Spyware

Drive by Downloads

PUPs

What is Spyware?

Any software that covertly gathers user information through the user's Internet connection without his or her knowledge, usually for advertising purposes. Spyware applications are typically bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet; however, it should be noted that the majority of shareware and freeware applications do not come with spyware. Once installed, the spyware monitors user activity on the Internet and transmits that information in the background to someone else. Spyware can also gather information about e-mail addresses and even passwords and credit card numbers.

Spyware is similar to a Trojan horse in that users unwittingly install the product when they install something else. A common way to become a victim of spyware is to download certain peer-to-peer file swapping products that are available today.

Aside from the questions of ethics and privacy, spyware steals from the user by using the computer's memory resources and also by eating bandwidth as it sends information back to the spyware's home base via the user's Internet connection. Because spyware is using memory and system resources, the applications running in the background can lead to system crashes or general system instability.

Because spyware exists as independent executable programs, they have the ability to monitor keystrokes, scan files on the hard drive, snoop other applications, such as chat programs or word processors, install other spyware programs, read cookies, change the default home page on the Web browser, consistently relaying this information back to the spyware author who will either use it for advertising/marketing purposes or sell the information to another party.

Licensing agreements that accompany software downloads sometimes warn the user that a spyware program will be installed along with the requested software, but the licensing agreements may not always be read completely because the notice of a spyware installation is often couched in obtuse, hard-to-read legal disclaimers.

Here is an example of spyware infecting a computer. More to come soon.

 What is a Drive By Download?

A drive-by download is a program that is automatically downloaded to your computer without your consent or even your knowledge. Unlike a pop-up download, which asks for consent (albeit in a calculated manner likely to lead to a "yes"), a drive-by download can be initiated by simply visiting a Web site or viewing an HTML e-mail message. If your computer's security settings are lax, it may be possible for drive-by downloads to occur without any further action on your part.

Frequently, a drive-by download is installed along with a user-requested application. (In this case, the unwanted application is sometimes called a barnacle.) For example, a file sharing program might be included with a spyware program that tracks and reports user information for targeted marketing purposes. An associated adware program can then generate pop-up advertisements using that information.

Xupiter, an Internet Explorer toolbar program, was frequently installed as a drive-by download in the early 2000s. The program replaced a user's home page, changed browser settings, and used a redirect to take all searches to the Xupiter Web site. In some versions, the program initiated drive-by downloads of other programs. Furthermore, although it came with an uninstall utility, Xupiter was quite challenging for the average computer user to remove.

What is a PUP?

A PUP (potentially unwanted program) is a program that may be unwanted, despite the possibility that users consented to download it. PUPs include spyware, adware, and dialers, and are often downloaded in conjunction with a program that the user wants.

The term was created by McAfee, the Internet Security company, because marketing firms objected to having their products called "spyware": in the view of such firms, all the information necessary for informed consent is included in the download agreement. It is widely recognized, however, that many if not most users fail to read a download agreement in sufficient detail to understand exactly what they are downloading.

McAfee differentiates PUPs from other types of malware, such as Viruses, Trojans, and Worms, which can be safely assumed to be unwanted by the user.