Wednesday, July 15, 2009

Adware, Spyware and Monitoring Software-–What's What?

Everybody seems to have heard about spyware now. Media
publish loads of surveys, "how to"s, and horror stories
about the victims. Readers are supposed to know exactly what
terms like "spyware", "adware", "malware" mean. Alas, their
meanings may vary from article to article, from author to
author-- some of them still use these terms interchangeably.
It is not correct. Being an employee of an anti-spyware
developing company, I guess I know this matter well enough
to point that out.

The spyware problem is much broader and more complex than we
think it to be; it isn't all about unwanted advertising,
pop-ups, etc., etc. It isn't all about privacy, either.
Adware by no means equals spyware. One needn't be a genius
to suspect it. Adware is more annoying than really dangerous
-- though it slows down PCs and drives people crazy.
Programs used for targeted advertising, such as adware or
cookies, make only a tiny part of existing programs which
are usually called spyware, and the purposes they are used
for are the most innocuous, I should say.

In my opinion, these programs should better be called
"trackware" or something like that -- they keep track of PC
users' activities (to target advertising better) but not
actually spy. You disagree? Well, your browsing habits,
things you buy online--all this stuff certainly is your
private business. If somebody else uses this info to bombard
you with ads, you get angry. You are quite right. One more
question: what private info you value more--your browsing
habits or your credit card number?

Social security numbers, credit card numbers, your bank
accounts, passwords, another valuable (in the direct sense)
data--can easily be stolen by means of software programs
specially created for stealing data. That's what I usually
mean when talking about "spyware." These programs spy--they
log every your keystroke or mouse click, make screenshots,
compile a neat log-file and send it to the person who
installed the program (as a rule, remotely) on your PC.

Compared with keyloggers, adware seems pretty innocent, doesn't it? Even hijacking a browser looks like petty offence. To
visualize difference between adware stuff and keylogging
spyware just compare a juvenile delinquent and, say, a
terrorist.

In view of that, software products which make possible
unwanted advertising are rather distant relatives of real
spyware. Cousins, so to speak. Second cousins twice removed,
to be more precise. What about brothers and sisters?

Spyware has very much in common with monitoring software --
legitimate software products widely used for parental
control, workplace surveillance, Internet access control,
etc. They pretty often are based on the same technology.
They are so similar, that a spy program can sometimes be
used for monitoring purposes, and vice versa. So, what is
the difference, if there is any?

There is a vague line between monitoring products and spy
products -- this is the line between security management and
security violation. However, there are two specific program
functions that are typical to spy programs.

First, it is possible to carry out preliminary configuration
of the monitoring module (it is usually called client, agent
etc.), getting a compiled executable file as a result. This
file, when installed, doesn't display any messages or create
windows on the screen. It "hides itself" and "shows no signs
of life". It is impossible to notice whether the particular
PC is being secretly monitored or not. Of course, the user
is not aware of being spied -- until the consequences show
up.

Second, spy software always has built-in means of remote
installation; as a rule, the pre-configured module (agent)
is installed into the target PC remotely. Then the files
with obtained information are sent via local network or
emailed to the person who installed the spy program.

Last, but not least-- spyware is always used illicitly and
behind the user's back-- here monitoring is performed by a
person who has no right for it. Unlike spyware, legally used
monitoring programs are almost never used secretly. Though
in many states your boss doesn't break any law when he
installs monitoring devices or software without your consent
and never tells you about it, it happens not very often. As
a rule, people at work are aware of being under
surveillance. Managers are very likely to tell a new
employee that there are things that he or she had better not
do -- because there are means of finding that out. Kids know
what websites they had better not visit--for the same
reason.
Remove these functions -- and you will get a monitoring
program instead of spyware. If it is impossible to
pre-configure the monitoring module and install it remotely;
if you should have administrator privilege to install the
program, it is monitoring software, not spyware.

Though the basic principle is often the same, purposes
differ greatly. Monitoring software is most frequently used
in large and middle-sized companies to ensure information
security and local network accountability. At home more and
more parents install it as a "life jacket" for their
web-surfing kids. You probably use such a program already,
or going to. Use it, but remember about the illegitimate
relative of so useful and absolutely legal monitoring
program installed on your own PC.

1 comments:

Anonymous said...

Appreciating the time and effort you put into your website and in depth information you offer. It’s good to come across a blog every once in a while that isn’t the same outdated rehashed information. Great read! I’ve bookmarked your site and I’m in… Techno News

Post a Comment