 |
|
|
|||
| |||||
Call it spyware, adware, malware, or tracking software, those hidden bits of code may be broadcasting your innermost secrets to the world. Here's how to put a stop to it.It seems that reviews these past few months have been revolving around Internet-borne content in one way or another. Last month we looked at Internet content filters; this month we are looking at a similar but a much more transparent and malicious beast -- spyware. (Next month we will be going over anti-spam applications to see where they have come in the year since we visited them last.)
One thing is sure: the worldwide spam epidemic certainly has not gone away or abated at all. And spyware seems to be shaping up as the next big "security" threat to consumers and businesses alike. While we are on the topics of spam and spyware, has anyone noticed the increase in spam purporting to provide "free" and "effective" spyware removal tools? Most of these should really be read as, "Click here to download and install this really super-effective spyware so that we can easily monitor your system and then rip off not only your identity, but all the funds in your bank account".
Call it what you will, adware, malware, tracking software, spybots, key loggers, diallers -- the list is virtually endless -- it is all spyware. If the user did not knowingly install it, or if the application did not come with an explicit, detailed description of its intended purpose that the user read, understood and agreed to (one that gathers a user's information and sends it back to another party with their authorisation), then it is malicious spyware.
With the advent of more connected and dynamic Web sites, those with malicious intent have seized on the opportunity to develop small applications that surreptitiously install themselves on users' systems. These apps can come as part of shareware or freeware programs, or popular peer-to-peer file sharing applications; they can even be innocuously downloaded during regular browsing of some sites (this is known as drive-by downloads), or delivered in the payload of an e-mail attachment (as with worms or viruses).
Some people assume that their traditional antivirus application vendors would be looking out for them and protecting them against this malicious code. But most antivirus vendors are at a loss to protect their clients from this type of attack. At the end of the day, the application needs to be installed and launched. Most AV engines cannot protect against what may appear to them to be a legitimate application -- one the user authorised to be installed. Some antivirus application vendors are working on additions or further applications to bring to the market to control these new threats. Indeed, Trend Micro was the only vendor to supply a corporate-level network-orientated antivirus/anti-spyware suite for this review. F-Secure has also anti-spyware and antivirus bundled with various other applications in their submitted suite, but this product is mainly for standalone systems.
Ultimately, protection from spyware comes down to the desktop. The best way to deal with it is through the deployment of personal or local system firewalls that can pick up and identify applications that cause data to go back out to the Internet (perhaps without the user's knowledge) and notify the user of this attempted traffic.
Unfortunately for the majority of users out there these systems are too often ignored and/or switched off simply because of the overwhelming amount of notifications being generated. On top of that, the smarter spyware apps use commonly open ports, so unless a system is configured to match applications with ports, there is a good chance the data will get out regardless.
The only real line of defense an individual or organisation has against such code is to evaluate and deploy an effective anti-spyware application like the ones we are looking at in this review.
Nastyware - a collective descriptive term...