Who's Watching What You Type?

If someone entered your home, uninvited and installed numerous cameras and listening devices in order to monitor your activities, you would quite rightly be outraged. While such a situation, unless you are living in the Big Brother House, would be considered ridiculous, the same cannot be said for the humble home computer.

Recently released research alarmingly shows that home PC's are increasingly likely to host software which can watch each and every keystroke the user inputs. According to the research compiled from an audit conducted jointly by the software firm, WebRoot and services provider, EarthLink, the average home PC hosts 28 so-called spyware programs.

Whilst the worst examples of spyware are written by virus writers to steal passwords and hijack computers to launch "denial of service" attacks against web-servers, the vast majority are used to collate marketing information and then target advertising according to the end-users web surfing habits.

The WebRoot/EarthLink audit surveyed more than 1.5 million PC's during the last 12 months and discovered an amazing 41 million incidents of spyware; adware, Trojans, tracking cookies and other undesirable programs.

Most of these programs are loaded into the computer memory when the PC is started up. From here, the program will work silently, often giving no clues as to its existence. However, unexplained browser window pop-up's, often advertising adult services and mysterious alterations to the browsers homepage setting are more often than not an indication that spyware is present and active on a computer. One particular piece of spyware, which is proving to be very expensive for many home users, is that of Trojan Diallers. Diallers, often without any warning to the end-user, hangs up the current net connection and then automatically reconnects using a Premium Rate telephone number, thus running up huge telephone bills. The activities of companies using this technology as a revenue stream are currently under investigation in the UK by government watchdogs.

A hard-disk and memory overflowing with spyware used to be one of the unfortunate consequences of visiting sex and adult orientated sites; a kind of eSTD. Like most Internet marketing technologies, from the pop-up to the pop-under and the first snowball of Spam, spyware began life serving the adult industry. Then, just like pop-up, spyware filtered through all aspects of ecommerce. In an interview to the BBC, David Moll, CEO of WebRoot, said that spyware has now become so common across the whole of the Internet, that it can be contracted from nearly anywhere.

So-called "drive-by downloads" are now responsible for most infections of spyware. The term "drive-by" refers to the casualness of the infection. By simply visiting an ordinary webpage a user can unwittingly initiate an automatic download of spyware onto their computer. There are no clues and no warnings.

In a recent, carefully controlled and closed demonstration, it took me less than 20 minutes to create a spyware program and embed it into a webpage. Using colleagues who had previously been made aware of the nature of the experiment, I invited them to take a look at this "special" but very ordinary looking webpage. Within seconds of visiting this webpage, the spyware went to work taking a snapshot of their hard disk, a snapshot of their Favourites folder and a copy of their browsing history. Before they had even finished reading the webpage, the spyware was already transferring their information to my server. It's as easy as that! Equally that same code could be manipulated to perform a total trash of the hard disk or some other equally miserable and criminal act.

Speaking to the BBC, David Moll explained.

"Some (spyware programs) lurk on misspelled URLs and strike those that type faster than their fingers can carry them. As a result you do not end up where you expect to be."

Alarmingly, users do not even need to visit a website to contract spyware. The preview window in Microsoft's Outlook Express allows emails containing HTML and any other code which can be placed on a normal webpage, to be loaded, without warning. Companies looking to implant spyware using the "drive-by" principal are regularly exploiting this glaringly obvious flaw in the design of Outlook Express.

"If you get one piece of spyware, you will get five because the business model says they pay each other to pass on information about victims," said Mr Moll.

Thankfully anti-spyware/adware programs such as Ad-Aware (free) and WebRoot's own offering, Spy Sweeper can clean up a PC and even help prevent further infections, but just like anti-virus software, anti-spyware software needs to be kept up-to-date to remain effective.

In addition to providing software solutions to this problem, legislators too are seeking to end this electronic intrusion. In the USA an anti-spyware bill is moving towards approval in Congress. If successfully implemented, this bill will force firms who wish to use spyware to first receive permission from the end-user before it is installed. But even before any new laws come into place, spyware makers are already working on next generation coding which keep their programs intact and operational?.perhaps even on your PC.

Related Links:

WebRoot Spyware Audit http://www.webroot.com/services/spyaudit_03.htm

Ad-Aware http://www.lavasoftusa.com/software/adaware/

WebRoot http://www.webroot.com/

About The Author

Robert Palmer is CEO of deskNET Communications www.desknet.co.uk the first affordable alternative to opt-in email marketing and newsletters. With over 20 years professional experience in software development, Robert is a leading architect in the development of the emerging Net technology, One-2-Many Broadcasting software.

Software helps 'observant'choppers Times of India, India - 14 hours ago The researchers have revealed that their software could learn and flawlessly replicate more than 20 years of radio-controlled helicopter expertise in just ...

PokerNews.com

PokerStars Launches Full Version of Mac-Compatible Software PokerNews.com - 3 hours ago The software that brings the hugely popular online poker site PokerStars.net into the homes of over 15 million players worldwide will now have a Mac version ...

IEWatch Software LLC Has Released WebReplay 2.0 PR Web (press release), WA - 2 hours ago IEWatch Software LLC has released WebReplay 2.0, a plug-in for the Internet Explorer browser that allows automated web surfing, form filling, ...

Voting software does not ensure accountability Albany Times Union, NY - 5 hours ago Software experts have proven that votes cannot be secured on any electronic voting equipment. Vote manipulation was found despite these machines being ...

A Charity Fails Families Of Fallen Firefighters After 9/11 Hartford Courant, United States - 29 minutes ago Careaga, a one-time volunteer firefighter and reserve police officer, had been trying to make money selling computer software to rural fire departments in ...

Advent Software to buy Tamale San Antonio Business Journal, TX - 15 hours ago Advent (NASDAQ: ADVS), which makes financial software, is based in San Francisco and is led by CEO Stephanie DiMarco. Privately held Tamale is based in New ...

Canada.com

Open Sauce Software ZDNet UK, UK - Sep 5, 2008 Chrome is still my default browser, and there are everyday things I can't do so easily in it as in Firefox. Perversely. I think what I want is a Google ... Video: Tech Test: Google Chrome Lacks Polish AssociatedPress Google sees new browser displacing desktop software Reuters Google Chrome: A Hit with Online Software Vendors CIO Seeking Alpha - Chicago Tribune all 3,447 news articles

Joost Moves From Software to Web Enters the world of today's ... Dslreports - 18 hours ago The company had been quiet for a little while but has now made the big announcement that they are switching away from their software-based model and towards ...

AFS Technologies gains 2 tech firms, raises funds Arizona Republic, AZ - 5 hours ago 7, 2008 12:00 AM Phoenix-based software firm AFS Technologies Inc. recently acquired two technology firms and raised $38 million in debt and private-equity ...

OverTheLimit.info

Happy birthday, Google - now you can take on the world guardian.co.uk, UK - 10 hours ago In its original (early 1990s) form, a browser was software that provided a passive window on to the web: a way of reading web pages. ... Video: Tech Test: Google Chrome Lacks Polish AssociatedPress Web Visitors Swarm Google Chrome InformationWeek What Cloud Computing Needs Motley Fool Independent - CNET News all 249 news articles