Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Spyware cures may cause more harm than good
C/Net News.com ^ | 2/4/2004 | John Borland

Posted on 02/05/2004 7:40:54 AM PST by justlurking

Web surfers battling "spyware" face a new problem: so-called spyware-killing programs that install the same kind of unwanted advertising software they promise to erase.

Millions of computers have been hit in recent years by ads and PC-monitoring software that comes bundled with popular free downloads, notably music-swapping programs. The problem has attracted dozens of companies seeking to profit by promising to root out the offending software. But some software makers are exploiting the situation, critics allege, turning demand for antispyware software into a launch pad for new spyware attacks.

A small army of angry Web users has set up a network of Web sites where they post reports of antispyware programs said to prey on consumers by installing offending files. Some of these charges could get a hearing soon, as public-interest group The Center for Democracy & Technology plans to file complaints with the Federal Trade Commission against specific companies.

"If people feel as though their privacy has been violated by a company that claims to be protecting them, that clearly is an unfair and deceptive practice," said Ari Schwartz, an associate director of Washington-based CDT. "You would think that an antispyware company would hold itself up to the highest standards."

The boom in spyware, adware and other PC hijackers has led to increasing calls for regulation from lawmakers, including presidential candidate Sen. John Edwards, D-N.C., and from public-interest groups.

Many software makers have turned to advertising as a way to make money from consumers who are reluctant to purchase programs. The same approach has been taken by some antispyware companies, even though they promise that their products will root out unwanted advertising from others. But the failure of some to disclose their practices has raised the greatest outcry.

Like viruses, adware and spyware programs can sneak into a user's computer hard drive with little or no warning and can hide their tracks in ways that make it difficult for even the most sophisticated computer users to find and permanently delete.

As adware and spyware have spread, demand for applications that clean up infected hard drives has grown, drawing a large group of competitors eager to profit. More than 50 programs claiming to erase adware and spyware are available online, and many of these are offered as free downloads. Several major Internet service providers, including EarthLink and America Online, have also moved to provide spyware-removal applications to their subscribers.

But as these programs proliferate, some software makers face mounting criticism that their products install the very things they promise to defend against. Some antispyware companies have pointed fingers at rivals and have added competing programs to their list of applications that contain adware or spyware. These lists are used to identify and sweep out offending software during antispyware scans.

Keeping track of spyware
One such tool facing allegations of abuse is SpyBan, an antispyware program that has been downloaded some 44,000 times in the last four months, according to Download.com, a software download site owned by CNET Networks, the publisher of News.com. Download.com removed the software this week, noting that SpyBan had failed to disclose and explain all the software components included in its installation, a violation of the Web site's policies.

Numerous competing antispyware companies, including Spybot-Search & Destroy parent PepiMK Software and Sweden-based Kephyr.com, have identified SpyBan as a potential source of unwanted spyware--notably a program listed by many spyware cleaners as Look2Me. Download.com had also independently warned that Look2Me might be installed along with SpyBan.

"I classified SpyBan as a Trojan Horse, since it gives the impression that it will protect your privacy, but does the opposite--installs spyware," alleged Kephyr's Roger Karlsson in an e-mail interview.

A CNET News.com test of SpyBan on Jan. 29 found that the software did remove some adware components but also confirmed that it led to the installation of a file that Spybot and security firm Symantec identified as Look2Me. Symantec lists Look2Me as a spyware application, while its rival PestPatrol defines the same application as an adware program.

"Look2Me is a spyware program that monitors visited Web sites and submits the logged information to a server," Symantec reports on its Web site. According to PestPatrol, Look2Me is categorized as "software that brings ads to your computer. Such ads may or may not be targeted."

Who is SpyBan?

Information and links on SpyBan's Web site disappeared late on Monday, following inquiries from a CNET News.com reporter. An e-mail to a generic "info" address at the SpyBan Web site elicited an initial reply, but the company did not reply to questions about its software.

Prior to going dark, the SpyBan Web site contained no information about its corporate parent, and the domain name database--Whois--that typically contains contact information for companies contained none for SpyBan.

A Look2Me license agreement found on a cached Google Web page identified Minneapolis-based NicTech Networks as the software's "owners/authors."

A trace of SpyBan.net's Web domain name late on Tuesday showed that the site was hosted at the same Internet address as NicTech Networks. The SpyBan e-mail also originated from that IP address. Repeated calls to NicTech were not returned.

A question of trust
The effects of spyware and adware programs vary. Some spyware programs run quietly in the background, sometimes capturing what a computer user types or what Web sites are visited. Some of these applications, which are called keystroke loggers, are so potent that they can record user names and passwords for the most closely guarded Web sites, including online banks.

Far more common are "adware" programs, which can operate unseen in the background. These periodically pop up windows with advertisements, change a Web browser's home page, install unwanted search toolbars or add bookmarks to a browser. Many of these software programs track Web surfers' habits online and send the data to their parent companies.

Security experts say it is difficult to keep up with spyware programs, which constantly shift their way of working inside a computer to evade detection and which generally contain many times more programming instructions than an average virus. The confusion is underscored by differences in how security firms describe specific programs.

"I doubt anyone knows precisely what these things do, apart from the authors," PestPatrol researcher Roger Thompson said. "They are really complex. Viruses are easy compared to these things."

There is little doubt that millions of PCs have been infected with spyware and adware programs.

A recent unscientific EarthLink survey gives some indication of the spread of the problems. The company offered its subscribers a free online spyware-scanning tool, similar to an antivirus scan program. In the course of 426,500 scans, EarthLink found more than 2 million adware files installed and more than 9 million "adware cookies"--a type of cookie that tracks people's surfing habits.

A few independent antispyware companies, such as Lavasoft's Ad-Aware and Spybot, have been around long enough and have been used by enough people to have gained a reputation as safe.

For the most part, Net experts warn consumers simply to be careful, to make sure that they trust the source of any software they install on their computers and to contact authorities such as the Federal Trade Commission if they think that their privacy has been violated.

"My first advice, if you get spam advertising a piece of software: You should really think twice before downloading that program," the CDT's Schwartz said.


TOPICS: Technical
KEYWORDS: adaware; advertising; adware; computersecurity; cookies; dontusespyban; hijackedcomputer; internet; lando; lowqualitycrap; microsoft; personalsecurity; privacy; registrychanges; searchanddestroy; spyban; spybot; spyware; usespybot; virus; viruses; webbrowsers; webbrowsing; windows; worldwideweb; www
Navigation: use the links below to view more comments.
first previous 1-20 ... 81-100101-120121-140141-152 next last
To: JSteff
The index.dat file is in the Internet Explorer History file. Since it is in use by Windows, it cannot be deleted.

You'd have to exit Windows then delete it from DOS. I found that using Spider is easier, plus it cleans other files at the same time.

If you want to see this file, you can use a program like Directory Snoop -- I got it free from briggsoft.com.

101 posted on 02/05/2004 10:47:13 AM PST by robertpaulsen
[ Post Reply | Private Reply | To 49 | View Replies]

To: per loin
Unless you manufacture your own firearms, any firearm is a 3rd party firearm.
102 posted on 02/05/2004 10:47:49 AM PST by xrp
[ Post Reply | Private Reply | To 68 | View Replies]

To: newgeezer
Nope that would be redundant and multiple anti virus programs actually interfere with each other
103 posted on 02/05/2004 10:48:19 AM PST by dts32041 (Will Kerry ever call his wife an African American?)
[ Post Reply | Private Reply | To 99 | View Replies]

To: newgeezer
I've been using SpySweeper by WebRoot.....seems to do what it is supposed to do.
104 posted on 02/05/2004 10:51:24 AM PST by GSWarrior (.)
[ Post Reply | Private Reply | To 9 | View Replies]

To: js1138
Spyware Blaster will prevent kids from downloading spyware, or even seeing the offers.

Thanks! That should help.

105 posted on 02/05/2004 10:55:09 AM PST by Mannaggia l'America
[ Post Reply | Private Reply | To 59 | View Replies]

To: justlurking
Take all privileges (to install software, change settings, etc.) from the default user.

It's on my list - we are in the process of converting all of the PC's to XP first from Win98. There's not much use in doing it with Win98 since you can bypass the login window.

106 posted on 02/05/2004 10:56:59 AM PST by Mannaggia l'America
[ Post Reply | Private Reply | To 63 | View Replies]

To: justlurking
The boom in spyware, adware and other PC hijackers has led to increasing calls for regulation from lawmakers, including presidential candidate Sen. John Edwards, D-N.C., and from public-interest groups.

If Edwards were an effective Senator, couldn't he have actually done something about spyware viruses on Algore's internet?

The president doesn't write legislation; if Edwards can't get it done before he "is" elected President then his "me too, me too" claims of opposing spyware are for nothing.

107 posted on 02/05/2004 11:01:14 AM PST by weegee
[ Post Reply | Private Reply | To 1 | View Replies]

To: Mannaggia l'America
Can't guarantee it to be perfect, but I've installed it on four machines with no known ill effects.

Two suggestions. If you install Spyware Blaster, run the upgrade before running the blaster. It'll save you a step. It gives a list of a thousand or so possible spyware programs. There's a button to select all. If for some reason it flags a useful program, you can undo it. It doesn't remove any files or programs. It just tells Windows not to run them.

Second, as with all similar programs, you need to keep running the updates. The cretins who design these things are always trying to work around the fixes.
108 posted on 02/05/2004 11:05:33 AM PST by js1138
[ Post Reply | Private Reply | To 105 | View Replies]

To: El Gran Salseron
Great products, many of which I already use. I would add one thing to your list. Mozilla (or Firebird) should be used as a primary browser. They meet your criteria of free downloads, and they have the advantages of great cookie control and tabbed browsing.
109 posted on 02/05/2004 11:09:53 AM PST by PAR35
[ Post Reply | Private Reply | To 32 | View Replies]

To: Hunble
"Explain to me how it can find new spy-ware after it's last run, when I have had my computer off-line since then?

It may still be an outstanding program and I am most likely wrong."

I think you're wrong. Every time I scan with Spybot after just having turned on my PC, it doesn't catch anything. Back when I used Spybot and Ad-aware both, neither one caught anything.

I think you may have a different problem.
110 posted on 02/05/2004 11:17:48 AM PST by Terpfen (Hajime Katoki. If you know who he is, then just his name is enough.)
[ Post Reply | Private Reply | To 41 | View Replies]

To: N3WBI3
"False logic, thats like saying if 95% of cars were Volvo's they would be just as dangerous as any other car. sometimes something is safer because of its design.."

No, it's like saying that if 95% of all cars on the road were Volvos, then they would be in 95% of all car accidents.
111 posted on 02/05/2004 11:19:25 AM PST by Terpfen (Hajime Katoki. If you know who he is, then just his name is enough.)
[ Post Reply | Private Reply | To 42 | View Replies]

To: tcuoohjohn
"Firewalls and AV will do nothing to combat adware. Adware is not a trojan or virus. It is a program like any other and you "voluntarily" download it.."

Agreed. I was responding to someone discussion how adware scanners should be used in conjunction with other programs for overall security. Context, please.
112 posted on 02/05/2004 11:20:40 AM PST by Terpfen (Hajime Katoki. If you know who he is, then just his name is enough.)
[ Post Reply | Private Reply | To 66 | View Replies]

To: Rebelbase
Yup...those two programs combined catch just about everything. A very good tactic.
113 posted on 02/05/2004 11:21:36 AM PST by July 4th (George W. Bush, Avenger of the Bones)
[ Post Reply | Private Reply | To 90 | View Replies]

To: Terpfen
which is not a staticstical fact the brakes could be better, the car could be more responsive...
114 posted on 02/05/2004 11:22:00 AM PST by N3WBI3
[ Post Reply | Private Reply | To 111 | View Replies]

To: Rebelbase
"I've had some spyware that Spybot didn't catch and Adaware did, so I use both now."

Same here, but this was back in the days when Spybot was lean on updates. The program's been pretty good with definition updates lately (in fact, I just downloaded one this morning). I don't think Ad-aware is necessary anymore.
115 posted on 02/05/2004 11:22:38 AM PST by Terpfen (Hajime Katoki. If you know who he is, then just his name is enough.)
[ Post Reply | Private Reply | To 90 | View Replies]

To: Terpfen
As I said, I find SpyBot to be an outstanding program.

I will trust and accept the wisdom of Freepers. They know everything!

For years now, it has always amazed me. Ask any question, and some Freeper will know the answer.

However, just like anti-viral software, I simply do not trust it yet.

116 posted on 02/05/2004 11:23:09 AM PST by Hunble
[ Post Reply | Private Reply | To 110 | View Replies]

To: N3WBI3
"which is not a staticstical fact the brakes could be better, the car could be more responsive..."

Indeed. But the inevitability of its overwhelming presence on the road would skew accident statistics.

If Linux gets the market share that Windows currently has, it will suffer the same amount of attacks. Those attacks may not be as damaging--that would depend largely upon the stability of the code and the ability of open source coders to respond quickly and anticipate the hacker mind--but the attacks would still happen. Switching to Linux will not on its own cause an abatement of security issues and flaws.
117 posted on 02/05/2004 11:25:13 AM PST by Terpfen (Hajime Katoki. If you know who he is, then just his name is enough.)
[ Post Reply | Private Reply | To 114 | View Replies]

To: Hunble
Well, I've learned to trust Spybot over the course of its existence. My virus scanner of choice, AVG 6.0, is earning my trust as it catches things Norton doesn't, but it's got a little way to go.
118 posted on 02/05/2004 11:29:05 AM PST by Terpfen (Hajime Katoki. If you know who he is, then just his name is enough.)
[ Post Reply | Private Reply | To 116 | View Replies]

To: newgeezer
How does Ad-Aware compliment Spybot? I've been led to believe that'd be like saying although you have a Corvette, you really need to keep a Camaro close at hand to make sure you get around the racetrack.

Why limit your toolbox? I've run Ad-Aware and then immediately run Spybot S&D (and in the reverse order as well). Often the second program finds spyware missed by the first.

Another good one to try is SpySweeper. It has a shield that can be set to prevent home page hijacking, etc.

119 posted on 02/05/2004 11:40:01 AM PST by Charles Martel (Liberals are the crab grass in the lawn of life.)
[ Post Reply | Private Reply | To 93 | View Replies]

To: vetvetdoug
Honestly... how many people would oppose the death penalty for virus-makers?
120 posted on 02/05/2004 11:50:13 AM PST by Teacher317
[ Post Reply | Private Reply | To 6 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-20 ... 81-100101-120121-140141-152 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson