|
 |
|
| Back to home page | ||
It is easier to describe the functions of spyware than to create a definition. Spyware is often loosely defined as software that is installed on a computer without the user’s knowledge or consent, but this is not entirely accurate. Spyware is a program on your computer which gathers information and sends it back to the spyware developer via the internet (1, 3). Spyware programs can monitor user activity by logging keystrokes, sites visited and/or other personal data (5). In short "Spyware is the electronic equivalent of somebody looking over your shoulder, watching and recording every move you make."(3). Spyware is often disguised as part of a software download. The spyware can be 'tightly bundled' with the downloaded program. This means that the program the user was trying to download will not work unless the spyware is also downloaded (3). Legitimate Spyware producers who bundle their product with free ware will state somewhere in the licence agreement that the download contains spyware (10, 11, 14) Advertising companies use data gathered by spyware to find out which sites you're visiting so that can display ads that are targeted to your interest (1, 12). These ads are often displayed as pop up windows. This particular type of spyware is known as Adware.
To fully understand the importance of spyware one must understand the danger it represents. Every computer with a connection to the internet is potentially at risk from spyware. Typically a computer infected with spyware suffers from: a slower running speed (1) and a reduction in the amount of free memory on the hard disc. In some cases spyware can cause difficulty connecting to the internet (11). A severe infection of spyware can cause system crashes (4), although this is rarely the result of just a single program (11). The appearance of popup ads is the result of a special type of spyware known as adware (1, 9). These ‘pop-ups’ can block other advertisements and temporarily (in most cases) obscure the web browser. All of these factors result in a net decrease in efficiency, which combined with the cost of removing the spyware is estimated to cost as much as US$83,000 annually for some companies (13).
Spyware overwhelming a computer making it inoperable (11)
It is important to note that not all spyware is designed with malicious intent. For example windows media player checks in with its home base whenever the user asks for information about an album (2). Some companies have used spyware to help police software piracy. When the computer is connected to the internet the program connects with the company’s website and the product number is compared to the product key. This must match and they are compared against the data currently stored by the software company. If two separate computers are running the same program then one of the copies must be pirated and the provider is able to take action (10). Some freeware and non-profit organisations are funded by including spyware in their websites and/or products so that the information gathered can be sold to advertisers thereby eliminating the need to charge for their services. Spyware is also made by legitimate advertising companies looking to gather information as part of ongoing market research (9).
The majority of spyware is made by advertising companies use data gathered by spyware to find out which sites you're visiting so that can display ads that are targeted to your interest (1, 12, 14). Adware is a big business because it provides advertisers with a database of consumers and the means to communicate their product to them (14).
Some spyware is created by immoral individuals for less than ethical purposes. The information gathered by these programs can include; personal information, passwords and account information, credit card details, business and trade secrets or other confidential information. This can be used for a variety of ends such as sending spam email, identity theft, fraud, information theft and other illegal activities (1, 5, and 11)
Spyware is usually downloaded from the internet as a part of some other program the user is downloading such as a movie or song (9). Sometimes this may be mentioned in the licensing agreement for the download but not always. Spyware is often bundled as part of some freeware programs (1). Some unethical users have uploaded spyware to the internet disguised as 'antispyware' products, which means users trying to get rid of spyware currently on their computer end up adding more to it instead. Sometimes users even buy this 'antispyware' online. Most users are unaware that they are downloading spyware or adware to their computers along with the programs, leading opponents of spyware to it as unethical. Websites can also become 'infected' with spyware so that simply by visiting them and clicking on a link the user unwittingly downloads spyware. Spyware can also be emailed to a user as part of a spam email. Certain viruses can also be designed to allow spyware access an infected computer (9). In addition clicking on links on some web pages or pop up ads can cause spyware to be downloaded (11, 17).
Pop up windows like this often contain spyware which is downloaded to your computer when the OK button is clicked on (17)
There are ways to manage the risk from spyware. Only download software from the internet that if it is from a source you trust as any of the downloadable software on the internet potentially contains spyware. In particular much of the freeware on the internet contains spyware. News tickers, toolbars and screensavers are particularly notorious for including spyware (1). Microsoft’s internet explorer is particularly vulnerable to spyware because of the close relationship it has with Microsoft windows operating system (4). Most spyware is designed to enter a computer through the use of internet explorer (1). Although the latest version of Microsoft’s windows has fixed many of the problems some computer experts advise using a different internet navigation program and/or a different operating system (1). The use of a firewall can help to prevent spyware from accessing your computer (4).To ensure maximum benefit from your firewall brand be sure to set the security settings to high, the default security settings on the internet browser should be set to high also(4). Many antispyware programs will help prevent spyware from accessing your computer as well as being able to remove it (8). Antivirus programs can also help reduce the incidence of spyware because they often contain an antispyware component (6).Companies both large and small should ensure that their employees know about the potential dangers of downloading malware and that they only use the internet for work related purposes (4).
New Zealand does not have any legislation specifically designed to combat spyware, however spyware is regulated by a number of acts. In particular it is illegal to use spyware to gather email addresses for the purposes of sending spam in NZ (15). In addition NZ law specifically bans the collection of data by any means deemed to be ‘unfair’ (16). In order for information to lawfully be collected from an individual the individual must be aware that the data is being collected. They must also be aware of who is collecting that information and for what purpose, and to whom that information will be available (16). Whilst some spyware producers comply with this (10, 14), many others do not. New Zealand law also gives the individual the right to correct any information held concerning them (16). Again some manufactures comply (10) and others do not (14). Enforcement of law is difficult online as New Zealand law has no jurisdiction overseas. Whilst spyware manufacture is made considerably more difficult by NZ legislation, in the USA legislation designed to eradicate spyware has ended up outlawing the prosecution of spyware producers (7).
Before it can begin to work spyware must infiltrate the computer system. Spyware works by recording information from the infected system and web browser and transmitting it via the internet to its creator (1, 3). The exact information collected and how it is collected vary with the purpose of the spyware. Most spyware simply records the addresses of the web pages visited by the user, stores them on the users hard drive, and periodically sends the list of addresses to a predetermined site on the internet.The sending of the information can be done at anytime the computer is connected to the internet. More insidious spyware can copy parts of the users hard drive and send that as well. Spyware can also contain key logger programs (5) which can record every keystroke made by the user, this is usually done to record passwords. All this will be done without a display or notification to the user. Indeed most spyware programs are extremely hard to detect even if the user is actively searching for them. Even if the spyware is detected, removing it from the system is seldom an easy task.
Removing spyware is not as easy as uninstalling a normal program from your computer. For starters the spyware will not show up the add/remove programs menu (3). This is because spyware is designed to remain undetected by your computer, and, once detected hard to remove (1). Whilst it is possible to manually find and delete spyware programs, this Can be difficult both because the programs are hard to find and because they are resistant to destruction (5). Some especially resilient programs operate as two different programs designed so that if one is deleted the other one will instantly rewrite it, meaning the only way to permanently remove the file is to simultaneously delete both parts of the spyware program (11). Uninstalling spyware usually requires an expertise above that of the average computer user, therefore computer programmers have developed programs to seek out and remove spyware called Antispyware programs.
Antispyware programs are the easiest way to identify and remove spyware. Although most good antivirus programs will detect around ninety five percent of spyware (6), they tend to only delete part of the program rendering it inoperative but still occupying space on the hard disc (6). By contrast a good antispyware program will remove the entire program. As spyware developers are constantly attempting to get past antispyware defences and spyware removal programs (5), antispyware programs must also keep changing to keep up (11). Some antispyware uses a database of known spyware programs and compares all downloaded programs to the list of known ones; unfortunately if the program is not regularly updated then it will lose its effectiveness (11). Some spyware developers have programmed their spyware such a way that it will automatically detect and delete any competitor’s spyware found on a system that it infects. Some of these programmers have even been prosecuted for this (11).
Currently no single antispyware program will work on everything (4). This is a problem because most computers are incapable of running two antispyware programs at once (6). However it is important to remember that having even a basic antispyware program will remove 80% of spyware (8), and most users will not need to invest in multiple top tier programs to remove every trace of spyware. However antispyware products do have their disadvantages. Whilst they remove malware they can also remove cookies (5) which are required for the use of some programs such as online shopping. As discussed previously some software (such as KaZaa) won’t run without their spyware component. Perhaps for these reasons many users choose not to invest in antispyware defences. One study (8) claims 80% of computers have inadequate defences whilst 10% have no antispyware programs at all. The following are links to two freeware antispyware programs:
www.lavasoft.com
www.microsoft.com/athome/security/spyware/software
By Reuben
