What Is Spyware?
- Introduction
- All About Spyware
- Dangers of Spyware
- How to Combat Spyware
- How Anti-spyware Works
- Conclusion
Introduction
Spyware is a large and growing threat to Internet users. In 2003 the National Cyber Security Alliance reported that 90% of all broadband users have spyware installed on their computers.
One spyware/adware maker, Claria, claims to have its GAIN advertising software installed on over 40 million computers. And that's just one company -- many of the most popular free software today are packed with spyware and adware from many different providers, and beyond the major companies there are tens of thousands of small programs that violate users' privacy in every imaginable way.
The issue has become so large that the United States Congress is now investigating it. In late April 2004, senators Barbara Boxer, Ron Wyden and Conrad Burns introduced a bill to give the FTC the authority to force companies to tell users more about what their software does. And until that bill becomes law, spyware and adware are totally legal. There is nothing preventing this software from ravaging your computer and your privacy, and indeed there are many companies and even hackers taking advantage of this dismal opportunity.
But what is spyware after all? The name certainly sounds menacing. What can it really do? How dangerous is it in reality? And what is adware, so often mentioned in the same breath?
In this article, we'll answer all of those questions as well as the most important one of all: how do I protect myself from spyware? Although spyware is a serious problem on the Internet today, it shouldn't make you afraid to go online or use your computer. Learning more about it, and how to stop it, is a great step towards being rid of spyware completely.
All About Spyware
Speaking generally, spyware is any software that:
- is installed on your computer without your knowledge or consent, or
- tries to make it difficult (or impossible) for you to remove it, or
- sends information about you, your computer, your files or your Internet use to someone without your knowledge or consent, or
- sends information about you and discloses this to you in an obfuscated way
Adware is very similar to spyware (for example, it will often embed itself deep within your computer and make it almost impossible for you to remove it). Its main difference is that it pops up ads on your desktop constantly -- it makes its money from ads, not necessarily from selling information about you. For the purpose of this article, we'll group spyware and adware together and refer to them both as 'spyware.' You can think of spyware, then, as any software you really don't want but can't get rid of or don't even know is there.
So where does spyware come from, and how do you get it? The answer to this question is probably as large as spyware programs are numerous. Spyware often comes packaged with free software. If you download a program that says it's "ad-supported," you probably got more than you bargained for when you installed it.
File-sharing and music-sharing programs (often called "P2P") are the most serious offenders. KaZaA, BearShare, Limewire and others are packed with spyware. When you install KaZaA, for example, you get six programs in one -- KaZaA plus five spyware programs. The makers of KaZaA get paid for every person who installs the spyware from their partner companies. That's how a lot of large semi-legal companies like KaZaA make their money, but it's also popular with small software makers as well.But it's not just free software that shepherds spyware onto your computer. Some spyware you may download willingly, not knowing that it does more than originally meets the eye.
There are a number of spyware programs that are very similar to the toolbar example earlier in this article. Alexa, owned by Amazon.com, produces a toolbar which gives neat statistics on web sites' popularity, and what other sites might be interesting. What Alexa users might not know is that the toolbar sends information back to Alexa.com about every site you visit. While this is in Alexa's privacy policy, it's not obvious to someone using the toolbar.
And then there are other methods as well. Some spyware is downloaded by your web browser pseudo-automatically. If you visit certain websites, those sites will try to send spyware as a plug-in for your browser. Your browser will ask you if you want to install the plug-in; if you say yes, your computer is open to whatever that site wants to install. And even worse than that, some spyware acts like a virus to force its way onto your computer. This type of spyware is often used by hackers and can cause all manner of problems on your computer. And some spyware is commercially sold. It is used by employers to spy on employees, family members to spy on each other; anyone who has access to your computer can install this software and can then watch everything you type or everything you look at on your screen.
Dangers of Spyware
A lot of the danger of spyware is obvious -- companies are building databases about the sites you visit and the things you search for, people can watch everything you do on your computer, advertisers can shove pop-ups in your face even when you're not surfing, and hackers can even wreck your computer.
But much of the danger is hidden. Perhaps not surprisingly, spyware software is often poorly written. If your computer runs more and more slowly as it gets older, and you haven't made any changes to it to make it run more slowly, there's a good chance that it's getting clogged up with spyware. Since spyware watches everything you surf, or everything you type, and since there are many types of spyware that can all be installed on your computer at once, spyware can really kill your computer's performance.
Some computers can even be rendered unusable by spyware, so slow and so unstable that it's impossible to do anything constructive on them. And since spyware almost always hides itself, you never realize that your computer is perfectly capable of doing what you need it to do -- you assume it's broken or too old, you might buy a new computer without realizing you could just clean the spyware out of the old one.
In addition to slowing down and even crashing your computer, spyware can disrupt your Internet connection. One widely distributed spyware program, NewDotNet, forces all your Internet data to go through it before reaching the Internet. If NewDotNet is forcibly removed (or if NewDotNet crashes, which has been reported by many computer users), your entire Internet connection is broken. Nothing works: e-mail, web surfing, everything is broken. And the worst part of it, again, is that it's really difficult to figure out what the problem is. Since NewDotNet is completely hidden, you probably don't know it's installed and running, and if it crashes you don't see any warning messages. If your Internet connection stops working in the middle of the day, you have no idea what went wrong. In many cases it's likely the problem will never be resolved -- your ISP will ask you to reinstall its software which won't help, and will continually assert that their network is working. There's no good way for either of you to find NewDotNet on your computer.
With these concerns and many others too numerous to list here, spyware is considered by many to be on par with viruses in terms of the power to harm your computer. And on top of that, spyware jeopardizes your privacy, something viruses don't do. For all these reasons, the danger of spyware is great.
How to Combat Spyware
Just like in dealing with viruses, there are a number of easy steps you can take to make it harder for spyware to get onto your computer in the first place. These are:
- Don't install free software, or software from people or companies you don't know or trust
- If your browser opens a window asking you to install a plug-in, say "No" unless you absolutely trust the company that made the plug-in
- If you get an e-mail with an attachment in it, don't open the attachment unless it's safe (e.g. a document or a spreadsheet, not a program)
These steps are very important for anyone, because they will protect against most viruses in addition to most spyware. Unfortunately, they don't protect you from spyware that other people install on your computer and they don't get rid of the spyware you already have.
For spyware (unlike most viruses), there is a small hope that you can actually uninstall the software. If you have spyware made by a reputable, large company (like Alexa), it will sometimes allow you to uninstall it using the Windows Add/Remove Software feature in the Control Panel.
Unfortunately, this applies to a very small minority of all spyware and it doesn't apply to any of the dangerous forms of spyware. To get rid of most spyware, and certainly all the most dangerous spyware, you'll need an anti-spyware product. Anti-spyware products work just like anti-virus -- they search your computer for known spyware, and whenever they find spyware they disable or remove it.
Given the current danger spyware poses to computer users, it's a good idea to treat spyware as seriously as viruses, and use anti-spyware software as proactively as you do anti-virus software.
How Anti-Spyware Works
Just like people, files have unique fingerprints. Anti-spyware software uses huge databases of spyware fingerprints to recognize spyware files hidden on your computer, often in the midst of regular, harmless files. The fingerprints ensure that the anti-spyware software can recognize spyware but will never recognize your data or legitimate programs on your computer.
When spyware is found, most anti-spyware products will let you disable the spyware and later recover it if you decide you want it back. This may not sound very useful, but people who use certain ad-supported free software may decide they'll put up with the spyware in order to keep using the free software they want.
Actually disabling spyware is more difficult than it might seem. Many spyware programs have advanced "satellites," little programs that hide on your computer and will reinstall the spyware if it is deleted. This leads to a very common experience with almost all anti-spyware programs -- you find spyware, disable it, and then run another scan only to find the spyware back again.
Even if the anti-spyware is advanced enough to catch the satellite too, many of the most serious spyware now use technology deep in Windows to lock their files, preventing deletion or causing them to be reinstalled by Windows itself, outside the power of anti-spyware, when your computer restarts.
SpyCatcher from Tenebril introduces a new technology to deal with these aggressive forms of spyware. SpyCatcher turns the idea of satellites against spyware. SpyCatcher has its own satellite which intercepts spyware when your computer first starts, overwriting it with blank space, and then locking it to prevent it from being replaced. This has the nice consequence that any spyware you disable will stay disabled, and often has the positive side-effect of fooling ad-supported software into thinking the spyware is still installed. Because there are now blank files where the spyware used to be (and because the ad-supported software doesn't check what's actually inside those files), many ad-supported software will still run thinking the spyware is active.
The technology behind anti-spyware has to be as complex as the spyware itself in order to counteract the aggressive methods used by spyware, and anti-spyware's fingerprint databases must be comprehensive and always up-to-date in order to catch everything that could be on your computer. Combating spyware is a hard problem, and like many hard problems it can be made simple through advanced technology.
Conclusion
Spyware is a large problem. It's large because it affects many people. It's large because the damage it causes is often profound. It's large because it's really hard to solve, both technically and legislatively. And, perhaps most unfortunately, it's large because not everyone knows about it.
Viruses make the national news every month; computer users have developed a respectful fear of them and technologists have created ways to deal with them. Spyware, on the other hand, is everywhere and very few people know about it. As a society and as individuals, we need to recognize this gathering storm on the horizon of the Internet and be ready -- for most of us, it's already here.
Looking to the long term, it's hard to expect that spyware will go away or will be legislated out of existence. Viruses have been illegal and have been targeted by serious companies for a long time, and yet they are a more critical problem today than they ever were before because of the ubiquity of the Internet.
Spyware continues to be lucrative for many companies, from advertisers to software companies that make "spy on your spouse" and "spy on your employees" titles. And the methods of infection for spyware, like viruses, are always growing. Computers and Internet connections are getting faster, making it easier for spyware to piggy back in and hide once it's installed. Computer users are becoming more comfortable with downloading software from the Internet. And the size of programs is always growing, making it harder to spot something that shouldn't be there.
As computer users, we need to recognize the danger that spyware poses and deal with it actively. Learning about another Internet-borne threat is depressing, even aggravating. But we can take simple steps, including those listed above and certainly using anti-spyware software, to protect ourselves without spending a lot of time or energy. Fortunately with spyware, the cure is not hard to swallow and the benefits -- the simple ability to use all the Internet offers without danger or fear -- are immense.
