and Spyware – What is it? How to Guard Against it?
by Greg Hanger
Many of us have heard of adware, and by now most of us have even heard about
spyware. In recent months these sometimes nefarious programs have become
an overwhelming issue for computer users. Victims many times have
unintentionally allowed software to be installed on there systems that
interferes with computer performance. At the extreme these software pests
can damage a computer’s operating system to the point of no return
creating a costly reinstallation of operating system software, and programs.
The good news is no one has to put up with adware or spyware, and prevention
is the cure. In this article I will explain in greater detail exactly what
these software programs do, and how to avoid bogging down computer hardware
is defined by “webattack.com” as a product that is available for free and in
exchange displays advertising banners within the software interface.
Instead of you having to pay for the software, the company creates revenue
by selling advertising space in the software product.
is defined by “netlingo.com” as software that gathers information about a
user as he or she navigates around the Web. It is intended to “track”
surfing habits in order to build marketing profiles. Spyware is often
included in “free downloads” from the Web, where the license agreement
(which so many of us accept without reading) may mention that information
about your habits will be transmitted back to the company’s website, but not
information specifically about you.
Good, the Bad and the Ugly
Although abuse exists all adware is not necessarily bad. Adware should only
be viewed as a problem when it does not function in a way that is fully
disclosed and understood by the user. For example Internet service provider
Netzero provides a useful service in exchange for advertising that appears
when you logon to their network. Many who use a free service may find that
they are not getting much for the advertising they endure, but it is fully
disclosed and appears to be honest. Many other examples exist. Google
Toolbar, AOL Instant Messenger, Netscape Radio etc. While I personally do
not recommend installing any of these programs; they do attempt to disclose
what is happening, and might provide a valuable service for some people.
If you decide to take the adware plunge, always read the license agreements
and privacy policies to avoid a nasty surprise. Free software that uses
advertising is a tradeoff between the advertising, and tracking of your
information and the utility of the program.
When do they cross the line and become bad? Unscrupulous products may
piggyback on existing software without sufficient or any disclosure. Adware
that calls itself freeware or shareware is an abuse. In addition, if the
advertising or tracking spyware is not fully disclosed it is abusive
without your knowledge. Software that changes the behavior of your web
browser without your consent is abuse. For example software that changes
your default homepage and the behavior of your browser without your consent
is abusive. Pop-up browser windows are probably the most annoying of these
changes. Spyware at its worst may attempt to monitor user activity on the
Internet and transmits that information in the background to someone else. Spyware
potentially could be used to gather information about email and even
passwords and credit card numbers, although I am not personally aware of
In addition, so called free software may lead to problems. For example use
of file sharing programs like WinMX or Kazaa may result in ethical or legal
problems in addition to exposing the user to an overload of advertising.
company, Claria (formerly known as Gator) delivers contextual advertising in
the form of pop-ups. Their software builds a profile of your surfing
habits. This information is collected and stored on a file on your computer
identifiable through your IP address. The information is then collected from
your computer while you browse the internet. I recommend avoiding all
adware from this company including eWallet, DateManager, WeatherScope, and
PrecisionTime. eWallet keeps track of the data you enter on web forms
(including credit cards) so it can autofill the data for you later.
DateManager provides appointment alarms and date reminders. WeatherScope
shows the current and forecast weather. PrecisionTime keeps your system
clock up to date.
is the Cure
The best way to avoid the issues created by adware and spyware is to not
install it. A pop-up blocker is a first line of defense. Much of the
unscrupulous spyware I have seen installed on work computers was the result
of responding to a pop-up. Generally the user is tricked into giving
permission. For example one user I know responded to a pop-up that offered
to correct the time on her windows clock. One “yes” click later and she had
turned her machine into an advertising dedicated device.
Windows XP recently released an update (service pack 2 or SP2) which adds
pop-up blocking, and other security features making adware and spyware much
more difficult to install. I have been using the service pack for a month
or so and highly recommend it. However your network administrator should
test the service pack with your office applications before rolling it out to
the entire office.
The pop-up blocker seems to be very effective, and unobtrusive. The blocker
provides information about blocked pages. Below is an example of the yellow
bar that appears in Internet Explorer alerting the user to a blocked page.
user can right click on this bar to reveal options on how to allow pop-ups.
You have the option to always allow pop-ups at this site, or temporarily
allow pop-ups. You might want to allow a pop-up when it is part of a site
you use that has pop-up tools or notifications you need. For example CCH
Internet Tax Research NetWork notifies the user that they are about to be
logged off. Pop-up blockers will prevent this notification from appearing.
Users can configure this blocker to always allow this window.
New security warnings help users avoid the issue of programs installing
without their knowledge.
Permission must be given to install items accessed over the Internet. In
addition, ActiveX, a set of technologies from Microsoft that enables
interactive content for the World Wide Web, requires permission to install.
The service pack also enables the built in internet firewall to be enabled
If you have not upgraded to Windows XP, or you already have a spyware
problem two free solutions exist for dealing with this issue, first, Spybot
Search & Destroy
http://www.safer-networking.org and second, Ad-Aware by Lavasoft
http://www.lavasoftusa.com. I recommend running both of these products
if you have a problem.
Download and update the Spybot software first. Run it to remove adware and
spyware from your machine. Then download, update, and run the Ad-Aware
software. Accept the Spybot options to protect your
machine if you would like to safeguard against
problems. In addition the Spybot software offers the opportunity to backup
your computer settings or registry. I recommend you do this just in case.
Note that you might be required to reboot your machine and run the software
again to remove programs running in the background on your machine. The
software products will provide you with caveats concerning the removal of
adware. You will be warned that adware will be removed and therefore will
not function. Running these programs does pose a risk of damaging your
system; however, the risk posed by most spyware is greater.
If you want to avoid pop-ups and you are not running Windows XP, I suggest
you consider the free pop-up blocker from Google. MSN and Yahoo also offer
pop-up blockers. Yahoo has one that claims to scan for spyware. I found
the Google blocker relatively unobtrusive and easy to configure. Check out
this site before you decide on a free pop-up blocker
http://www.you-niversity.com/help/popup/popups.htm it has information on
configuring these blockers.
If you want to be more aggressive in avoiding spyware and adware that
capitalize on Microsoft’s Internet Explorer, an alternative might be to
consider Mozilla’s Foxfire browser. See
http://www.mozilla.org for more information. This browser has many
interesting features such as the ability to open multiple web pages and tab
between them. I have not tried out this alternative as I understand a
drawback is that some web pages just don’t work with it.
Larger offices should consider restricting user rights to install software
as a solution to avoiding the problem. The Windows operating system is
easily configured to restrict a user’s ability to install software. Smaller
offices without a network administrator or offices running a multitude of
frequently updated software may find this to be too restrictive.
Adware and spyware are essentially an outgrowth, and many times an abuse of
the interactivity built into web browsing software. The browsers ability to
remember information about sites users visit (cookies) can be a useful
tool. And ActiveX and Java tools that create an interactive web browsing
experience add depth and interest to the Internet. An industry has evolved
that attempts to abuse these tools in order to gather marketing information
or sell sometimes legitimate, but many times illegal, illicit, or fraudulent
goods and services.
The good news is that these problems can often be easily avoided and
prevention is the cure. Tools available by updating your Windows XP
operating system to service pack 2, and/or installing software available for
free on the Internet should all but eliminate the issue. Policies
restricting the installation of new software packages may also help prevent
the problem. As with all computer security issues a trade off exists
between the cost of preventing the problem and the benefit obtained by doing