Everything about spyware...
detail information
| Posted by | Robin van Lieshout |
| Posted on | 08/05/01 20:24 |
| Number of views | 1035 |
Because there were a lot of posts about spyware on CD Freaks lately I decided to write a small article about it. More and more spyware programs are being detected, and not only Internet software but also other software like games as Black&White (no fear, B&W isn't). Let's take a look.
1. What is spyware?Spyware is common language for Advertising Supported software (Adware). It is mostly used by authors to make money from their product. If they make money this way, they don't have to sell their product to the end user. Spyware has 2 sides:
- Banner ads.
A common move from software publishers. They add a banner into their software and get paid for that. Several large media companies offer this to companies. This way you don't have to pay for your freeware product. Programs like eDonkey and KaZaA have this. It's not that bad I think. If you don't want to have banners in the program there usually is a way to buy the program which eliminates the banners.
An example of such a company is Web3000, check here for their so called revenue based model. A second is example is CyDoor.
- Additional tracking software.
This one isn't that nice as banner ads. This software is continuously contacting it's own server and sending data. All kinds of information is being send. This could be statistics like cpu usage (like winamp does), but also stuff like e-mail addresses, visited websites or why not even your credit card number or your home location. We don't know exactly what is really send. Your home computer is turning into a real server which sends out all kinds of info. There is no way to control what data is being sent. Companies collecting this info usually sell the info to other companies for marketing usage.
2. Is this legal?Yes it is. But they do need to have a good privacy statement. However I checked some of them and I must say the most are really bad. First you have to search hard for them. Second they are not telling everything in "plain normal text". What do you say about "enjoy rich multimedia displays", with other words: banners. Or what about 'nonspecific' data
At the end of Jan 2001 Sen. John Edwards had again reintroduced legislation about this subject in the US. In oct 2000 he proposed:
 Under S. 3180, the "Spyware Control and Privacy Protection Act," manufacturers that build spyware into their products must give consumers clear and conspicuous notice - at the time of installation - that the software contains spyware. Such a notice would describe what information would be collected and to whom it would be sent. The spyware would then be forced to lie dormant unless the consumer chooses to enable it.
S. 3180 would exempt spyware used to gather information that would only be used to provide technical support for the software, or to determine if a given user is a licensed user of the product.
|
I think this is also very wide, saying "licensed user of the product". Anyway it is (still) legal and I think it's not going to change fast.
3. Programs & Ad companies?Well let's take a look at some spyware programs and what they do. I will investigate some napster alternatives since they are very popular these days. I've checked all the privacy statements and I will mention some highlights:
BearShare
- SaveNow (http://www.whenu.com)
Sends u spam mail. They say to alert you for various offers or information. - Collects user information such as gender, age and zip code to compile trend information and usage patterns. If you are younger than 13 years of age, no information is collected.
- Collected info will be sold to third parties.
- Onflow (http://www.onflow.com)
Sends u spam mail: "updates to our Authoring System and/or the availability of additional services".
- You will see banners in your player browser: "enjoy rich multimedia displays through your browser".
- They collect all web pages you visit, all images displayed and whether you moved your mouse over the image or clicked on it.
- Information will be sold and will be published in online surveys from time to time.
Audiogalaxy
- webHancer (http://www.webhancer.com/)
- Of course name and email address is collected first.
- Send spam (provide product and promotion updates).
- collects performance data with transactions with e-business sites.
- They will sell personal information.
Spotlight
Radiate Aureate (http://www.radiate.com)
- Sends u advertising
- Collects certain 'nonspecific' data
- Asks u some 'nonspecific' questions
More info about Spotlight: http://www.ironblade.com.
iMesh
- Conducent/Timesink (http://www.conducent.com)
- Website unavailable, so I couldn't check the specifications
I have tried to give you some specifications about each ad company but it's hard to see what they really do. This is also the problem: you can't control anything so you don't really know what they do.
But of course this is not all. What do you think of Go!Zilla, Realplayer, Getright, FlashGet, 3D Anarchy, CuteFTP or WinEdit. All have some kind of spyware in it. Check here for a list with 300+ other programs. " target="_blank" >
A good online search engine is SpyChecker. You can search for a program and see if it is spyware-free. Fortunately not every program is spyware. There are a lot of companies who don't want to use this kind of spying. For example eDonkey said on their website: "There won't be any porn, popups, or spyware.".
4. Spyware: the solution
So I guess nobody wants spyware on his computer. Well you don't have to, thanx to Lavasoft. They created a program called Ad-aware. Ad-aware is a free multi-spyware removal tool that detects and safely removes advertising spyware from your system. It will scan your system for known advertising systems and lets you remove them from your system.It will scan your memory, registry and file system for known modules.
From the site:
If a related module was found in memory, it means the spyware was active until Ad-aware detected
and unloaded the particular module. F.e. if TSADBOT.EXE was found in your memory, it means that Timesink is not only installed, but was also active. Nearly all of your internet and system settings are stored in the registry. Ad-aware will scan parts of your registry for modifications or values and references to known spyware. And finally, your harddrive(s) will be scanned for known spyware files. After the scanning process, you can view a list of all spyware references residing on your system, and select for removal. In short words: Ad-aware helps you getting rid of advertising parasites. |
Sound good. I tried this on my own computer and found some spyware stuff. Fortunately it were only some cookies who were collecting data and no programs. I let the program delete all the relevant cookies.
The following advertising systems are detected by Ad-aware 4.6: Adware, Alexa 1.0-5.0, Aureate v1.0,2.0 + 3.0, Comet Cursor v1.0 and v2.0, Cydoor, Doubleclick, DSSAgent, EverAd, Flyswat, Gator, OnFlow-Player, SaveNow, TimeSink v1.0,v2.0 and v5.0, HotBar, Web3000 and Webhancer. So I guess that will cover most of them
5. ConclusionI think spyware sucks, at least the tracking software. I don't mind the programmers who put a banner in their program because I can understand they have to make money too. If you don't like the banner you can usually buy the program. I do mind the tracking software because I don't want everyone to know what pages I visit and what my personal info is. Also the programmers who force you to install this spyware don't get my blessing. Perhaps if it is asked in a very clear way and explains in detail what the software collects, people would install it (not me). But not to mention anything at all is really low. Fortunately we have Ad-Aware to remove this. I would advise you to install it and to check it once in a while.
Want to submit your own review? Click here
Posted by theEye on Wednesday 09 May 2001 18:45
Hey, Ad-aware is a :7 program. It found some 
spyware on my beloved computer 
spyware on my beloved computer 
Good show man!
I also have web site on spyware:
www.infoforce.qc.ca/spyware
Cya & thx.
I also have web site on spyware:
www.infoforce.qc.ca/spyware
Cya & thx.
Posted by the111 on Wednesday 30 May 2001 16:09
If it doesn't give clear and conspicuous notice its already illegal in the uk:
The Data protection act 1989: Data subjects must be clearly informed about which data is being collected from them and this data may not be passed on without the data subjects express permission
The Data protection act 1989: Data subjects must be clearly informed about which data is being collected from them and this data may not be passed on without the data subjects express permission
Yup, good posting. This software shud be given with new PC's cos most ppl wont know about this sort of thing. Handy program that!
It's even worse:
When you uninstall a spyware program, or buy the official version, the spying program installed with it is STILL active.
You have to use ad-aware to erase all spy-traces to run your payed-for-program spyware-free.
When you uninstall a spyware program, or buy the official version, the spying program installed with it is STILL active.
You have to use ad-aware to erase all spy-traces to run your payed-for-program spyware-free.
Make "backup" in ad-aware before you remove any spy modules, because some programs may stop working after you perform the removal.
One of the first people to "blow the whistle" on spyware was a guy named Steve Gibson of Gibson Research. He's a Programmer from the days of "Assembly Language" and has a great product to save your butt if you have a bad Hard Drive (Spinrite, but turned his attention to spyware a while back. Check his site at:
http://grc.com and his spyware software to "Opt Out" at:
http://grc.com/optout.htm
Awwwwwsome Dude!!:7 Don't miss his battle with MS about Security problems with XP!
http://grc.com and his spyware software to "Opt Out" at:
http://grc.com/optout.htm
Awwwwwsome Dude!!:7 Don't miss his battle with MS about Security problems with XP!
Very informative article. I have Adaware scan my system evertime I boot up. Amazing how many spy files and modules are deleted each week. Great program, highly recomended!
Posted by grimio on Tuesday 14 August 2001 04:58
Microsoft's WebTV (or do they call it "MicrosoftTV" nowadays?) also had spyware. Used to have one, then got a computer.
Thanks to the efforts of some WebTV hackers (and me, lol) we managed to expose a lot of WebTV secrets. It took them about 2 years to admit it and offer an option to control it.
The thing even logged what your score was when playing Doom.
For more info, go to:
http://ultrick.tripod.com/privacy/tracking.html
http://ultrick.tripod.com/privacy/tvlogs.html
There's more, explore the site for yourself. My name will come up a few times, lol. Ah, the good ole days.
Shawn
Thanks to the efforts of some WebTV hackers (and me, lol) we managed to expose a lot of WebTV secrets. It took them about 2 years to admit it and offer an option to control it.
The thing even logged what your score was when playing Doom.
For more info, go to:
http://ultrick.tripod.com/privacy/tracking.html
http://ultrick.tripod.com/privacy/tvlogs.html
There's more, explore the site for yourself. My name will come up a few times, lol. Ah, the good ole days.
Shawn
nice article.
can you say more about winamp? Does it use the GUID to obtain cpu usage? why would it need this info? What other kinds of surveillance by winamp?
thanks!
can you say more about winamp? Does it use the GUID to obtain cpu usage? why would it need this info? What other kinds of surveillance by winamp?
thanks!
Speaking of which...How about the little pixel camera which follows me around on your site??
I'm sick of all this spyware... I hope all people and companies that make it feel extreme pain and rot in the pits of hell.:8
Lavasoft's Adware was an inspiration from Steve Gibson's Optout.exe freeware program at http://www.grc.com
Grc really goes into depth on SpyWare, and you could get more info on other things as well.
A great program to get (free) for your PC to keep from "Phoning Home" is Zonealarm (http://www.zonelabs.com). It beats everything for the price.
Cheers
Eliavrezz
Lavasoft's Adware was an inspiration from Steve Gibson's Optout.exe freeware program at http://www.grc.com
Grc really goes into depth on SpyWare, and you could get more info on other things as well.
A great program to get (free) for your PC to keep from "Phoning Home" is Zonealarm (http://www.zonelabs.com). It beats everything for the price.
Cheers
Eliavrezz
Hi there, good posting! I have some additional information about Kazaa which installs Cydoor spyware on your system when you download the program. Once you remove the Cydoor components with AdAware Kazaa tells you it won't be able to run any more because "important components are missing" ... but there's a solution: go to http://www.cexx.org/dummies.htm, download the dummy .dll file and kazaa will think Cydoor is still running. Pretty cool!
... but there's a solution: go to http://www.cexx.org/dummies.htm, download the dummy .dll file and kazaa will think Cydoor is still running. Pretty cool!
Related tags
A tag is a relevant keyword or term associated with or assigned to a piece of information (like picture, product, or video clip), thus describing the item and enabling keyword-based classification of information it is applied to. We use it to make searching our database easier and enable all our users to contribute to our database.
add a tag
Add related tags
Get the latest reviews via RSS 
