You may be familiar with spyware, as it has been in the news a lot in the last year or two, and finally the major software companies are responding with updates to their security software designed to defeat this annoying and potentially very damaging stuff.
While spyware is, to most people, a recent phenomenon in 2005, in fact what could be called spyware (see our definition above) effectively started back in 1996, on what at that time was the most popular ISP, America Online. There was a piece of malicious software designed to grab confidential information of subscribers, the so-called AOL Password Trojans.
Spyware is much more problematic than viruses for several important reasons:
1. The purpose of spyware is to gather information about you – the information may be fairly harmless or confidential, valuable and important
2. Spyware often works silently
3. Spyware is almost never an executable file
4. Spyware is almost entirely undetectable by traditional antivirus software methods, as well as invisible to most firewalls – so it needs to be dealt with on its own, and its presence (at least briefly) on your PC may not entirely avoidable
5. Spyware is everywhere including friendly sites, friendly software and other places, so while there are no good viruses there are some “good” or at least inert pieces of spyware
You did it by enabling cookies on your Web browser. But disabling cookies may make certain sites not function at all and certain functions within sites unavailable such as most any login, so disabling cookies is usually not the best way to avoid spyware problems. Besides, cookies are often friendly and the spyware ones are easy to separate out with scanning software.
You also did it by downloading items like pictures, video clips and music from websites. But never downloading again isn’t too practical, right?Most common places for spyware and its various subtypes to “hide” on your machine are:
• Temporary files, especially Temporary Internet Files/Browser Cache
• Cookies (these may be friendly items also)
• Favorites listings
• Registries (these are usually the most seriously bad items)
• In some cases as image files or within image files
A typical small business PC may have upwards of 100,000 files on it, so there are plenty of places for tiny non-executable files to hide.
Spyware comes from many, many places, but the most common kinds of sites are those that are for shopping or offer downloadable information, including:
• Shopping sites and portals
• Bulletin boards and information exchange sites
• Gaming sites
• Download sites
• “Lifestyle” sites such as those aimed at teenagers or brides to be
• Sites that rely on serving customer content
• Adult entertainment sites and portals
What “Friendly” Spyware/Adware Does
Regardless of where it comes from, Spyware sends information about you somewhere.
There is literally no “good” spyware if we use the definition above, but there are pieces of software that are not bad for you or your system that act somewhat like spyware – in the sense of tracking information about you – but in almost all cases you did opt in to allowing these items on your machine and they do only something legitimate.
Basically “good” spyware would be cookies and key-loggers for sites and software you have agreed to use as part of your “contract” with either, or which you are choosing to use to enable faster or more pleasant web-surfing.
Example of this would include:• Cookies for friendly sites
• Active-X controls for friendly sites
• Java scripts for friendly sites
• Key loggers for friendly software.
• Key loggers for friendly software.
o A “key logger” does what it sounds like, which is records things you do with your keyboard and mouse. For example, if you accept a trial on software that is good for 30 loads, the way the company keeps track of those loads is through a key logger. You almost certainly agreed to this in the terms, conditions or registration of the software – and a large part of the time these things are invisible and won’t harm your machine or transmit confidential information like passwords.
Adware may also include friendly cookies that help identify you, help you log in to websites with which you transact business like “legitimate” sites – for example, major search engines.
The reasons why people want to drive traffic are complex (as a web marketer you may be familiar with some of them) but the most important thing is you don’t want your machine to be a pawn in someone else’s web marketing game without your permission.
The vast majority of spyware is not friendly, and the scanning programs are very good at telling the difference.You may not be able to entirely stop spyware from entering your system, but you can minimize it through a combination of behaviors and browser settings, then find and remove it with an easy-to-use variety of software tools.
How does spyware get on your machine?Spyware enters your system through several major routes. These include:
• “Holes” in either your operating system or browser software. o The solution to most of these is “security fixes” or security patches, covered below.
• Online account registrations.
o These can be friendly. For example, if you register at Amazon.com, Amazon uses a cookie to “remember” who you are, let you sign in faster, shop more easily and get served offers and items likely to be of interest.
• Downloading images, sound or video clips.
o When you agree to download something from a website, the downloading process can bring with it software pieces you didn’t exactly agree to download! While viruses will usually be caught by virus software, spyware will almost never be caught by them because the software is differently written.
• “Active” pages on web sites including Java and Active-X o Some security experts advise against enabling these technologies as a result. For large corporations that may make sense, but the typical small business can find better ways to manage these risks while still enjoying full web functionality. See below for how.
What “Bad” (Virtually All!) Spyware DoesRegardless of where it comes from, Spyware sends information about you somewhere.
Some will try to “hijack” or take over your Web browser to “force” you to go to web sites you don’t want to visit, like the viruses known as worms. Sometimes these sites will look like “legitimate” sites – for example, major search engines. The reasons why people want to drive traffic are complex (as a web marketer you may be familiar with some of them) but the most important thing is you don’t want your machine to be a pawn in someone else’s web marketing game without your permission.
You may not be able to entirely stop spyware from entering your system, but you can minimize it through a combination of behaviors and browser settings, then find and remove it with an easy-to-use variety of software tools.
Because spyware is continually downloaded onto your machine, it needs to continually be found and removed.And the “definitions” update is even more important here than with virus programs, and, importantly, is often not automatic – so you will need to update the definitions yourself every few days.
While all the major security software companies are introducing spyware stopping products, and the latest releases of the major web browsers have some anti-spyware functionality, as of late 2005 the two best pieces of anti-spyware software remain FREE for personal use, and are quite inexpensive for business use.
Best Anti-Spyware Bets: Ad-Aware and SpyWare DoctorAd-Aware is published by the Swedish company Lavasoft. Continually updated since 1999, Ad-Aware is one of the simplest, user-friendly pieces of software for finding and deleting spyware, especially, tracking cookies and registry entries. Available direct from the publisher at www.adaware.com and also from CNET’s fantastic free site www.download.com Ad-Aware SE is highly recommended for all computer users. It is regularly updated, stable, and for non-business use, completely free.
Ad-Aware will remind you to check for updates, offers one-click scanning, and is incredibly simple to use. Definitions are updated about weekly.The main drawback (at least of the free versions) of Ad-Aware is that it offers no “automatic” scanning options, and it also tends to miss malware that is not of the tracking cookie or registry entry variety.
Also, Ad-Aware is so popular that some spyware designers have found ways to create pieces of software that specifically won’t be found by Ad-Aware, so you need a second piece of software, and at the moment our tests suggest that software should be SpyWare Doctor, which is also available for individual users for free.
SpyWare Doctor is published by PC Tools, which also has good freeware/shareware and also commercial products in the area of registry management and other security and performance enhancement items.
SpyWare Doctor is available in a “free” version which is in fact an unregistered version that has some limits when compared with the registered version, including not being able to run in the background continually, not automatically live updating and so forth. Some trial or free versions of SpyWare Doctor also have limits on the number of scans you can run, or the number of items the scan will allow you to process. If you get a “free” version that allows updates and no limits on the scans, you may find that adequate for your needs. If you get a limited “free” version you may find upgrading to the registered version is a good idea.
SpyWare Doctor offers ease of use, very thorough scanning, and a nice feature lacking in many other spyware detection and removal programs – very specific explanation of what the particular item does, where it probably came from, and how serious a threat it poses.
If you’re the type of person who likes that level of detail, SpyWare Doctor is particularly enjoyable to use. Visit www.pctools.com to learn more and try the software.
There are many other options, and they are changing all the time. Among the better ones (which can all be used alongside Ad-Aware and SpyWare Doctor) are Spybot Search and Destroy from PepiMIK, SpySubtract from Intermute, and SpyWare Blaster by JavaCool.
Chances are Norton and all the others will be offering spyware related software products or upgrades in the very near future, and www.download.com continues to feature the best in freeware, shareware, and trial versions along with a fairly reliable review system.
There is also a great site that is fully dedicated to only anti-spyware programs, and usually has downloads of all the free ones and the time-or-function limited full commercial versions as well – www.spychecker.com.
And by the way: Any time you see a pop-up window offering “anti” spyware products, don’t believe it! Most of those are in fact scams that will download software that is actually spyware masquerading as anti-spyware!
The importance of updating “definitions”Updating definitions continually is even more important with spyware products than virus products; since spyware is updated almost daily you need to update definitions almost daily, and unlike a virus scan that can be run say once per week, running a “quick” scan for spyware – which will focus on the commonest places for spyware to hide – should be done daily.
You can then run a “full scan,” perhaps once a week.You also want to update your Windows software regularly to get security patches. Whether to turn on automatic updates or not is a complex question, since some early release updates cause more problems than they solve until the bugs are worked out.
We believe in running Windows update manually every month or so, which is likely to bring you all the major security improvements without the problems of beta or version 1.0 releases, on average.
To update Windows, within Internet Explorer select the Tools menu. Then Tools > Windows Update and the rest of the process will be easy to follow.
If you do want to turn on automatic updates, you can do that via the update process the first time you visit the Windows update site, or, you can enable it via the Control Panel on your PC.
There are a few things you can do with your browser as well.