This document is a seminar report submitted by Nupur Roy to the Department of Information Technology at International Institute of Information Technology in Bhubaneswar, India in January 2014. The report explores the topic of spyware, including its definition, types, how it operates, impact, and countermeasures. It contains chapters on introduction, overview, motivation, objectives, details about spyware and different types, how spyware operates to track information, impact of spyware, ways to counter spyware, and legal implications.
1. Spyware
(Tracking of Information,Counteraction,Legal Implication)
B.Tech Seminar Report
Nupur Roy
B111028
Under the Guidance of
Prof. Swati Vipsita
Department of Information Technology
International Institute of Information Technology Bhubaneswar
Bhubaneswar – 751003, India
January, 2014
2. UNDERTAKING
I declare that the work presented in this thesis titled Spyware(Tracking of
Information,Counteraction,Legal Implication) , submitted to the Department,
International Institute of Information Technology, Bhubaneswar, for the award
of the Bachelors of Technology degree in Computer Science and Engineering,
is my original work. I have not plagiarized or submitted the same work for the
award of any other degree. In case this undertaking is found incorrect, I accept
that my degree may be unconditionally withdrawn.
21-January- 2014
IIIT Bhubaneswar
Nupur Roy
b111028
3. CERTIFICATE
Certified that the work contained in the thesis titled Spyware(Tracking of
Information,Counteraction,Legal Implication), by Nupur Roy , B111028 has
been carried out under my supervision and that this work has not been
submitted elsewhere for a degree.
21-January-2014
Prof. Swati Vipsita
Department of Computer Science and Engineering
IIIT, Bhubaneswar
4. ACKNOWLEDGEMENT
The elation and gratification of this seminar will be incomplete without
mentioning all the people who helped me to make it possible, whose gratitude
and encouragement were invaluable to me. I would like to thank God, almighty,
our supreme guide, for bestowing is blessings upon me in my entire endeavor. I
express my sincere gratitude to Prof. Swati Vipsita, for his guidance and
support and students of my class for their support and suggestions.
21-January-2014
IIIT Bhubaneswar
Nupur Roy
B111028
5. Contents
Chapters
1. Introduction
2. Overview
3. Motivation
4. Objective
5. About topic
• Definition
• A brief History
• Types of Spyware
• Adwares
• Difference between Spyware &Virus
• Who is spying
• How spyware operates
• Impact of Spyware
• Common spyware forms
• Counteractions
1.
Basic Remedies
2.
How anti-spywares work
• Legal Implications
6. Conclusion
7. References
Page No
6. List of Figures
Figure
1. Figure one
2. Figure two
3. Figure Three
4. Figure Four
5. Figure five
Page
7. Introduction
Fears of “Big Brother” became a big topic in the ‘90s. The same idea
applied software and computer networks has also brought on just about the
same amount of publicity. Only now it is called spyware and consumer
misinterpretation and the ease of spreading opinionated ideas on the Internet has
created some misunderstandings about the reality of what spyware is. Most
people are familiar with only one example of spyware, but there are a variety of
other types of software that are also rightly termed spyware.
This paper will cover definitions of different forms of software that
can be labelled as spyware, why spyware is a threat, and what can be done about
it. Spyware is a subject with many legal issues. Gator.com sued the Interactive
Advertising Bureau (IAB) last year for IAB’s "unfounded accusations and
threats". One of the most popularly identified forms of spyware is adware,
which is free software sponsored by advertisements from advertising
companies. The idea is that advertising can lower the cost of software, even to
the point of being free of charge. But adware could also have tracking
functionality to personally customise effective advertisements for individual
users. It is this tracking of personal information that has caused distrust among
many users towards advertising companies.People’s opinion of the adware form
of spyware is generally negative, even though it originally had positive
intentions to allow software developers make money while consumers get free
software at the same time. But adware is not the only type of software that can
potentially track user information. Commercial software is available for people
to intentionally track other people’s actions on PCs. Web bugs can be embedded
in documents; the FBI uses spyware for their investigations; and some
commercially available applications are also known to secretly track user
information
‐ 1 ‐
8. Overview
Spyware is one type of malicious software (malware) that collects
information from a computing system without your consent. Spyware can
capture keystrokes, screenshots, authentication credentials, personal email
addresses, web form data, internet usage habits, and other personal information.
The data is often delivered to online attackers who sell it to others or use it
themselves for marketing or spam or to execute financial crimes or identity
theft.
This report will cover all the aspects of a spyware beginning the details of
a spyware,its type,how hackers use it against the users ,its counteractions and
legal implication i.e what laws have been framed to monitor this spywares and
use it as a benefit
Motivation
Real world or cyber world the biggest priority of human have always
been security and if one in not secure ,how advance the technology would be it
is of no use .
Spyware is software used to keep an eye and track the information of
user, this information can be anything(personal and highly confidential) hence it
is important for the users to be aware of the fact that there may be an add or
program running in the background tracking the personal information of
user.Apart of trackin information it also degrades the performance of you
computer
Other types of spyware (Targetsoft, for example) even go to the extent of
modifying your system's files to make themselves harder to detect or remove.
(Targetsoft modifies the Winsock (Windows Sockets) files. The deletion of the
spyware-infected file "inetadpt.dll" will interrupt normal networking usage.)
‐ 2 ‐
9. According to a study by the National Cyber-Security Alliance, spyware affects
90% of home.Hence inorder to keep oneself protected as much as possible from
this spywares one need to be informed about it
Objective
To Explore more about spywares as malicious software by discussing its
various forms,how it operates its good and bad impact, Users need to be the
first line of defense in preventing spyware from being loaded. The vast
majority of spyware is loaded by the computer user, unknowingly in most
cases, but with their compliance. Users must be discouraged from
downloading and installing unapproved 3rd party software without
consulting their IT personnel and save there system from being crashed and
protect there valuable and confidential data loss
Definition
Steve Gibson of the Gibson Research Corporation defines spyware as follows
“Silent background use of an Internet ‘backchannel’ connection MUST
BE PRECEDED by a complete and truthful disclosure of proposed
backchannel usage, followed by the receipt of explicit, informed, consent
for such use. ANY SOFTWARE communicating across the Internet absent
these elements is guilty of information theft and is properly and rightfully
termed: Spyware.”
A brief History
The first recorded use of the term spyware occurred on 16 October 1995
in a Usenet post that poked fun at Microsoft's business model.Spyware at first
‐ 3 ‐
10. denoted software meant for espionage purposes. However, in early 2000 the
founder of Zone Labs, Gregor Freund, used the term in a press release for the
ZoneAlarm Personal Firewall. Later in 2000, a parent using ZoneAlarm was
alerted to the fact that "Reader Rabbit," educational software marketed to
children by the Mattel toy company, was surreptitiously sending data back to
Mattel.Since then, "spyware" has taken on its present sense.
According to a 2005 study by AOL and the National Cyber-Security
Alliance, 61 percent of surveyed users' computers were infected with form of
spyware. 92 percent of surveyed users with spyware reported that they did not
know of its presence, and 91 percent reported that they had not given
permission for the installation of the spyware.As of 2006, spyware has become
one of the preeminent security threats to computer systems running Microsoft
Windows operating systems. Computers on which Internet Explorer (IE) is the
primary browser are particularly vulnerable to such attacks, not only because IE
is the most widely used, but because its tight integration with Windows allows
spyware access to crucial parts of the operating system.
Before Internet Explorer 6 SP2 was released as part of Windows XP
Service Pack 2, the browser would automatically display an installation window
for any ActiveX component that a website wanted to install. The combination
of user ignorance about these changes, and the assumption by Internet Explorer
that all ActiveX components are benign, helped to spread spyware significantly.
Many spyware components would also make use of exploits in JavaScript,
Internet Explorer and Windows to install without user knowledge or
permission.
‐ 4 ‐
11. Types of Spyware
Spywares are generally of two types
Domestic Spyware : software that is usually purchased and installed by
computer owners to monitor the Internet behavior on their computer networks.
Employers use this software to monitor employee online activities; some family
members use domestic spyware to monitor other family members (such as
reviewing the content of children’s chat room sessions).A third party can
also install domestic spyware without the knowledge of the computer owner.
Law enforcement officials have used domestic spyware to monitor suspected
criminal activity and criminals have used domestic spyware to siphon
personal information from private computers in order to steal assets.
Commercial Spyware (also known as adware) : software that companies use
to track your Internet browsing activities. Companies that track your online
habits often sell this information to marketers who then hit you with targeted
advertising—ads that match your browsing interests and would most likely
appeal to you.Advertisers are delighted when they acquire such valuable
marketing information so easily; in the past marketers had to bribe you to
learn your preferences through contests, registration surveys and the like.
Those methods of gaining your personal information still exist, but in those
cases you have the power to read the fine print to learn the fate of your data
and so could choose to consent or refuse. Gaining your preferences by
stealth using software spies is far easier and offers a much more complete
picture for the marketing industry; as a result, spyware is everywhere
‐ 5 ‐
12. Adware
Adware is advertising-supported software that causes pop-up ads to
appear on your screen. Weatherbug is a good example of this.Some adware
may be shareware (but not all shareware is adware), and this is not necessarily
bad nor hidden. Users are usually given the option to pay for a "registered" or
"licensed" copy, which typically eliminates the advertisements, or to use the
free copy with some ads.
The offensive form of adware is when the advertising is not disclosed
to you when you download the software. Other adware programs do not
track a user's personal information. Usually, spyware programs send your
browsing habits to an adserving company, which then targets advertisements
back to you, based upon their measurement of your interests. Kazaa and
eXeem are popular programs which incorporate software of this type.
A number of software applications are available to help computer
users search for and modify adware programs to block the presentation of
advertisements and to remove spyware modules. Our recommendations for
these appear at the left side of this page.Spyware tends to overlap with
adware. Malware describes any software that uses spyware for explicitly
illegal purposes.
Data collecting programs that are installed with your knowledge are
not considered spyware, as long as it is clear what data they collect and with
whom they will share it. Unfortunately, a lot of commercial software install
secondary programs to collect data or distribute advertisements without
properly informing you about these activities. These secondary programs are
referred to as barnacles and they can drastically slow down your computer.
They are also designed to be difficult to detect and remove from the
system.Adware
‐ 6 ‐
13. Difference between Spyware and Virus
Spyware can also closely resemble computer viruses, but with some important
differences. Spyware and viruses usually both install without your knowledge
or consent, and both degrade your computer's performance.A virus, however,
spreads copies of itself to other computers, if it can. Spyware usually does not
self-replicate. Spyware relies on persuading gullible users to download and
install itself by offering some kind of bait.A typical piece of spyware starts
every time your computer boots up (which uses CPU cycles and memory and
reducing stability). They run all the time, monitoring your Internet usage and
delivering targeted ads to you in popup windows.
A virus, by contrast, generally aims to carry a payload of
some kind. This may do some damage to the user's system (such as, for
example, deleting certain files), may make the machine vulnerable to further
attacks by opening up a "back door", or may put the machine under the control
of malicious third parties for the purposes of spamming or denial-of-service
attacks (this is referred to as a "zombie"). The virus will in almost every case
also seek to replicate itself onto other computers. In other words, it functions
not only as a parasite, but as an infection as well. Usually, it looks for you
address books in Outlook, AOL and other programs and then sends the virus to
every address it finds.Spyware generally does not damage your data files; it just
wants to observe what you do and send you ads; although this also usually
slows down your computer.The virus deliberately tries to damage your
computer. In general, neither one can damage the computer hardware itself. In
the worst case, you will need to reformat the hard drive, reinstall Windows,
reinstall your programs and data from backups. You ARE making backups,
right? You should be, at least monthly. All of this can prove expensive in
terms of repair costs, lost time and productivity. Often, owners of badly
‐ 7 ‐
14. spyware-infected systems purchase entire new computers, in the belief that an
existing system "has become too slow." Repair technicians who hear complaints
about a computer "slowing down" usually suspect spyware infection.
Who is Spying?
The people who use spyware include
Online attackers
Marketing organizations
Organized crime
Trusted insiders
Online Attackers
Online attackers’ primary interest in spyware is using it to steal personal
information for financial crimes such as carding (illicit trafficking in stolen
credit card and credit card information) and identity theft, or to sell that
information to someone else who then executes more traditional financial
crimes.
Marketing Organizations
Marketing organizations are interested in personal information such as email
addresses, online shopping and browsing habits, keywords in search queries, and
other personal and trend-related information that can be used to execute
marketing campaigns like spam, spim (unsolicited messages received via instant
messaging systems), browser popups, home page hijacking (changing the default
web address for a user’s browser), and more.
‐ 8 ‐
15. Spying by a Trusted Insider
Trusted insiders include those who have physical access to computer systems for
legitimate purposes. Some examples are employees, contractors, temporary
workers, and cleaning crews. A trusted insider might be, for example, an
employee who uses spyware to collect corporate information that can be sold in
the underground economy, used for blackmail, or used to gain access to more
valuable information at some later time.
Another example of the trusted insider group includes family members or close
relations such as spouses or significant others trying to catch inappropriate
behavior or infidelity.
How Spyware Operates
Spyware tracks online activity looking for web sites visited, financial data or
identity data such as credit card numbers on screen or entered into form fields,
browsing and online purchasing habits, and authentication credentials. When
keywords of interest like names of banks, online payment systems, or
pornographic web sites are observed, the spyware starts its data collection
process.
Email Addresses
Email addresses can be harvested from an infected user’s computer and
marketed for use in spam mailing lists. Common techniques for harvesting
email addresses and other contact information includes enumerating email
applications’ address books, monitoring incoming and outgoing network
packets related to email, and scanning files on the system’s disks for strings that
match the format of an email address.
‐ 9 ‐
16. windows Protected Store
Windows contains a service called the Protected Store. Its purpose is to provide
encrypted storage for sensitive data. The following are some examples of data
that might be in the PStore:
Outlook passwords
passwords for web sites
MSN Explorer passwords
IE AutoComplete passwords
IE AutoComplete fields
digital certificates
Even though the PStore is encrypted, access to it is indirectly controlled by the
data owner’s login credentials. Since most spyware runs under the security
profile of the user who is logged on, spyware can harvest this information.
Clipboard Content
The system clipboard often contains sensitive information. Some common
examples include product registration codes and user credentials that are copied
and pasted into login forms. Other information that might be found in the
system clipboard buffer includes sections of potentially sensitive data from
recently modified documents or personal information about you or your
associates that could be used in crimes related to identity theft.
The Keys You Press
Key logging is one of the first spyware techniques used to capture sensitive
data from a system. Both hardware and software key loggers exist. Hardware
devices usually slip inline between the keyboard cable and computer.
Modern key logging hardware is small and unobtrusive and has even been
‐ 10 ‐
17. hidden inside the physical keyboard casing, making it almost impossible to
detect.
One limitation of hardware-based keylogger units is the need for physical
access to install and retrieve the device and its data. A more common
alternative, and the type present in spyware, is the software key logger.
Software key loggers capture keyboard events and record the keystroke data
before it is sent to the intended application for processing. Like most other
spyware capture technologies, software based keyloggers can turn their capture
on or off based on keywords or events. For example, many keyloggers target
instant messaging clients, email applications, and web browsers but might
ignore other applications that don’t provide the kind of data the attacker is
targeting for harvest.
Network Traffic
Network traffic is another valuable source of data. Data commonly extracted
from network captures includes user names, passwords, email messages, and
web content. In some cases, entire files can be extracted and reconstructed from
the captured streams.the below figure displays
‐ 11 ‐
18. Figure-1
The below figure shows you a sample adware which a user intentionally or
unintentionally downloads
Figure-2
This shows you how adwares satisfy the EULA criteria
‐ 12 ‐
19. Figure-3
Home page of an adware.As it is designed to trap users it look very catchy
Figure-4
How the user system gets infected
Impact of Spywares
Spyware can cause people to lose trust in the reliability of online business
transactions. Similar to the problem of counterfeit currency in the physical
world, spyware undermines confidence in online economic activity.
Consumers’ willingness to participate in online monetary transactions decreases
‐ 13 ‐
20. for fear of personal financial loss. Vendors lose confidence that the person
making the purchase is who they say they are and not actually a criminal using
a stolen identity or illicit funds. In efforts to manage the risk, vendors and
financial institutions often implement additional verification and other loss
prevention programs at increased operational cost.
Even when financial organizations cover an individual’s loss from online fraud,
these costs plus the overhead required to administer loss prevention programs
are eventually passed back to consumers in the form of higher service fees,
interest rates, or other price increases on the goods and services consumed. As a
result, growth rates in commerce are slowed, costs increase, and demand
shrinks.
Impact on Computers
By monitoring and reporting user activity, spyware consumes system resources
as well as network bandwidth. Depending on the number of spyware
components loaded on a system and their functionality, users may experience
significant performance degradation.
Because spyware is not always carefully written and tested, systems infected by
it are often found to have reliability problems. Affected applications may crash
more frequently or the entire system may become unstable, resulting in
potential productivity and data loss.
Often, spyware is difficult to remove without detailed knowledge of how it
works or by taking drastic measures such as wiping the system clean and
starting over. In many cases, verifying the integrity of the system requires the
operating system, patches, and applications to be reinstalled. These difficulties,
combined with the efforts necessary to recover user data, can take a lot of time.
‐ 14 ‐
21. Risk of Future Security Incidents
The sensitive information collected by spyware often includes authentication
credentials that may be used for future access to the infected system. People
often use the same username and password for many different systems, so these
stolen credentials may be used to access other systems not yet infected. Once
access is gained, additional information theft or malware installation can take
place.
Another way spyware puts systems at future risk is by installing backdoor
access mechanisms. These backdoors give the malware operator access to
control the system or to command the system to download and run arbitrary
applications. Attackers can build vast collections of compromised systems
without originally compromising a single system.
Common Forms of Spyware
Below are examples of some frequently observed forms of spyware and their
operating characteristics.
Browser session hijacking
This class of spyware attempts to modify the user’s browser settings. Hijacking
spyware can be installed in various ways, but the intent is to modify the
behavior of the browser so the user is directed to sites of the malware author’s
choice instead of sites the user might have reached normally. These redirects
often lead users to advertisements that earn the hijackers commissions when
they are visited.
Browser Helper Objects
Browser Helper Objects (BHOs) are a feature of Internet Explorer that can be
exploited by spyware. They are not always easy to detect.BHOs can access
‐ 15 ‐
22. files, network resources, and anything else the user who launched Internet
Explorer can access.
Malicious BHOs can be installed via stand-alone dropper1
malware but are also often installed using the “drive-by install” technique, in
which code is installed or requested to be installed simply by the action of a
user visiting a malicious or compromised web site.
One technology often used in this type of installation is the ActiveX
functionality present in Internet Explorer. Depending on system and browser
configuration, the installation may take place automatically and be carried out
without prompting the user. In cases where there is prompting, information
necessary to make an informed decision can be covered with popup windows or
other obfuscation techniques such as naming the control “Click yes to download
ringtone.”
Cookies and Web Bugs
Cookies are small pieces of information stored on a user’s system by a web
server. During subsequent visits, the web server can retrieve these cookies.
Often, cookies are used for storing user authentication, preferences, and other
types of user state information. They can be used to track a user across multiple
web sites.
Web bugs are HTML elements, often in the form of image tags, that retrieve
information from a remote web site. While the image may not be visible to the
user, the act of making the request can provide information about the user. Web
bugs are often embedded in web pages and HTML-enabled email messages.
Links are used to track access using previously set cookies or with unique
strings embedded in the URL. A typical use of this is to log the successful
delivery of messages to a unique email address (a common technique for
‐ 16 ‐
23. spammers). Once a user has accessed the image, a cookie can also be set and
associated with their email address as the beginning of a profile. The cookies
can then be used to track portions of the user’s browsing habits.
Figure-5:shows you how cookies and web bugs work
False Antispyware Tools
Applications available on some internet sites advertise themselves as spyware
detection or removal tools when in fact they themselves are spyware.
Autonomous Spyware
As a class, autonomous spyware operates as a separate process or injects itself
into other processes running on your system. This type of spyware often starts
up when you log onto your computer and can frequently access anything on
your system.Because autonomous spyware is simply a malicious application, it
can be designed to perform almost any type of spying function. Spyware in this
class often includes keyloggers, bots, email and web monitoring tools, packet
‐ 17 ‐
24. sniffers, and mechanisms that permit the intruder to remotely access and control
an infected system.
(Droppers are a special kind of malware that deliver other
malware to the client they are trying to infect. They usually operate by placing
malicious files on the system and then changing the system in some way that
allows the newly written malware files to be executed.)
Counteractions
Basic measures
Don’t trust unknown or known high-risk sources
When visiting unfamiliar web sites, you should exercise caution. This guideline
should also apply to sites you expect to be high risk based on their content. Such
sites include those with many popups, constant or required requests to install
browser components and other applications, and those with content focused on
illegal or questionable topics such as software cracking or hacking.
If you have to visit sites of these types, never allow ActiveX controls, browser
plug-ins, or other types of applications to be installed on your system. If you are
prompted about allowing an installation or about agreeing to terms of some kind,
it is a good idea to press ALT-F4 or take other action to close the popup or
browser window. Taking any other action, including answering NO to the
installation request, could result in malware being installed on your computer.
Read the fine print
If you decide to install an application obtained on the internet, be sure to read
all license or privacy agreements related to the software and the organization
the code comes from, and be sure you completely understand the details. Many
times, information about monitoring functionality or the vendor’s right to install
‐ 18 ‐
25. additional software is included in these documents. It may be located near the
end of the data or buried in long paragraphs to make it harder to detect.
Although the practice of documenting things in ways that make it hard to locate
can be misleading, you are ultimately responsible for your own actions. If you
see agreements that seem too lengthy or hard to understand, consider this a
warning sign that you may want to reconsider installing the application.
Pay attention when installing applications
Software installation packages sometimes take advantage of a user’s tendency
to not pay attention to the details and simply accept the default “checked”
options. If the default options are blindly accepted and prompts are ignored,
clicking next, next, next may actually be agreeing to the installation of spyware,
adware, or other applications that are not desired. Reading instructions and
paying attention to what is being agreed to is important to staying safe.
Keep your operating system and software up to date
Keeping systems and applications current with security–related patches is
critical. This includes patching the operating system and all installed
applications, especially those related to network and internet activity like
browsers, media players, email clients, and news readers. These are very
common targets of attack and second only to social engineering as a means of
spreading malware.
Antivirus and Antispyware Tools : Installing trusted antivirus and
antispyware tools and keeping them and their signatures current is an important
part of defensive computer security.
Browser Settings : Configuring your browser to block active content like
ActiveX, Java, scripting, pop-ups, images, and other potentially harmful content
can increase online security. While disabling active content features can stop
many threats, it also has a tendency to break many modern web sites and
‐ 19 ‐
26. applications. At the very least, the richness of the browsing experience will be
reduced.
One browser configuration strategy to manage the risk
associated with active content while still enabling trusted sites is the use of
Internet Explorer security zones. Using security zones, you can choose preset
levels of security.
Email Configuration : If you use an email program, you can configure it to send
and display email using plain text instead of HTML. This can eliminate most of
the risks from embedded script, web bugs, and other HTML-enabled techniques
used by attackers. But just as disabling active content in web browsers reduces
the functionality of some features, using plain text can reduce the usability of
some features. Also, many email clients are now offering the ability to disable
scripting and block images until a user takes some action to display them.
Starting your Computer Safely : Almost all spyware needs a way to start
itself when you are using your computer. Spyware often starts in conjunction
with system startup, user login, or when certain applications like an internet
browser or other software is launched.
How Anti-Spyware Works
Anti-spyware programs can combat spyware in two ways:
They can provide real-time protection in a manner similar to that of anti-virus
protection: they scan all incoming network data for spyware and blocks any
threats it detects.Anti-spyware software programs can be used solely for
detection and removal of spyware software that has already been installed into
the computer. This kind of anti-spyware can often be set to scan on a regular
schedule.
‐ 20 ‐
27. Such programs inspect the contents of the Windows registry, operating system
files, and installed programs, and remove files and entries which match a list of
known spyware, the software scans disk files at download time, and blocks the
activity of components known to represent spyware. In some cases, it may also
intercept attempts to install start-up items or to modify browser settings. Earlier
versions of anti-spyware programs focused chiefly on detection and removal.
Javacool Software's SpywareBlaster, one of the first to offer real-time
protection, blocked the installation of ActiveX-based spyware.
Like most anti-virus software, many anti-spyware/adware tools require a
frequently updated database of threats. As new spyware programs are released,
anti-spyware developers discover and evaluate them, adding to the list of known
spyware, which allow the software to detect and remove new spyware. As a
result, anti-spyware software is of limited usefulness without regular updates.
Updates may be installed automatically or manually.
A popular generic spyware removal tool used by those that requires a certain
degree of expertise is HijackThis, which scans certain areas of the Windows OS
where spyware often resides and presents a list with items to delete manually.
As most of the items are legitimate windows files/registry entries it is advised
for those who are less knowledgeable on this subject to post a HijackThis log on
the numerous antispyware sites and let the experts decide what to delete.
Legal implication
Through copyright, the modification of software is illegal, especially
whensoftware developers explicitly forbid it. Thus, by the nature of spyware
removal methods in existence, an attempt to remove spyware could also be
illegal.
‐ 21 ‐
28. Current laws are more lenient to spyware than to users. The Digital Millennium
Copyright Act, and the Uniform Computer Information Transactions Act has
allowed software developers to legally include spyware in their products to
protect their intellectual property rights. The Spyware Control and Privacy
Protection Act of 2000 only requires that adware companies make their legal
statements clear, and allow users the choice of whether or not to install. Failing
to do so will result in prosecution as unfair or deceptive acts under the Federal
Trade Commission Act. This point of view contrasts with opinion that “the
FTC's recent endorsement in its report to Congress of vendor ‘self regulation’
for online profiling doesn't bode well, because it appears to take an opt-out
approach where customers must read all the privacy legalese on sites”.The
problem with Privacy Statements and End User Licence Agreements (EULA)is
that they are extremely long. The licence
agreement that is meant to be read before installation for eZula’s TopText
iLookup is approximately 6,000 words long. How many users will bother
reading that in one go? And considering that these products may wellbe installed
for evaluation purposes only, it is a very unreasonable requirement for the user.
Not only are Licence Agreements notoriously long, they can contain a lot
of legal jargon, and be ambiguous and hard to read. This makes it easy for
software vendors to embed clauses about their information tracking so that it can
be easy for readers to miss.Software developers often also reserve the right to
modify their Licence Agreements and Privacy statements without notice.
Gator.com has all the Privacy Statements and End User Licence Agreements for
each of its product versions on its website. This may sound impressive, but just
by looking at the current version; there is no way of telling whether or not they
have previously reviewed their statements and agreements.
‐ 22 ‐
29. Conclusion
The general usage of the term spyware is in substitution of the word adware. It
could be that entrepreneurs targeted advertising companies by creating the
notion of spyware to make money off paranoid users, though this is just a
speculation. Aside from all this excitement over software laden with advertising,
genuinely intrusive spyware exist in different forms. It is this form of known,
deliberate use of spyware that proves to be most interesting.
By law, all these examples of spyware are legal. But the main point
people have in objection to such software is that it is unethical.Generally, most
ethical ideals are universally accepted, especially in such a rapidly shrinking
world. Including monitoring to improve advertisements and reduce prices in
adware programs is generally acceptable, as long as the code does not do
anything else unexpected. But what if expensive software, that does not require
advertising support, contains monitoring functionality also? Microsoft Word and
RealJukeBox are just two applications, which have been suspected of
unnecessarily tracking user information and actions. In my opinion, such
examples are very unethical and uncalled for. As for FBI keyboard tracing and
private use, the moral consequences can get quite complicated and both sides of
the story (the victims and the spies) have a lot to argue for. Users themselves
have to decide whether installing spyware applications is a good idea or not. In
the case of deliberately using spyware to track another user’s actions, the
decision depends greatly on who is being involved and how serious their motive
is. But as for adware, there is no easy way of finding out what information is
being passed.
There is no reason why gathered data from users could be disguised by
the use of encryption. Therefore the user’s choice will come down to how
comfortable they are with the information that can potentially be sent through
‐ 23 ‐
30. spyware.Security issues in spyware cover three of the four types of system
security threats as defined by Charles P. Pfleeger Interception, Interruption, and
Modification. Users could hack the functionality of adware, or any other form of
spyware that uses the Internet, by using a firewall to intercept the sensitive data.
Interruption attacks could occur due to system crashes from badly coded
adware, and users could also hack adware to modify it so that it cannot function
properly. The threats to privacy and security go both ways when users start to
turn against spyware.There are many reasons to be cautious of spyware, but
instances of people being gravely affected by spyware are rare. In fact, in the
course of this research, I have not found any notion or evidence of innocent
individuals experiencing the potentially adverse effects of spyware.
‐ 24 ‐
31. References
[1] Gibbs, Mark (2001, May 14). Spying on the Flip Side. Network
World,volume 18 (Issue 20), p38, 1 page
[2] Post, André (no date). The Dangers of Spyware. Retrieved April 5,
2002,from
http://securityresponse.symantec.com/avcenter/reference/danger.of.spyware.pdf,
9pages
[3] Wang, Wallace (2000, October). Dealing with Spyware. Boardwatch,volume
14 (issue 10), p192, 2 pages
[4] Stevens, Al (2000, October). Shareware, Adware, Spyware. Dr.
Dobb’sJournal, volume 25 (issue 10), p123, 5 pages
[5] Matthews, William (2002, March 11). FBI Spyware Avoids Scrutiny.Federal
Computer Week, volume 16 (issue 6), p34, 1 page
[6] Hogan, Kevin (2001, December). Will Spyware Work?. TechnologyReview,
volume 104 (issue 10), pp43, 5 pages
[7] Ryan, Dan J (2000, August 7). Warding Off PC Spies. Federal
ComputerWeek, volume 14 (issue 27), p46, 1 page
[8] www.google.com
‐ 25 ‐