Who?s Watching What You Type?

If someone entered your home, uninvited and installed numerous cameras and listening devices in order to monitor your activities, you would quite rightly be outraged. While such a situation, unless you are living in the Big Brother House, would be considered ridiculous, the same cannot be said for the humble home computer.

Recently released research alarmingly shows that home PC's are increasingly likely to host software which can watch each and every keystroke the user inputs. According to the research compiled from an audit conducted jointly by the software firm, WebRoot and services provider, EarthLink, the average home PC hosts 28 so-called spyware programs.

Whilst the worst examples of spyware are written by virus writers to steal passwords and hijack computers to launch "denial of service" attacks against web-servers, the vast majority are used to collate marketing information and then target advertising according to the end-users web surfing habits.

The WebRoot/EarthLink audit surveyed more than 1.5 million PC's during the last 12 months and discovered an amazing 41 million incidents of spyware; adware, Trojans, tracking cookies and other undesirable programs.

Most of these programs are loaded into the computer memory when the PC is started up. From here, the program will work silently, often giving no clues as to its existence. However, unexplained browser window pop-up's, often advertising adult services and mysterious alterations to the browsers homepage setting are more often than not an indication that spyware is present and active on a computer. One particular piece of spyware, which is proving to be very expensive for many home users, is that of Trojan Diallers. Diallers, often without any warning to the end-user, hangs up the current net connection and then automatically reconnects using a Premium Rate telephone number, thus running up huge telephone bills. The activities of companies using this technology as a revenue stream are currently under investigation in the UK by government watchdogs.

A hard-disk and memory overflowing with spyware used to be one of the unfortunate consequences of visiting sex and adult orientated sites; a kind of eSTD. Like most Internet marketing technologies, from the pop-up to the pop-under and the first snowball of Spam, spyware began life serving the adult industry. Then, just like pop-up, spyware filtered through all aspects of ecommerce. In an interview to the BBC, David Moll, CEO of WebRoot, said that spyware has now become so common across the whole of the Internet, that it can be contracted from nearly anywhere.

So-called "drive-by downloads" are now responsible for most infections of spyware. The term "drive-by" refers to the casualness of the infection. By simply visiting an ordinary webpage a user can unwittingly initiate an automatic download of spyware onto their computer. There are no clues and no warnings.

In a recent, carefully controlled and closed demonstration, it took me less than 20 minutes to create a spyware program and embed it into a webpage. Using colleagues who had previously been made aware of the nature of the experiment, I invited them to take a look at this "special" but very ordinary looking webpage. Within seconds of visiting this webpage, the spyware went to work taking a snapshot of their hard disk, a snapshot of their Favourites folder and a copy of their browsing history. Before they had even finished reading the webpage, the spyware was already transferring their information to my server. It's as easy as that! Equally that same code could be manipulated to perform a total trash of the hard disk or some other equally miserable and criminal act.

Speaking to the BBC, David Moll explained.

"Some (spyware programs) lurk on misspelled URLs and strike those that type faster than their fingers can carry them. As a result you do not end up where you expect to be."

Alarmingly, users do not even need to visit a website to contract spyware. The preview window in Microsoft's Outlook Express allows emails containing HTML and any other code which can be placed on a normal webpage, to be loaded, without warning. Companies looking to implant spyware using the "drive-by" principal are regularly exploiting this glaringly obvious flaw in the design of Outlook Express.

"If you get one piece of spyware, you will get five because the business model says they pay each other to pass on information about victims," said Mr Moll.

Thankfully anti-spyware/adware programs such as Ad-Aware (free) and WebRoot's own offering, Spy Sweeper can clean up a PC and even help prevent further infections, but just like anti-virus software, anti-spyware software needs to be kept up-to-date to remain effective.

In addition to providing software solutions to this problem, legislators too are seeking to end this electronic intrusion. In the USA an anti-spyware bill is moving towards approval in Congress. If successfully implemented, this bill will force firms who wish to use spyware to first receive permission from the end-user before it is installed. But even before any new laws come into place, spyware makers are already working on next generation coding which keep their programs intact and operational?.perhaps even on your PC.

Related Links:

WebRoot Spyware Audit http://www.webroot.com/services/spyaudit_03.htm

Ad-Aware http://www.lavasoftusa.com/software/adaware/

WebRoot http://www.webroot.com/

About The Author

Robert Palmer is CEO of deskNET Communications www.desknet.co.uk the first affordable alternative to opt-in email marketing and newsletters. With over 20 years professional experience in software development, Robert is a leading architect in the development of the emerging Net technology, One-2-Many Broadcasting software.

In The News:

pen paper and inkwell


cat break through


Microsoft CRM Lotus Notes Domino Connector FAQ

Microsoft Business Solutions CRM and IBM Lotus Notes Domino, being... Read More

MySQL for Beginners ? How to Create a MySQL Database

Whether you are an experienced web programmer or a complete... Read More

Microsoft RMS Customization ? PO Items Receiving in Great Plains

Microsoft Retail Management (RMS) and Microsoft Great Plains are retail... Read More

Perfectly New Database Query Tool - Foxy SQL Pro Released

Are you a database professional? Do you work with a... Read More

COSMIC: A Small Improvement on the Symons Method

The COSMIC FP (function point) software quality metric, is no... Read More

Microsoft C# vs. VB.Net

Hi, Guys,I believe a lot of programmers are trying to... Read More

The Truth: Netzero 3G

We've all seen the ads on TV for Netzero 3G.... Read More

Microsoft Great Plains Reporting ? Overview for Developer

Looks like Microsoft Great Plains becomes more and more... Read More

Is Your Computer Sick?

Viruses and spyware usually show up on your computer one... Read More

C++ Tutorial 1, Introduction to C++

Introduction to C++Why Learn C++?C++ may at first seem like... Read More

Microsoft CRM Implementation ? Fundamental CRM Principles Revision

Microsoft CRM is relatively new player on the now becoming... Read More

Microsoft Great Plains Logistics & Warehouse Management ? Implementation & Customization Highlights

Logistics automation is often considered as barcoding extension to Sales... Read More

Is Your Small Business Ready For A CRM Software Solution?

I have yet to see a business that, sometimes in... Read More

Microsoft CRM Integration with Lotus Notes Domino: Messaging Connector ? Future Directions

IBM Lotus Notes Domino and Microsoft CRM (Client Relation Management)... Read More

Microsoft Business Solutions Products Selection: ERP, CRM, Retail Management

Let's first look at your ERP system selection (without Retail... Read More

Free PDF Publishing Software

In a previous article, I wrote about OpenOffice... Read More

Microsoft Great Plains: exchange & brokerage ? implementation notes

If you company is small or mid-size special products or... Read More

Microsoft CRM Integration With Microsoft Office Documents ? Overview For System Integrator

Microsoft CRM is CRM application, maintained and supported by Microsoft... Read More

A Case Study on Selecting Contract Management Software

Professional services firm cuts costs and improves productivity with integrated... Read More

Software For Your Hard-Drive

All your software is stored on a hard-drive. But how... Read More

Can You Calculate Complex Financial Calculations?

Are you a whiz at calculating financial information? Not the... Read More

Windows x: Basic Windows ?Security? Issues

Language development computer: Computer-based method for aiding language development seems... Read More

Do You Want Your Own Fully Programmable ERP? - Part 1

We are in a transition phase in the Managerial Administration... Read More

10 Things You Could be Using Photoshop For, But Probably Arent

Most people don't use Photoshop to its fullest capabilities. Here... Read More

Great Plains Dexterity Programming ? Overview For Developer

Looks like Microsoft Great Plains becomes more and more popular,... Read More

Microsoft Great Plains Installation ? Overview for IT Director/Controller

Microsoft Great Plains is main mid-market application from Microsoft Business... Read More

Microsoft Great Plains Implementation for Midsize & Large Corporation: Lockbox Processing

Microsoft Great Plains is now targeting large and midsize businesses... Read More

Photoshop Files and Formats

People often ask me: What image file formats will Photoshop... Read More

OEComplete ? A Personal Information Manager

OEComplete is a utility for managing the personal information of... Read More

Microsoft CRM Conversation Gateway: VoIP - Implementation & Customization

Microsoft CRM is winning market share step-by-step from such the... Read More

How to Choose the Right Accounting Software for Your Business

With any good luck and a good amount of hard... Read More

Anti-Spyware Protection ? Holes in the Shining Armor

Looking at all the ads which promise to get rid... Read More

Microsoft and Webmasters

Does Microsoft care for WebmastersIt's always been a problem with... Read More