| What is a Spyware? |
| Spyware is computer software that is installed surreptitiously on a personal computer to intercept or take partial control over the user's interaction with the computer, without the user's informed consent. While the term spyware suggests software that secretly monitors the user's behavior, the functions of spyware extend well beyond simple monitoring. |
| Spyware programs can collect various types of personal information, but can also interfere with user control of the computer in other ways, such as installing additional software, redirecting Web browser activity, or diverting advertising revenue to a third party. |
| In response to the emergence of spyware, a small industry has sprung up dealing in anti-spyware software. Running anti-spyware software has become a widely recognized element of computer security best practices for Microsoft Windows desktop computers. A number of jurisdictions have passed anti-spyware laws, which usually target any software that is surreptitiously installed to control a user's computer. |
| Route of infection |
| Spyware does not directly spread in the manner of a computer virus or worm: generally, an infected system does not attempt to transmit the infection to other computers. Instead, spyware gets on a system through deception of the user or through exploitation of software vulnerabilities. |
| Most spyware is installed without users being aware. Since they tend not to install software if they know that it will disrupt their working environment and compromise their privacy, spyware deceives users, either by piggybacking on a piece of desirable software such as Kazaa, or tricking them into installing it (the Trojan horse method). Some "rogue" anti-spyware programs even masquerade as security software. |
| Spyware usually gets onto your machine because of something you do, like clicking a button on a pop-up window, installing a software package or agreeing to add functionality to your Web browser. These applications often use trickery to get you to install them, from fake system alert messages to buttons that say "cancel" when they really do the opposite.Here are some of the general ways in which Spyware finds its way into your computer: |
| • Piggybacked software installation - Some applications -- particularly peer-to-peer file-sharing clients -- will install spyware as a part of their standard install. If you don't read the installation list closely, you might not notice that you're getting more than the file-sharing application you want. This is especially true of the "free" versions that are advertised as an alternative to software you have to buy. There's no such thing as a free lunch. |
 |
| While it officially claims otherwise, Kazaa has been known to include spyware in its download package. |
| • Drive-by download - This is when a Web site or pop-up window automatically tries to download and install spyware on your machine. The only warning you might get would be your browser's standard message telling you the name of the software and asking if it's okay to install it. |
 |
| Internet Explorer security warning |
| If your security settings are set low enough, you won't even get the warning. |
| • Browser add-ons - These are pieces of software that add enhancements to your Web browser, like a toolbar, animated pal or additional search box. Sometimes, these really do what they say they do but also include elements of spyware as part of the deal. Or sometimes they are nothing more than thinly veiled spyware themselves. Particularly nasty add-ons are considered browser hijackers -- these embed themselves deeply in your machine and take quite a bit of work to get rid of. |
 |
| Bonzi Buddy is an "add-on" application that includes spyware in its package. |
| • Masquerading as anti-spyware - This is one of the cruelest tricks in the book. This type of software convinces you that it's a tool to detect and remove spyware. |
| • Provide the ability to interact with another program or a Web site (For example, the HowStuffWorks screensaver keeps the mouse active, which allows you to click on several different icons to access specific areas of the HowStuffWorks Web site.) |
 |
| When you run the tool, it tells you your computer is clean while it installs additional spyware of its own. |
| What Spyware can do? |
| Spyware can do any number of things once it is installed on your computer. |
| At a minimum, most spyware runs as an application in the background as soon as you start your computer up, hogging RAM and processor power. It can generate endless pop-up ads that make your Web browser so slow it becomes unusable. It can reset your browser's home page to display an ad every time you open it. Some spyware redirects your Web searches, controlling the results you see and making your search engine practically useless. It can also modify the DLLs (dynamically linked libraries) your computer uses to connect to the Internet, causing connectivity failures that are hard to diagnose. |
| Certain types of spyware can modify your Internet settings so that if you connect through dial-up service, your modem dials out to expensive, pay telephone numbers. Like a bad guest, some spyware changes your firewall settings, inviting in more unwanted pieces of software. There are even some forms that are smart enough to know when you try to remove them in the Windows registry and intercept your attempts to do so. |
| The point of all this from the spyware makers' perspective is not always clear. One reason it's used is to pad advertisers' Web traffic statistics. If they can force your computer to show you tons of pop-up ads and fake search results, they can claim credit for displaying that ad to you over and over again. And each time you click the ad by accident, they can count that as someone expressing interest in the advertised product. |
| Another use of spyware is to steal affiliate credits. Major shopping sites like Amazon and eBay offer credit to a Web site that successfully directs traffic to their item pages. Certain spyware applications capture your requests to view sites like Amazon and eBay and then take the credit for sending you there. |
| Snitches and Sneaks |
| There are computer programs that truly "spy" on you. There are applications designed to silently sit on your desktop and intercept personal information like usernames and passwords. These programs include Bugdrop, Back Orifice and VX2. These are more like viruses or hacker tools than spyware. |
| Preventions |
| As the spyware threat has worsened, a number of techniques have emerged to counteract it. These include programs designed to remove or to block spyware, as well as various user practices which reduce the chance of getting spyware on a system. |
| Nonetheless, spyware remains a costly problem. When a large number of pieces of spyware have infected a Windows computer, the only remedy may involve backing up user data, and fully reinstalling the operating system. |
| Anti-spyware programs |
| Many programmers and some commercial firms have released products designed to remove or block spyware. Steve Gibson's OptOut, mentioned above, pioneered a growing category. Programs such as Lavasoft's Ad-Aware SE and Patrick Kolla's Spybot - Search & Destroy rapidly gained popularity as effective tools to remove, and in some cases intercept, spyware programs. More recently Microsoft acquired the GIANT AntiSpyware software, rebranding it as Windows AntiSpyware beta and releasing it as a free download for Genuine Windows XP and Windows 2003 users. In early spring, 2006, Microsoft renamed the beta software to Windows Defender, and it was released as a free download in October 2006. Microsoft currently ships the product for free with Windows Vista. |
| Other well-known anti-spyware products include: |
| • ParetoLogic's Anti-Spyware and XoftSpy SE |
| • PC Tools's Spyware Doctor |
| • Sunbelt Software's Counterspy |
| • Trend Micro's HijackThis |
| • Webroot Software's Spy Sweeper |
| Major anti-virus firms such as Symantec, McAfee and Sophos have come later to the table, adding anti-spyware features to their existing anti-virus products. Early on, anti-virus firms expressed reluctance to add anti-spyware functions, citing lawsuits brought by spyware authors against the authors of web sites and programs which described their products as "spyware". However, recent versions of these major firms' home and business anti-virus products do include anti-spyware functions, albeit treated differently from viruses. |
| Symantec Anti-Virus, for instance, categorizes spyware programs as "extended threats" and now offers real-time protection from them (as it does for viruses). Recently, the anti-virus company Grisoft, creator of AVG anti-virus program, acquired anti-spyware firm Ewido Networks, re-labeling their Ewido anti-spyware program as AVG Anti-Spyware. This shows a trend by anti virus companies to launch a dedicated solution to spyware and malware. Zone Labs, creator of Zone Alarm firewall have also released an anti spyware program. |
| Preventions |
| As the spyware threat has worsened, a number of techniques have emerged to counteract it. These include programs designed to remove or to block spyware, as well as various user practices which reduce the chance of getting spyware on a system. |
| Nonetheless, spyware remains a costly problem. When a large number of pieces of spyware have infected a Windows computer, the only remedy may involve backing up user data, and fully reinstalling the operating system. |
| Anti-spyware programs |
| Many programmers and some commercial firms have released products designed to remove or block spyware. Steve Gibson's OptOut, mentioned above, pioneered a growing category. Programs such as Lavasoft's Ad-Aware SE and Patrick Kolla's Spybot - Search & Destroy rapidly gained popularity as effective tools to remove, and in some cases intercept, spyware programs. More recently Microsoft acquired the GIANT AntiSpyware software, rebranding it as Windows AntiSpyware beta and releasing it as a free download for Genuine Windows XP and Windows 2003 users. In early spring, 2006, Microsoft renamed the beta software to Windows Defender, and it was released as a free download in October 2006. Microsoft currently ships the product for free with Windows Vista. |
| Other well-known anti-spyware products include: |
| • ParetoLogic's Anti-Spyware and XoftSpy SE |
| • PC Tools's Spyware Doctor |
| • Sunbelt Software's Counterspy |
| • Trend Micro's HijackThis |
| • Webroot Software's Spy Sweeper |
| Major anti-virus firms such as Symantec, McAfee and Sophos have come later to the table, adding anti-spyware features to their existing anti-virus products. Early on, anti-virus firms expressed reluctance to add anti-spyware functions, citing lawsuits brought by spyware authors against the authors of web sites and programs which described their products as "spyware". However, recent versions of these major firms' home and business anti-virus products do include anti-spyware functions, albeit treated differently from viruses. |
| Symantec Anti-Virus, for instance, categorizes spyware programs as "extended threats" and now offers real-time protection from them (as it does for viruses). Recently, the anti-virus company Grisoft, creator of AVG anti-virus program, acquired anti-spyware firm Ewido Networks, re-labeling their Ewido anti-spyware program as AVG Anti-Spyware. This shows a trend by anti virus companies to launch a dedicated solution to spyware and malware. Zone Labs, creator of Zone Alarm firewall have also released an anti spyware program. |