Do you ever suspect that someone else is calling the shots on your PC? You’re not doing anything online, but the modem lights show that your system is sending and receiving data. One day you research a New Caledonian vacation, and the next day ads start popping up on your screen pushing Noumea getaways. Is someone out there watching you?
Well, the snoops aren’t watching you exactly — rather, they’re watching (and recording) your mouse clicks. Much of that ‘free’ software you’ve been downloading has a cost, after all. In addition to the banner advertisements that clutter the interfaces of many free programs, products such as BearShare, KaZaA Media Desktop, and the ‘sponsored’ version of Qualcomm’s Eudora e-mail application come packed with a hidden payload: stealthware programs that track your surfing activity and send data on where you go back to a mothership marketing server.
Also dubbed spyware or adware (the latter delivers targeted advertising but does not collect personal information about you), these covert programs use the bandwidth and processor power you paid for to sell you stuff. And a new class of stealthware co-opts your computer’s resources for other purposes: earlier this year, users of KaZaA Media Desktop discovered that the Brilliant 3D viewer that was installed along with the file-sharing application was a client for a soon-to-be-activated distributed-processing network. While the download is free, anyone who decides to get it winds up paying for it in the form of CPU cycles.
This novel arrangement isn’t a complete secret. When you accept the terms of the KaZaA software licence, you also grant Brilliant permission to use your PC’s processing power and Internet connection. But few people, if any, scroll far enough down the KaZaA user licence to read the terms of the embedded Brilliant licence. To see whether a program contains stealthware before you install it — without getting bleary-eyed from reading through the licence — check the online database of stealthware-bearing applications maintained at Spychecker.com.
To uncover stealthware that is already lurking in your system, you can use a utility that scans for it in much the same way that antivirus programs scan for viruses. We examined four such protectors: LavaSoft’s $US15 Ad-aware Plus 5, PestPatrol’s $US30 PestPatrol 3.1, Spyblocker Software’s $US20 Spyblocker 5, and the freeware SpyBot Search and Destroy.
Ad-aware Plus and PestPatrol are the fullest-featured spy hunters of the four, and Ad-aware Plus earned the Best Buy title mainly because it found and disabled many more scary programs in our tests than PestPatrol did. Notably, PestPatrol missed the Brilliant 3D viewer and its dormant distributed computing client. Also, Ad-aware Plus’s wizard-like scanning and spyware removal process is easier to navigate than PestPatrol’s tabbed interface. Otherwise, the two programs behave very similarly. Both scan your hard disk and Registry for signatures of known spyware, and both scan your PC’s memory to catch stealthware while it’s running.
Before purging your PC with one of these utilities, remember that some free programs may stop working if you remove their hidden components. If you can’t give up a prized application but you don’t like what it does behind your back, use an application-monitoring firewall, such as ZoneAlarm Pro 3, to block unwanted background traffic.
Ad-aware and Pest Patrol are available in free versions, but we recommend the full packages because of the additional features they provide. The free version of PestPatrol, for example, lacks the ability to quarantine or delete stealthware; you’ll have to remove it manually. Ad-aware’s free version leaves out the memory scanner and other advanced features, including the useful ability to run a scan directly from Windows Explorer.
Like antivirus software and firewalls, stealthware blockers require program and signature updates to trap the newest culprits. PestPatrol can automatically download updates from the company’s Web site. Ad-aware Plus uses a separate program that streamlines the downloading and installation of signature-file updates, though it does not run automatically.
The two other programs we tested deserve honourable mention. SpyBot Search and Destroy .95 is a promising freeware program that was in development during our research (a final version, 1.0, is now available); it’s nearly as thorough and feature-rich as Ad-aware Plus. Spyblocker is a real-time memory scanner that watches for a host of online threats, including Web bugs, ads, worms, spyware, scripts, and cookies. Like the application-control feature provided by a personal firewall, Spyblocker prevents stealthware from connecting to remote servers. The program also automatically blocks programs from communicating with servers that are associated with a long list of known stealthware domain names. However, Spyblocker doesn’t scan your hard disk and remove offending programs.
DEAL WITH NOSY WEB SITES
In just a moment, PC World will bring you tantalising new information on privacy. If you’d like to read the rest of this story, please take a few moments to answer these simple questions about yourself.
Are you male or female? Where do you live? How much do you earn annually? Are you married, and if so, how long have you been married? Do you have children? How many? How old are they? Where do they go to school? What’s your favourite kind of biscuit: shortbread, chocolate chip, or Web cookie? Do you prefer boxers, briefs, bikinis, or no underwear at all?
Most Web users have been asked to fill out questionnaires like that dozens of times, often just to browse a site’s offerings. Here’s the question the surveys never ask: have you ever felt that some of the questions sites ask cross the line into the realm of information you don’t feel comfortable sharing? All the personal information they collect benefits users of the site, many Web sites argue. Once you enter your personal information on a Web site, however, it may not be bound by any rules (other than the ones it sets for itself) to protect that information, depending on the site’s operating location. The company could trade, sell, barter, and use information about you in any way it wants. That personal information has monetary value to the companies that collect and trade personal data on individuals.
What’s a privacy-hungry Internet user to do? Confronted with a questionnaire, most people will simply fill in the blanks and click OK just to avoid being incessantly nagged by a site for personal data. A growing number of users have tried a different tack: they provide the site with a bogus name or other fake data. In most cases, lying solves the problem by giving the users pseudonymous access to the site.
Each of us needs to decide for ourselves how comfortable we feel about lying on Web forms. Some people feel that you should never tell a lie anywhere, but sometimes the truth, when taken out of context (as it often must be when a site tracks your clicks), can be damning. Imagine the level of indignation if your local grocery store required every shopper to fill out a form before they were even allowed inside the store. A substantial number of people would probably drive to a different supermarket where they could buy their milk and eggs without the hassle or invasiveness.
If you feel equally uncomfortable both providing actual personal information and lying on a form, try this instead: the next time a site asks for your post code, your birth date, or any other personal information, assign a dollar value to the data — say, $100 for each piece of information — and find out what the site plans to give you in return. If you don’t think the value of the site’s information equals the value of your data, consider going somewhere else. A mass exodus of customers is the kind of survey result to which Web sites might really pay attention.
Better yet, shoot off a quick e-mail to the sites’ Webmasters, and let them know why you won’t be back: the sites are just too darn nosy.
SAY NO TO KEYSTROKE LOGGING
Of all the ways snoops can track you these days, perhaps the most invasive method is keystroke logging. With an inconspicuous piece of hardware or software, a nosy boss, jealous spouse, or ingenious hacker can see every character you enter into your PC.
The worst part is that while privacy legislation strongly encourages your employer to inform you when it’s tracking you at work, no rules protect users of a home PC. Fortunately, secret keystroke logging remains relatively rare. If you suspect someone is keeping tabs on your keyboard, here are some tips for uncovering the truth.
First, look for suspect hardware. Hardware keystroke loggers are typically small cylinders that plug in to the end of your keyboard’s cable and connect to your PC. If you find one, simply remove it. Finding keystroke logging software — such as WinWhatWhere’s Investigator or Spectorsoft’s Spector — is harder. The apps use cryptic names, and most can send logs of your keystrokes secretly over the Internet to a snoop.
To prevent keystroke logging software from reporting on you via the Net, install a personal firewall. If you already use a firewall, check the list of programs permitted to send information over the Net. If you see a program you don’t recognise, change settings so the program must ask for permission before sending a message. That will help you figure out whether the traffic is legit. If you open a program and immediately get a request to access the Internet, the request probably came from that program. If the request came out of the blue, investigate further.
Keystroke loggers may save a record on your hard drive as you type or click. Eliminate a logger from your hard drive by installing counter-surveillance software such as SpyCop (free trial version, full version $US50; http://spycop.com) or SpyDetect ($US30; www.spydetect.com). Both programs scan your hard drive for files created by keystroke loggers, and both can delete the applications and their data files. (SpyCop’s demo version performs only a partial scan and can’t delete files.) You could also try Who’sWatchingMe (90-day free trial; www.trapware.com), to check for logging. Delete any loggers you find running, then restart your PC and run the scanner again.
Of course, upon discovering that you’ve deleted the keystroke logging program, the person who installed it on your PC in the first place may attempt to reinstall it. You could arrange to install your own keystroke logger, to spy on the spy. But, really, is any relationship worth that degree of suspicion?
SURF WITHOUT LEAVING A TRACE
Worried that someone may be looking over your shoulder — in the virtual sense — as you browse the Web? If so, you don’t have to be an online agoraphobe any longer: new tools from old hands in Web privacy will let you surf with complete anonymity.
A certain degree of paranoia about the Web is justified. Advertisers track Web surfers all the time, planting cookies that track you as you surf from site to site so they can see what you want and where you go. Proxy servers, such as the Safeproxy CGIProxy, have been around for years. These sites open another site, say, Amazon.com, in a pane of the proxy. That way, Amazon won’t see your IP address and the proxy can block ads and some cookies.
But proxy sites still allow destination sites to implant some ad cookies and Web bugs — the two most common tracking devices—on your system. Worse, many proxies are just too slow.
The plug-ins work only with Internet Explorer versions 5 and higher. Anonymizer’s plug-in is compatible with versions of Windows from 98 through XP; a Zero-Knowledge spokesperson tells us that its tool can’t run on some installations of Windows 98 and Me, but that it works well with Windows 2000 or XP. The two plug-ins behave similarly: after a short download, each service adds a small button to Internet Explorer’s toolbar that toggles the application on and off. Private Surfing and Freedom WebSecure both generate a toolbar at the top of your Web browser window. Once you log in with your user name and password, the software becomes active and you can surf anonymously to your heart’s content.
Related services from these companies in the past offered anonymous surfing, but at a snail’s pace. The new versions are dramatically faster. Freedom WebSecure seemed positively peppy, while Anonymizer still was a bit slower than unprotected surfing because of its encryption. If you’re concerned about the bread-crumb trail you leave across the Internet as you browse the Web, either of these tools can sweep those crumbs away and keep profilers off your back.
|Utility||Price||Scans memory/storage||Removes programs||Comments|
|*Best Buy* Lavasoft Adaware Plus 5||US$15||Yes/Yes||Yes||Tool provides extremely thorough scanning and removal of stealthware|
|PestPatrol 3.1||$US30||Yes/Yes||Yes||Utility has a slightly more difficult interface and less thorough scanning that Adaware. Manual updates.|
|Spyblocker Software Spyblocker 5||$US20||Yes/No||No||Real-time memory scanner blocks a broad range of stealthware, ads, cookies and Web bugs. Separate utility assists with updating.|
|Spybot Search and Destroy .95||Free||Yes/Yes||Yes||Student-written freeware offers thorough scanning and an impressive feature set. Manual updates.|