What is spyware?
Luffy Monday, April 09, 2007 Hackz
What is spyware?
Spyware is software that is capable of performing certain operations on your computer without your consent, such as displaying advertisements, collecting your personal information, or changing the configuration of your computer.
Other types of unwanted software can alter to your computer with results ranging from minor annoyances to causing your computer to slow down or crash. These programs have the ability to change your Web browser's home page or search page, or add additional components to your browser you may not need or want.
These programs also make it very difficult for you to change your settings back to the way you originally had them. These types of unwanted programs are often labeled as spyware.
What is adware?
Adware is software that displays advertisements. This does not mean that any software that provides advertisements or tracks your on-line activities is adware. For example, you may install a free ad-supported version of software, and you "pay" for the service by agreeing to receive targeted advertisements.
What is malware?
Malware, or malicious software, is designed specifically to damage your machine or interrupt the normal computing environment. A trojan horse, worm or virus could be classified as malware. Some advertising software can be malicious by trying to re-install itself after you have removed it.
What is parasiteware?
Parasiteware is the term for any adware that by default overwrites certain affiliate tracking links. These tracking links are used by webmasters to sell products and to help fund websites. The controversy is centered on companies like WhenU, eBates, and Top Moxie, popular makers of adware applications.
These companies release their software to assist users in getting credit for rebates, cash back shopping, or contributions to funds. To the end user, parasiteware represents little in the way of a security threat.
What is a page hijacker?
Hijacker is an application that attempts to take control of the user's homepage and replace it with one that the hijacker chooses. It is a low security threat, but is annoying. Most hijackers use stealth techniques or trick dialog boxes to perform installation.
Browser hijackers commonly do one or more of the following:
* Changes your "search" page and passes all searches to a pay-per-search site
* Changes your default home page to the company page. Sometimes the software changes them to a portal featuring porn sites
* May transmit URLs viewed toward the company server
What is a dialer?
A dialer is a type of software used by pornographic vendors. Once dialer software is downloaded, the user is disconnected from his/her modem's usual Internet service provider, is connected to another phone number and is then billed. While dialers do not spy on users they are malevolent in nature because they can cause huge financial harm to the victim.
What is a browser plugin?
A plugin is a software program that extends the capabilities of your Internet browser in a specific way. Not all browser plugins are harmful and some may be helpful. This category contains mostly dubious browser plugins such as “Search Assistant”, toolbars, etc. that have been known to transmit user data to their creators or have been installed using covert means.
What is a commercial keylogger?
Commercial keylogger is a program designed to monitor user activity. It may be used with or without consent. Since it is sold commercially, most anti-virus vendors do not detect it.
What is a commercial network management tool?
A commercial network management tool is mostly used in (large) corporations. It can log the network traffic passively (sniffing) or examine the logs of proxies, etc. Nothing is installed on the individual computers, the software runs on a central server. They can only log items that pass through the network, but not local items such as the entered passwords, keystrokes or screenshots.
What is a data miner?
A data miner’s primary function is to gather data about an end user. Some adware applications may employ data mining abilities.
What is a loyaltyware?
Loyaltyware is a sub-form of adware. Loyaltyware is a type of software that works around the concept of user loyalty by providing incentives in the form of cash, points, airline miles, or other type of goods while shopping.
What is a remote administration tool?
A remote administration tool is a tool designed to be used by network administrators to remotely control a computer on the network, usually for support or inventory purposes. It may be used for spying purposes.
What is a worm?
A worm is a virus-like program that spreads automatically to other computers by distributing itself via email or other means. A worm spreads itself by attacking other machines and copying itself to the affected machine.
Both worms and viruses are self-replicating codes that travel from machine to machine by various means. Both worms and viruses have, as their first objective, merely propagation. Both can be destructive, depending on what payload, if any, they have been given.
There are some differences in that worms may replace files, but do not insert themselves into files, while viruses insert themselves into files, but do not replace them.
How can I tell that I have spyware on my computer?You may have spyware installed on your computer if:
* You see pop-up advertisements even when you're not on a website.
* Your homepage or your browser search settings have changed without your knowledge.
* You have a new toolbar in your browser that you didn't want, and find it difficult to get rid of.
* Your computer takes longer than usual to complete certain tasks.
* You experience a sudden rise in computer crashes.
How does spyware get on my computer?
There are several ways spyware or other unwanted software can intrude your computer. A common trick is to covertly install the software during the installation of other software you want such as a music or video file sharing program.
Whenever you are installing something on your computer, make sure you carefully read all disclosures, including the license agreement and privacy statement. Sometimes the inclusion of unwanted software in a given software installation is documented, but it may appear at the end of a license agreement or privacy statement.
What is the difference between spyware and viruses?
The average Internet user has difficulty distinguishing viruses from spyware. However there are slight differences. Both are malicious software, both have the capacity to capture and destroy information, ruin performance, and disrupt business processes.
A virus seeks to infect a computer; to replicate; and to infect as many computers as possible, as quickly as possible. For example, an email-delivered virus (a worm) may search your computer's file system for your Outlook address book and send infected email messages to contacts it finds in the address book. A virus relies on email for propagation, but tries many attack vectors such as file sharing, telnet, FTP, IMs, or any services and programs on your computer that communicate with other computers.
Viruses seek to spread, but spyware tries to stay put as a parasite. Spyware disguises itself as a legitimate application or secretly resides as one more data link library (DLL) or registry setting the average user knows nothing about, so that it can collect information about you, your messaging, browsing behavior and your online preferences.
Spyware will embed itself deeply into critical components of your operating system and bloat your memory with its monitoring and collection processing executables. So where virus activities are overt and sufficiently extensive in their impact to attract attention quickly, spyware activities are typically covert and their infestations are often long lasting.
Spyware will exploit your computer of anything it can use for monetary gain, for as long as it can remain attached to the host. Spyware is content to sit on a single computer, to monitor what the user does, as is the case with tracking adware; or influence where the user visits, as is the case with targeting advertisers who use browser helper objects that pop-up ads, substitute search engines, and hijack home pages.
Viruses can be intentionally destructive and have been known to erase or corrupt file systems or abet denial of service attacks. Spyware is more interested in having the host remain healthy: a non-functional computer has neither advertising value nor revenue potential to spyware. So spyware typically remains non-destructive, unless you try to remove it.
But many spyware packages are removal resistant: you may uninstall them only to find they reappear when you reboot your computer. Others modify many critical components of a computer operating system and incomplete removal often renders the computer inoperable.
How to keep spyware off of my computer?
Here are few useful tips on how to avoid spyware infection:
* Use anti-spyware programs such as Spyware Terminator.
* Keep your anti-spyware programs current by downloading updates.
* If using Microsoft's Internet Explorer, turn off its ability to run scripts without your permission.
* Prevent spyware from transmitting data off the system by using a firewall.
* Do not click on links within pop-ups. By clicking on a pop-up link you may install spyware on your computer. Close the popup with the "X" on the title bar, do not use the "close" link, if there are any available within the window.
* Do not download programs from websites you are not familiar with.
* Be careful of unexpected dialog boxes asking whether you want to perform an action. If you are not sure about the impact of the action, better click "NO" or close the dialog box by clicking the "X" icon in the title bar.
* Do not follow email links offering anti-spyware software. These links may actually install the spyware they claim to be keeping off your system.
Is there any legal protection against spyware?Although the Can-Spam law that has been in effect for a year, it hasn't had much success against unsolicited email. Legal experts and business technology professionals remain hopeful that laws aimed at reducing adware and spyware will fare somewhat better.
States are moving forward in crafting anti-spyware legislation. Last March, then Utah Gov. Olene Walker signed into law the Spyware Control Act that bans the installation of spyware without the user's consent. Earlier of this year, a similar law went into effect in California enforcing a $1,000 penalty per violation. As the 109th Congress recently convened Rep. Mary Bono, R-Calif., reintroduced her anti-spyware bill that includes civil fines up to $3 million for violators.
Still, Michael Overly, a technology attorney with the law firm of Foley & Lardner, says that the new laws aren't entirely necessary because the federal Computer Fraud and Abuse Act already makes it illegal for unauthorized system intrusions.
Other legal experts point out that Title 5 of the Federal Trade Commission Act enables the FTC to track down anyone conducting deceptive trade practices, and the Electronic Communications Privacy Act also could be used against those who send out spyware.