Linked by Eugenia Loli on Wed 20th Apr 2005 19:13 UTC, submitted by Danny
Bugs & Viruses When is a virus not a virus? When it's a piece of spyware. Spyware - also known as advertising-supported software or adware - has been until recently a fairly benign snooper on your surfing habits. The data it gathers from your visit is used to target you with tailored advertising, either in pop-up windows or emails. read more
Order by: Score:

spyware has been on the security map for ages now so i don't get the title of this article.

anyway, if someone who doesnt have a clue how to prevent or repair a spyware infested xp machine (see this pic - http://www.linux-noob.com/forums/index.php?showtopic=1025 , ok it's a staged infection but you get the idea) then perhaps it's time to do the bleeding obvious

* install av software, keep it current and update it often (scan often too)
* don't download attachments from unknown sources or known if you suspect them of being dodgy
* don't surf to warez or pr0n sites, yup, they carry more than just your pic of the day
* use mozilla firefox or another browser
* enable a firewall
* don't use activex
* don't use IE

more info http://www.windows-noob.com

cheers

anyweb

Why spyware is not a virus:
by Chris on Wed 20th Apr 2005 19:27 UTC

It does not replicate itself.

Taken from "The Free Online Dictionary of Computing:"
A virus has an "engine" - code that enables it to propagate
and optionally a "payload" - what it does apart from
propagating. It needs a "host" - the particular hardware and
software environment on which it can run and a "trigger" - the
event that starts it running.

Unlike a worm, a virus cannot infect other computers without
assistance. It is propagated by vectors such as humans
trading programs with their friends (see SEX). The virus
may do nothing but propagate itself and then allow the program
to run normally. Usually, however, after propagating silently
for a while, it starts doing things like writing "cute"
messages on the terminal or playing strange tricks with the
display (some viruses include display hacks). Viruses
written by particularly antisocial crackers may do
irreversible damage, like deleting files.

Spyware also differs by reporting information instead of causing damages, but I think this is a less important part of what a virus is.
One could argue that spyware propogates, but the fact is that the installed spyware is a client to the server it reports to. It does not itself respawn; and so it isn't really a virus. In other words: Viruses are like cockroaches, spyware is like infertile cockroaches with a never dying mother!


Also, cookies are not spyware by definition; because you do not have to accept them and you are told you will be receiving them. And, they contain no information you didn't know you were inputting before.. I suppose one could pretty easily get a user password for the site they use the password on easily.. as the site owner, but that's not very hard considering you can do that without cookies too ;) .

@anyweb
by Chris on Wed 20th Apr 2005 19:29 UTC

You forgot one:
* Run as a limited user and use your superuser "run as" mode for things you know need it. Hint: ie never needs to be superuser.

Unfortunately, I've found the new features in IE have made this more difficult. It saves exe's as your user, and won't let you run them on other users without permissions changes (so unbelievably stupid...). But you can either fix the permissions, or in my case I just copy them to a fat32 disk and then run them (fat32 doesn't store much for permissions).

It can be a pain, but it will save you pain.

Yeah, I agree, this is almost old news...
by Ressev on Wed 20th Apr 2005 19:44 UTC

...as far as security goes. People in general may not have made the connection, but anyone in IT Security worth his salt will have considered Spyware as a risk to their network's security.

Since Windows noobs are being addressed here
by Windows Noob on Wed 20th Apr 2005 19:56 UTC

"* install av software, keep it current and update it often (scan often too) "

Now why isn't this just built in to an OS? Why the need for 3rd party apps? Why aren't Windows updates good enough Same goes for Ad Aware...

"* don't download attachments from unknown sources or known if you suspect them of being dodgy
* don't surf to warez or pr0n sites, yup, they carry more than just your pic of the day"

See that's just it. If the malware can linger on these sites, it can be on any site, and avoiding certain sites doesn't really solve the problem. Under this rational the internet could continually shrink until you're only safe on your own homepage.

"* don't use activex
* don't use IE "

These two don't really solve a problem either, just restrict the user even further. Surfing the internet shouldn't be like walking on hot coals. OS developers need to find some real answers to these problems rather than just berating new users.

Spyware
by Cheapslate on Wed 20th Apr 2005 20:24 UTC

RE:[Spyware - also known as advertising-supported software or adware]

according to this even the free version of Opera web browser is spyware...

Re: Spyware
by Baturcotte on Wed 20th Apr 2005 21:10 UTC

"according to this even the free version of Opera web browser is spyware..."

If the shoe fits...

Is it truly that much different from an app installing a third party program to display ads on my machine? Just because it has the ad display code as part of the browser.

On the other hand, Opera is *very* upfront, they aren't sneaking around behind your bad, so you know what you are getting into...

Re: Spyware
by Cheapskate on Wed 20th Apr 2005 21:16 UTC

RE:On the other hand, Opera is *very* upfront, they aren't sneaking around behind your bad, so you know what you are getting into...

yup, other than that little ad banner Opera is a good web browser, me sticks with Firefox...

Opera
by raver31 on Wed 20th Apr 2005 22:10 UTC

There is a big difference between spyware and ad-ware....
and even "Ad-supported" software like Opera....

1: Opera will give you a "free" version of its software, but you will have to view some ads in the corner.... not a bad thing as you get something for nothing

2: Ad-ware changes things like homepages to view ADs, it will also alter results from search engine queries to put its own results at the top of the list... Not a good thing as it wastes your bandwidth and the only people who benefit are the people who serve the ads and the companies the ads are for.

3: Spyware is downright sneaky, it installs onto your Windows PCs usually covertly, it watches what you type, or it digs through your address books, or it digs through your personal files, and it reports back to the person or company that spread it in the first place.


So there you have it, a quick breakdown of ad-supported software, malware.

Spyware and virus are both 'malware': things you didn't ask for and don't want to have on your computer.

Opera comes as ad-supported software but isn't spyware, because: you asked for it, and the why/what isn't hidden from you. And does it send personal data (or even keystrokes?) back to its maker? Maybe someone can tell more about that, but I doubt it. Targeted advertising at most.

Chances are slim, but if you actually read and understood some spyware's EULA, and agreed to it, then you agreed to let it (ab)use your computer.

IMO the main point of malware is that it uses your machine's resources (CPU, memory, bandwidth) against your wishes. And a security risk by itself, ofcourse. Other than that, there's very little difference between spyware or a virus.

Spyware doesn't replicate itself, and virus does? Nope, that's called a worm. A virus can replicate itself, but usually does need user help to get started. Like downloading and running a binary from unknown origin, or pointing a browser to a 'bad' website.

The same leaking of data by spyware can also be done by a virus, or occur as a side-effect. And both virus or spyware may open up other backdoors, allowing hackers/worms or other malware to enter.

In today's situation, I don't understand why separate tools are needed for virus- and spyware-scanning. They're doing a very similar task, aren't they? Why not integrate tools like Ad-aware with virus-scanners?

remove the pathogen vector mechanism
by tech_user on Thu 21st Apr 2005 00:06 UTC

the majority of diseases are prevented, not by innoculation or vaccination, which is costly and has side effects, but by removing the vector mechanism ot prevent the pathogens arriving.

why not transfer this analogy from the medical world to the computing world?

@tech_user
by Jim Steichen on Thu 21st Apr 2005 05:11 UTC

Hear, hear! An ounce of prevention is worth a pound of
cure. If you sleep with a prostitute, sooner or later
you'll contract an STD. What kind of OS is inhabiting
your computer??

re: spyware is a virus
by Anonymous on Thu 21st Apr 2005 06:14 UTC

whether or not it self replicates and a lot of those apps do by preventing deletion and having watcher apps to reinstall their garbage.

by the way how the hell do i get rid of ISTVC i think its called.

that is a nasty piece of garbage and the programmers, and every single employee of that company should be shot or in a federal prison, they are worse than most virus writers.

why hasnt a federal prosecutor nailed those assholes. i didnt give permission to install that (my system is clean, it was a website through an IE hole because i remember that was the one time i used IE in a few months and had to for something) they should be arrested and tossed in a dark dank hole for their antisocial and damaging behavior.