[Vision2020] Washington Post: Beware: Spyware
Tim Lohrmann
timlohr@yahoo.com
Sat, 1 May 2004 14:07:48 -0700 (PDT)
--0-2120782774-1083445668=:61857
Content-Type: text/plain; charset=us-ascii
Dick,
I'm clueless about the "Spyhunter" program, but if all it does is identify spys without removing them--you're right--it doesn't seem all that valuable.
I've downloaded "Spybot-Search and Destroy" and "Adaware" shareware programs. Both of those actually identify and then remove spys from your system.
I'm not all that knowledgeable about the differences in regular cookies that you can remove by the method you mentioned and actual spybots. My understanding is that there is a difference and that simply removing the cookies doesn't remove the spy programs.
I understand what you mean about not wanting to remove updates or so-called "good cookies." I believe that the programs I mentioned above do differentiate thought.
The spys that they have removed from my system have been "data-miners" for the most part.
I still get the regular Microsoft XP security updates as well as updates for my AVG anti-virus programs Zone Alarm firewall--so there doesn't seem to be a problem with the Anti-spy programs removing those.
TL
Dick Schmidt <dickschmidt@moscow.com> wrote:
Tim,
This is a very interesting subject. I downloaded "Spyhunter" and it will tell you what spybots and cookies you have but you have to buy the software to get rid of spybots and I haven't parted with any coins yet to do that. The thing is that some of the things are "good spybots" such as your virus software sypbots which automatically update your virus program and I suppose Microsoft/windows looks for updates also. I go in and delete all the "temporary internet files" every day or so to get rid of the cookies you pick up from many websites. Does anyone have a better suggestion?
Dick Schmidt
----- Original Message -----
From: Tim Lohrmann
To: Art Deco aka W. Fox
Cc: vision2020@moscow.com
Sent: Friday, April 30, 2004 10:06 AM
Subject: Re: [Vision2020] Washington Post: Beware: Spyware
Wayne,
Interesting article.
I'm positive that anyone who goes on the web regularly has many of these "bugs" on their computer--so it's a good idea to have a scanning/quarantining program if you want to get rid of them.
I know you've got quite a bit of expertise in this area, so I've got a question for you.
What do you think of the freeware/shareware versions of "AdAware" and/or "Spybot Search & Destroy" programs?
I've run both of them and they both find "data-mining" bugs---but they seem to find different types of these spys.
Do you know what the difference is? Is it better to regularly(I've seen once a week recommended) run both of these or is there a better program that could be run once and pretty much get rid of everything?
Thanks for any help, TL
"Art Deco aka W. Fox" <deco@moscow.com> wrote:
FTC to Look Closer at 'Spyware'
Privacy Experts Warn of Dangers to Unwitting Consumers
By Yuki Noguchi
Washington Post Staff Writer
Monday, April 19, 2004; Page A04
A relatively new kind of software that resides in many computers and tracks its users' Web-surfing habits or triggers pop-up advertisements has come under scrutiny by federal regulators who have already cracked down on deceptive or misleading spam.
The Federal Trade Commission today is hosting a daylong workshop in Washington to discuss the effects of hidden software that may be used to control or spy on a computer without its user's knowledge.
So far most "spyware" and "adware" programs, often placed on Windows PCs by such downloaded programs as file-sharing programs, appear to have been used for the relatively benign purpose of tracking consumer preferences, said Howard Beales, director of the FTC's consumer protection division. The FTC is watching to see if criminals start making widespread use of this technology to steal credit-card and Social Security numbers of unwitting computer users, he said.
"So far [we] haven't thought that it warranted regulation," he said.
Privacy experts and makers of anti-spyware software say the FTC's light-touch approach leaves too many consumers vulnerable to more unwanted advertising or even the addition of controls that consumers might not realize are on their computer.
"There's a number of concerns about spyware, which is that it takes away consumers' control over their computers," said Ari Schwartz, associate director of the Center for Democracy and Technology in Washington. "We consider privacy to be a control issue as well," and many spyware programs act as surveillance tools for advertisers without the users' consent, he said. In February, the group filed a complaint with the FTC arguing for stricter enforcement against two companies involved in using software for allegedly deceptive and unfair ads.
The software generally enters a person's computer when he or she downloads and installs free music or game programs, for example. Often, popular downloaded programs such as Kazaa and Grokster require users to agree to a licensing agreement that allows the addition of adware to the computer's hard drive, legal agreements that Beales and privacy experts concede many consumers do not fully read. Other, more underhanded spyware developers automatically install spyware without the knowledge or informed consent of the user, privacy experts and software makers said.
Estimating how many computers carry spyware or adware is difficult, in part because many consumers do not know they have it, said Nate Elliott, an analyst with Jupiter Research. Some companies consider "cookies," which are small data files that Web sites can place on a computer to store information about a user's online activity, to be a form of software, but cookies are not programs and cannot control computer functions.
Last week, Internet service provider EarthLink Inc. and anti-spyware software maker Webroot Software Inc. said a three-month audit of slightly more than 1 million computers found 29.5 million pieces of spyware, or nearly 28 per computer. Almost 24 million of these items, however, were cookies.
"We think the problem is bigger than anyone understood," said David Moll, chief executive of Webroot of Boulder, Colo. In particular, "drive-by" downloads, which occur when Web sites exploit weaknesses in Microsoft's widely used Internet Explorer browser to install spyware and adware surreptitiously, are increasingly a problem, he said.
Roger Thompson, vice president of product development of Pest Patrol of Carlyle, Pa., said: "The issue is that there is no line between good behavior and bad behavior." Although a minority of spyware is used for "malicious" purposes, "it opens a back door that allows computers to be updated by the hacker and accept commands to log keystrokes, read files, or turn on the Web cam," he said.
Federal and state legislators have taken notice. U.S. Sens. Conrad Burns (R-Mont.), Ron Wyden (D-Ore.), and Barbara Boxer (D-Calif.) have introduced legislation that would prohibit the installation of software on a computer without notice and consent, and would require easy ways to remove it. Utah enacted legislation last month, and state legislatures in California and Iowa are considering action.
While some software installers are sneaky or fraudulent, the bigger problem may be that consumers neglect to read the fine print before loading programs, said David Sorkin, a professor at the John Marshall Law School in Chicago. "It's pretty hard to install controls beyond that contract."
TechNews.com Home
© 2004 The Washington Post Company
---------------------------------
Do you Yahoo!?
Win a $20,000 Career Makeover at Yahoo! HotJobs
---------------------------------
Do you Yahoo!?
Win a $20,000 Career Makeover at Yahoo! HotJobs
--0-2120782774-1083445668=:61857
Content-Type: text/html; charset=us-ascii
<DIV>Dick,</DIV>
<DIV> I'm clueless about the "Spyhunter" program, but if all it does is identify spys without removing them--you're right--it doesn't seem all that valuable. </DIV>
<DIV> I've downloaded "Spybot-Search and Destroy" and "Adaware" shareware programs. Both of those actually identify and then remove spys from your system.</DIV>
<DIV> I'm not all that knowledgeable about the differences in regular cookies that you can remove by the method you mentioned and actual spybots. My understanding is that there is a difference and that simply removing the cookies doesn't remove the spy programs.</DIV>
<DIV> I understand what you mean about not wanting to remove updates or so-called "good cookies." I believe that the programs I mentioned above do differentiate thought. </DIV>
<DIV> The spys that they have removed from my system have been "data-miners" for the most part.</DIV>
<DIV> I still get the regular Microsoft XP security updates as well as updates for my AVG anti-virus programs Zone Alarm firewall--so there doesn't seem to be a problem with the Anti-spy programs removing those. <BR> TL<BR><B><I>Dick Schmidt <dickschmidt@moscow.com></I></B> wrote:</DIV>
<BLOCKQUOTE class=replbq style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #1010ff 2px solid">
<META content="MSHTML 6.00.2800.1400" name=GENERATOR>
<DIV>Tim,</DIV>
<DIV> </DIV>
<DIV>This is a very interesting subject. I downloaded "Spyhunter" and it will tell you what spybots and cookies you have but you have to buy the software to get rid of spybots and I haven't parted with any coins yet to do that. The thing is that some of the things are "good spybots" such as your virus software sypbots which automatically update your virus program and I suppose Microsoft/windows looks for updates also. I go in and delete all the "temporary internet files" every day or so to get rid of the cookies you pick up from many websites. Does anyone have a better suggestion?</DIV>
<DIV> </DIV>
<DIV>Dick Schmidt</DIV>
<DIV> </DIV>
<DIV>----- Original Message ----- </DIV>
<BLOCKQUOTE style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style="BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: black"><B>From:</B> <A title=timlohr@yahoo.com href="mailto:timlohr@yahoo.com">Tim Lohrmann</A> </DIV>
<DIV style="FONT: 10pt arial"><B>To:</B> <A title=deco@moscow.com href="mailto:deco@moscow.com">Art Deco aka W. Fox</A> </DIV>
<DIV style="FONT: 10pt arial"><B>Cc:</B> <A title=vision2020@moscow.com href="mailto:vision2020@moscow.com">vision2020@moscow.com</A> </DIV>
<DIV style="FONT: 10pt arial"><B>Sent:</B> Friday, April 30, 2004 10:06 AM</DIV>
<DIV style="FONT: 10pt arial"><B>Subject:</B> Re: [Vision2020] Washington Post: Beware: Spyware</DIV>
<DIV><BR></DIV>
<DIV>Wayne,</DIV>
<DIV> Interesting article.</DIV>
<DIV> I'm positive that anyone who goes on the web regularly has many of these "bugs" on their computer--so it's a good idea to have a scanning/quarantining program if you want to get rid of them. </DIV>
<DIV> I know you've got quite a bit of expertise in this area, so I've got a question for you.</DIV>
<DIV> What do you think of the freeware/shareware versions of "AdAware" and/or "Spybot Search & Destroy" programs?</DIV>
<DIV> I've run both of them and they both find "data-mining" bugs---but they seem to find different types of these spys.</DIV>
<DIV> Do you know what the difference is? Is it better to regularly(I've seen once a week recommended) run both of these or is there a better program that could be run once and pretty much get rid of everything?</DIV>
<DIV> Thanks for any help, TL</DIV>
<DIV> </DIV>
<DIV><BR><B><I>"Art Deco aka W. Fox" <deco@moscow.com></I></B> wrote:</DIV>
<BLOCKQUOTE class=replbq style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #1010ff 2px solid">
<META content="MSHTML 6.00.2800.1400" name=GENERATOR>
<STYLE></STYLE>
<DIV><FONT size=4><FONT face=Arial><STRONG>FTC to Look Closer at 'Spyware'<!--plsfield:stop--></A><BR></STRONG><FONT size=3>Privacy Experts Warn of Dangers to Unwitting Consumers</FONT></FONT><FONT size=3> </FONT>
<P><!-- THIS JAVASCRIPT COMES FROM WASHTECH SITE FOR TESTING --><!--SCRIPT LANGUAGE="JavaScript" SRC="http://www.washtech.com/scripts/adcode.js"></SCRIPT-->
<SCRIPT language=JavaScript src="http://media.washingtonpost.com/wp-srv/washtech/javascript/adcode.js"></SCRIPT>
<SCRIPT language=JavaScript><!--
setupAdCode("sitename=wpni.washtech","pagename=software")
//--></SCRIPT>
<!-- END OF WASHTECH AD CODE PREPARATIONS --><FONT size=2><!--plsfield:byline--><I>By Yuki Noguchi</I><BR><!--plsfield:credit--><I>Washington Post Staff Writer</I><BR><FONT color=#cc0000><!--plsfield:disp_date-->Monday, April 19, 2004; Page A04 </FONT></FONT>
<P><!--plsfield:description--><NITF>
<P>A relatively new kind of software that resides in many computers and tracks its users' Web-surfing habits or triggers pop-up advertisements has come under scrutiny by federal regulators who have already cracked down on deceptive or misleading spam.</P>
<P>The Federal Trade Commission today is hosting a daylong workshop in Washington to discuss the effects of hidden software that may be used to control or spy on a computer without its user's knowledge.</P>
<P>So far most "spyware" and "adware" programs, often placed on Windows PCs by such downloaded programs as file-sharing programs, appear to have been used for the relatively benign purpose of tracking consumer preferences, said Howard Beales, director of the FTC's consumer protection division. The FTC is watching to see if criminals start making widespread use of this technology to steal credit-card and Social Security numbers of unwitting computer users, he said. </P>
<P>"So far [we] haven't thought that it warranted regulation," he said. </P>
<P>Privacy experts and makers of anti-spyware software say the FTC's light-touch approach leaves too many consumers vulnerable to more unwanted advertising or even the addition of controls that consumers might not realize are on their computer.</P>
<P>"There's a number of concerns about spyware, which is that it takes away consumers' control over their computers," said Ari Schwartz, associate director of the Center for Democracy and Technology in Washington. "We consider privacy to be a control issue as well," and many spyware programs act as surveillance tools for advertisers without the users' consent, he said. In February, the group filed a complaint with the FTC arguing for stricter enforcement against two companies involved in using software for allegedly deceptive and unfair ads. </P>
<P>The software generally enters a person's computer when he or she downloads and installs free music or game programs, for example. Often, popular downloaded programs such as Kazaa and Grokster require users to agree to a licensing agreement that allows the addition of adware to the computer's hard drive, legal agreements that Beales and privacy experts concede many consumers do not fully read. Other, more underhanded spyware developers automatically install spyware without the knowledge or informed consent of the user, privacy experts and software makers said.</P>
<P>Estimating how many computers carry spyware or adware is difficult, in part because many consumers do not know they have it, said Nate Elliott, an analyst with Jupiter Research. Some companies consider "cookies," which are small data files that Web sites can place on a computer to store information about a user's online activity, to be a form of software, but cookies are not programs and cannot control computer functions.</P>
<P>Last week, Internet service provider EarthLink Inc. and anti-spyware software maker Webroot Software Inc. said a three-month audit of slightly more than 1 million computers found 29.5 million pieces of spyware, or nearly 28 per computer. Almost 24 million of these items, however, were cookies.</P>
<P>"We think the problem is bigger than anyone understood," said David Moll, chief executive of Webroot of Boulder, Colo. In particular, "drive-by" downloads, which occur when Web sites exploit weaknesses in Microsoft's widely used Internet Explorer browser to install spyware and adware surreptitiously, are increasingly a problem, he said.</P>
<P>Roger Thompson, vice president of product development of Pest Patrol of Carlyle, Pa., said: "The issue is that there is no line between good behavior and bad behavior." Although a minority of spyware is used for "malicious" purposes, "it opens a back door that allows computers to be updated by the hacker and accept commands to log keystrokes, read files, or turn on the Web cam," he said.</P>
<P>Federal and state legislators have taken notice. U.S. Sens. Conrad Burns (R-Mont.), Ron Wyden (D-Ore.), and Barbara Boxer (D-Calif.) have introduced legislation that would prohibit the installation of software on a computer without notice and consent, and would require easy ways to remove it. Utah enacted legislation last month, and state legislatures in California and Iowa are considering action.</P>
<P>While some software installers are sneaky or fraudulent, the bigger problem may be that consumers neglect to read the fine print before loading programs, said David Sorkin, a professor at the John Marshall Law School in Chicago. "It's pretty hard to install controls beyond that contract."</P>
<P></P></NITF><BR clear=all>
<CENTER><A href="http://www.technews.com/">TechNews.com Home</A></CENTER>
<P></P>
<P>
<CENTER>© 2004<!--plsfield:end--> The Washington Post Company</CENTER></FONT></DIV></BLOCKQUOTE>
<P>
<HR SIZE=1>
<FONT face=arial size=-1>Do you Yahoo!?<BR><A href="http://pa.yahoo.com/*http://us.rd.yahoo.com/hotjobs/hotjobs_mail_signature_footer_textlink/evt=23983/*http://hotjobs.sweepstakes.yahoo.com/careermakeover">Win a $20,000 Career Makeover at Yahoo! HotJobs </A></FONT></BLOCKQUOTE></BLOCKQUOTE><p>
<hr size=1><font face=arial size=-1>Do you Yahoo!?<br><a href="http://pa.yahoo.com/*http://us.rd.yahoo.com/hotjobs/hotjobs_mail_signature_footer_textlink/evt=23983/*http://hotjobs.sweepstakes.yahoo.com/careermakeover">Win a $20,000 Career Makeover at Yahoo! HotJobs </a>
--0-2120782774-1083445668=:61857--