Gator? Cydoor? Just what is the difference between all this spyware? Tr Stonewaller steps into the murky world of computer based espionage to investigate...

No serious web user could escape without hearing of spyware. Nor too can anyone hope to avoid the huge amount of spyware infested software transmitted across the globe via the internet, and via commercial applications. The threat is real.

According to the spywareguide (http://www.spywareguide.com) there are over 1510 different spyware products, and numerous variants thereof, ready to infect your machine. With such a wide variety of spyware on the market, how do we classify such malicious software? According to an old security maxim, in order to protect, we must understand. Perhaps by first investigating the different methods of infection can we begin our journey to knowing our enemy.

For the purpose of this article, I define spyware as any software that, once installed on your PC, monitors and records your activities. Spyware can arrive on your computer through two main transmission routes: you can invite spyware to take residence upon your computer, or it can arrive via the back door.

Furthermore, one you may 'invite' spyware onto your PC. Now, that may sound like an oxymoron, and indeed it is, but it is any easy concept to grasp; remember the story of the wooden horse? The Trojans held out for years under siege, and if they fell for such a trick, the dumb computing machine sitting on your desk certainly will.

This sort of spyware parades itself as something useful: a game, useful utility. You may install the software knowing it will monitor your actions, or you may not, innocently download software from the internet, blissfully unawares it has an ulterior motive.

A famous example of this is GoZillia, a popular download management application. Millions downloaded and used it, unawares that the manufactures were receiving information about what each and every download a user made with it; a clear and gross invasion of privacy. What is so surprising about the case is not how many people were suckered, but by how long GoZillia went on using this practice undetected, despite being the most popular application in its class for donkey's years, and drawing raving reviews. No, I am not suggesting one should stop trusting all software developers, but it certainly pays to be vigilant.

A second mode of infection infects your machine such in the same way a worm does. By exploiting holes in the operating system, spyware can set up shop on your computer without any user interaction, happily beaming information about YOUR habits. The best protection is the same protection you would take against worms. A good firewall is essential in this respect.

Perhaps now is time to take a different approach to classifying spyware: by the 'payload' each product possesses. There are two main types of payload.

The first relates to adware. While not strictly spyware, adware displays adverts on your computer. Seen those adverts that appear on your desktop (not in your web browser) for Russian brides? That's down to adware. Will a pain, adware is not a privacy risk. A smaller category of adware is that known as parasite ware; these tie adverts to words and phrases in applications, such as Google ad words, that make hyperlinks appear in your documents. They are downright annoying. Lucky, advice on removing spyware also applies to most instances of parasite ware also.

Software that captures information from your PC is the privacy risk the Cyberarmy Privacy Commission is concerned with. Data miners use data mining techniques to mine the data on your computer for secret or personal information: information the manufactures can use for their own commercial gain. In addition, software that logs your keystrokes could also steal your password, and ultimately, your financial details. Because this software is sold commercially, under the pretense that employers can use it to locate the source of a leak of classified material, Anti-virus software does not detect key loggers.

A final type of spyware with a privacy risk attached comes from that of remote administration tools. I am sure you have all seen the type; remote assistance with windows XP is a prime example. With this installed without your knowledge, people could view what you are doing on your PC, live. I do not know about you, but I find that a disturbing thought.

That ends my discussion on the types of spyware. In other parts of this Issue of Privacy Watch, be sure to checkout articles on what can be done about spyware. Until then, Happy Surfing!

Resources: http://www.spywareguide.com/product_list_full.php