Protecting Yourself on the Web
There are a number of problems to look out for on the web:
Viruses, which are programs or scripts that get into your computer and cause damage in a myriad of ways
Worms, which are like viruses that replicate independently over a network without any human intervention
Trojan horses, which are programs that appear to be innocuous but that cause damage to your system when you run them
There’s some overlap between these definitions. A worm may not have been designed to do harm but, owing to the number of instances on your computer, it could clog up your file system or damage your email files, which might classify it as a virus. Is a program that releases a worm but that doesn’t cause damage to your system a worm or a trojan horse? While the distinctions are sometimes blurry, all of these are Bad Things from Bad People. You don’t want them on your computer. Using a good anti-virus program (with up-to-date virus definitions) is essential. The biggest vector for viruses is any email program that automatically loads and runs scripts. Thunderbird, described later in this book, is much safer because, among other things, it doesn’t load and run scripts unless you actively tell it to.
One of the most recent computer plagues is spyware. Spyware is programs or scripts that are installed without your explicit permission that sit quietly in the background and do things to your system that you don’t want to be done. What kinds of things? Here are some of the basic types of spyware:
Adware (also known as ‘’popupware’’) is certainly the most common type of spyware. When you go online, the adware displays ads in popup windows (aka ‘’popups’’) about all kinds of products: hair loss remedies, herbal Viagra substitutes, cheap car rentals, you name it. Adware usually also transmits information about your web surfing habits and preferences to someone collecting information about you, who then sells it to spammers and marketers so that you get hit with targeted spam and probably more popups. (This process is known as ‘’data mining,’’ and there are pieces of adware that are just data miners.)
Search hijackers (also known as ‘’browser hijackers’’ or just ‘’hijackers’’) change your browser’s home page and your preferred search engine to something you didn’t plan on (usually porn sites or some cheesy web scam). Search hijackers are also frequently data miners, just like many versions of adware.
Keystroke loggers are particularly nasty. While all the other types of spyware are busy trying to sell you stuff—stuff you really don’t want, but still—or gather information about you so that other people can try to sell you stuff, keystroke loggers are tracking the actual keystrokes you enter on the computer. Anytime you log in to your email account to pay websites you patronize or (worst of all!) to your credit card site to make a payment, the keystroke logger records everything and then sends it to someone.
There are a few other classes of spyware—dialers that look for a phone line via a modem and then dial long distance 900 numbers to rack up bills on your account, for instance, or programs that look for Quicken on your computer and then have Quicken transfer money to someone else’s bank account (as demonstrated by Germany’s Computer Chaos Club in 1997)—but the bottom line is that spyware and the people who create or use it have no reason for continued existence on any planet that’s discovered penicillin.
Fortunately, you can do a number of things to detect and remove spyware and to avoid it in the future. Some of the best detection tools for Windows are free: Ad-Aware SE Personal Edition from Lavasoft (http://www.lavasoftusa.com) and Spybot Search & Destroy (http://www.safer-networking.org) are my personal favorites. I use both of them, because each tends to catch some things that the other doesn’t. I also use ZoneAlarm (http://www.zonealarm.com) as a software firewall so that I can see if something on my computer is trying to send information elsewhere. It’s also free and cheap at twice the price.
Spyware is primarily a problem for Windows computers, but Mac users may want to try a product like MacScan (http://macscan.securemac.com). You might also want to look at general Mac security sites, such as MacSecurity.org (http://www.macsecurity.org) and SecureMac (http://www.securemac.com), for information on how best to protect your Mac. Linux users have nothing to fear: spyware is not an issue for Linux computers at this time.
To avoid getting spyware in the future, first use Firefox (you knew that was coming, didn’t you?). Here’s why: Microsoft’s approach to designing Internet Explorer was an optimistic view of security. Internet Explorer provided the maxiumum amount of capability with the hope of providing mechanisms that could and would be used to avoid risks. Unfortunately, it didn’t quite work that way: ActiveX lets people silently access the operating system, the browser itself, and applications, and the Security Zone Model can allow the silent downloading, installation, and execution of programs without your knowledge. Powerful stuff that you can use to do great things? Sure! But sadly, it doesn’t have enough safeguards, and as a result, ActiveX and the Security Zone model are used together as the primary mechanism to deploy spyware.
To be fair, Microsoft has recently addressed some of the issues in SP2 for Windows XP, but only a couple years after the dangers of Internet Explorer and its architecture were discussed in an article entitled ‘’The Most Dangerous Software Ever Written’’ (http://www.networkmagazine.com/article/NMG20020701S0007). Worse, because Microsoft is focusing on Windows XP, over 200 million users of Windows 95, Windows 98, and Windows 2000 are being left out in the cold.
In contrast, Firefox takes a pessimistic, Murphyistic view of vulnerability: ‘’Anything that can go wrong, will go wrong.’’ Firefox attempts to create a firewall around the browser and remote content and other applications that might be available on the PC. In every case where potentially dangerous actions can happen, Firefox attempts to warn users about the risk. Furthermore, because Firefox doesn’t support ActiveX and the security zone architecture, Firefox doesn’t allow websites to install software automatically. Without the ability for websites to silently download and install spyware, Firefox has some immediate security advantages over Internet Explorer.
For further safety, don’t put yourself in harm’s way. Avoid software and websites that are likely to be infested with spyware. As you might expect, websites focusing on warez, porn, illicit mp3s, and file sharing are all likely to have spyware (you all look like nice people and would never go to places like these, but you need to know). Unfortunately, lots of sites that even a nice person like you might go to that also have spyware: online games, dating sites, contests, free software, and even some major companies’ websites can all try to download spyware on your computer. The trick is to be cautious, use Firefox to filter out a lot of the spyware, use Ad-Aware and Spybot to check for spyware regularly (daily’s not too often to check if you surf a lot), and use ZoneAlarm to watch what’s trying to talk from your computer to elsewhere without your knowledge.