Okay, okay, I confess I picked this tip's topic because I'm up to my ears in spyware research for a forthcoming Wiley book The PC Magazine Guide to Fighting Spyware, Viruses, and Malware. But as I've dug into the topic -- and incidentally cleaned up half a dozen of my own computers and helped with interventions on other people's machines -- I've observed that certain hysterical-sounding statistics aren't really that hysterical nor that far out of line.
First, a definition: Spyware is usually mentioned in the same breath as adware, and some instances of this combined category actually show features of both types of software. Spyware and adware are usually explained as related forms of software, both of which show up on a system through covert means, without asking for a user's consent, and often without explaining potentially adverse changes or side effects that might result from its presence and use.
Spyware gets its name from its inclination to gather information about or from its users, and to share it with third parties (again, without informing users or obtaining their consent to do so). Adware gets its name from its insistence on downloading and displaying advertisements on computers, either in the form of inline banner ads (bothersome, but not overwhelmingly so) or pop-up ads (which appear in separate browser windows that must be closed before users can return to the task at hand; annoying in small numbers, vexing and infuriating in large numbers). Both kinds of software have been known to change default home and search pages in Web browsers, mess with security settings, add unwanted toolbars and other appurtenances, and generally impose their will on otherwise well behaved computers.
Dealing with spyware and adware can also be bothersome because some of this software not only installs DLLs or other, more active software components, it also makes registry changes, adds itself to startup menus or items, and in general does whatever it can to protect its continued presence and influence on the desktops it infests. Sure, real nerds can identify and root out all related files, search out and delete or rename registry keys and values, and otherwise clean up Windows through brute force. But the easiest and most thorough way to get rid of spyware and adware is to use some kind of anti-spyware program to identify, locate and remove this stuff automatically.
Personally, I've been writing and teaching in the information security area for 8 years now, and I thought I had my personal machines and networks in pretty fine shape. Even though I was already using anti-spyware software, in researching the niche I learned which products did the most thorough inspections and analyses and could therefore detect and remove the most spyware and adware. My personal desktop had 41 spyware and adware elements, despite regular use of another product (and picked up 86 after an initial cleanup, followed by an attempt to go out and see what I could catch after turning my anti-spyware software off). Other machines in my home office had anywhere from 30- to 70-odd such elements lurking in cookies, the registry, toolbars, and DLL files.
That's why I no longer think that VNU headlines like One in three PCs hosts spyware or Trojans or PCs infested with 30 pieces of spyware, or Computerworld stories like Who's Seeding the Net with spyware are deliberately inflammatory or sensationalistic. This stuff is real, nasty, and pervasive, and it's important to understand it and know how to handle it. This also explains why I'll write my next tip in this series on the best commercial and freeware antispyware tools my research and experience has turned up. Stay tuned until then!
Ed Tittel is a writer, trainer, and consultant based in Austin, TX, who writes and teaches regularly on information security topics. He's a contributing editor to Certification Magazine, series editor for Exam Cram 2, and author of the forthcoming Wiley book The PC Magazine Guide to Fighting Spyware, Viruses, and Malware. E-mail Ed at firstname.lastname@example.org.
This was first published in June 2004