We Must Beat Spyware

As a major threat to the effective functioning of the Internet, spyware must be confronted by both industry and the government.

If worms and viruses werent enough, theres a new threat: spyware. This menace is defined as any software intended to aid an unauthorized person or entity in causing a computer—without the knowledge of the computers user or owner—to divulge private data.

Almost every PC is loaded with spyware. Its on a PC when you buy it. It enters your PC when you download free software. It makes its way into your hard drive when you open spam e-mail.

Once its on your computer, it monitors your activity. For instance, adware records the Web sites you visit and transmits that information to advertisers, who then target you with pop-up ads. Many PC users have unwittingly loaded—or unknowingly had spyware downloaded—onto their computers.

This happens when a user clicks "yes" in response to a lengthy and often extremely technical or legalistic user licensing agreement. Or it happens when users surf the Web and self-activating code is simply dropped into their machines in whats called a "drive-by download."

Once this software is in your hard drive, it can be exceptionally difficult to remove. Some of these pests are even designed to change themselves if someone attempts to remove them, burrowing themselves deeper into your computer.

/zimages/1/28571.gifFor insights on security coverage around the Web, check out eWEEK.com Security Center Editor Larry Seltzers Weblog.

Increased costs due to unnecessary consumption of PC storage and the labor costs in rebuilding systems to ensure that they are no longer corrupt are virtually unquantifiable. But theyre huge.

Add theft of critical data and litigation costs to the mix, and you have a multibillion-dollar problem. A company opens itself to potentially ruinous litigation if it fails to take necessary precautions to ensure the security and privacy of client or user information residing on its network.

The technology industry and, increasingly, the government are beginning to address spyware. Utah has passed an anti-spyware bill. The California Senate just passed a bill. New York and other states are considering them. A strict national bill, sponsored by U.S. Rep. Mary Bono, R-Calif., just passed a key committee vote.

/zimages/1/28571.gifClick here for more on spyware legislation in Congress.

Many people believe that the government should stay out of this issue. I disagree. Government can help through legislation mandating that all applications be readily identifiable by users before installation. The applications should also be made easy to remove or uninstall. The ability of consumers to select what resides on their systems must be clear and enforceable by law.

Government also must aggressively prosecute those who use spyware illegally. The deceptive practices of many spyware developers are already illegal under laws against consumer fraud and identity theft. Spyware is more than a nuisance. It is a major threat to the effective functioning of the Internet, and it must be confronted by both industry and government.

Roger Thompson is vice president of product development at PestPatrol Inc., a Carlisle, Pa., software company that sells anti-spyware software. Free Spectrum is a forum for the IT community. Send submissions to free_spectrum@ziffdavis.com.

/zimages/1/28571.gifCheck out eWEEK.coms Security Center at http://security.eweek.com for the latest security news, reviews and analysis.


Be sure to add our eWEEK.com developer and Web services news feed to your RSS newsreader or My Yahoo page