Spyware is the newest epidemic to hit PCs

This article has been corrected. You may view this article’s correction here.

Yalies who have been around computers for more than a few years will remember the good old days of malicious software, when the most common scenario was a deluge of unwanted e-mails from infected friends and abuse of the address book. Today, a new generation of software sits on the computers of unsuspecting users — but instead of spreading itself in the most obvious fashion, it lies in wait, doing any number of unpleasant things to the user’s computer and data. This parasite is called spyware.

University Information Security Officer Morrow Long likened spyware to other malicious computer software.

“It’s very closely related to viruses and worms, what we call malware,” he said. “It’s the same kind of problem, an annoyance. It causes PCs to be less secure, to crash, to lose data.”

However, unlike viruses and worms, which often install themselves without the user’s consent, spyware is most often installed in a bundle with other, seemingly benign, programs. Often, these programs — labeled as free software — use information they gather on your computer to generate revenue for the software’s distributor.

Long warns to investigate seemingly free software before installing it.

“I would say that if it seems too good to be true, it probably is in many cases,” he said.

Many file-sharing programs install spyware along with the sharing software. While ITS discourages file-sharing, Long said this is one more reason not to download the programs.

But some spyware is installed in a virus-like fashion, taking advantage of flaws in Microsoft Internet Explorer. This route requires no user intervention and sometimes browsing to malicious Web sites can be enough.

Once spyware has been installed, it will usually do its best to remain on the system. Spyware programs often edit a computer’s registry files so that they launch themselves on boot-up and reinstall themselves when deleted. Other programs, while abiding by your decision to uninstall them, will give amusing, alarming and false reasons why you should not do so.

“The pure spyware usually tries to be invisible,” Long said.

Symptoms of a spyware infestation can include random pop-up ads, redirection of a user’s browser home page or damage to critical parts of the system that prevent proper operation. But in almost all cases, the computer will exhibit poor performance as result of the resources the spyware is stealing from legitimate uses.

Unfortunately, some spyware is even more damaging and, in extreme cases, can do things such as cause the computer to dial 1-900 phone numbers — charging the owner a hefty sum.

“Some stuff like pop-ups are just annoying, but some of this stuff is really insidious,” said Jeffrey Lincoln, director of ITS Support Services.

Lincoln said spyware is a serious issue at Yale affecting many student and University computers.

“It was getting itself into the core of the systems, so sometimes we’d have to take all the data off the machine, wipe it and put the data back on,” he said. “In one month, we’d spent over 100 hours removing spyware.”

Student Computing, which oversees the computing assistants, is also concerned about the growing spyware trend.

“I think spyware is a growing epidemic that is only going to get worse, like spam,” Minh Vuong, the assistant manager of Student Computing for Academic Media and Technology, wrote in an e-mail. “Two years ago when we did the student computing survey, spyware wasn’t even an issue that we questioned people about.”

Vuong said there are ways to prevent and remove spyware. He recommended installing Symantec antivirus software provided on the Yale software Web site and keeping it updated. System software should also be updated by using Windows Update in Windows or Software Update in Mac OS X, he said. Additionally, using either Mozilla Firefox or Apple’s Safari browser and avoiding suspicious software, specifically file-sharing programs such as Kazaa, iMesh and Grokster, will decrease computer users’ chances of contracting spyware.

Vuong also suggested students who are concerned that spyware has already made it onto their computers install Ad-Aware and Spybot to eliminate the delinquent programs.

“Using Spybot and Ad-Aware takes care of about 90 percent of the spyware programs, so I’d recommend that students start with those,” he said.

Answers to frequently asked questions regarding computer issues and help installing and configuring recommended software are available on the CA Web site. ITS will also soon begin distributing a spyware-removal program called Spy Sweeper, for which the University has just purchased a one-year license.

Comments