Home

Articles

Reviews

Table of Contents

Search

Staff

More on Spyware
By Ira Wilsker

        I received several emails form readers of this column about my recent column on spyware, commenting on their results after running the spyware detecting and removal software mentioned in that column.  While not scientifically valid, about half of those who responded preferred the free version of Ad-Aware (www.lavasoftusa.com), while the other half preferred Spybot Search and Destroy (www.safer-networking.org).  Many who downloaded the free titles also downloaded the free trial versions of PestPatrol (www.pestpatrol.com) and System Mechanic (www.iolo.com), and also commented positively about those products.  One fairly consistent remark was astonishment about the large number of spyware products found on almost all of the readers? computers, and the variety of spyware types that were discovered, and eventually neutralized. 

      According to the website at PestPatrol, the top five current ?pests? reported are KaZaA, Alexa, DoubleClick, DownloadWare, and Mediaplex.  KaZaA is the enormously popular file sharing software commonly used to download music, videos, and program files.  According to the KaZaA website, over 200 million copies of its software have been downloaded, and over 3 million more copies are download every week.  Unfortunately the free KaZaA software may come with a bitter price.  According to the KaZaA privacy statement on its website (www.kazaa.com/us/privacy/spyware.htm), it somewhat denies that it is spyware, but it does state that ?Kazaa Media Desktop contains banner advertising and the option to install other third party applications in order to remain free to the user.?  It should also be noted here that users with that KaZaA software installed may also have directories or files on their computers available for browsing and download by other unknown parties.  The KaZaA installation process makes this clear, but I have found that some users are not aware that they may have directories open online that can be accessed by others.  PestPatrol states that KaZaA (and similar software) ?May create security issues as outsiders are granted access to internal files.?  Most of the anti-spyware      software will neutralize this aspect of KaZaA, but it will also likely stop KaZaA from functioning properly.

        Alexa is the second most common pest currently reported by PestPatrol, which classifies Alexa as an ?exploit?.  PestPatrol defines an exploit as ?A way of misusing or breaking into a system by taking advantage of a weakness in it.?  The Secunia security website at secunia.com/advisories/8955 labels Alexa as a ?Moderately critical? risk which can expose the users? sensitive information to ?msn.com? and ?alexa.com?.  Alexa takes advantage of a feature built in to Internet Explorer, which Secunia says, ?The data transmitted to "msn.com" and "alexa.com" is the complete URL. In some cases this could contain sensitive information such as username, password, session id, search string, "secret paths", and more.  The vulnerability has been confirmed for Internet Explorer 6 on Windows 2000 and Windows XP with all Service Packs and hotfixes.?  At a minimum, users of IE should not use the ?Related Links? feature.  Alexa, now owned by Amazon.com, is often installed as a toolbar to make searches more convenient.  Alexa?s privacy statement at pages.alexa.com/help/privacy.html explains what Alexa does with the information it captures.  Most anti-spyware products remove Alexa.

        DoubleClick, rated by PestPatrol as the third most prevalent current pest, is a tracking cookie, which is a small text file placed on your computer by certain websites when they are visited.  While not all cookies are bad or harmful, PestPatrol defines a tracking cookie as ?Any cookie that is shared among two or more unrelated sites for the purpose of tracking a user's browsing and/or gathering and/or sharing information which many users regard as "private".  Cnet.com describes DoubleClick workings as ?Online ad company DoubleClick used Web bugs that could communicate with cookies from its Web site. The cookies then revealed past online behavior, even home addresses, IP addresses, and phone numbers to the bugs, and the bugs sent that information straight back to DoubleClick.?  While most anti-spyware software deletes DoubleClick cookies, and Spybot?s resident utility will prevent new DoubleClick cookies from loading, DoubleClick itself offers web surfers the ability to opt-out of its tracking and reporting functions at www.privacychoices.org/optout.htm.

        DownloadWare is an adware product that connects to its servers to download software from its advertisers.  Also known as MediaLoads or ClipGenie, this software is a major source of those pop-up ads that often randomly appear to interrupt or interfere with our web surfing.  It is also installed by KaZaA and another popular file sharing utility Grokster.  After being installed, often unknowingly, DownloadWare protects itself from deletion.  According to its license agreement, ?...when found, claims that it may clash with various other software and so if it finds any it will remove it.?  Fortunately, anti-spyware software will safely remove this pest, which, according to STOPzilla, may also reduce the number of pop-up ads by up to 80%.

        Mediaplex is another tracking cookie, similar to DoubleClick.  According to its privacy statement at www.mediaplex.com/mplx_privacy.shtml, ?Mediaplex products ? MOJO Adserver, MOJO Mail, and MOJO Publisher ? to deliver and track advertisements and marketing messages over the Internet.?  Users who wish to opt-out of any tracking by Mediaplex can do so at www.valueclick.net/perl/optout/do/set.  Mediaplex is also removed by most of the anti-spyware products.

        Sadly, these are but five of the tens of thousands of internet pests tracked by PestPatrol and the other anti-spyware companies.  I reiterate the importance of frequently using an updated anti-spyware program to protect your web privacy and security, and enhance your surfing satisfaction.
 

Last Update:03/08/2008