|
February
2002 - Volume 1, Issue 1
Spyware
In many countries,
a growing number of advertisers, marketers, government agencies,
and even law enforcement agencies may be using spyware to record
the travels in cyberspace of Internet users.
Spyware is a
software component installed on your PC that gathers information
about you (generally pertaining to your online activities) and transfers
that information from your PC to advertisers or other companies/individuals
without your knowledge or permission. The spyware component itself
is often incorporated into otherwise benign software, such as game
demos, MP3 players, and the like. The exact information a spyware
program obtains may be something as simple as listing the MP3 selections
you store on your PC or recent Web sites that you've visited. In
extremely malicious cases, it may transfer password files or other
sensitive information.
It's important
to note that you shouldn't confuse Spyware with honest forms and
secure sites that gather information you provide voluntarily (such
as your name and e-mail address for a weekly e-zine on PC repair
or other topics of interest).
Spyware basically
works because the Internet is a two-way street. Many users download
Web pages, images, files, and other information without realizing
that given the right instructions, their computers may be gathering
information and sending it out while they surf. (Such unannounced
background communications are often referred to as back- channel
transmissions.)
The first step
in protecting yourself from spyware is to understand where it comes
from. As mentioned earlier, much of the spyware floating around
the Web today consists of programs built into free but useful applications
you'd actually want to download and install (see the RealPlayer
example above). But even boxed, commercial software applications
may contain spyware components. Well-known examples of spyware include
modules from Comet Cursor, DoubleClick, and Gator.
Web sites present
a spyware threat both in the form of cookies and Web bugs. A cookie
is a small text file that a Web server sends to your hard drive
via your browser. In most cases, the cookie remembers pages you've
visited, or fills in information, such as usernames and passwords.
Fortunately, Web sites generally don't hide cookies, and you can
easily set your browser to warn you about receiving cookies, or
reject them entirely (so not all cookies are considered spyware).
Web bugs are tiny image files in a Web page or HTML (Hypertext Markup
Language)-formatted e-mail message. You don't actually see Web bugs,
and cookie filters don't catch them. But Web bugs can gather information
ranging from your computer's IP (Internet Protocol) address (which
identifies your computer on the Internet) to your surfing habits.
In many cases, Web bugs can access cookies and send their information
back to the Web bug's originator.
Another form
of spyware exists as part of Trojans or computer viruses. Infected
systems may send usernames and passwords from popular banking programs
to the person that created the virus. Fortunately, current antivirus
software can intercept and eradicate many forms of viral spyware.
Spyware can
be tough to identify, but there are a few tricks you can use to
sniff it out. On the next issue we will tell you how to check for
spyware and how to remove it from your system.
|
