Spies & snoops

The lowdown

What is Spyware? Run-of-the-mill spyware records and transmits information without notifying the computer's user. It's normally sent to your system over an Internet connection. High-end spyware, computer-monitoring software planted by someone interested specifically in your computer or network, such as a real spy, is difficult to detect and remove.

Anti-spyware tools don't always detect these advanced surveillance products, which can be planted in many ways, including through an e-mail greeting card or direct physical access to a system.

Spyware, even benign ad trackers, degrades system performance.

What should you protect? It's best to prevent all information from unnecessarily going out on the Internet. The challenge comes when you don't know what is leaving your system. Spyware plucks information you might not know it's taking, such as what you're looking at onscreen.

Even e-mail addresses should be guarded. Except for online accounts such as Yahoo Mail, in which many valid addresses can be guessed, spammers generally target only accounts they find in newsgroups, on Web sites or elsewhere on the Web. Anti-spam tools help, but a good address privacy policy can reduce the spam load by denying your address to mailing list vendors.

Must-know info? Any computer connected to the Internet is exposed to information-gathering tools. Spyware can track Web browsing, log keystrokes and mine systems for confidential data. The most serious spyware, system monitors, may be planted on systems without access to the Web.

Remote computers that log onto an office network must be protected in the same way enterprise clients and servers are. Laptops, especially those with wireless capabilities, must also be secured.

The Electronic Freedom Foundation has a useful list of 12 ways to protect your privacy online. Find it at www.eff.org/Privacy/eff_privacy_top_12.html.

How do anti-spyware tools work? Basic adware detection software relies on known code that is identified in a database, which explains why many free adware scanners are effective. These tools are ideal for systems you may not be able to spend money protecting, such as teleworkers' home PCs, but may still expose important data.

Microsoft's plans? In future Windows releases, Microsoft will add privacy protection in the form of "infocards," a two-part authentication system. Unlike .NET Passport, infocards will not collect personal information in a central repository, but leave it on individual PCs.

Tools to sweep them away

The question is simple: Does any information pass through your computer that you wouldn't want posted on the Internet? Most likely the answer is yes.

Government workers and contractors, whether teleworking or at their offices, need to keep their activities private and inaccessible to random snoops on the Web. I'm not referring to confidential information ? this guide doesn't deal with protecting secret data ? but there's a lot you don't want strangers to know, including what sites you surf or what you may be researching.
If you log onto remote or government-only networks, you don't want to broadcast the existence of these sites, let alone your username and password.

New privacy premium

Protecting confidential information was easier when most people with Internet access exchanged e-mail and accessed sites through a server. Managers protected everyone's data using network-level or enterprise-level tools.

With today's wireless-enabled laptops and a growing legion of teleworkers, managers must pay as much attention to protecting standalone PCs as they do to networks.

Concealing activities means eliminating adware, spyware and cookies, as well as cleaning out from systems traces of earlier Internet activity. Much information can be gleaned from memory caches.

Adware tracks your browsing habits, usually innocently and anonymously. It generally degrades system performance. Spyware, which is more insidious, actively watches computer activity, captures identifiable information and sends it to a remote server.

Spyware includes key loggers, which record your keystrokes (It knows what password you typed.); e-mail redirectors, which intercept e-mail messages; chat and URL loggers, which monitor instant messages; and screen recorders, which steal electronic snapshots of your onscreen activity.

The chart features software to protect networks and in-dividual computers, mainly programs that block or remove spyware and clean your computer of Internet activity.

Although the table focuses on standard privacy tools intended to keep information about your computer and its data confidential, some government officials, such as those in law enforcement, also need to further conceal their online activities. If you fall into that category or frequently use public wireless hotspots, you'll need a specialized tool, such as those offered by Anonymizer Inc. and Tenebril Inc., that offer encrypted tunnels to the Web.

Encryption and firewalls also are vital privacy tools. Look for more on them in future editions of "Integrator Toolbox."

After some testing, I've selected three anti-spyware tools for my personal use. I chose three because although one tool might be good at defeating spyware, another might be better at ridding a system of adware. This is not to say these tools are better than others in the guide, but they suit me well. Your needs likely will vary.

Microsoft's free AntiSpyware (still in beta form) does a good job of blocking new infections but misses a lot of installed adware. Its real-time protection prevents programs from changing your Internet settings, blocks unauthorized changes to your operating system or security settings, prevents modification of applications, and notifies you of new software installation attempts or ActiveX downloads. The Tracks Eraser feature cleans up activity history, even from the Registry.

Lavasoft's Ad-Aware SE is available in free and commercial versions. Even the free version does a much better job of removing adware than AntiSpyware. Ad-Aware SE Professional adds a process analysis tool that includes a HexDump option, which lets you view the hexadecimal version of a file turned up in a scan. The software can also watch for activities that could signify the presence of new spyware not in a database.

The third program in my privacy arsenal is Definitive Solutions' BHODemon, which monitors and manages Browser Helper Objects. A BHO is a program that is installed on your system by another program and runs automatically each time you start your browser.

BHODemon lists any installed BHO, indicates whether it's active or benign and provides extensive information about the code. Some BHOs are useful, such as AcroIEhelper.ocx, which lets your browser load and display Adobe Acrobat files. You probably also have one associated with your antivirus software.

Other BHOs, however, can do virtually anything on your system, including reading, writing and deleting files. BHODemon finds BHOs and helps you determine what they do and where they came from, so you can decide whether to remove them or not.

All three of these products come in free versions, an unbeatable price when it comes to securing your privacy online.

John McCormick is a freelance writer and computer consultant. E-mail him at powerusr@yahoo.com.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above.

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here

Washington Technology Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.


contracts DB