Friday
Sep032004
Intro to Spyware
Friday, September 3, 2004 at 06:24AM TIP OF THE DAY
Intro to Spyware
I highly recommend SpyBot. It is free. And, contrary to what this article says, it does update it self automatically. Read more about Spybot in the TOTD Archive: http://totd.squarespace.com/tip-of-the-day-blog/2004/02/06/web-jacked.html
The Soft Invasion
http://ptech.wsj.com/archive/report-200408.htmlBy WALTER S. MOSSBERG
WHAT IF A private company could legally break into your house and rig your television so that it would always start up on a special station the company had created that showed deceptive ads every minute, all day? And what if, when you tried to change the station, you could choose only among obscure and dubious channels selected by the invading company?
Oh, and suppose that same sleazy company could erect billboards for phony medical cures and get-rich-quick schemes on your lawn anytime, without your permission? And suppose it could also make a record of everything you said or did in your house and sell it to other companies?
You'd be more than angry. You'd be lobbying for jail time for these guys. But something similar happens every day on the personal computers of tens of millions of people. It's offensive but legal, and it's driving its victims crazy.
This phenomenon is called spyware, or adware, and it is rapidly replacing viruses and spam as the No. 1 hassle associated with using an Internet-connected computer. Spyware is a type of software placed surreptitiously on a Windows PC, often by means of a file, downloaded from a Web site, that is either invisible or is disguised as a legitimate file.
Once on your PC, spyware can do many nefarious things. Unlike a virus, it rarely tries to destroy files or propagate itself through e-mail. Instead, it tries to seize control of key aspects of your machine and turn them into conduits for selling you junk, or for gathering information that can help others do so.
There are many forms of spyware, but the big four, which correspond to the household examples above, are:
Browser hijackers. These programs replace your browser's home or start page with one of their own. It's often disguised as something helpful, but it sends you to other pages of other slimy companies. Even if you use your browser options to change back to your real home page, the hijacker page returns once you reboot your machine.
Search hijackers. These programs intercept legitimate search requests made to Google and other real search engines and display "results" generated by phony search services whose only goal is to direct you to a limited number of sites that pay for this misdirection. Sometimes search hijackers take the form of search toolbars that seem legit but aren't.
Pop-up generators. These programs fire off pop-up ads on your PC, sometimes even when you're not using your Web browser.
Key loggers. These programs make a record of every keystroke typed on your computer, then send it back to the spyware or adware maker, or to a client of theirs.
So how can you get rid of spyware and how can you avoid it in the first place? One nearly surefire cure is to dump your Windows machine and buy an Apple Macintosh. Almost all spyware is written to run on Windows, and it simply doesn't work on a Mac, even if it gets downloaded to one.
It's possible to write spyware for a Mac and install it on a Mac, but there's little incentive to do so because of the Mac's small market share. Also, the renegade programmers who concoct spyware rarely are expert in writing Mac programs. Those same factors have spared the Mac from any serious virus attacks. So if you owned a Mac, you'd likely be spyware-free.
Assuming that changing platforms is too radical a step for most users, what can you do to stop spyware on your Windows machine? Believe it or not, neither your antivirus program nor your firewall is likely to help, because they are narrowly focused on other problems. But there are some behaviors you can avoid.
First, never download files or programs from the Internet unless you are absolutely certain what they are, who is providing them and that you really need them. If you go to a Web site and are prompted to download a special viewer program, amusing cursors or some sort of unsolicited "security" software, just refuse. Click "no" on the Windows security dialog that should appear, and close the page.
There are only a few legitimate viewer programs most Windows users will need, and they come from reputable companies such as Adobe, Real, Macromedia and Apple. It's best to go, manually, to these companies' Web sites and download, respectively, Adobe Reader, RealPlayer, Flash and QuickTime. Don't respond to pop-up offers, even for these genuine programs.
Spyware and adware authors sometimes alter the Windows security alert that pops up when you try to download something to make a spyware download look legitimate, or even urgently needed. Microsoft is planning to block this tactic in the next version of Windows, but for now, just say no.
Also, keep your kids, and everyone else in your house, away from illegal music download sites like Kazaa and from sites that offer pirated movies, TV shows and software. Even if you have somehow rationalized the theft these sites enable, they are among the biggest sources for spyware, adware and viruses, which often tag along with all the free goodies available. If you can't make your kids honest, at least force them to use only their own PCs, not yours.
Oh, and if you're tempted to look at naked pictures online, pass on sites that require you to download special software. There is plenty of X-rated material on the Web that doesn't require any special software to view.
Still, even if you follow these rules, you may get hit with spyware. It can be placed on your PC silently, without giving you a chance to click "no," through a method called "drive-by downloads."
So how do you get rid of spyware and adware? How do you banish the hijacker home pages and search engines, the pop-up generators and key loggers? I recommend three programs that can clean out most spyware and adware from your PC. Two are free: Ad-aware, available at www.lavasoftusa.com, and Spybot Search & Destroy, at beam.to/spybotsd. In fact, if you have a serious spyware infestation, I'd get both of these, as they sometimes find and remove different things. These programs must be run manually, and updated manually, to gain new capabilities against emerging spyware.
But I like a commercial antispyware program even better. It's called Spy Sweeper and is from the veteran Windows utility company Webroot, at www.webroot.com. Spy Sweeper can scan for and remove spyware and adware. But like a virus program, it also remains vigilant in the background, intercepting new infestations and updating itself with new spyware-stopping capabilities.
Spy Sweeper costs $29.95, including a year of automatic updates. After that, the subscription renewals are $14.95 a year.
I run Spy Sweeper on my Windows PC, and more than once it has warned me of a problem and stopped it. It also sweeps my hard disk of spyware and adware on a regular schedule, in case anything has slipped past its real-time blockade.
It's a shame that Windows users have to worry about viruses, spyware and other kinds of intrusions, and that they have to buy several different kinds of programs to cope with them. What's really needed is a unified solution-an inexpensive service for broadband users that would protect against viruses, spam, spyware and adware, and hacker intrusions without requiring users to do anything. Such a service would automatically download updates and quietly protect you in the background.
But until that service arrives, you do have to watch out for spyware. And you should take the steps I mentioned to avoid and remove it.
Walt Mossberg's Mossberg Report column appears monthly in SmartMoney, The Wall Street Journal Magazine of Personal Business, published by Hearst Communications Inc. and Dow Jones & Company Inc. To learn more, visit SmartMoney.com