Monday, July 12, 2004

Definition of the term Spyware

If you ask 10 experts what the term Spyware descibes you will get 10 very different answers.

So I will publish some good definitions about the term here:
  • Wikipedia:

    Strictly defined, spyware consists of computer software that gathers information about a computer user without the user's knowledge or informed consent, and then transmits this information to an external entity -- usually one that expects to be able to profit from it in some way. Data-collecting programs installed with the user's knowledge do not, properly speaking, constitute spyware, if the user fully understands what data is being collected and for whom.

    More broadly, the term spyware applies to a wide range of related malware products which do not constitute spyware in the strict sense. These products perform many different functions, including the delivery of unrequested advertising (pop-ups in particular), harvesting private information, re-routing page requests to illegally claim commercial site referral fees, and installing stealth phone dialers.

    Read the full definition of Spyware at Wikipeda

  • Webopedia:

    Any software that covertly gathers user information through the user's Internet connection without his or her knowledge, usually for advertising purposes. Spyware applications are typically bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet; however, it should be noted that the majority of shareware and freeware applications do not come with spyware. Once installed, the spyware monitors user activity on the Internet and transmits that information in the background to someone else. Spyware can also gather information about e-mail addresses and even passwords and credit card numbers.

    Spyware is similar to a Trojan horse in that users unwittingly install the product when they install something else. A common way to become a victim of spyware is to download certain peer-to-peer file swapping products that are available today.

    Definition of Spyware at Webopedia

  • Microsoft:

    Spyware is software that collects personal information from you without first letting you know what it's doing and without letting you decide whether this is OK or not. The information spyware collects can range from all the Web sites you visit to more sensitive information like usernames and passwords. You might be the target of spyware if you download music from file-sharing programs, free games from sites you don't trust, or other software programs from an unknown source.

    Spyware is often associated with software that displays advertisements, called adware. Some advertisers may covertly install adware on your system and generate a stream of unsolicited advertisements that can clutter your desktop and affect your productivity. The advertisements may also contain pornographic or other material that you might find inappropriate. The extra processing required to track you or to display advertisements can tax your computer and hurt your system performance.

    This is not to say that all software which provides ads or tracks your online activities is bad. If you sign up for a free music service and in return for that free service the company offers you targeted advertisements, it might be a fair tradeoff. Likewise, tracking online activities can be useful when displaying customized search content or personalized preferences at an online retailer.

    The key is whether or not you (or another user of your computer) have been properly notified of what the software will do and that you have provided consent to have that software installed on your computer. In other words, is the software being deceptive in what it does or how it gets onto your computer?

    Spyware related article at microsoft.com


If you find another very descriptive website about Spyware, please let me know (post a comment).



posted by emsi @ 5:24 AM   2 comments

Sunday, July 11, 2004

Anti-Spyware Software

If you enter "anti spyware software" at Google you will get around 1.5 mio results. Too much to find out which programs are really good and which ones are not worth downloading.

These are the most reliable tools to get rid of Spyware:

  • Ad-aware

    Lavasoft's tool Ad-aware was one of the first tool specialized in finding Spyware and Adware. The software detects Spyware files, tracking cookies and registry keys of Spyware programs. The freeware version of Ad-aware doesn't contain the background protection. The professional version costs US$ 39.95. The tool has been created in Sweden.

    More Information at Lavasoft.


  • SpyBot - Search & Destroy

    The German programmer Patrick M. Kolla created the Spyware scanner Spybot - Search & Destroy. Equal to Ad-aware it detects all kinds of Spyware using a disk and registry scan. In addition it is also able to clean usage tracks, an interesting function if you share your computer with other users and don't want them to see what you worked on. The tool is completely freeware. But you can make donations to the author.

    More Information at the SpyBot website.


  • a-squared (a²)

    a-squared is a brand new program created in Austria which is specialized in finding Spyware, Trojans, Dialers and Internet-Worms (Worm-Viruses). The a² free version doesn't include a background protection and is freeware. a² personal comes with an advanced background guard containing an intrusion detection system (IDS). The IDS is able to detect Spyware by its behaviour, not by signatures like all other scanners. So it is able to block also new Spyware without the need of daily online updates.

    Learn more about this Spyware protection system at Emsisoft.

posted by emsi @ 6:13 AM   0 comments

Thursday, July 01, 2004

Difference between Spyware and Trojans

The term "Trojan Horse" is frequently confused with Spyware. Some vendors say: Our software detects Ad-Trojans. Here you must distinguish between Ad-Trojans and classic Trojans.

Ad-Trojans are not harmful. They only install themselves on the target computer without letting the user know, to create a surfing profile. But they are not harmful. The main idea behind Ad-Trojans is to show the user personalized ads, matching the user's interests.

Classic Trojans are mostly Backdoors which opens the computer for others. They allow full remote administration of the PC. An attacker is able to watch you while you are surfing the web, log your keyboard input with a keylogger, view your monitor's content, use your microphone to hear what you are saying and also use your webcam (if available) to watch what you are doing in fron of the PC. Backdoor Trojans are really harmful. Not only because anyone can steal personal documents and files from your machine. The real danger is the fact, that your computer can also be misused by spammers to send millions of emails or can also be misused to act like a filesharing server for illegal files and porn.

So if you are searching for a Spyware scanner software, ensure to have also a real Trojan Horse protection running on your computer system. Programs like Ad-aware or SpyBot don't protect you from most Backdoor Trojans.

posted by emsi @ 1:51 AM   0 comments