Beware! Your PC Could Be Bugged

Unlike viruses or worms where alerts are sent out by vendors to warn us, most of us do not even know that spyware (also known as “adware”) exists in our PCs. As its name suggests, we are not supposed to know.

A home user in Singapore, who declined to be named, told asia.internet.com about his experience with spyware.

“I did not know that spyware was residing in my PC when I encountered some technical glitches. Although I was able to connect to the Internet, I was not able to gain access to any Web sites. I then started to check what programs were installed in my PC and found out that there was a foreign program by the name of newdotnet. I did not think much of it as it was dormant. But when I did a ‘tracert’ command to my domain name server, there was an error message linking to newdotnet. That was when I realized that this dormant program is not as harmless as I first thought.”

Following this, he successfully uninstalled the program by going to Add/Remove Programs in Microsoft. This incident prompted him to do research on what newdotnet was. He soon found out that this was one of the many kinds of spyware lurking around looking for ‘victims’ like himself who unknowingly download it onto their PCs when agreeing to an end-user license for shareware.

Further readings on the subject led him to Ad-Aware, a free spyware removal program by Lavasoft designed to scan a PC’s memory, registry and hard drives for any known spyware.

What is Spyware?

According to a paper, entitled ‘The Dangers of Spyware’, written by Andri Post of Symantec Ltd, “spyware programs are defined as applications that send information via the Internet to the publishers for marketing purposes without obvious notification to users.”

Like the home user’s experience mentioned earlier, most users are not aware that they have downloaded spyware or adware, because these programs are usually discreetly and ‘secretly’ bundled up with the ‘real’ freeware that the users are after. This freeware usually comes in the forms of games; media players; and even accounting software.

Once spyware is downloaded, it begins gathering demographics information about the user. Depending on the types of spyware, they may track what are the advertisements a user clicked on or what Web sites he goes to.

But in order to keep the gathered information linked to a specific installation, all information that is sent to the spyware publisher needs to be uniquely identified, Post explained.

“The unique identifier must be stored on the user’s PC. There are different methods for creating the unique identifier. The two most commonly used methods are generating a GUID (Globally Unique IDentifier) and storing a cookie on the hard disk during the installation of the spyware program. Every time the spyware program sends information to the spyware publisher, the unique identifier is sent as well. This allows the spyware publisher to update the customer database,” he said.

Ambiguity in EULA

Users would usually cry foul when they realized that their PCs have been bugged. However, there are no legal actions that can be taken against spyware companies.

Customers have asked Symantec to include a definition to its AntiVirus software to detect spyware. However, it will not do so as long as the actions of the spyware are noted in the End-User License Agreement (EULA) or other clear methods, said Post.

But many of these EULA are lengthy and ambiguous. Post explained that when he wrote the paper in January this year, many requests have been made to spyware publishers to change the EULA or the products so that users understand what information is sent, when it is sent, and the purposes for which it is used.

“Another notification method is for software publishers to set up Web sites that describe the information-gathering functionality of their software.”

So far, no improvements have been made. Under such circumstances, it is best not to click on just any ‘I agree’ tab when reading an ambiguous EULA. This will not only prevent your PC from being bugged but will also help you avoid spyware that could create mischief to your PCs.

Said the home user: “Although I had to sacrifice two precious nights trying to pinpoint what hit my PC, I was fortunate that my only problem was denial of access to Web sites. Other users have claimed that they were a lot less fortunate as certain spyware are capable of worse damages.”

Be Very Weary

Although not all spyware is destructive in nature, it is better to be safe than sorry. In ‘The Trouble With Spyware’ found on www.cexx.org/problem.htm, the author highlighted some critical issues of spyware that should be heeded:

“Spyware … has the capability to do anything any program can do, including monitor keystrokes, arbitrarily scan files on your hard drive, snoop other applications such as word-processors and chat programs, read your cookies, change your default homepage, interface with your default Web browser to determine what Web sites you are visiting, and monitor various aspect of your behavior, ‘phoning home’ from time to time to report this information back to the spyware’s author.”

“Some adware companies have gone so far as to create ‘Advertising Trojan Horses’, virus-like software programs that stealthily install themselves on your computer to perform unwanted advertising functions and violate your privacy whether you’ve installed the advertising-supported software or not.”

“One spyware module has been known to spoof a Windows system process so that it cannot be terminated and does not appear on Windows’ End Task (Ctrl-Alt-Del) dialogue.”

“Spyware modules have been implicated in computer problems including system slowdown, illegal operation errors, browser crashes, and even the ‘Blue Screen Of Death’. While normal system stability has usually returned when the interfering spyware modules were deleted, one spyware product in particular will disable your Internet access if you try to delete it!”

“Some spyware modules include a number of insecure features, including so-called AutoInstall or AutoUpdate functions that can secretly download and install any arbitrary program on the user’s system. This opens the door for further abuse of the system by malicious crackers or additional spyware programs!”

Other useful links on the Web that discuss the companies behind spyware and how to remove spyware include grc.com/optout.htm by Steve Gibson, Gibson Research Corporation, www.spywareinfo.com, www.simplythebest.net/info/spyware.html and www.tom-cat.com/spybase/spylist.html.

Ethical Practices

Information gathering and customer/user profiling is important in a world which preaches about targeting the right products at the right customers. That is why customer relationship management (CRM) is such a big, billion-dollar business whether it is in the US or Asia. However, spyware, adware, or scumware, ought to evolve from its current practices of information gathering. It is the marketers’ job to think of how they can obtain customers’ information without being a nuisance and without crippling a user’s PC in some cases.