|
Terminology
|
What is Spyware?
|
In general,
spyware is any technology that aids in gathering information
about a person or organization without their knowledge. On the
Internet, spyware is programming that is put in someone's
computer to secretly gather information about the user and relay
it to advertisers or other interested parties. Spyware can get
in a computer as a software virus or as the result of installing
a new program. Data collecting programs that are installed with
the user's knowledge are not, properly speaking, spyware, if the
user fully understands what data is being collected and with
whom it is being shared.
The cookie is a well-known
mechanism for storing information about an Internet user on
their own computer. However, the existence of cookies and their
use is generally not concealed from users, who can also disallow
access to cookie information. Nevertheless, to the extent that a
Web site stores information about you in a cookie that you don't
know about, the cookie mechanism could be considered a form of
spyware. DoubleClick, a leading banner ad serving company,
changed its plans to combine cookie information with database
information from other sources to target ad campaigns directly
to individuals without their permission. DoubleClick's current
policy is not to collect "personally-identifiable" information
about a user without their explicit permission or "opt-in."
Aureate Media, which distributes
free software on the Web in exchange for the right to gather
user information, is another company that has been criticized
for not plainly indicating what data it gathers and for making
it difficult to remove its programming. |
|
What is a Cookie?
|
A cookie is
information that a
Web site
puts on your
hard disk
so that it can remember something about you at a later time.
(More technically, it is information for future use that is
stored by the
server
on the
client
side of a
client/server communication.) Typically, a cookie
records your preferences when using a particular site. Using the
Web's Hypertext Transfer Protocol (HTTP),
each request for a Web page is independent of all other
requests. For this reason, the Web page server has no memory of
what pages it has sent to a user previously or anything about
your previous visits. A cookie is a mechanism that allows the
server
to store its own information about a user on the user's own
computer. You can view the cookies that have been stored on your
hard disk (although the content stored in each cookie may not
make much sense to you). The location of the cookies depends on
the browser. Internet Explorer stores each cookie as a separate
file under a Windows subdirectory. Netscape stores all cookies
in a single cookies.txt file.
Cookies are commonly used to rotate the banner ads that a site
sends so that it doesn't keep sending the same ad as it sends
you a succession of requested pages. They can also be used to
customize pages for you based on your browser type or other
information you may have provided the Web site. Web users must
agree to let cookies be saved for them, but, in general, it
helps Web sites to serve users better. |
| Adware |
Programs that secretly gather
personal information through the Internet and relay it back to
another computer, generally for advertising purposes. This is
often accomplished by tracking information related to Internet
browser usage or habits.
Adware can be downloaded from Web sites (typically in shareware
or freeware), email messages, and instant messengers. A user may
unknowingly trigger adware by accepting an End User License
Agreement from a software program linked to the adware.
|
| Dialers |
Programs that use a system,
without your permission or knowledge, to dial out through the
Internet to a 900 number or FTP site, typically to accrue
charges. |
| Hack Tools |
Tools used by a hacker to gain
unauthorized access to your computer. One example of a hack tool
is a keystroke logger -- a program that tracks and records
individual keystrokes and can send this information back to the
hacker. |
| Hoax |
Usually an email that gets mailed
in chain letter fashion describing some devastating, highly
unlikely type of virus. Hoaxes are detectable as having no file
attachment, no reference to a third party who can validate the
claim, and by the general tone of the message. |
| Joke Programs |
Programs that change or interrupt
the normal behavior of your computer, creating a general
distraction or nuisance. Harmless programs that cause various
benign activities to display on your computer (for example, an
unexpected screen saver). |
| Remote Access |
Programs that allow another
computer to gain information or to attack or alter your
computer, usually over the Internet. Remote access programs
detected in virus scans may be recognizable commercial software,
which are brought to the user's attention during the scan.
|
| Spyware |
Stand-alone programs that can
secretly monitor system activity. These may detect passwords or
other confidential information and transmit them to another
computer.
Spyware can be downloaded from Web sites (typically in shareware
or freeware), email messages, and instant messengers. A user may
unknowingly trigger spyware by accepting an End User License
Agreement from a software program linked to the spyware |
| Trojan Horse |
A program that neither replicates
nor copies itself, but causes damage or compromises the security
of the computer. Typically, an individual emails a Trojan Horse
to you-it does not email itself-and it may arrive in the form of
a joke program or software of some sort. |
| Virus |
A program or code that
replicates; that is, infects another program, boot sector,
partition sector, or document that supports macros, by inserting
itself or attaching itself to that medium. Most viruses only
replicate, though, many do a large amount of damage as well.
|
| Worm |
A program that makes copies of
itself; for example, from one disk drive to another, or by
copying itself using email or another transport mechanism. The
worm may do damage and compromise the security of the computer.
It may arrive in the form of a joke program or software of some
sort. |
| |
|
Back |