What is spyware? Can any spyware be acceptable?

Post date: Jan 5, 2012 10:51:48 AM

What is spyware?

“Spyware is a type of malware that can be installed on computers, and which collects small pieces of information about users without their knowledge. The presence of spyware is typically hidden from the user, and can be difficult to detect. Typically, spyware is secretly installed on the user's personal computer. Sometimes, however, spywares such as key loggers are installed by the owner of a shared, corporate, or public computer on purpose in order to secretly monitor other users.”

Source url : http://en.wikipedia.org/wiki/Spyware WIKIPEDIA

1. Spyware is one type of malicious software (Mal-ware) that collects information from a computing system without your consent.

2. Spyware can capture keystrokes, screenshots, authentication credentials, personal email addresses, web form data, Internet usage habits, and other personal information. The data is often delivered to online attackers who sell it to others or use it themselves for marketing or spam or to execute financial crimes or identity theft

A Spyware is generally a reporting software generally sending data to another source. The cookie is a well-known mechanism for storing information about an Internet user on their computers. Web sites often store relevant information about a user’s visit to their site in a cookie Spyware often uses these mediums to retrieve data, Spyware is part of an overall public concern about privacy and security on the Internet, These software's usually penetrate the computers defences via a Tool bar software even search engines, these can hijack your browser setting forcing you to go their projected marketing ploys causing a downward spiral of malware being installed on your computer or Internet enabled device. These software's then can cause unwanted / undesirable effects. Viruses differ in the fact that viruses seek to spread and destroy data, whereas spyware attempts to store data and report. Spyware is not interested in destroying the host machine as it live on the host and needs the host to report data from. The removal of spyware itself is a multi-million pound business and the spyware removal companies are often the biggest offenders of spyware distribution.

Hijacking

“The BHO API exposes hooks that allow the BHO to access the Document Object Model (DOM) of the current page and to control navigation. Because BHOs have unrestricted access to the Internet Explorer event model, some forms of malware have also been created as BHOs. For example, the Download Malware installs a BHO that would activate upon detecting a secure HTTP connection to a financial institution, record the user's keystrokes (intending to capture passwords) and transmit the information to a website used by Russian computer criminals. Other BHOs such as the My Way Search bar track users' browsing patterns and pass the information they record to third parties.”

SOURCE URL: http://en.wikipedia.org/wiki/Browser_Helper_Object WIKIPEDIA

This can include ActiveX add-ons, dropper malware, these are often packaged with wanted downloads such as, toolbars, down-loader assistants, etc. or even by visiting various sites with bad certification, the certificate of the website is often the dropper software by accepting to enter the site you essentially allow the software to drop or be installed onto your unsuspecting system. These soft wares essentially hijack your browser causing undesired browsing events, such as pop-up windows and browser redirection.

Data Collectors

These include location tracking, browser habits, passwords, clipboard contents, key-stokes and Key sequences. These key sequences will become hijacked by future delivery's/updates of the spyware. These spy wares also have update elements within them delivering more harm full software or even Stronger resilient to Anti-virus detection.

Network Information is also a common target, i.e.: ports open/closed - In/use IP information etc. These data collector can come in so many forms hidden and open that it is hard to defend against. they can also come as harmless applications or even as you sign up to a service your information is immediately shared or accessible by other shared data collector resources across multiple domains, where your details are now unprotected and you may even find yourself under attack from various scam artists or even bombarded by aggressive advertising.

Web Bugs/Bots / Malicious code

“"Bot" is derived from the word "robot" and is an automated process that interacts with other network services. Bots often automate tasks and provide information or services that would otherwise be conducted by a human being. A typical use of bots is to gather information (such as web crawlers), or interact automatically with instant messaging (IM), Internet Relay Chat (IRC), or other web interfaces. They may also be used to interact dynamically with websites.”

Source url : http://www.cisco.com/web/about/security/intelligence/virus-worm-diffs.html cisco:

This is where a website has deployed spyware tactics within html code. Although not visible to the unsuspecting user it reports spyware data, even steals data about the site visitor with cookie data or even scripts, reporting back to another source via monitoring tools or even email. These web bots can be deployed to machines via various social networking sites via Internet gaming, downloading music from non-reputable sites, instant messaging and so forth. these bots are often disguised as other products or even bundled with “cracked” games or software.

Can any spyware be acceptable?

There are times when Spyware is deployed for valid reasons as some applications are reliant on locational data such as Google Latitude, Parental Guidance Software, Banking, phone monitoring software etc. In this modern Era what may have been thought of as spyware may actually be useful and intentional software, Firewall software and Anti-Virus software are often are very astringent in their deployment and often need Tailoring to allow for these types of applications. There is a multitude of Anti-virus and Internet security software on the market. With a closed network there is no requirement for antivirus scanning although there are security requirements at all points of entry into the system. Currently the with the advent of the Internet data is the most sort after commodity, this for me becomes a matter of protection, sharing details across the Internet should be done with grave care and only with reputable sources, i.e.: sites which have a REAL WORLD base, as these sites are usually under the country of origins legislation which should provide the adequate protection and recourse should any problems arise.

My research question is important because.....

The importance of identifying threats and potential harmful software, and categorizing wanted software is paramount. When dealing with businesses which are now closely related to cloud services. The company’s exposure to outside threats has been increased. New and improved ways need to be found to limit the exposure to these aspects of the Internet. Via use of Firewall and Hardware solutions such as digital keys, biometric user passwords, and other swipe technologies.

Spyware is interesting as the definition of spyware may even need to be redefined, used by marketing companies as a point of fact using various strategies, such as Browser session hijacking - this class of spyware changes the users browser settings, so that when they attempt to open a link, the user is directed to the company’s marketing strategy. This is often used by Malware companies, directing the user to various malware sites and paid advertising which earns the malware author financially. These marketing strategies are extremely aggressive and may even need regulation.

Marketing organizations are also interested in personal information, such as browsing habits, shopping habits, locational data, browser data, search data and more. this also inspires company's such as APPLE, MICROSOFT, GOOGLE, FACE BOOK. to sell such data to whomever is willing to pay. This can be dangerous for companies which allow workers to use personal email addresses at work as most people today are involved with a social networking site. With the advent of more networking sites forums and the sharing of code pictures and other resources the need for adequate protection is paramount to browsing the Internet safely in this modern era. There are now so many forms of spyware it is hard to distinguish, spyware from worms to viruses as the commonality of deployment, repair, protection from and removal are so similar. Correctly identifying problems and their common sources are a key company concern and I.T managers worst nightmare if not completely or correctly prepared.