GPSolo Magazine - January/February 2006
Cyber-Vermin: Dealing with Dangerous Fauna Infesting the Internet
Worms . Phishing expeditions. Viruses. Spyware. Malware. Trojan horses. Adware. What are these things? Where do they come from? How do they get into my computer? Do I have to know anything about them?
These are malicious programs that can and do infest your computer and do things you would likely much prefer they did not. They come from nasty, malicious people without meaningful lives who have access to the Internet and wish to do ill to the world—play pranks on you, or, worse, steal from you. They can steal your e-mail address, your good name, even your money. Yes, you do need to be aware of them and take reasonable precautions against them. And no, there is no single foolproof answer like running anti-virus software. As with life-forms in the world of wetware (Geek-Speak for real, biological life), cyber-vermin evolve daily, and new approaches must be developed constantly to combat them.
There is an old (relatively) computer saying to the effect that the only secure computer is one that is not connected to anything, and the only truly secure computer is not even plugged into the power outlet. Connecting a computer to the Internet subjects it to risks—although the benefits far outweigh the risks. Giving up e-mail and web access is not a reasonable approach to security. Vermin control is analogous to having a wooden boat: It’s never a question of does it leak—all wooden boats leak. It’s just a matter of how fast. The same holds true with computer vermin—they will get in. You just have to keep them at bay.
Do not think you are immune, that your safe computer practices have protected you. I am very cautious, yet I routinely find adware on my computer and have to scrub it. Asked by friends with good anti-virus practices to help with some problem on their computer, I inevitably find from 30 to 100 or more spyware and adware programs. And that’s with cautious people.
The taxonomy of cyber-vermin is of interest. Below is a beginner’s dictionary of frequently used terminology:
- Adware. A genre of programs that may arrive in the form of Trojans, worms, or viruses (see below) and serve up advertisements to your web browser or, in a more malicious form, as one or more pop-ups that appear seemingly out of nowhere while you are working on something unrelated to the web.
- Malware. A generic term coined from a combination of “malicious” and “software.” It refers generally to software intended to do something annoying, harmful, or criminal.
- Phishing. Luring a victim into divulging information such as credit card numbers, passwords, and the like by pretending to be a security-related message from a legitimate source. For example: “Your Amazon.com account has been suspended for security reasons. Please respond to this e-mail and re-enter your account information to verify its accuracy.” Yes—people are stupid enough to do this.
- Pop-Ups. These are annoying windows that appear seemingly out of nowhere that interrupt what you are doing and offer you information or ads. They can run from the seemingly benign (e.g., a pop-up within a web browser window offering information relevant to your activity) to the utterly intrusive (e.g., pop-ups that appear randomly with offers for cheap loans, pornography, or “male enhancement”). The worst kind automatically spawns additional pop-ups if you try to close one. Microsoft’s latest web browser claims to have a pop-up stopper, but it is not as robust as other commercial packages.
- Spyware. Software that gathers information and reports back to someone. This software typically runs in the background, unnoticed by a user. It may come piggy-backed on some other software, often so-called “free” software downloaded from the web, such as a collection of smiley faces to use in your e-mails. Examples run from the relatively innocent (e.g., confirming your e-mail address is in fact an active account), to the more troubling (e.g., monitoring your activity on the web and reporting your purchasing habits), to the truly frightening (e.g., monitoring your activity and reporting back likely passwords and account numbers as you enter them in a legitimate online transaction).
- Viruses, Trojans, and Worms. Programs that infest your computer and do bad things from the merely annoying to the vicious. They can enter as hidden parts of downloaded programs, or as e-mail attachments, or as macros in word processing, database, or spreadsheet programs. Their effects range from the annoying (e.g., creating a pop-up message or randomly shutting down your computer) to the really malicious (e.g., scrambling or erasing files on your hard drive). They can often replicate themselves by attaching themselves to outbound e-mails, or even compromise your e-mail program and cause it to send virus or Trojan-infected e-mails to everyone in your address book. Not a way to keep friends. While there is a lot of overlap in the definitions, a Trojan is typically a form of virus that lies hidden until some triggering event—such as a date—to activate itself. A worm is typically a self-replicating, self-contained virus that does not need to be part of another program to propagate itself. A virus typically embeds itself into another program. The terms are frequently confused.
You know what they are—now what can you do about them? There is no simple, one-time solution, nor is there a single program that takes care of all of these vermin. We offer some basic approaches and suggestions of software we have used, but we do not pretend that the list is all-inclusive or that there are not better programs than those we suggest. (If there are, please let us know!)
- Run antivirus software. Keep to the major offerings here—the free software is likely not as up to date or complete as the ones you have to pay for. Norton ( www.norton.com), McAfee ( www.mcafee.com), and Panda (www.pandasoftware.com) are all good possible choices. Most important is to keep the software up to date: New viruses are released to the wild daily.
- Run anti-pop-up, anti-adware, and anti-spyware software routinely (see recommendations below). Get it updated frequently.
- Consider the source before you load freeware. A well-known file-sharing system included spyware.
- Gibson Research Corp. ( www.grc.com). Steve Gibson is a well-known industry iconoclast, most famous for his Spinrite hard disk restoration utility. His website offers a collection of excellent freeware. One such program, “UnPlug n’ Pray,” checks whether Microsoft Window’s Universal Plug and Play is enabled and allows you the option of turning it off (the FBI has urged users to disable this feature, which poses a substantial risk of intrusion by hackers). “LeakTest” lets you know if hackers can easily get through your firewall. It tries various ways to get around your firewall, and if successful, tells you how it did it and what you should do.
- Ad-Aware Professional ( www.lavasoftusa.com). Ad-Aware is available as a free download, or a slightly enhanced version can be purchased for a $15 registration fee. It uses a knowledge base of known spyware (which is updateable and can be added to by users) to detect and eliminate it from your system.
- Pop-Up Killer ( http://software.xfx.net). This free utility automatically closes those annoying ads that pop up on your screen while you are browsing the web. You can even set it to make a sound like an explosion when it kills a pop-up, which can be very satisfying. It can be a little tricky to use, sometimes killing pop-ups you want to appear. You can exclude certain web addresses to avoid this problem.
- Spyblocker ( www.morelerbe.com/spyblocker).This free utility runs in the background and automatically blocks spyware and unwanted software from running.
- Spybot S&D ( www.safer-networking.org/en/download).Formerly this was freeware, but the company now asks for voluntary donations—well worth it. Run this utility to find and remove spyware.
Daniel S. Coolidge is a recovering large-firm lawyer, now a patent attorney with Coolidge & Graves, PLLC, in Keen, New Hampshire. He can be reached at firstname.lastname@example.org.