Spyware is a large and growing threat to Internet users. In 2003 the
National Cyber Security Alliance reported that 90% of all broadband
users have spyware installed on their computers.
One spyware/adware maker,
Claria, claims to have its GAIN advertising software installed on over
40 million computers. And that's just one company -- many of the most
popular free software today are packed with spyware and adware from
many different providers, and beyond the major companies there are tens
of thousands of small programs that violate users' privacy in every
imaginable way.
The issue has become so large that the United States
Congress is now investigating it. In late April 2004, senators Barbara
Boxer, Ron Wyden and Conrad Burns introduced a bill to give the FTC
the authority to force companies to tell users more about what their
software does. And until that bill becomes law, spyware and adware
are totally legal. There is nothing preventing this software from ravaging
your computer and your privacy, and indeed there are many companies
and even hackers taking advantage of this dismal opportunity.
But what is spyware after all? The name certainly sounds menacing.
What can it really do? How dangerous is it in reality? And what is
adware, so often mentioned in the same breath?
In this article, we'll
answer all of those questions as well as the most important one of
all: how do I protect myself from spyware? Although spyware is a
serious problem on the Internet today, it shouldn't make you afraid to
go online or use your computer. Learning more about it, and how to stop
it, is a great step towards being rid of spyware completely.
Speaking generally, spyware is any software that:
- is installed on your computer without your knowledge or consent, or
- tries to make it difficult (or impossible) for you to remove it, or
- sends information about you, your computer, your files or your Internet use to someone without your knowledge or consent, or
- sends information about you and discloses this to you in an obfuscated way
Adware is very similar to spyware (for example, it will often
embed itself deep within your computer and make it almost impossible for
you to remove it). Its main difference is that it pops up ads on your desktop
constantly -- it makes its money from ads, not necessarily from selling
information about you. For the purpose of this article, we'll group
spyware and adware together and refer to them both as 'spyware.' You can
think of spyware, then, as any software you really don't want but can't
get rid of or don't even know is there.
So where does spyware come from, and how do you get it? The answer to
this question is probably as large as spyware programs are numerous.
Spyware often comes packaged with free software. If you download
a program that says it's "ad-supported," you probably got more than
you bargained for when you installed it.
File-sharing and music-sharing programs
(often called "P2P") are the most serious offenders. KaZaA, BearShare,
Limewire and others are packed with spyware. When you install KaZaA, for
example, you get six programs in one -- KaZaA plus five spyware programs.
The makers of KaZaA get paid for every person who installs the spyware
from their partner companies. That's how a lot of large semi-legal
companies like KaZaA make their money, but it's also popular with
small software makers as well.
But it's not just free software that shepherds spyware onto your
computer. Some spyware you may download willingly, not knowing that it
does more than originally meets the eye.
There are a number of spyware
programs that are very similar to the toolbar example earlier in this
article. Alexa, owned by Amazon.com, produces a toolbar which gives
neat statistics on web sites' popularity, and what other sites might
be interesting. What Alexa users might not know is that the toolbar
sends information back to Alexa.com about every site you visit. While
this is in Alexa's privacy policy, it's not obvious to someone using
the toolbar.
And then there are other methods as well. Some spyware is downloaded
by your web browser pseudo-automatically. If you visit certain websites,
those sites will try to send spyware as a plug-in for your browser.
Your browser will ask you if you want to install the plug-in; if you say
yes, your computer is open to whatever that site wants to install.
And even worse than that, some spyware acts like a virus to force its
way onto your computer. This type of spyware is often used by hackers
and can cause all manner of problems on your computer. And some spyware
is commercially sold. It is used by employers to spy on employees, family
members to spy on each other; anyone who has access to your computer
can install this software and can then watch everything you type or
everything you look at on your screen.
A lot of the danger of spyware is obvious -- companies are building
databases about the sites you visit and the things you search for,
people can watch everything you do on your computer, advertisers can
shove pop-ups in your face even when you're not surfing, and hackers
can even wreck your computer.
But much of the danger is hidden. Perhaps not surprisingly, spyware
software is often poorly written. If your computer runs more and more
slowly as it gets older, and you haven't made any changes to it to make
it run more slowly, there's a good chance that it's getting clogged up
with spyware. Since spyware watches everything you surf, or everything
you type, and since there are many types of spyware that can all be
installed on your computer at once, spyware can really kill your
computer's performance.
Some computers can even be rendered unusable
by spyware, so slow and so unstable that it's impossible to do anything
constructive on them. And since spyware almost always hides itself,
you never realize that your computer is perfectly capable of doing what
you need it to do -- you assume it's broken or too old, you might
buy a new computer without realizing you could just clean the spyware
out of the old one.
In addition to slowing down and even crashing your computer, spyware
can disrupt your Internet connection. One widely distributed spyware
program, NewDotNet, forces all your Internet data to go through it
before reaching the Internet. If NewDotNet is forcibly removed (or
if NewDotNet crashes, which has been reported by many computer users),
your entire Internet connection is broken. Nothing works: e-mail,
web surfing, everything is broken. And the worst part of it, again,
is that it's really difficult to figure out what the problem is.
Since NewDotNet is completely hidden, you probably don't know it's
installed and running, and if it crashes you don't see any warning
messages. If your Internet connection stops working in the middle of
the day, you have no idea what went wrong. In many cases it's likely
the problem will never be resolved -- your ISP will ask you to reinstall
its software which won't help, and will continually assert that their
network is working. There's no good way for either of you to find NewDotNet
on your computer.
With these concerns and many others too numerous to list here, spyware
is considered by many to be on par with viruses in terms of the power
to harm your computer. And on top of that, spyware jeopardizes your
privacy, something viruses don't do. For all these reasons, the
danger of spyware is great.
Just like in dealing with viruses, there are a number of easy steps
you can take to make it harder for spyware to get onto your computer
in the first place. These are:
- Don't install free software, or software from people or companies you don't know or trust
- If your browser opens a window asking you to install a plug-in, say "No" unless you absolutely trust the company that made the plug-in
- If you get an e-mail with an attachment in it, don't open the attachment unless it's safe (e.g. a document or a spreadsheet, not a program)
These steps are very important for anyone, because they will protect against
most viruses in addition to most spyware. Unfortunately, they don't
protect you from spyware that other people install on your computer and
they don't get rid of the spyware you already have.
For spyware (unlike most viruses), there is a small hope that you can
actually uninstall the software. If you have spyware made by a reputable,
large company (like Alexa), it will sometimes allow you to uninstall it
using the Windows Add/Remove Software feature in the Control Panel.
Unfortunately, this applies to a very small minority of all spyware and
it doesn't apply to any of the dangerous forms of spyware. To get rid of
most spyware, and certainly all the most dangerous spyware, you'll
need an anti-spyware product. Anti-spyware products work just like
anti-virus -- they search your computer for known spyware, and whenever
they find spyware they disable or remove it.
Given the current danger spyware poses to computer users, it's a good
idea to treat spyware as seriously as viruses, and use anti-spyware software
as proactively as you do anti-virus software.
Just like people, files have unique fingerprints. Anti-spyware software
uses huge databases of spyware fingerprints to recognize spyware files
hidden on your computer, often in the midst of regular, harmless files.
The fingerprints ensure that the anti-spyware software can recognize
spyware but will never recognize your data or legitimate programs on
your computer.
When spyware is found, most anti-spyware products will let you disable
the spyware and later recover it if you decide you want it back. This
may not sound very useful, but people who use certain ad-supported free
software may decide they'll put up with the spyware in order to keep using
the free software they want.
Actually disabling spyware is more difficult than it might seem. Many
spyware programs have advanced "satellites," little programs that hide
on your computer and will reinstall the spyware if it is deleted.
This leads to a very common experience with almost all anti-spyware programs --
you find spyware, disable it, and then run another scan only to find
the spyware back again.
Even if the anti-spyware is advanced enough
to catch the satellite too, many of the most serious spyware now use
technology deep in Windows to lock their files, preventing deletion or
causing them to be reinstalled by Windows itself, outside the power
of anti-spyware, when your computer restarts.
SpyCatcher from Tenebril introduces a new technology to deal with
these aggressive forms of spyware. SpyCatcher turns the idea of satellites
against spyware. SpyCatcher has its own satellite which intercepts
spyware when your computer first starts, overwriting it with blank space,
and then locking it to prevent it from being replaced. This has the nice
consequence that any spyware
you disable will stay disabled, and often has the positive side-effect
of fooling ad-supported software into thinking the spyware is still
installed. Because there are now blank files where the spyware used
to be (and because the ad-supported software doesn't check what's actually
inside those files), many ad-supported software will still run thinking
the spyware is active.
The technology behind anti-spyware has to be as complex as the spyware
itself in order to counteract the aggressive methods used by spyware, and
anti-spyware's fingerprint databases must be comprehensive and always
up-to-date in order to catch everything that could be on your computer.
Combating spyware is a hard problem, and like many hard problems it
can be made simple through advanced technology.
Spyware is a large problem. It's large because it affects many people.
It's large because the damage it causes is often profound. It's
large because it's really hard to solve, both technically and
legislatively. And, perhaps most unfortunately, it's large because
not everyone knows about it.
Viruses make the national news every
month; computer users have developed a respectful fear of them and
technologists have created ways to deal with them. Spyware, on the
other hand, is everywhere and very few people know about it. As a
society and as individuals, we need to recognize this gathering storm on
the horizon of the Internet and be ready -- for most of us, it's already
here.
Looking to the long term, it's hard to expect that spyware will go
away or will be legislated out of existence. Viruses have been illegal
and have been targeted by serious companies for a long time, and yet
they are a more critical problem today than they ever were before because
of the ubiquity of the Internet.
Spyware continues to be lucrative for
many companies, from advertisers to software companies that make
"spy on your spouse" and "spy on your employees" titles. And the
methods of infection for spyware, like viruses, are always growing.
Computers and Internet connections are getting faster, making it easier
for spyware to piggy back in and hide once it's installed. Computer
users are becoming more comfortable with downloading software from the
Internet. And the size of programs is always growing, making it harder
to spot something that shouldn't be there.
As computer users, we need to recognize the danger that
spyware poses and deal with it actively. Learning about another
Internet-borne threat is depressing, even aggravating. But we can
take simple steps, including those listed above and certainly using
anti-spyware software, to protect ourselves without spending a lot of
time or energy. Fortunately with spyware, the cure is not hard
to swallow and the benefits -- the simple ability to use all the
Internet offers without danger or fear -- are immense.
