Table of Contents
More on Spyware
By Ira Wilsker
I received several emails form readers of this column
about my recent column on spyware, commenting on their results after running the
spyware detecting and removal software mentioned in that column. While not
scientifically valid, about half of those who responded preferred the free
version of Ad-Aware (www.lavasoftusa.com),
while the other half preferred Spybot Search and Destroy (www.safer-networking.org).
Many who downloaded the free titles also downloaded the free trial versions of
and System Mechanic (www.iolo.com),
and also commented positively about those products. One fairly consistent
remark was astonishment about the large number of spyware products found on
almost all of the readers? computers, and the variety of spyware types that were
discovered, and eventually neutralized.
According to the website at PestPatrol, the top five
current ?pests? reported are KaZaA, Alexa, DoubleClick, DownloadWare, and
Mediaplex. KaZaA is the enormously popular file sharing software commonly used
to download music, videos, and program files. According to the KaZaA website,
over 200 million copies of its software have been downloaded, and over 3 million
more copies are download every week. Unfortunately the free KaZaA software may
come with a bitter price. According to the KaZaA privacy statement on its
it somewhat denies that it is spyware, but it does state that ?Kazaa Media
Desktop contains banner advertising and the option to install other third party
applications in order to remain free to the user.? It should also be noted here
that users with that KaZaA software installed may also have directories or files
on their computers available for browsing and download by other unknown
parties. The KaZaA installation process makes this clear, but I have found that
some users are not aware that they may have directories open online that can be
accessed by others. PestPatrol states that KaZaA (and similar software) ?May
create security issues as outsiders are granted access to internal files.? Most
of the anti-spyware software will neutralize this aspect of
KaZaA, but it will also likely stop KaZaA from functioning properly.
Alexa is the second most common pest currently reported
by PestPatrol, which classifies Alexa as an ?exploit?. PestPatrol defines an
exploit as ?A way of misusing or breaking into a system by taking advantage of a
weakness in it.? The Secunia security website at secunia.com/advisories/8955
labels Alexa as a ?Moderately critical? risk which can expose the users?
sensitive information to ?msn.com? and ?alexa.com?. Alexa takes advantage of a
feature built in to Internet Explorer, which Secunia says, ?The data transmitted
to "msn.com" and "alexa.com" is the complete URL. In some cases this could
contain sensitive information such as username, password, session id, search
string, "secret paths", and more. The vulnerability has been confirmed for
Internet Explorer 6 on Windows 2000 and Windows XP with all Service Packs and
hotfixes.? At a minimum, users of IE should not use the ?Related Links?
feature. Alexa, now owned by Amazon.com, is often installed as a toolbar to
make searches more convenient. Alexa?s privacy statement at pages.alexa.com/help/privacy.html
explains what Alexa does with the information it captures. Most anti-spyware
products remove Alexa.
DoubleClick, rated by PestPatrol as the third most
prevalent current pest, is a tracking cookie, which is a small text file placed
on your computer by certain websites when they are visited. While not all
cookies are bad or harmful, PestPatrol defines a tracking cookie as ?Any cookie
that is shared among two or more unrelated sites for the purpose of tracking a
user's browsing and/or gathering and/or sharing information which many users
regard as "private". Cnet.com describes DoubleClick workings as ?Online ad
company DoubleClick used Web bugs that could communicate with cookies from its
Web site. The cookies then revealed past online behavior, even home addresses,
IP addresses, and phone numbers to the bugs, and the bugs sent that information
straight back to DoubleClick.? While most anti-spyware software deletes
DoubleClick cookies, and Spybot?s resident utility will prevent new DoubleClick
cookies from loading, DoubleClick itself offers web surfers the ability to
opt-out of its tracking and reporting functions at
DownloadWare is an adware product that connects to its
servers to download software from its advertisers. Also known as MediaLoads or
ClipGenie, this software is a major source of those pop-up ads that often
randomly appear to interrupt or interfere with our web surfing. It is also
installed by KaZaA and another popular file sharing utility Grokster. After
being installed, often unknowingly, DownloadWare protects itself from deletion.
According to its license agreement, ?...when found, claims that it may clash
with various other software and so if it finds any it will remove it.?
Fortunately, anti-spyware software will safely remove this pest, which,
according to STOPzilla, may also reduce the number of pop-up ads by up to 80%.
Mediaplex is another tracking cookie, similar to
DoubleClick. According to its privacy statement at
www.mediaplex.com/mplx_privacy.shtml, ?Mediaplex products ? MOJO Adserver,
MOJO Mail, and MOJO Publisher ? to deliver and track advertisements and
marketing messages over the Internet.? Users who wish to opt-out of any
tracking by Mediaplex can do so at
www.valueclick.net/perl/optout/do/set. Mediaplex is also removed by most of
the anti-spyware products.
Sadly, these are but five of the tens of thousands of
internet pests tracked by PestPatrol and the other anti-spyware companies. I
reiterate the importance of frequently using an updated anti-spyware program to
protect your web privacy and security, and enhance your surfing satisfaction.
Ira Wilsker is the Director of the Management Development Program at Lamar
Institute of Technology, in Beaumont, TX. He also hosts a twice weekly radio talk
show on computer topics on KLVI, and writes a weekly technology column for the
Examiner newspaper. Ira is also a police officer who specializes on cybercrime,
and has lectured internationally in computer crime and security. Ira is a
graduate of the Jefferson County (TX) Sheriff's Academy, and has an MBA from the
University of Maryland.