Practical PC
Stripe Reviews
Web Building Guides
Computing Guides
Opinion
Downloads
About Practical PC
 
Sections
What is it?
How do I?
Where do I find?
 
Windows
Sound
Graphics
Communications
Printers
Networking
Storage
Digital Photography
Web building

Computing Guides

Advertisement

  PPC > Computing Guides > Communications  

Spyware

Kai Chandler weighs the facts about ‘phone home’ ad-ware - also known as Spyware.

Hitching a lift

We all know about the dangers of viruses, the need to practise ‘safe computing’ and to use a frequently updated antivirus tool. But how many of us unknowingly harbour programs that have hitched a ride onto our PCs along with the latest software download?

Ad-ware vs. Spyware

These programs are not viruses in the usual sense but are applets designed to send personal information such as your name, address, phone number and e-mail address to advertisers. Let’s agree some terms - if you agree to this information being returned then it’s called Ad-ware. If it’s sent without your agreement, then it’s called spyware.

Privacy software expert Steve Gibson of Gibson Research (www.grc.com) explains: "Spyware is any software (that) employs a user's Internet connection in the background (the so-called 'backchannel') without their knowledge or explicit permission. Silent background use of an Internet 'backchannel' connection must be preceded by a complete and truthful disclosure of proposed backchannel usage, followed by the receipt of explicit, informed consent for such use. Any software communicating across the Internet absent of these elements is guilty of information theft and is properly and rightfully termed: Spyware."

Here’s how they work. First you are tempted into downloading some software – most likely freeware that is described as advertisement supported. In other words the program displays a banner advertisement while in use. According to one ad-ware company, Radiate, whenever you click on the banner ad, personal information about yourself is sent to the advertiser and tracked by Radiate. To do this, Radiate installs a program called Aureate at the same time as the original free application is installed. Some common programs carrying ad-ware, according to a database at www.Lavasoftusa.com include the popular Opera web browser and  Download Accelerator Plus.

Text Box: Extract from your agreement before using Download Accelerator Plus You acknowledge and agree that SpeedBit may gather information and usage pattern, and as well registration parameters provided by you, your software and configuration, provided that if published, it will be done only in aggregate form without user names. You agree that SpeedBit may use this information provided by you and the Software, or information related to, for the purpose of target advertising, marketing, co-registration to other services by SpeedBit or other parties, provided that if names are part of this information you had been given the advanced opportunity for omission of your name; Personal Questions

A clue to the Jekyll and Hyde characteristic of the host program is that you are often asked a set of questions about yourself when installing the software. These answers are ready to send when requested. Another clue is the inclusion within the terms and conditions of using the software, of a clause about gathering information – see the text box for an example. According to Steve Gibson’s description, the presence of these clauses legitimises such applications as Ad-ware since you have agreed to the gathering of information.

The unfortunate thing about many of these spyware/ad-ware payloads is that they remain on your computer long after you have uninstalled the program that carried them as payload.

Use a personal firewall

Your first weapon in the armoury is the personal firewall.

Our recommendation  is ZoneAlarm which is completely free of charge and very effective. Once installed it prompts you whenever the spyware tries to ‘phone home’. As long as you are using ZoneAlarm or similar then a spyware program will not be able to communicate with its home server without you explicitly giving it permission. It was this request for permission from ZoneAlarm that first alerted me to having a bunch of spyware programs installed.  

Scan for spyware

Screen DumpSecondly, there are dedicated programs designed to detect and destroy ad-ware and spyware. One of the best is Ad-aware which identifies most programs including Radiate's Aureate program. Ad-Aware scans your memory and hard drive and identifies any spyware giving you the option of whether to remove it.  You should note, however, that if you remove spyware, the original program that carried it may no longer work.

Screen DumpAvoid giving personal information

Finally, unless you really want your personal information to be used, never enter your real address or phone number when installing software. There’s a case for using your email address as you could get useful information about new releases or bug fixes but there’s a strong risk that it’ll be used to generate spam or junk email.

If you want to research the subject further, there’s an interesting discussion, albeit rather one-sided, at www.grc.com and http://grc.com/oo/aureate.htm

Informed choice

Practical PC’s view is that you should be able to make an informed choice. As ever, there are pros and cons to consider. On the one hand they ‘phone home’ with information about who you are and what web sites you visit. On the other hand, the software houses that develop the host applications are able to gain income from the ad-ware / spyware and release their products either at a lower cost or more commonly as freeware – that is to say that you can get a fully featured application at absolutely no cost which can’t be bad. Apart, that is, for the occasional blip on your bandwidth and hence response time, and loss of your privacy.  There’s no such thing as a free lunch!

^top


 

Kai Chandler


 
counter