spyware

Abstraction:

                            Millions of computer users are being watched, not just by employers and Organizations, but by the software that they use frequently without their knowledge. This spyware has become the center for collecting of the private data and threatens the corporate secured data. Even  it can change computer settings, resulting in slow connection speeds, different home pages, and loss of Internet or other programs.

                          In an attempt to increase the understanding of spyware,we have to understand the “What exactly is spyware? How does it work? What is its impact on users and the businesses that employ them?How to prevent them?are discussed.

What is a spyware

                         Spyware is software designed to collect information from computer system users without their knowledge. Typically, spyware can be classifiedas a type of trojan horse, which is a type of technology-based security incident, allowing for information security policy violation.
                  It can be termed also as computer software that  is installed surreptitiously on a personal computer to intercept or take partial control over the user's interaction with the computer, without the user's informed consent.


 

 

History and development

                    The first recorded use of the term spyware occurred on October 16, 1995 in a Usenet post that poked fun at Microsoft's business model. However, in early 2000 the founder of Zone Labs, Gregor Freund, used the term in a press release for the ZoneAlarm Personal Firewall. Since then, "spyware" has taken on its present sense. According to a 2005 study by AOL and the National Cyber-Security Alliance, 61 percent of surveyed users' computers had some form of spyware. 92 percent of surveyed users with spyware reported that they did not know of its presence, and 91 percent reported that they had not given permission for the installation of the spyware.] As of 2006, spyware has become one of the preeminent security threats to computer systems running Microsoft Windows operating systems.                                  

Comparison

Spyware, adware and tracking

                              The term adware frequently refers to any software which displays advertisements, whether or not the user has consented. Programs such as the Eudora mail client display advertisements as an alternative to shareware registration fees. These classify as "adware" in the sense of advertising-supported software, but not as spyware. Adware in this form does not operate surreptitiously or mislead the user, and provides the user with a specific service.
                             Although most adware is spyware in a different sense for a different reason: it displays advertisements related to what it finds from spying on you. Claria Corporation's Gator Software and Exact Advertising's BargainBuddy are examples. Visited Web sites frequently install Gator on client machines in a surreptitious manner, and it directs revenue to the installing site and to Claria by displaying advertisements to the user. The user receives many pop-up advertisements.
                           Other spyware behavior, such as reporting on websites the user visits, occurs in the background. The data is used for "targeted" advertisement impressions. The prevalence of spyware has cast suspicion upon other programs that track Web browsing, even for statistical or research purposes. Some observers describe the Alexa Toolbar, an Internet Explorer plug-in published by Amazon.com, as spyware, and some anti-spyware programs such as AdAware report it as such. Many of these adware distributing companies are backed by millions of dollars of adware-generating revenues. Adware and spyware are similar to viruses in that they can be malicious in nature, however, people are now profitting from these threats making them more and more popular.
 Spyware, virus and worm
                              Unlike viruses and worms, spyware does not usually self-replicate. Like many recent viruses, however, spyware by design exploits infected computers for  commercial gain. Typical tactics furthering this goal include delivery of unsolicited pop-up advertisements; theft of personal information (including financial information such as credit card numbers); monitoring of Web-browsing activity for marketing purposes; or routing of HTTP requests to advertising sites.







Routes of infection

                               Spyware does not directly spread in the manner of a computer virus or worm: generally, an infected system does not attempt to transmit the infection to other computers. Instead, spyware gets on a system through deception of the user or through exploitation of software vulnerabilities.
                              Most spyware is installed without users' knowledge. Since they tend not to install software if they know that it will disrupt their working environment and compromise their privacy, spyware deceives users, either by piggybacking on a piece of desirable software such as Kazaa or Limewire, tricking them into installing it (the Trojan horse method). Some "rogue" anti-spyware programs masquerade as security software, while being spyware themselves.

click here to download full paper
Labels: