Spyware Needs to Go

Anti-virus tools can-and should-help curb the scourge.

Theres a program on your computer system. It installed itself without your knowledge, and it runs stealthily so you wont notice its there. Its recording information about you and sending it on to others. On top of that, its slowing down your system and potentially opening it up to serious security problems.

And its not illegal.

Its spyware, programs that hide inside applications you install and then use information on your browsing habits to drive pop-up ads and other annoyances onto your system. The problem with getting rid of spyware is that you chose to have it installed on your system. Thats right—embedded in the legalese agreement you clicked on to install any of a number of programs was a clause indicating your acceptance of the spyware programs installation.

Spyware has grown in popularity because it allows vendors of "free" utilities and browser plug-ins to gain revenues by permitting spyware to install when its products do. Spyware vendors, in turn, gain revenue from the purveyors of pop-ups.

So far, spyware has been seen as more annoying than dangerous. But awareness of spywares dangers is growing. A bill introduced in Congress) recently would regulate spyware and force these applications to specifically notify users before installing. Also, a (consortium of anti-spyware vendors) has formed to help detect unethical spyware applications.

Probably the biggest wake-up call on the dangers of spyware came when spyware programs known as keyloggers were used to steal the source code for the upcoming Half-Life 2 video game.

Many purveyors of these programs are trying to distance themselves from the worst types of spyware. Officials at Gator, one of the biggest spyware vendors in this area, recently launched a campaign to make sure people referred to their products as adware and not spyware. This reminds me of the line in the recent Nicholas Cage movie in which his character is called a "con man," to which he replies, no, hes a "con artist."

While the keyloggers are truly malevolent, all of these programs—spyware, adware, pop-up ware and you name it—are dangerous to end users. Thats why we should start treating them like that other class of uninvited programs: viruses, worms and Trojans.

Recently Ive helped several friends who had brand-new, high-end systems that were running slowly and erratically. My first suggestion was to download and install AdAware to see if they had spyware on their systems. What do you know? In each case they found lots of spyware on their systems. Removing it brought their performance back to normal.

But the problem could be much worse. After all, the main function of adware and spyware is to take information from a system and send it to an external source. For legitimate programs that do this, such as Web servers, standard security practice is to lock them down as much as possible and keep their patches up-to-date.

But how can you secure and patch a program that you dont even know is on your system? Spyware programs are a ripe target for crackers and malicious coders looking for holes into systems.

While programs like AdAware and its competitors do a good job finding and removing these programs, they arent widely deployed. But there is a class of products that are specifically designed to find these kinds of uninvited programs and to do so in enterprise and managed environments—namely, anti-virus applications.

However, while most anti-virus programs can find and remove spyware and adware, many dont do so as part of their default behavior. For example, Norton AntiVirus will detect spyware in its newest version only with expanded threat capability activated.

Its time anti-virus vendors realize that the difference between Trojans and spyware is largely semantic and that spyware should be detected and removed as part of their standard product configuration. Then maybe we can get back to having things the way they should be, where the only programs on your system are ones you choose to put there.

eWEEK Labs Director Jim Rapoza can be reached at jim_rapoza@ziffdavis.com.