What will most likely be of interest to the readers of this blog are the Safety Tips published along with this new information.
Safety Tip Highlights:
- Keep security software on your computer up to date.
- Download programs only from Web sites you trust.
- Beware the fine print...
- Be especially careful with certain types of “free” programs.
- Use available tools to detect and delete spyware.
Benjamin Edelman has compiled research on spyware and adware I think is great. The information on his site examines how Yahoo!, Microsoft and Google participate in the funding and spread of spyware and adware.
The Protection Blog has received e-mails asking how EarthLink can write about removing and preventing spyware when we distribute it ourselves. The claim is, when you log into our myEarthLink.net site we install a piece of spyware on your computer – simply said, this is NOT true.
What we do is ask you to allow us to install a browser cookie on your computer to allow us to make your experience with the myEarthLink.net product better. The browser cookie keeps track of your personal preferences (e.g. what zip code you want to see the weather for, what color you have chosen for your page, what astrological sign you’re etc…). I can see how someone that doesn’t understand spyware and adware might make this claim.
The definitions of spyware and adware are in constant flux and can change according to who you’re asking to define them. In general, I think spyware and adware can be viewed as things that are used for secretly collecting data and conducting malicious activities. Neither of which EarthLink is in the business of doing.
According to an article in eWEEK, a new study shows that 80% of business computers are infected with adware or spyware!
Can you imagine? What a huge risk to proprietary information, to customers' personally identifiable information, to business productivity....
The article partially reads like a press release from Webroot, which conducted the study, so I don't feel bad at all about plugging EarthLink's Spyware Blocker for home users, or business solutions from the newest addition to the EarthLink family, Aluria.
Spybot (the worm) spreading through Instant Messenger Clients
C|Net reports the number of bot related cases jumped 300% from Q1 to Q2 of this year. Security software makers claim Spybot (the worm) is one of the most prevalent worms on the Internet.
However, the current problem is a Trojan called Kirvo that is downloaded upon clicking a link that is sent to you from what appears to be someone on your IM client's friends list. Once the Trojan Kirvo is in place it opens the door for Spybot to be downloaded.
Be careful about clicking on URLs that appear to come from friends on your IM list. Personally, I always ask where someone is directing me if I don't recognize the domain in the URL that has been sent to me.
EarthLink is proud to be a part of the recently launched industry & non-profit Anti-Spyware Coalition.
As blog readers know, we are committed as an ISP to actively work to protect EarthLink members from all kinds of Internet security threats, and to extend that protection to the broadest array of Internet users possible, through free products like our ScamBlocker toolbar for both Internet Explorer and Firefox browsers. We've also worked on a number of different collaborative security efforts with other companies and non-profit organizations, so this work is "standard operating procedure" for us in many ways.
However, there are some things about the Anti-Spyware Coalition's efforts that are new!
As a group, we've proposed a set of standard definitions for spyware and other potentially unwanted software, like adware and dialers, a set of best practices for us all to follow when coping with these kinds of technologies, and a set of prevention tips for consumers. (They're all part of this document.)
Are these useful? Do they go far enough? Do they go too far? Have we missed or forgotten something?
Please take a look at the Anti-Spyware Coalition's recommendations, and let us know what you think. Submit your comments by August 12, 2005, and we'll review them and revise our documents to make them as valuable as possible -- for consumers, ISPs, software companies, and the Internet community as a whole.
Pew released a report yesterday that indicates the threat of becoming infected with Spyware is changing people's behavior online.
Malware has differently changed the way I use my computers online. I am careful about where I go online and suspicious when downloading anything. Looks like I am NOT the only one that has modified their behavior for fear of becoming the next victim.
Tens of millions of Americans have been struck by so-called spyware. Fully 91% of internet users have changed the way they behave online as they try to avoid unwanted and invasive software. A new nationwide survey by the Pew Internet & American Life
Project shows that:
• 1% of internet users say they have stopped opening email attachments unless they are sure these documents are safe.
• 48% of internet users say they have stopped visiting particular Web sites that they fear might deposit unwanted programs on their computers.
• 25% of internet users say they have stopped downloading music or video files from peer-to-peer networks to avoid getting unwanted software programs on their computers.
• 18% of internet users say they have started using a different Web browser to avoid software intrusions.
A number of software vendors whose products have been classified as "spyware" or "consumerware" or "adware" by anti-spyware products object to being identified that way. Some of them go to anti-spyware vendors and try to persuade them to stop flagging their products. Some even threaten or file lawsuits.
In an interesting turn of events, Symantec recently filed a lawsuit against Hotbar, a company they classify as "adware," asking the court to declare that Hotbar really is "adware" and that Symantec can legitimately identify it as a computer security risk. Law Professor Eric Goldman has interesting analysis and commentary on this case on his blog.
How this turns out will have interesting implications for the anti-spyware community. Will there be a rash of vendors going to court to have their business models declared legitimate? Will ad/consumer/spyware vendors step up the pace on suing anti-spyware vendors? Will this turn into some sort of weird nightmare arms race, even more than it already is, because now there will be courts involved and they move a lot more slowly than software companies?
These questions, and the underlying problem of adware, consumerware, and spyware companies trying to get anti-spyware vendors to stop flagging their products as potentially unwanted software that consumers may want to remove from their computers, is a big part of why EarthLink has been working with others in the computer industry and tech-savvy consumer groups as part of the Anti-Spyware Coalition.
We at EarthLink think that this kind of collaborative effort will make it more difficult for vendors promoting spyware and its less onerous, but still potentially unwanted cousins adware and consumerware, to install on consumers' computers without their understanding of what they've agreed to download. We also think consumer education in this area is critical -- and more effective if the industry and consumer groups are using a common language to describe the issues and concerns.
Microsoft releases update of Windows AntiSpyware Beta
Microsoft has just released an update of the Windows AntiSpyware beta—a security technology that helps protect Windows users from spyware and other potentially unwanted software. This is a "refresh" of the first Beta and not to be confused with the official second version of the beta.
The beta refresh contains several enhancements to the detection and removal capabilities.
This article attempts to characterize the current situation with spyware removal programs and the difficulties differentiating between what some call “spyware” and what some call “adware.”
It’s clear the industry needs to develop some standard definitions and guidelines for software developers to manage toward.
Even Fortune 500 companies have turned to adware to hock their products and services over the Internet.
“…Sprint Corp. for its PCS mobile phones, major banks peddling Visa credit cards, Sony Corp. and retailers including Circuit City Stores Inc. And Mercedes-Benz USA had its cars flashing on consumer's computer screens…”
I recently discovered SpywareInfo.com—a weekly online magazine that discusses the latest spyware threats.
While this site may be a little tech-y for some tastes, it has some terrific info on spyware trends. Find out about Web-surfing risks in particular—like how a stranger could hijack your browser or use a keystroke monitor to discover your credit card information or password.
By now, you probably know that spyware is a class of programs that—one way or another—sneak onto your computer without your knowledge, and—one way or another—monitor what you do.
You may also know that this monitoring can be anything from what seems like a relatively benign but intrusive tracking of your surfing habits in order to serve you up custom ads to the extremely dangerous keylogging, or, tracking all your computer keystrokes in order to steal sensitive personal or financial information such as passwords and credit card numbers.
What you many not be aware of—I know I wasn’t—is that even when hidden spyware programs are not threatening your privacy, they can be a very real problem and have a very real cost. For me, that cost was lost productivity—and almost $1,000.
My spyware story: I have a four-year-old computer at home. Even though it’s out-dated in terms of processor speed and hard-drive size (I have a key chain memory stick with as much disk space), it got the job done for me. So I really didn’t want to shell out $1,000 on a new one…not yet.
But several months ago, it seemed my formerly trusty computer was showing signs of age. It was slowing down. The problem got very rapidly worse, and before I knew it, literally everything I tried to do on my computer was maddeningly, agonizingly slow. I worked around it a bit (staying later at work to make sure I had less to do at home) but also started scrutinizing the weekend ads from Best Buy and Circuit City and plotting my inevitable purchase.
The week before I was planning to bite the bullet and buy a new computer, I was reading an article which reminded me that in addition to the spying aspect of spyware (which understandably gets most of the attention), spyware can also cause very serious computer performance problems.
Although I had EarthLink Spyware Blocker installed on my computer (it comes with our free TotalAccess software), I realized I hadn’t done a spyware scan for some time. (The latest version of our free Spyware Blocker now also proactively blocks known spyware as it tries to install itself on your computer, but the earlier version I had would only detect and disable spyware that was already on your PC.) So I had hope.
Just one simple Spyware Blocker scan later, I had a new computer—even if it was my old computer. And was a $1,000 richer. And a good bit smarter about security issues, realizing that they’re also performance issues, which in turn can be financial issues.
After all, the spyware didn’t steal $1,000 from me, but its presence on my computer almost robbed me of it, along with lots of precious time and energy. So do your computer, your sanity, and your pocketbook a favor: protect yourself from spyware!
A new program called SpywareNo is posing as a spyware removal tool, but it's actually being used to persuade unsuspecting Internet users to download spyware programs and viruses.
The new application is just the latest example of so-called "rogue anti-spyware" programs that exploit user naiveté and frustration with spyware.
According to the New York Times (registration required), New York Attorney General Eliot Spitzer filed a civil lawsuit against the company Intermix, arguing that they engage in deceptive business practices, trespass, and false advertising.
Well it appears that some blogs are distributing spyware. The problem is that some bloggers are unaware that the tools or features they may use or distribute on their blogs contains spyware. See these articles about the topic.
Investor's Business Daily - Spyware Often Lurks Within Internet Blogs
CNET News.com - Spyware infiltrates blogs
Best thing to do to protect yourself is make sure your IE browser settings are on high (disabling Active X and Java) or use Mozilla's FireFox. Also regularly clean your computer with anti-spyware software, and keep your definitions up to date.
Nancy sent us an email asking about "torrents" and were they safe. For those of you not familiar with BitTorrent see Brian's BitTorrent FAQ. Basically, BitTorrent is a protocol used to efficiently download files. It's ideal for large transfers to many people. My warning with downloading (P2P transfers) is to have good anti-virus and anti-spyware protection installed. Most of the time you don't know or trust the source of the file. Also, there are many different BitTorrent clients available, it's possible the clients themselves could contain spyware. Make sure you do your homework. Brian's FAQ also points to a handful of recommended clients. Thanks for the question Nancy!
If you have questions or comments feel free to leave them on the site (see comment button below), or email us at protectionblog@earthlink.net.
In other news, I read and interesting report from John Leyden at The Register. The article talks about a decline in computer virus worms, attributed to wide spread use of Service Pack 2 (SP2, a major security upgrade to Windows XP) and the continued adoption of firewalls.
Benjamin Edelman, well known for his research into spyware, has put together a very detailed overview of the top peer-to-peer applications and the "unwanted" programs that often get installed along with them. As always, be careful of what you download and install on your computer. It is common practice for some "free" software applications to install spyware as a way to generate revenue.
I had some interesting questions regarding the costs of spyware come up last week that I thought I would post here. If I had to boil my responses down to one key point, it is that spyware is no longer just an inconvenience or a nuisance, but also has a significant economic impact. More on the costs of spyware to come soon….
Q: How big a problem is this (spyware in general)?
It is hard to overstate the scope of the spyware problem. I have read several reports indicating that 80-90% of PCs connected to the internet are infected with some form of spyware, and EarthLink's Spy Audit results certainly support those conclusions. In addition, during a Federal Trade Commission workshop on spyware in April 2004, a Microsoft representative stated that when data was provided regarding a Windows crash, nearly 50% of those crashes could be attributed to spyware.
Q: How big will the spyware problem get?
It's extremely difficult to predict when the spyware problem will peak, and the number of spyware threats may very well continue to increase indefinitely. However, I am optimistic that the impact to consumers will be less severe in the near future for three reasons. First, from a technological standpoint, anti-spyware tools such as EarthLink's Spyware Blocker are much more sophisticated than they once were, and can effectively detect and block spyware from ever getting onto a computer. Second, consumers are generally far more informed about the problem today and understand the need to install anti-spyware tools and exercise caution when installing freeware applications. Finally, proposed anti-spyware legislation would introduce legal barriers to distributing spyware and provide a clearer line between legitimate and illegitimate software practices.
Q: What's the cost to users and providers?
The costs associated with spyware are huge. Consumers are often faced with the choice between spending hours fixing an infected computer or paying someone else to clean their PC. Add to that the value of time lost due to computers and internet connections slowed down by spyware, and you start looking at some enormous indirect costs. At the same time Internet Service Providers and software companies bear the costs of technical support calls troubleshooting problems caused by spyware that are often difficult to diagnose and repair.
There's an article over on CNET that discusses Spyware Blocker and points out an ongoing argument regarding the nature and definition of "spyware." The main criticism in the article is that the inclusion of tracking cookies as a category of spyware can be confusing.
There are a number of legitimate points here. Unlike trojans or system monitors, cookies are generally benign, they are very common, and they are typically used in legitimate ways.
While I agree with a lot of what the article says, there is a larger issue of privacy and control here. The definition of spyware that works doesn't hinge on a definition of "software" or the mechanics of a threat. The definition of spyware that works is based on the potential impact to the consumer. If your computer is storing and sharing information about your online activities, wouldn't you want to know about that? Shouldn't you have a way to manage how that information is collected? EarthLink's anti-spyware tools (and all our protection tools for that matter) are designed to give the information necessary to help make a decision about the severity of any given threat and what, if anything, needs to be done in response. A good anti-spyware tool should present as much relevant information as possible and give you options. It shouldn't make assumptions about what you would consider a threat and what you would consider benign. If, after learning what adware cookies are, you want to disable them, you should have a way to do so. If you don't think the cookies you find are a threat, you should be able leave them alone. EarthLink tries to help guide an informed decision to these questions, but not force any particular action.
From my perspective, this is healthy debate, and one that is critically needed. It becomes much easier to provide effective anti-spyware tools when everyone agrees on what exactly spyware is. As the CNET article demonstrates, we aren't there today, and there are a range of opinions on what threats constitute spyware. The fact that articles are being published discussing the flavors and varieties of spyware, and what falls outside the definition of spyware, really indicates how much more sophisticated and informed the public discussion about spyware has become over the last couple of years. Let's hope the discussion continues, because conversations like this lead directly to better definitions and more effective tools for consumers.
In my opinion, I want my computer's protection tools to call out anything of concern. When it comes to my privacy and personal information, I would much rather error on the side of catching too much rather than missing a potential threat. Should there be some clarification and re-categorization of those threats over time…absolutely. As the threats change, so will the language used to describe and classify them.
First off, I need to let everyone know that I'm a giant nerd. This being my first foray into the blogsphere I decided that I needed to research the art of the blogging to make sure I didn't screw this up. I wanted to learn how the great bloggers that have gone before me introduced themselves. What did they say to set the tone for their future posts? How did they form that first bond with their readers? I studied the popular blogs. I read a book about blogging. I scoured blog archives looking for answers. It turns out, most bloggers don't really seem to have the same "first post" anxieties…they just write something relevant and topical. Clearly I am not cut from the same cloth as these folks.
My name is Tom Collins and I am the Product Manager for EarthLink's Spyware Blocker. I'm looking forward to using this little corner of the internet to talk all about spyware. Spyware is a huge problem right now, but problems have solutions, and I'll be talking a lot about those solutions. More to come soon…
In the offline world, we follow popular rules that help protect our families and our belongings: Visit the doctor for a complete physical every two years. Change the oil in our cars every three months. Replace the batteries in our smoke detectors whenever we set our clocks forwards or backwards for Daylight Savings Time.
Here at EarthLink, we think the same goes for your computer. There are some simple tasks you can perform to preserve your online experience and protect your computer from the growing threat of online hazards. What better time to protect your PC than the start of a brand new year. Of course, if you're as concerned about protecting your computer as I am, you may consider performing these tasks more often.
Remove Spyware
When I'm online, I download a lot of programs like screensavers and free games. So my PC gets infected with spyware, which can slow down its performance and risk exposing my personal information such as my bank account numbers and browsing habits. To find out how much spyware I have on my machine, I ran EarthLink's free Spy Audit. According to the Spy Audit, I had 238 pieces of spyware on my computer including one System Monitor that may be recording everything I do on my computer. Yikes!
To remove all this spyware, I used a program called Ad-Aware, which is one of many popular spyware removal programs that can be obtained from Download.com. After I installed Ad-Aware, it prompted me to update its definitions, which I did to make sure it had the most current list of known spyware. Then I ran Ad-Aware by pressing the "Start" button. It took about ten minutes to scan my computer and then it displayed a list of all the spyware it discovered. I checked the box next to every piece of spyware it found and clicked the "Next" button, which removed it from my PC.
Since I'm an EarthLink customer, I also updated my EarthLink software to the latest version, EarthLink TotalAccess 2005, which includes a Spyware Blocker tool that should protect my PC from being further infested with spyware.
Update Windows
My computer runs Windows XP, and I have Automatic Updates turned on so that it will automatically check for and download the latest updates made to Windows. Microsoft routinely releases security patches and fixes to protect your computer from hackers and keep it running smoothly.
If you're not running Automatic Updates, you can update your computer's operating system by visiting Windows Update at http://windowsupdate.microsoft.com/. At this site, click the "Scan for Updates" button, which will check your computer and display a list of updates that are available. For maximum protection, be sure to install any "Critical Updates and Service Packs." This may take several downloads and many system restarts if you're computer hasn't been updated in a while.
Update Virus Definitions
To prevent my PC from being infected with computer viruses, I use Norton Antivirus software. It appears in my taskbar, and I always leave it set to "Enabled." I've also turned on Automatic Updates so it remains current with the latest virus definitions. But just to be safe, I ran a Live Update. When it finished running, it told me that my virus definitions were already up-to-date, so I didn't have to do anything. If it had detected a new set of virus definitions, I would have installed them to my computer.
Secure Internet Explorer
My security settings in Internet Explorer were set on low, which may explain why I got so much spyware. I increased my security settings by opening the "Tools" menu at the top of Internet Explorer and choosing "Internet Options." Then I selected the "Security" tab and moved the security level to medium, which is the recommended level from Microsoft. Now Internet Explorer will check with me before downloading any software while I'm surfing the web.
Les Seagraves, Executive Editor EarthLink's Chief Privacy Officer, Les Seagraves, serves as Executive Editor of the Protection Blog. Les is a general counsel with EarthLink's legal department, where he leads the legal battle against spam and fraud. He's a frequent speaker for trade groups, conferences, continuing legal education and college classrooms. A true technology lawyer, Les has testified in congress and consulted with federal and state legislators on privacy, spam and other areas of technology law.
Mike Strutton As the Director of Product Management for EarthLink's Software Products, Mike has been engaged with many of EarthLink's protection products, aka The Blockers, as well as TotalAccess for Windows and Mac. Mike has been with EarthLink for over 10 years and has over 12 years of internet experience. Mike is an avid fan of the Apple Macintosh, but don't let that fool you, while he totes his Powerbook everywhere, he surrounds himself with 3 Dells in his office and 3 more at home.
Stephen Currie EarthLink's Director of Product Management for Communication Products is Stephen Currie, who oversees the EarthLink mail client, including the development and implementation of email tools like EarthLink spamBlocker. Stephen has also represented EarthLink at industry coalitions aimed at eradicating spam and other Internet abuse, and his expert opinion on spam has been featured in national media coverage.
Scott Mecredy A Senior Product Manager for Protection Software at EarthLink, Scott Mecredy has been developing consumer software for over 7 years. An industry thought leader (place pointer finger on chin and look longingly into space), he helped create ScamBlocker, the first comprehensive Phisher protection product available in the market. Scott's a Rock Star (in his own mind), and lives for one thing: a successful software launch.
Liza Barry-Kessler EarthLink's Senior Product Manager for Parental Controls. Although new to EarthLink, Liza is ancient in "internet years" having been online since 1987. She began her career in Parental Controls as a First Amendment lawyer at the Center for Democracy & Technology (www.cdt.org), where she was part of the team that launched the industry-wide internet-safety and privacy initiative, GetNetWise, in 1999.
Liza is also a nationally recognized expert on web filtering and internet privacy issues, both in the home and in school and library environments, and is co-author of the book "Privacy in the 21st Century: Issues for Public, School, and Academic Libraries," forthcoming from Libraries Unlimited publishers in June 2005.
