilized for darker purposes.
The potential is there, he said. From the standpoint of a terrorist looking for information, if they were able to easily break into something, they could see what measures the base is taking to respond to a specific attack.
If you disrupt the base communications while at the same time maybe physically attacking the base, it could just be a catastrophe.
Monis said the base network takes very strong protective measures to ward off such intrusive programs. He declined to specify but said the measures are along the lines of what every company should be doing.
But for the most part, Monis said, programmers tend to be more interested in information they can market to others, selling it to companies that have interest in your Web-surfing habits.
I call it dishonest, he said. You think youre getting this, but in reality, youre getting that and some other things you didnt want.
Spywares advent really took hold when computer users began demanding more from Internet sites they visited, Monis said.
The users have demanded whiz-bang interfaces nice gee-whiz kind of screens like you might see on CNN.com people want to see real-time information on their screens, he said.
Among the easiest ways to do this is to create programs that interact with the Web browser or software that allows users to access the Internet.
Programs are downloaded that tell the browser what to do. They also can instruct other parts of your computer to do things, such as keep a log of your keystrokes, access records of Web sites youve visited and send that information through your modem or other Internet connection to specific Web sites.
So I give permission for this program to be installed, but I didnt read the fine print where it says I said it was OK to track my demographics, he said.
The programs also use your Internet connection to transmit the information back to whomever is asking for it. This transfer takes up your bandwidth, which can slow Internet access.
Thats the most insulting part of it, Monis said.
He said it doesnt usually happen on computers with network firewalls, which restrict access by allowing only certain information to pass and only through particular portals, or electronic routes that allow access, either to Web sites or individual computers.
You got a much better situation when youre behind the firewall, Monis added.
But breaching a firewall does happen occasionally, he admitted, adding that many computer users are unaware of the dangers these programs can present.
The average person takes no precautions whatsoever, he said. They dont know there are ways to protect themselves against some forms of these programs.
The simplest is to adjust your browsers security level, he said: When you go to the Web sites that have this type of spyware, because your security is closed tighter, it wont be able to get into your computer.
Another defense mechanism, if you use high-speed access such as DSL, is a network router, Monis said. It masks your computers IP address, an identifying number every computer must have to be recognized and allowed to connect to the Internet.
Its not foolproof but far and away one of the easiest ways to cut down your exposure to malicious attack, he said.
Users also can delete the tiny bits of information some sites leave on your computer to remember you, called cookies.
On the surface, they are very convenient, Monis admits: They remember certain settings, or your name, thus speeding time needed to get what you want from the site but the information also could be used to target you.
Im guilty of it myself I hate like heck to dump my cookies, even though its a good idea to dump them every one or two weeks, he said.
If people used just a little bit of caution, they wouldnt have all these problems, he added. There are lots of bright people out there who are trying to crash through your front door.
I bought a laptop earlier i the year, one that came with a few months or Norton AV. The license expired and I waited a bit for the price to come down on a suite of Norton products.
Upon getting said suite or products and running them guess what shows up as a Trojan?
had to delete the file under DOS as Windows and Norton would not remove it because it was protected.
lsas.exe might be an FTP program?
csrss.exe = Win32 subsystem server process
smss.exe (and csrss.exe) are filenames commonly found in the %SystemRoot%\System32 directory. Presence of these 2 files in the System32 directory is not an indication of infection.
Mailwasher (free) looks at the e-mail waiting for you on your server and helps you "pre-delete" SPAM before you download it to your computer.
And make sure you install the Ref Update program to go with it to get updates to the signature file. New spyware comes out everyday...just like viruses. Without an updated signature file, you're not getting Zestfully clean!
What version of ZA are you running? I have a copy of ZA version 2.1.44 that might help. I've heard that earlier versions of ZA run better on ME and XP than newer versions. If you want to download it I can put it on my server for you.
Yes. A firewall will do nothing to stop spyware. A firewall is for port control only. Spyware comes in with regularly allowed traffic. Get it and run it. Win 98 won't care. You'll be fine.
Wow. You and I must be config'd almost identically. I use Mailwasher all the time and love it. I don't open the mail client unless I've run Mailwasher.
Injecting spyware onto my computer is BS.
True, but it sounds like you have a perfectly acceptable technological solution to the problem. Do you really need politicians involved?