0

Webroot, the makers of Spy Sweeper, are claiming that 8 out of 10 corporate PCs are infected with Spyware. Wow! That's a significant amount of computers. Looking at my personal experience troubleshooting and repairing computers, I have to agree with them.

Before we go to deeply, let's define Spyware. According to Spyware Guide, Spyware is: "Spyware covertly gathers user information and activity without the user's knowledge. Spy software can record your keystrokes as you type them, passwords, credit card numbers, sensitive information, where you surf, chat logs, and can even take random screenshots of your activity. Basically whatever you do on the computer is completely viewable by the spy. You do not have to be connected to the Internet to be spied upon."

So, spyware are little programs that run behind the scenes, and are able to record my keystrokes, or possibly take screenshots of what I am doing, and log them somewhere on the hard drive. Then, when I connect to the internet, it will quietly transmit the data to someone out there in the wild.

That bothers me.

How do people get spyware? Off of websites mainly, when they download various programs to see what they do, or perhaps a utility that has a hidden payload (often called a trojan horse). It is also possible to get Spyware from email sources, or from Instant Message clients, such as AIM or Yahoo that feature access to the file system. Little scripts that popup a window can mislead the user into confirming an installation, and whammo the code is suddenly executing. Hooks are available to Microsoft Windows to protect the newly-installed module, so that it is not easy to remove.

8 out of 10 corporate desktops have spyware on them. So what steps are companies taking to limit spyware? Not sure. But here are some tips:

* Think of spyware as a computer virus. This means scanning of machines on a regular basis, and updating the definition files. Intensify your efforts on laptop computers that connect to other networks, especially wireless events where everyone joins one big network and files zip around.

* Educate your user community about spyware. Advise them that there is no such thing as something free on the internet. Those free create-a-card sites could be sources of spyware / adware that are against the productive principles of your business.

* Keep your Windows up to date patchwise, either by using Windows Update, or ask your network administrator about installing a SUS server.

* Realize that antivirus vendors such as Norton and McAfee might not necessairly be scanning for spyware. Use the right tool for the right job!

Other OS's, such as Macintosh and Linux, do not seem to have an active Spyware community... yet. Windows based "products" will not function inside these environments, but all it would really take is some dedicated folk to re-design the program for Mac and Linux, especially if you use your root accounts as your daily presence on the machine, which is a bad idea.

Christian

5
Contributors
19
Replies
20
Views
11 Years
Discussion Span
Last Post by Catweazle
0

If that's so then there's a severe problem with network security in most companies.
I'd even go as far as to say that if that number is correct then just about EVERY machine outside the financial and insurance sector (and possibly a small part of the IT sector) is infested, something I find rather hard to believe.

The main thing here is to implement a strict policy against the downloading and installation of non-approved software (and the use of non-approved files in general) on company machines.
This works well in concert with anti-piracy measures.

Rule #1: NO MP3s.
Rule #2: NO downloading and installing software on your own (I know I do it myself but I only install stuff I certify being clean, something I know how to do but the average person does not). If you want something, ask systems management who will then install it for you (or supply you with the installer) if the application if safe to use.
Rule #3: if you break rules #1 or 2, your internet access rights are revoked and your email account is blocked from receiving email from outside the LAN. First transgression, 1 week. Second, 1 month. Third, permanent.
Rule #4: these rules apply to everyone, especially management (who are often the most computer illiterate people in a company).

0

I'm not sure I can agree with that statistic. It reminds me of what John McAfee did back in the day, when the first major virus hit corporate computers; he basically wrote an article that greatly exaggerated (something like tenfold) the monetary losses to businesses, thereby creating a scare that catapulted his software into the lead among a slew of fairly equal, but mediocre, antivirus products.
I'm not saying the problem is not a real problem, but my experience doesn't bear out that statistic. Sounds like Webroot is trying to take advantage of its popularity to "scare' up some increased revenues, a tactic I find detestible!

Basically, it's really unnecessary to PAY for their product (or anyone else's for that matter) anyway; the free ones and a dose of common sense (education in some cases) would be just as effective, and preferable to paying up every, single, year. I strongly advise against paying for any functionality that can be had for free; it just doesn't make sense.

Like jwenting says, a strong (and enforced) set of policies would also be better than the false sense of security many people get lulled into just because they have some software product. I wish I had a few dollars for every time I have had to inform someone of a spyware infection who responded with something like "No! That's impossible; I have SpySweeper, so it CAN'T be spyware!"

0

err... uummm......

People, how could you NOT agree with the statistic. Basically, every system which uses Internet Explorer for web browsing has spyware on it, no matter how stringent the security protection has been. Almost every system which uses Internet Explorer for web browsing does not also have adequate spyware detection, removal, and real-time protection installed and operating.

Since about 80% of desktop systems use Internet Explorer for web browsing, the figure is a natural one to expect.

Another little 'fact and figure' bit of info to consider:

I regularly access numerous technical websites during the course of my work as an IT journalist. On most websites where ordinary PC users who are knowledgeable enough to seek assistance with correcting their own PC-related problems visit, you find poll results consistently demonstrate a better than 50% Firefox usage. On the more 'professional' help sites, where Corporate users and people from 'professions' seeks assistance, you consistently find that the level of Internet Explorer usage is higher. I'm sorry, I haven't got any 'facts and figures' published studies to back up that claim - it's been derived from my observations over time.

But Internet Explorer = Inevitable spyware infestaion.

In my opinion, Christian neglected to include the most important tip of all:

* If the PC is to be used for web browsing, install a suitable alternative web browser and set it as default. Insist on its usage for all website access other than that which SPECIFICALLY requires the use of Internet Explorer!

0

Certainly not true Cat, can't you post one thing without your Microsoft hatred showing through?

If people don't use P2P software to download pirated music, movies, and software, and don't go around to hacker sites and such, they're unlikely to ever get spyware if they're also careful to not install every piece of crap they get sent over email or download somewhere (which a strict policy and education would help ensure).

Your assumption that "every machine using IE is infested with spyware" would only hold ground if every website in existence tried to install spyware on your machine, something that's blatantly false.

Your assumption that "smart" people mostly use Firefox is also completely unfounded. The figure can be easily reached by very carefully selecting the target audience of your polls and massaging the results.

So your basic assumption that "Microsoft is evil" has nothing to do with the subject under discussion, so leave it at home (or rather burry it as it's getting very old indeed) and don't make yourself look like an idiot slashdotkiddo.
I know you're smarter than that.

0

Oh goodness. There are some incorrect assumptions in that effort!

can't you post one thing without your Microsoft hatred showing through?

I'm a Windows user, I write about Windows systems for a living, I use mostly Microsoft products, I adviocate the use of built-in features such as the 'Camera and Scanner Wizard' and the 'CD burning Wizard' for preference over commercial software in most instances. There's no 'Microsoft hatred' involved in acknowledging that one particular piece of the software bundled is somewhat flawed.

If people don't use P2P software to download pirated music, movies, and software, and don't go around to hacker sites and such, they're unlikely to ever get spyware if they're also careful to not install every piece of crap they get sent over email or download somewhere (which a strict policy and education would help ensure).

the nastier and more extreme intruders are usually acquired in that fashion, but the vast majority of unwanted intruders are simple bandwidth leeching annoyances which get installed simply by viewing websites with systems which are not adequately secured. And the majority of systems sitting on Corporate desktops are just that - default installs, basically!

Your assumption that "every machine using IE is infested with spyware" would only hold ground if every website in existence tried to install spyware on your machine, something that's blatantly false.

Bung a default install of XP Pro on a system. Install all the 'security' updates. Then browse the web for a week, avoiding porn sites, warez sites and all the 'nasty' corners of the internet, doing such everyday stuff as reading news, checking eBay auctions, doing a bit of online shopping, reading Advertising supported websites etc. etc. All in Internet Explorer of course. you know the activity I mean - the sort of thing that just about every coerporate worker does in the boss's time!

Then run AdAware, Spybot, and Microsoft Anti Spyware Beta over the system and see what you find. Hundreds if not thousands of little leeching intruders, and more than likely the odd 'nastier' one in amongst them. All from simple browsing! Do the same in Firefox and the results will be quite different! It's simple observation, not product prejudice.

Your assumption that "smart" people mostly use Firefox is also completely unfounded. The figure can be easily reached by very carefully selecting the target audience of your polls and massaging the results.

No result massaging necessary. Compare the results of viewer/reader contributions to sites such as this one to the results of similar website contributions by viewers/readers elsewhere. The assumption that aent' was being made is your own interpretation. The comment simply compared people from differing fields of activity.


I'd not like to see News article discussion descend into argument here. Considering that the comments I made constitute 'Microsoft hatred' is completely unwarranted.

0

I was simply mirroring the point of view of the original poster, who indicated that his experience seemed to bear out the statistic. Mine does not.

It really comes down to whether or not you BELIEVE the statistic, and I don't. The reason I don't is because I deal with perhaps 40 different computers on a daily basis, and I just don't see that number of them with spyware.

Remember a few months ago that Symantec warned up to prepare for the impending barrage of attacks directly against Firefox? Where are they? It is, more than anything, just corporate jangling trying to overblow the threat (which itself IS real) in order to increase their profits.

Profiteering off of lies creates filthy lucre, which is sickening, and for me, results in immediate and permanent boycotting and advising against anyone doing business with such companies.

0

results are massively inaccurate :)
1) polls asking which browser is in use are usually responded to only by people using alternate browsers, at least those will respond in far higher numbers.
2) polls asking whether people had trouble are usually only responded to by people who indeed had trouble (or are even distributed only among people already reporting problems).

We've done a customer satisfaction survey a while ago ourselves. We sent a questionaire (made by a professional company, not ourselves, quite in contrast to most questionaires) to all our customers.
We got responses from maybe half of them, the other half mostly sent a thank you note to the effect that there was no reason for the survey. Of the respondents about half had had complaints of some sort over the last year, the other half had mainly suggestions for improvement of service.
The final outcome as presented to us stated bluntly that less than half our customers are happy with our products and services.
No massaging needed, they just forgot about the 50% who didn't feel the need to respond because they were happy with the current situation...

These reports are no different.

0

Glad to hear that you're skeptical of 'survey' results. As a person trained in the creation, application and analysis of survey research I'm all to well aware that you should be. But the contention that "polls asking which browser is in use are usually responded to only by people using alternate browsers, at least those will respond in far higher numbers." is a difficult one to support. People click on those little polls simply because they are people who click on little polls.

0

Well, Im glad to see this is turning out to be a popular thread with some intelligent discussion.

Truth be told, that is the best defense against all malware - intelligent application of what you are doing (an no blind-clicking!).

However, there are a few truths to be uncovered here: mostly that the statistics are completely irrelevant. Spyware can run the gamut from key-loggers and activity monitors to simple cookies, or even the Event Log or history cache on your system to a network Admin (or parent!).

Spyware is basically anything running on your system that monitors any of your activity, that you are not exactly aware of what it is, where it is installed, and what it is configured to do.

Unless you are responsible for a network yourself, or have a similar skillset, I would say 99.9% of ALL systems out there are infected with some kind of spyware.

Now is this all systems, or just coporate desktops? Does this include servers? What about Media Edition PC's to?

The simple truth is that surreptitious software is running around everywhere, and yes, if you use an unsecured Internet Explorer, on an unsecured Windows login account, and you dont have a proactive network administrator protecting your system and network, then you probably are infected with Spyware.

And dont count on any of the anti-spyware programs to eliminate your exposure. Not all of them consider the same things to be spyware. Each will find stuff the others didn't, and the true intrusive nature of is discovered is arguable.

I completely agree, the best defense is common sense, and dont spend money on third-party tools that should be had for free!!!

0

Depends on what you consider "spyware" as well of course...
If you consider Windows Update to be spyware (as some people who don't know how it works or are simply mallicious do) then every PC equipped with Windows (or ever more other OSs) has spyware on it :)
Many respondents to such surveys will possibly enter YES to a question like "does your PC sometimes send information over the internet by itself".
That question will then be interpreted by the people making up the survey results as "most people have spyware on their PC"...

0

Agreed! The practical definition of "spyware", in the sense of it being something people will need to take strong action against, is not so broad as to include ALL cookies, event logs and the like. I mean, how many of us, when launching our favorite word processors, consciously direct that the spell checker will load too? Yet, there it is, running without explicit consent, watching what you type, checking for typo's. Certainly this would not fit a practical definition of "spyware".

0

I really wish we could edit our comments after the fact on the blog postings. Please forgive my omissions ;-)

0

A good working definition would be that which comes from Wikipedia:

Spyware is a broad category of malicious software intended to intercept or take partial control of a computer's operation without the user's informed consent. While the term taken literally suggests software that surreptitiously monitors the user, it has come to refer more broadly to software that subverts the computer's operation for the benefit of a third party.

Spyware differs from viruses and worms in that it does not usually self-replicate. Like many recent viruses, spyware is designed to exploit infected computers for commercial gain. Typical tactics furthering this goal include delivery of unsolicited pop-up advertisements; theft of personal information (including financial information such as credit card numbers); monitoring of Web-browsing activity for marketing purposes; or routing of HTTP requests to advertising sites.

Clearly that definition precludes such things as spell-checkers and Update services.

0

An update service (especially an automated one) takes control of the user's computer without his consent and therefore under that definition constitutes spyware.
As many people believe update services send large amounts of information to the service provider who then stores all that data and uses it to determine what updates to send (when in fact what most or all do is the opposite where the service sends a list of available updates and the client determines which if any it needs) they think it's spyware under a more restrictive definition in which the spyware sends information to a remote machine without consent as well.

Many people believe cookies are spyware in fact, and are hideously monitoring all their internet activity and sending everything back all the time...

0

That's pedantic and misleading. Update services are neither 'malicious' nor intended to subvert operation for the benefit of a third party. They don't fit the definition given at all.

0

The point that myself and (I think) jwenting were making was that not everything that isn't explicitly installed or run by a person fits the definition of spyware. My point was that an overly-broad definition would include spell checkers, which is obviously not fitting. If to your understanding, my last post seems to be calling spell checkers spyware, please read it again and accept my apology if the clarity wasn't as it should have been.

0

Cat, WE know that but the average person reads the definition and hears the /. talk badmouthing Microsoft repeated over and over again, puts one and one together and concludes that Windows Update is spyware...

It's that simple, remember not everyone is computer litterate and many get their "information" third hand from sources which are themselves not to be trusted and/or have no expertise in the area they're advising people about.

0

My work role has me providing assistance to the 'average person' day after day. People from the most naive of beginners to the IT prefessionals. I've never come across anyone who has concluded that Windows Update is 'Spyware'.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.