|
|
|
Feature Presentation for the April 25th general meeting
Andy Cornwall - Introduction to Spyware
Andy Cornwall - Ad-aware Spyware Elimination
General Information
Newsletter Information
Meeting Schedule for the year
Main Feature:
The feature subject is 'Perils of the Internet'.
We will start with an explanation of what a cookie is, and how they
are used. with David Potter doing the explaining.
Andy Cornwall will do the main feature:
There are a number of things that can affect ones private use of the
internet, including: Cookies, HTML, JAVA, ActiveX.
He intends to use flow charts to illustrate how these things work,
and where intervention by a user can be executed, and how it is done.
How some of these things can be disabled or re-enabled when desired.
Bill Marchant will have some windows hints available to fill time if
necessary, but it is likely that the two items above will generate a
lot of interest and conversation.
Please note the address change below:
The HAPCC general meeting is on the last Wednesday of each month.
The general meeting will be April 25th meeting time 7:00 - 9:00
pm. Meeting place: In the TV Room (Name only, there is no TV) of
the Scotia Branch of the Royal Canadian Legion,
at 5837 Cunard St Halifax. The building is facing the Halifax Commons
between Robie and Agricola Streets. The Legion parking lot is at the
right of the building and is available for our use. Meetings start
at 7:00 PM and end approximately 9:30 PM.
In this issue
Background:
Researching Internet threats to your computer will leave you paranoid.
What is Spyware?
Your computer with the Windows multitasking operating system is a
powerful platform to do your bidding; that may be word processing,
income tax preparation, displaying and editing images, playing music,
managing e-mail, surfing the web, etc. You are in control as you sit
in front of your computer and type in commands at the keyboard. But
you may not be alone, the cable connected to the back linking your
computer to the Internet (either by modem or direct connection) can
potentially provide some entity residing in the Internet almost as
much control over your computer as you have. (Indeed if you permit,
the processing power of your PC could be harnessed as part of a
computing pool operating over the Internet to conduct research, for
example, searching for life in outer space.)
The danger is that by being on the Internet others will be able to
spy on your privacy. At worst, your computer files can be copied or
corrupted. One way that this can happen is by Spyware that may be
running on your computer. Spyware is variously defined as:
- any application that retrieves data from your computer without your knowledge. www.voiceofthepeople.com
- a program that... communicates secretly with its home site. Some spyware programs are installed automatically when you visit Web sites that use them. Others are installed along with particular shareware or freeware programs. The installation can occur without your knowledge ... (PC Magazine, July 2000)
- advertising supported software ... for shareware authors to make money from a product, other than by selling it to the users. There are several large media companies that offer them to place banner ads in their products in exchange for a portion of the revenue from banner sales www.spychecker.com.
- Spyware is a generic term typically describing software whose purpose is to collect demographic and usage information from your computer, usually for advertising purposes. The term is also used to describe software that 'sneaks' onto the system or performs other activities hidden to the user. Spyware apps are usually bundled as a hidden component in mis-labeled 'freeware' and shareware applications downloaded from the Internet--a spyware module may be active on your computer at this moment without your knowledge! These modules are almost always installed on the system secretively, suggesting that spyware companies know how users feel about such software and figure that the best/only way to ensure its widespread use is to prevent the end-user from discovering it www.cexx.org.
At the least Spyware can track your 'clicks' on the net and copy your
browser history. Your Internet access profile can be compiled on the
basis of a unique user ID assigned to your computer by infected
software or in a cookie. If you register the adware software, or
otherwise provide personal information to an adware server, your
profile can be given a concrete identity.
Most spyware seems to be associated with advertising supported
software which connects your computer to 'adbots', advertising hosts
that deliver banner ads to your computer, that are tailored to appeal
to your interests - as determined by your Internet activity profile.
If your software shows banner ads, your computer may be running
spyware. Deleting the offending program will usually not delete the
spyware capability that was installed on your computer. You may no
longer be able to use the program and see the banner ads, but
Internet tracking can still occur. Advice: check your Tasks frequently
for suspicious processes.
According to cexx.org:
'Many adware apps install separate advertising components on your
system, that run--downloading ads and wasting system resources--even
if you're not using the software that installed them. Often, these
components remain installed and continue to perform their unsightly
duties even after the associated app has been uninstalled! Some
adware companies have even gone so far as to create 'Advertising
Trojan Horses', virus-like software programs that stealthily install
themselves on your computer to perform unwanted advertising functions
and violate your privacy whether you've installed the advertising-
supported software or not. Advertising trojans make clandestine
connections to adservers behind your back, consume precious network
bandwidth and may compromise the security of your data. The latest
versions of these 'ad-viruses' operate in full stealth and are nearly
impossible to detect without advanced knowledge of the system
environment. These include the TimeSink/Conducent TSADBOT and the
Aureate advertising trojans described in the Adware section. One
spyware module has been known to spoof a Windows system process so
that it cannot be terminated and does not appear on Windows'
End Task (Ctrl-Alt-Del) dialogue.
'Spyware modules have been implicated in computer problems including
system slowdown, Illegal Operation errors, browser crashes, and even
the 'Blue Screen Of Death'. While normal system stability has usually
returned when the interfering spyware modules were deleted, one
spyware product in particular will disable your Internet access
if you try to delete it!
Note: The ads that occur on web sites, and viewed in your browser
do not necessarily constitute Spyware, as such. There are advertising
hosts that feed web sites, and your Internet activity can be traced
via cookies placed on your machine. There is a fear that web ads can
contain JAVA, ActiveX, and VSB scripts which will be executed by your
browser to further compromise your security. Some cookies, e.g.
double click, are associated with spyware ad hosts.
Running Ad-Aware to Check for and Remove Common Spyware
So, how do get rid of spyware, which you may have running on your
machine and may not even know about? The answer, obtain and run
Ad-aware by Lavasoft
www.lavasoft.de. Ad-aware supercedes OptOut,
a program previously distributed by Steve Gibson to remove spyware.
You use Ad-aware regularly as you would a virus checking program.
The Ad-aware information base, called a signature file, needs to be
updated periodically from Lavasoft to stay current with new spyware
variants.
According to Ad-aware help:
'Basically, Ad-aware will scan your system for known advertising
systems and lets you remove them from your system. It will scan your
memory, registry and file system for known modules. if a related
module was found in memory, it means the spyware was active until
Ad-aware detected and unloaded the particular module. i.e. if
TSADBOT.EXE was found in your memory, it means that Timesink is not
only installed, but was also active. Nearly all of your Internet and
system settings are stored in the registry. Ad-aware will scan parts
of your registry for modifications or values and references to known
spyware. And finally, your hard drive(s) will be scanned for known
spyware files. After the scanning process, you can view a list of
all spyware references residing on your system, and select for
removal. In short words: Ad-aware helps you getting rid of
advertising parasites. Make sure you always use the latest version,
as Ad-aware is updated regularly.'
Refer to the attachment for information on the spyware that Ad-aware
currently detects, and on the implications for privacy intrusion from
running programs that have spyware.
Further, the Lavasoft site offers a spyware checker, which is a
searchable data base of spyware, that can tell if software you
propose to install, or have inadvertently installed, contains
spyware.
Other Spyware Protection
Blocking Web Connection to Spyware and Other Dangerous Host
Sites
You can define a file 'C:\Windows\hosts' that will filter out
Internet communications from the specified addresses. Thus, even
though a program wants to go to a certain site to deliver data on
your click strokes and web surfing, your computer will refuse to
communicate to it.
Use a Firewall
A firewall, such as ZoneAlarm, will block Internet traffic from a
program running on your computer. If there is a secret spyware
program trying to communicate with its host, the firewall will
notify you of the intended communication and ask for your permission
to precede. Note that if you are running a program that you expect to
communicate to the Internet for legitimate purposes, the permission
that you provide will also extend to its spyware function.
Use a HTML On-the-Fly Editing Program.
March 2001
A. Cornwall
In this issue
Advertising companies - what they want, what they do:
(abstracted from Ad-aware help, and is base on information provided
by the spyware hosting companies).
Adware Inc
The release of the Software is provided at no charge to the user,
because it is sponsored by advertising present in the software.
The software will not expire, nor is any payment due to
Shetef Solutions & Consulting Ltd. (the 'Author') unless the user
wishes to purchase the
full-featured commercial version. Adware shall neither attain nor
use any of your identifying
characteristics. In addition, Adware will not obtain any personal information that could
identify you including your name; picture or voice in order to match said personal characteristics
to the information in the registration form. Nevertheless, by accepting this software, you hereby
authorize Adware to use the information in your registration form
when selecting advertisements for you. By accepting their agreement,
you agree that the Software and any additional software needed will
be downloaded into your computer.
Conducent Timesink
www.conducent.com
Conducent (with Timesink technology) claims in their privacy policy
that they do not use cookies in any way and that the information
collected by them is non-personally identifiable. They also state
that they do not sell, rent or loan any information regarding desktop
users to any third party. Anyway, Timesink creates an folder with
your login name to store information and download banner ads.
Gator www.gator.com
Below is the statement by Gator for version 1.8. The statement for
previous versions is similar.
Gator and Offer Companion have both been designed to automatically
pop up to help you with forms and login pages including special
offers that are relevant to your shopping activities. Therefore
Gator needs to know where you are on the web.
Gator also maintains a user profile.
The user profile that is kept about you contains the following:
- Your email address
- Your first name
- Country
- ZIP code
- A Gator ID ( a numeric identifier) will be generated when you
download Gator
- Your master Gator password
- Information about web pages you visit (this includes the sites web
address, the time spent on each page, transaction activity where
Gator and/or OfferCompanion were used, how you got to the site and
as you left it
- What kind of ad or offer was delivered to your computer and your
response to them
- Your IP address, browser type, browser version, screen resolution,
and operating system version
If you stop using Gator and/or OfferCompanion, your profile will
remain in their online database. However Gator claims that if you
like to be removed from their database you can email your request to
be removed to removeinfo@gator.com . However you will not be deleted
from their back-up copies of earlier versions of their database.
Flyswat
Each flyswat install has an anonymous random number assigned to it.
This random number enables you to customize flyswat features and
content. The flyswat service logs anonymous click-streams as users
navigate the Web. This data has no personal or demographic
information associated with it and will be considered only in
aggregate form. flyswat uses this information for product enhancement
and may also share it with our partners to use for product
enhancement.
If the flyswat application on your computer ever fails, it will
automatically send a diagnosis back to the flyswat server, with
information about the type of system and state of usage when flyswat
failed.
Some web sites send personal information via query strings or post
data this data may be transmitted through flyswat but they claim that
they do not store it.
To submit a BoosterPack for consideration in the flyswat BoosterPack
directory, flyswat will need your e-mail address in order to
communicate with you about your submission. This personal information
will not be released to 3rd parties, and in no event will it be
associated with the random number that allows you to customize
flyswat.
Alexa www.alexa.com
Alexa collects and stores information about the web pages you view,
the data you enter in online forms and search fields while using the
Alexa software and if you are using version 5.0 or higher it will also
monitor and store information about the products you purchase online.
Some information collected is personal identifiable.
What kind of information does Alexa collect from you?
- If you are simply visiting the Alexa Web Site, they will collect
the full URL of the Web page came from, the domain name, the date and
time for each page you view, the name of and information about any
advertisement that is brought to you on the Alexa Web site; computer
and connection information such as browser type and version,
operating system, and platform. They will also place a cookie on your
computer so that they can track the pages of their Web site that you
view and the order in which you view them.
- When you download the software you will receive a cookie to the
hard drive of your computer. The cookie will assign your Web browser
a unique series of numbers, letters, or characters that will enable
Alexa to track and store information about your Web usage path and
online shopping.
When you use the Service, the company collects information about
the Web sites you visit and the pages you view. This information
allows the company to provide you with information about the Web
page you are viewing (Alexa's Site Info) and to build our database
of information about related Web pages (Alexa's Related Links).
EverAd www.everad.com
In order to use the Enabled Software, and as part of the installation process of the EverAd
Technology and the Enabled Software, the User may be required to fill a questionnaire containing one or more of t
he following: User's hobbies, age, gender, zip code, and/or other general details. The User acknowledges and agrees
that the details furnished by the User will be sent to EverAd's computers when the User connects to the Internet.
EverAd will not gather or obtain any information that identifies the User personally (such as the User's name or
e-mail address). Once the user completes the Enabled Software's installation process, an automated
system will allocate to the User a User Identification Code ("UID"). By using the UID,
EverAd is able to track the User's choices and selections without identifying the User by
name. The UID will be stored in a small encrypted text file, on the hard drive of the
User's computer. The User acknowledges and agrees to the use of the UID and its storage
in the User's hard drive.
The User acknowledges and agrees that EverAd will monitor and collect information
about the User's use of the Enabled Software. Such information
includes (but is not limited to) statistics, the User's favorite
genres, titles, and categories, the frequency in which the User
utilizes the Enabled Software, the server from which the User
downloaded the Enabled Software, the advertisements that the User is
exposed to and clicks while using the Enabled Software, and
parameters related to the User's Internet connection, etc. The User
acknowledges and agrees that on predefined intervals, when the User
connects to the Internet, this information will be automatically sent
to EverAd's servers.
The User's IP address is a 32-bit numeric string that serves as a
(usually temporary) identifier for a computer using the Internet.
The User acknowledges and agrees that EverAd will monitor and store
the User's IP address. The User acknowledges and agrees that the
information collected is EverAd's property, and EverAd may use it
according to its privacy statement (available at www.everad.com),
this End User License Agreement, and applicable laws.
WebHancer www.webhancer.com
This applies to all information collected or submitted on the
webHancer website. On some pages, you can subscribe to product
updates and promotions, make privacy requests and
seek technical support. The types of personal information collected
at these pages are your: Name, Email address.
The customer companion is a small, transparent program that
collects performance data as you transact with e-business sites.
The data collected is used to improve the service offered by
e-business operators A unique identifier is generated for WebHancer
to determine the number of times the software is downloaded,
installed and running.
Didn't anyone ever tell you that Beta is Latin for "it doesn't work yet?"
Chairperson David Potter
Vice-Chair Bill Marchant
Treasurer Rob MacCara
Web Librarian Thayne MacLean
Newsletter Editor Diane Smith
Membership Promotion Pat Conen
and the following members who assist in planning our monthly
meetings: Norman DeForest, Henry Hill, Ken Gilmour,and Colin Stuart.
The HAPCC has two kinds of
meetings. Firstly the regular Sunday night meeting which most
members attend regularly, secondly the monthly (approximately)
planning meeting which organizes the business of the Club,
including what happens on the Sundays. The planning meeting is
held on Monday, a week after the regular meeting in which all
members of the Club are urged to attend. At the planning meeting,
we discuss feature speakers for regular meetings, finances,
membership, training, and other computer related subjects.
....Bill Marchant
In this issue
Newsletter Articles.... We are almost
always in need of good articles. If anyone has something that
they feel would make a good article, an interesting story to
tell, or even a good meeting topic, please don't hesitate to pass
it on. Articles can be submitted in almost any format, ASCII
text, AMI Pro, MS Word, Windows Write, WordStar and of course
WordPerfect.
The news letter is mailed to all
paid up members and to anyone who has attended a meeting within
the past three months. Yearly membership dues are $15.00.
Club Mailing Address -
P.O. Box 29008, Halifax N.S., B3L 4T8.
In this issue
We decide the meeting dates for the
upcoming year at the last planning meeting of the season. The
dates for these are listed below. As in previous years, the
December meeting is moved to the early part of January due to
Christmas Eve being near the fourth Sunday of the month.
The planning meetings are normally held on the second Monday (8
days) after the general meeting. They are currently held at a
members home and the address is announced at the meeting prior to
the planning meeting. Anyone is welcome to assist in the planning
of future meetings or events.
Dates for the meetings starting in September are based on the
LAST Sunday in each month. Note that this is a change from
previously, when we met on the fourth Sunday.
Meeting dates for the 2000/01 season:
April 25, May 30, June 27.
Dates for the meetings starting in September are based on the
LAST Wednesday in each month. Note that this is a change from
previously, meeting times.
Note: There is no meeting in December. Remember also, we are now
using the LAST SUNDAY of the month, except for the exceptions as noted above.
Any changes to the scheduled dates will be announced where possible at the regular monthly meetings
and/or in this newsletter.
