Last July, a young New York man pleaded guilty to installing software on computers in Kinko’s stores that captured every keystroke typed on the machines. Since these were computers rented out to customers by the hour, the keystroke logger allowed this sleazy character to collect passwords, credit-card
numbers and a good deal of other private information.
He got caught. But the type of software he used is common, and it could be running on your computer right now.
It’s called spyware, or spyware and adware. Spyware has become a big enough problem that major Internet service providers such as America Online, Earthlink and MSN are offering their customers software designed to block it.
Spyware is any software that surreptitiously installs itself on a computer and gathers information about the person using that computer without his or her knowledge. Some people limit the term spyware to software that gathers information for criminal purposes, as in the Kinko’s case — typically the target is data that can be used for identity theft or passwords that might be used to steal from the user. Adware, on the other hand, merely gathers private information for use in bombarding the user with unwanted ads.
One common type of adware observes what Web sites a user visits and uses this information to choose pop-up advertisements to display on the user’s computer. Not all pop-ups are browser windows — some are generated by adware that has weaseled its way onto the affected PC.
Another common trick is using hidden programs to capture e-mail addresses — and sometimes data about your Web-surfing habits — and then selling the information to spammers so they can clutter up your in-box with offers of herbal Viagra and multi-million dollar offers from widows of dead Nigerian dictatorial candidates.
Some of this stuff is illegal. The rest of it should be.
File-sharing services are a major source of adware/spyware. Some in fact have clauses buried in their user agreements that say they will install things on your computer. This is sleazy — in the first place, hardly anyone reads these agreements, and people who cover their butts with gotchas buried deep in the fine print should be ashamed of themselves. And second, some things are wrong whether you trick someone into agreeing to them or not.
If I rented someone a room and buried deep in the rental agreement was a clause giving me the right to rummage through my boarder’s underwear drawer, it wouldn’t hold up in court and I’d rightly be considered some sort of weirdo. Well, this is the same thing.
Reading agreements and being wary of file-sharing services and unfamiliar Web sites are good ways to guard against adware and spyware. There is also a growing category of spyware-protection software on the market. Computer dealers should start making their customers aware of this. Computer users should install spyware protection and use it.
Now that major ISPs are offering spyware protection, and the problem is getting some significant media coverage, more people will be aware of it and take precautions.
But it’s sad that we have to keep adding more protection to our PCs to keep out the pond scum of the cyberworld.
Why does what we once called the information highway seem more and more like a dirty back alley?