Spyware
(revised 2-19-07)
Note: this is a very dynamic subject. Links are subject to change
at any time. Many sites just go away. Please let me know if links
are changed. We are not responsible if you get redirected to something
other than the original link.
You
like Gator, Alexa, Comet Cursor? Think again!
Do you trade music with file swap software? Bad news!
What is Spyware? Is it harmful? Can I detect it? Can I stop it?
These
are questions that need answers. I just read an alarming set of articles
in the January 2001 issue of Smart Computing that exposes Spyware.
A simple search on the web for spyware will bring tons of answers
about this area of concern. You can read a set of articles at www.spywareinfo.com
and at
whatis.com.
Unfortunately Smartcomputing.com has removed all the public access
to past articles.
Next
go to this site and read all
about it. Another place to learn about spyware is at spyware
guide.com. The list is currently 2332
as of Feb 2007.
OK,
So what is it?
According
to the definition in the magazine, "Spyware is a software component
installed on your PC that gathers information about you (generally
pertaining to your online activities) and transfers that information
from your PC to advertisers or other companies/individuals without
your knowledge or permission. The spyware component itself is often
incorporated into otherwise benign software, such as game demos, MP3
players, and the like. The exact information a spyware program obtains
may be something as simple as listing the MP3 selections you store
on your PC or recent Web sites that you’ve visited. In extremely malicious
cases, it may transfer password files or other sensitive information."
Here
is an interesting quote from one source: "Internet companies,
whose apparent "business model" is the exploitation of consumer trust
and ignorance, are sneaking their spyware systems into our machines
for their own purposes."
Where
does it come from?
Programs that are built into free but useful applications you’d actually
want to download and install. Even boxed, commercial software applications
may contain spyware components.
Example:
In late 1999, RealNetworks (makers of the RealPlayer media player)
was found to be gathering listening habits, preferred music genres,
and other information from anyone who installed its popular RealJukebox
program. RealNetworks asserted that it was merely profiling users
in order to customize RealJukebox. RealNetworks quickly released a
patch that let users block their personal information from reaching
the Web, but this case is particularly important, because it illustrates
just how easily a popular organization can secretly collect private
information from a huge base of unknowing users.
Spyware
can be found in cookies,
Web bugs and viruses.
A
cookie is
a small text file that a Web server sends to your hard drive via your
browser. In most cases, the cookie
remembers pages you’ve visited, or fills in information, such as user
names and passwords. Fortunately, Web sites generally don’t hide cookies,
and you can easily set your browser to warn you about receiving cookies,
or reject them entirely (so not all cookies are considered spyware).
Web
bugs are tiny image files in a Web page or HTML type e-mail message.
You don’t actually see Web bugs, and cookie filters don’t catch them.
But Web bugs can gather information ranging from your computer’s IP
(Internet Protocol) address (which identifies your computer on the
Internet) to your surfing habits. In many cases, Web bugs can access
cookies and send their information back to the Web bug’s originator.
Trojans or computer viruses. Infected systems may send user names
and passwords from popular banking programs to the person that created
the virus. Fortunately, current antivirus software can intercept and
eradicate many forms of viral spyware.
Loren's
note: I have always objected to running anti-virus software in the
past because of the conflicts that the programs cause in Windows.
I used to recommend using Go Back as a way to recover from problems,
however this discussion makes a valid point that once the harm is
done by sending data out to the world, Go Back does not recover from
that. Therefore, I am changing my mind about the need to run an UP
TO DATE ANTIVIRUS PROGRAM. I can't emphasize enough that for an antivirus
program to work, you MUST get new data files from the web VERY OFTEN.
I also just got a Trojan horse that infected me to the level that
Go Back could not recover from. I had to completely wipe out everything
and start over. Not fun and very time consuming. I did not lose any
data because I do back up often.
What
programs should I watch out for?
Adware,
Alexa, Aureate, Comet Cursor, Cydoor, Doubleclick, DSSAgent, Flyswat,
Gator, TimeSink, KaZaa, Toptext, Web3000 and Webhancer and many programs
that promise to enhance your speeds of connection or download are
suspect. Remember, THERE IS NO FREE LUNCH. If someone gives you something
for free, it may be spying on you. Ever wonder where the mailing lists
are generated that send you junk mail? Now you know.
Disclaimer:
The above list of programs was taken from various sources and my own
experience with clients and removal software. If any author of the
above programs feels they should be removed from this list, please
feel free to contact me.
As
of 1-12-04 only one site (spyware
guide.com) still maintains a list of spyware programs. The
others have dropped their lists for liability concerns or finging
it too much work to maintain.
Here
is a quote from an article in The February 2002 Smart Business Magazine
by Taylor and Jerome:
How low can advertisers go? Ambush ads are now testing the limits
of ethical behavior. Gator, a program that presents itself as your
"smart online companion," behaves like a digital wallet, remembering
passwords and offering special discounts. In fact, it's a hijacker.
Visit Staples.com with Gator installed, for example, and up pops a
promotion for free shipping from Office Depot. Click on the coupon,
and you're whisked to Office Depot's site. If you don't bite, the
software tries to nab you again at Staples' check-out screen. More
than 10 million surfers have downloaded the utility. At long last,
the Interactive Advertising Bureau has gotten huffy about programs
that shanghai surfers (Gator has reluctantly agreed to stop selling
online ads that block other ads until it works out a deal with the
IAB). All this has conveniently deflected criticism from the portals.
After all, ambush ads are even sleazier than the in-your-face ads
you'll find at MSN, Excite, Yahoo, AOL, and other high-traffic sites.
This article was posted at www.smartbusinessmag.com,
but the site has removed articles to all but subscribers.
Are
they harmful?
Do
you consider it harmful to give out personal information without your
permission?
Is
a virus harmful that sends your personal documents or information
to others without your permission?
Do
you consider it harmful for someone to sneak a program into your computer
that spies on you?
Can
I detect and remove spyware?
Yes,
there are numerous programs that can be downloaded (for free?) for
detecting and removing spyware. Do a search on the web and you will
find many. I choose not to list any here until I have time to check
them out personally.
If
you want a discussion of how our privacy is being compromised and
in what kind of ways such as the MP3 players we buy, check out this
site: http://www.privacyfoundation.org/commentary/tipsheet.asp
and be sure to click on the links that say "Gadgets That Spy"
and Bad Cookie Recipes". Then go to their home page and see what
else you can learn about privacy publicized. 1-12-04 Privacyfoundation
defunct
You
can detect and destroy spyware that is currently on your system by
downloading SpyBot.
If this link does not work, search download.com for spybot or go to
the home page here.
When you are at download.com, you will see ads for other programs
like spyban, spykiller and others. I have not tested any of these,
so you are on your own.
Feb
2007: I had a serious problem late last year that would not get solved
by any of the free programs. A search on line for the problem identified
the paid version of Spyware
Doctor as the only program that would correct what happened (Long
story). I had been using their free version & it did not solve
the problem. I bit the bullet & bought the paid version. Best
$30 bucks I ever spent. Here's what happened:
I
hit a site that put a malicious program on my computer. I had my computer
fully protected (I thought) with up-to-date free versions of AVG antivirus
& Spyware Doctor. I also had my Home page locked with Homepagelock
(if you use this, you should also have available Homepageunlock
so you can undo the lock)
The
malicious program bypassed all my protections, hijacked my home page
& no matter how I tried it came back every time I rebooted. I
searched the web for 3 days & tried every removal tool suggested.
I deleted files in Windows, modified the registry & it would come
back. Nothing worked until I bought the paid version of Spyware Doctor.
I run it continuously & use the immunize feature & have had
no problems since. The thing I like is that it warns me when I am
trying to access a site that may contain spyware. It's not perfect.
Sometimes it warns me not to go to my Yahoo e-mail, but it has kept
me away from harmful sites.
After
removing spyware from your system, then download and install a program
to block spyware from getting in to your system in the first place.
I searched download.com for "spyware block" and found 47
items, but SpywareBlaster 2.6.1 was the only free one I found.
I
just read an article in Smart Business Magazine called Radar, Along
for the Ride that calls this spying "piggyback software"
and "leechware". Sounds like good descriptions to me. You
can read the article at www.smartbusinessmag.com.
They also call it Bloodsucking. They claim that the file sharing sites
are using it. If you download music, you may be getting spyware. (1-12-04
article not available)
Some
links to spyware info sites:
spywareinfo.com,
Simply
The best, Spyware
Watch, PCHell
,(includes instructions on removing many spyware programs) ScumWare,
ThiefWare
(Click the Thiefware Ad list in the left column for some surprises)
SpyChecker, Wilders,
PC911,
PCMedix
Note: this site is provided free. Donations are accepted to help support the
work. Click here for instructions.