Spyware on One in Twenty Computers?

← Back to Stories (view on slashdot.org)

Spyware on One in Twenty Computers?

Posted by michael on Friday March 5, 2004 @10:17AM from the PEBKAC dept.

SpaceDonkey writes "New Scientist reports that researchers at the University of Washington carried out a scan of the campus network for signs of spyware. They found spyware lurking on more than one in 20 machines and also discovered a serious vulnerability in two of the four spyware programs they looked for."

9 of 400 comments (clear)

Min score:

Reason:

Sort:

Ad-Aware by amembleton · 2004-03-05 10:19 · Score: 5, Informative

Download yourself a free copy of Ad-Aware from here. I ran it on my computer the other day and it found 22 infected files, that it cleaned up for me :)
That seems like a low percentage by Lotek · 2004-03-05 10:21 · Score: 5, Informative

I'm a tech for a medium sized publishing company, and I find that the first thing I do when I get complaints of slowness and random unexplained crashes is to run spybot. In roughly half of the systems I check, I can find some kind of spyware.
Re:Type by gid13 · 2004-03-05 10:24 · Score: 4, Informative

Upon reading the article, it says that they only tested for 4 specific programs: Gator, Cydoor, SaveNow, and eZula. And got 5.1% positives. So yeah, you're probably right.
Suggestions by Anonymous Coward · 2004-03-05 10:27 · Score: 4, Informative
Windows can be secure. Some suggestions:
- Use Firefox. No need to worry about ActiveX spybars.
- Get AVG Anti-virus. Keeps out the trojans and viruses.
- Use Ad-aware. Say goodbye to malware.
- Above all else, use a personal firewall. You won't have to worry about programs calling home without your permission.
I manage a 50-user corporate network. by daviddennis · 2004-03-05 10:28 · Score: 4, Informative

Spyware makes it on to 100% of the computers in my network. I have taught my users to put in, use and update ad-aware, but I think even with that there is spyware it's not recognizing. I come to this conclusion thanks to erratic behaviour in many of my machines that is not due to viruses.

Some of my users like spyware. Hotbar is a good example of a program that's actually liked by a number of people. But the programs that seem to do the most harm are the ones that try to stay invisible.

There are two computers on my network that never have spyware problems. One of them is the Mac I do all my web surfing on, and the other is the PC I do no web surfing on at all.

Any company I found is going to be Mac-only. There's little point in tolerating the huge overhead associated with running a Windows network.

D
1. Re:I manage a 50-user corporate network. by daviddennis · 2004-03-05 11:13 · Score: 4, Informative
  
  Two points:
  
  * Spyware is created for purely commercial reasons. It is not commercially viable to create this kind of software for a platform with a 5% market share. I don't expect spyware to become a problem under MacOS X unless something happens that pushes its market share radically higher.
  
  if 99.99% of virii and spyware are writen for Windows, the Mac and Linux are far, far safer. That's not "security through obscurity"; it's pure, hard-headed commercial reality.
  
  * Most of the tricks used for "drive-by installs" of Spyware work because Internet Explorer is integrated with the operating system. In other words, you use Internet Explorer + an ActiveX DLL to install updates to Windows. Therefore, you can use the same combination to do Bad Things.
  
  On the Mac, there is no such integration, so the only way to install software is to, well, install it. Period.
  
  You pointed me to a spyware removal tool for the Mac, but I have yet to hear of any Mac spyware. Until proven otherwise, I consider that program bogus.
  
  D
I'm not surprised. by Bistronaut · 2004-03-05 10:30 · Score: 4, Informative
I would say that the 20% number is way lower than what you'd find on cross-section of average home users' computers. I'll bet that they only came up with 20% because:
- University students and staff are probably more computer-savvy than the general population.
- They were only searching for four of the who-knows-how-many spyware programs out there.
If you're running Windows, you should have Spybot Search and Destroy and Ad-Aware. Not to mention a virus scanner and firewall. And run Windows Update for goodness' sake! Just more proof that Windows isn't ready for the average user yet. (Sorry, had to get a cheap jibe in there. :-)
The actual article by El+Volio · 2004-03-05 11:34 · Score: 4, Informative

New Scientist is just carrying their little summary; one of the authors has the paper available on his site in HTML, PDF, and PostScript forms. It's to be presented at NSDI '04.

--
"You can never have too many elephants on your team."
Effective combination... by Fez · 2004-03-05 12:44 · Score: 5, Informative
I work at a computer repair shop, and nearly every single computer I work on has some degree of spyware. The best combination of tactics to kill spyware that I've found is as follows (All in Safe Mode, of course):
- Trend Micro Damage Cleanup - Free, Effective at catching a multitude of viruses and malware (Detects some spyware as trojans or adware)
- Spybot Search & Destroy
- Ad-Aware
- CWShredder - Kills CoolWebSearch variants
- HijackThis! - Powerful general tool for cleaning up what the others miss
- LSPFix - to fix broken LSPs that interfere with Windows' TCP/IP stack
There's not a lot to be missed after that. Process Explorer is also good for finding processes running that might not be of obvious origin.