Recognizing and Avoiding Spyware

What is spyware?

Despite its name, the term "spyware" doesn't refer to something used by undercover operatives, but rather by the advertising industry. In fact, spyware is also known as "adware." It refers to a category of software that, when installed on your computer, may send you pop-up ads, redirect your browser to certain web sites, or monitor the web sites that you visit. Some extreme, invasive versions of spyware may track exactly what keys you type. Attackers may also use spyware for malicious purposes.

Because of the extra processing, spyware may cause your computer to become slow or sluggish. There are also privacy implications:

• What information is being gathered?
  
• Who is receiving it?
  
• How is it being used?
  

How do you know if there is spyware on your computer?

The following symptoms may indicate that spyware is installed on your computer:

• you are subjected to endless pop-up windows
  
• you are redirected to web sites other than the one you typed into your browser
  
• new, unexpected toolbars appear in your web browser
  
• new, unexpected icons appear in the task tray at the bottom of your screen
  
• your browser's home page suddenly changed
  
• the search engine your browser opens when you click "search" has been changed
  
• certain keys fail to work in your browser (e.g., the tab key doesn't work when you are moving to the next field within a form)
  
• random Windows error messages begin to appear
  
• your computer suddenly seems very slow when opening programs or processing tasks (saving files, etc.)
  

How can you prevent spyware from installing on your computer?

To avoid unintentionally installing it yourself, follow these good security practices:

• Don't click on links within pop-up windows - Because pop-up windows are often a product of spyware, clicking on the window may install spyware software on your computer. To close the pop-up window, click on the "X" icon in the title bar instead of a "close" link within the window.
  
• Choose "no" when asked unexpected questions - Be wary of unexpected dialog boxes asking whether you want to run a particular program or perform another type of task. Always select "no" or "cancel," or close the dialog box by clicking the "X" icon in the title bar.
  
• Be wary of free downloadable software - There are many sites that offer customized toolbars or other features that appeal to users. Don't download programs from sites you don't trust, and realize that you may be exposing your computer to spyware by downloading some of these programs.
  
• Don't follow email links claiming to offer anti-spyware software - Like email viruses, the links may serve the opposite purpose and actually install the spyware it claims to be eliminating.
  

As an additional good security practice, especially if you are concerned that you might have spyware on your machine and want to minimize the impact, consider taking the following action:

• Adjust your browser preferences to limit pop-up windows and cookies - Pop-up windows are often generated by some kind of scripting or active content. Adjusting the settings within your browser to reduce or prevent scripting or active content may reduce the number of pop-up windows that appear. Some browsers offer a specific option to block or limit pop-up windows. Certain types of cookies are sometimes considered spyware because they reveal what web pages you have visited. You can adjust your privacy settings to only allow cookies for the web site you are.
  

  How do you remove spyware?
  

• Run a full scan on your computer with your anti-virus software - Some anti-virus software will find and remove spyware, but it may not find the spyware when it is monitoring your computer in real time. Set your anti-virus software to prompt you to run a full scan periodically.
  
• Run a legitimate product specifically designed to remove spyware - Many vendors offer products that will scan your computer for spyware and remove any spyware software. Popular products include Lavasoft's Ad-Aware, Webroot's SpySweeper, PestPatrol, and Spybot Search and Destroy.
  
• Make sure that your anti-virus and anti-spyware software are compatible - Take a phased approach to installing the software to ensure that you don't unintentionally introduce problems.
  

Avoiding Copyright Infringement

How does copyright infringement apply to the internet?

Copyright infringement occurs when you use or distribute information without permission from the person or organization that owns the legal rights to the information. Including an image or cartoon on your web site or in a document, illegally downloading music, and pirating software are all common copyright violations. While these activities may seem harmless, they could have serious legal and security implications.

How do you know if you have permission to use something?

If you find something on a web site that you'd like to use (e.g., a document, a chart, an application), search for information about permissions to use, download, redistribute, or reproduce. Most web sites have a "terms of use" page that explains how you are allowed to use information from the site. You can often find a link to this page in the site's contact information or privacy policy, or at the bottom of the page that contains the information you are interested in using.

There may be restrictions based on the purpose, method, and audience. You may also have to adhere to specific conditions about how much information you are allowed to use or how the information is presented and attributed. If you can't locate the terms of use, or if it seems unclear, contact the individual or organization that holds the copyright to ask permission.

What consequences could you face?

• Prosecution - When you illegally download, reproduce, or distribute information, you risk legal action. Penalties may range from warnings and mandatory removal of all references to costly fines. Depending on the severity of the crime, jail time may also be a possibility. To offset their own court costs and the money they feel they lose because of pirated software; vendors may increase the prices of their products.
  
• Infection - Attackers could take advantage of sites or networks that offer unauthorized downloads (music, movies, software, etc.) by including code into the files that would infect your computer once it was installed. Because you wouldn't know the source or identity of the infection (or maybe that it was even there), you might not be able to easily identify or remove it. Pirated software with hidden Trojan horses is often advertised as discounted software in spam email messages.

Reviewing End-User License Agreements

What is an end-user license agreement?

An end-user license agreement (EULA) is a contract between you and the software's vendor or developer. Some software packages state that by simply removing the shrink-wrap on the package, you agree to the contract. However, you may be more familiar with the type of EULA that is presented as a dialog box that appears the first time you open the software. It usually requires you to accept the conditions of the contract before you can proceed. Some EULAs only apply to certain features of the software, so you may only encounter them when you attempt to use those features.

Unfortunately, many users don't read EULAs before accepting them. The terms of each contract differ, and you may be agreeing to conditions that you later consider unfair or that expose you to security risks you didn't expect.

What terms may be included?

EULAs are legal contracts, and the vendor or developer may include almost any conditions. These conditions are often designed to protect the developer or vendor against liability, but they may also include additional terms that give the vendor some control over your computer. The following topics are often covered in EULAs:

• Distribution - There are often limitations placed on the number of times you are allowed to install the software and restrictions about reproducing the software for distribution.
  
• Warranty - Developers or vendors often include disclaimers that they are not liable for any problem that results from the software being used incorrectly. They may also protect themselves from liability for software flaws, software failure, or incompatibility with other programs on your computer.
  

The following topics, while not standard, are examples of other conditions that have been included in EULAs. They present security implications that you should consider before accepting the agreement.

• Monitoring - Agreeing to the EULA may give the vendor permission to monitor your computer activity and communicate the information back to the vendor or to another third party. Depending on what information is being collected, this type of monitoring could have both security and privacy implications.
  
• Software installation - Some agreements allow the vendor to install additional software on your computer. This may include updated versions of the software program you installed (the determination of which version you are running may be a result of the monitoring described above). Vendors may also incorporate statements that allow them or other third parties to install additional software programs on your computer. This software may be unnecessary, may affect the functionality of other programs on your computer, and may introduce security risks.
  

How Anonymous Are You?

What information is collected?

When you visit a web site, a certain amount of information is automatically sent to the site. This information may include the following:

• IP address - Each computer on the internet is assigned a specific, unique IP (internet protocol) address. Your computer may have a static IP address or a dynamic IP address. If you have a static IP address, it never changes. However, some ISPs own a block of addresses and assign an open one each time you connect to the internet—this is a dynamic IP address. You can determine your computer's IP address at any given time by visiting www.showmyip.com
  
• Domain name - The internet is divided into domains, and every user's account is associated with one of those domains. You can identify the domain by looking at the end of URL; for example, .edu indicates an educational institution, .gov indicates a US government agency, .org refers to organization, and .com is for commercial use. Many countries also have specific domain names. The list of active domain names is available from the Internet Assigned Numbers Authority (IANA).
  
• Software details - It may be possible for an organization to determine which browser, including the version that you used to access its site. The organization may also be able to determine what operating system your computer is running.
  
• Page visits - Information about which pages you visited, how long you stayed on a given page, and whether you came to the site from a search engine is often available to the organization operating the web site.
  

If a web site uses cookies, the organization may be able to collect even more information, such as your browsing patterns, which include other sites you've visited. If the site you're visiting is malicious, files on your computer, as well as passwords stored in the temporary memory, may be at risk.

How is this information used?

Generally, organizations use the information that is gathered automatically for legitimate purposes, such as generating statistics about their sites. By analyzing the statistics, the organizations can better understand the popularity of the site and which areas of content are being accessed the most. They may be able to use this information to modify the site to better support the behaviour of the people visiting it.

Another way to apply information gathered about users is marketing. If the site uses cookies to determine other sites or pages you have visited, it may use this information to advertise certain products. The products may be on the same site or may be offered by partner sites.

However, some sites may collect your information for malicious purposes. If attackers are able to access files, passwords, or personal information on your computer, they may be able to use this data to their advantage. The attackers may be able to steal your identity, using and abusing your personal information for financial gain. A common practice is for attackers to use this type of information once or twice, then sell or trade it to other people. The attackers profit from the sale or trade, and increasing the number of transactions makes it more difficult to trace any activity back to them. The attackers may also alter the security settings on your computer so that they can access and use your computer for other malicious activity.

Are you exposing any other personal information?

While using cookies may be one method for gathering information, the easiest way for attackers to get access to personal information is to ask for it. By representing a malicious site as a legitimate one, attackers may be able to convince you to give them your address, credit card information, social security number, or other personal data.

How can you limit the amount of information collected about you?

• Be careful supplying personal information - Unless you trust a site, don't give your address, password, or credit card information. Look for indications that the site uses SSL to encrypt your information. Although some sites require you to supply your social security number (e.g., sites associated with financial transactions such as loans or credit cards), be especially wary of providing this information online.
  
• Limit cookies - If an attacker can access your computer, he or she may be able to find personal data stored in cookies. You may not realize the extent of the information stored on your computer until it is too late. However, you can limit the use of cookies.
  
• Browse safely - Be careful which web sites you visit; if it seems suspicious, leave the site. Also make sure to take precautions by increasing your security settings, keeping your virus definitions up to date, and scanning your computer for spyware.

Apple Updates for Multiple Vulnerabilities

Systems Affected

• Apple Mac OS X versions prior to and including 10.4.11 (Tiger) and 10.5.4 (Leopard)
  
• Apple Mac OS X Server versions prior to and including 10.4.11 (Tiger) and 10.5.4 (Leopard)
  

Overview

Apple has released Security Update 2008-006 and Mac OS X version 10.5.5 to correct multiple vulnerabilities affecting Apple Mac OS X and Mac OS X Server. Attackers could exploit these vulnerabilities to execute arbitrary code, gain access to sensitive information, or cause a denial of service.

I. Description

Apple Security Update 2008-006 and Apple Mac OS X version 10.5.5 address a number of vulnerabilities affecting Apple Mac OS X and Mac OS X Server versions prior to and including 10.4.11 and 10.5.4. The update also addresses vulnerabilities in other vendors' products that ship with Apple Mac OS X or Mac OS X Server.

II. Impact

The impacts of these vulnerabilities vary. Potential consequences include arbitrary code execution, sensitive information disclosure, denial of service, privilege escalation, or DNS cache poisoning.

III. Solution

Upgrade

Install Apple Security Update 2008-006 or Apple Mac OS X version 10.5.5. These and other updates are available via Software Update or via Apple Downloads.

Google Chrome Announcement

The Best Explanation for Chrome... Its a great browser