Network Security guide for the home or small business network – Part 12 – Antispyware
I’ve talked about Antivirus software as an essential. Today we’re going to look at Antispyware software. There is a difference. By definition a virus is a piece of software that infects other files or copies itself. A worm is a virus that spreads without user intervention. (From one open network port to another for instance.) Spyware is not necessarily in either category. Spyware is the name given to software that tracks online behavior, some may track online searches, some may be more invasive and track anything typed in to the computer!
The most common form of spyware simply shows ads. They basically track what you’re searching for online, what sites you’re visiting and show relevant ads. They usually claim to be a search helper of some sort, or a bargain finder, etc… “all to enhance your online experience.” There are problems though. Many of these programs produce so many popups that it’s hard to actually browse any site online. They slow down your internet connection. If you’re offline, the system can grind to a halt while they try to connect. Popups may come even when you’re not browsing the web. They can install under the “bring a friend” approach, bringing other “affiliate partners” in with them. Like viruses they can lead to unstable system behaviour.
One protection against spyware is to really READ the EULA (End user license agreement) that you get when you install software. That will raise an alarm bell if it says “reserve the right to monitor your search terms to customize targetted…” or “by installing you agree to email all of your contacts telling them how much you like this program”. I always joke about the clause in there to have dinner ready for the writers by 6 on the second Tuesday of each month. It’s a joke, but you should read closely. Sometimes though spyware sneak installs, either by visiting a web site, or clicking on an ad, with no EULA. For that you need antispyware.
Some antivirus products have detection for SOME spyware. It’s not consistent. Also, most antispyware programs are incomplete in their coverage. There are quite a few out there. SpyBot Search and destroy (I like to use the immunize function as well), and ad-aware are the two I use the most. Spybot has a utility that can run at boot and guard against unwanted changes to the registry. (Tea timer). If you have users that tend to find spyware easily, that may be a good choice. It will ask questions though and the end user can always answer yes. For my use, I’ve not allowed the “tea timer” to run and I’ve simply used spybot and ad-aware as spywrae scanning tools. (And I’ve used the immunize feature of Spybot S&D).
Antispyware programs need to be updated to be effective, just like antivirus. So, in your routine of scanning systems for malware of any sort, try to force an update before starting your spyware scans.