Bob and Joy
                                      
 
     By Bob and Joy Schwabach
                                                                        

Home (947 bytes)

Columns  (947 bytes)

Internuts (947 bytes)

  Bob's Bio (947 bytes)

Email (947 bytes)

 

Home

Columns

Internuts

 About Us

Email

 
                                                                                                               


 

February 2004, Week 4 -- Something Is Amiss

 

 

   It may not be a jungle out there but it certainly is a mess. Several readers have written in to report problems with programs designed to find and remove spyware. That, it turns out, is just the tip of an iceberg.

   What is “spyware,” anyway?  It is program code that is loaded into your computer without advising you or asking your consent. The most common purpose is to record what you do with the computer, particulalry when you browse the worldwide web, and then send that information back to another computer. The information is then either sold to advertisers and spammers or used by the spyware placer to their own benefit.

 

Hijacking your computer

 

   Selling the information to advertisers is turning out to be one of the more benign uses of spyware. It’s annoying but ultimately harmless. Information is now beginning to surface of more nefarious uses for spyware. For example, there are reports circulating in the chat rooms about spyware that sets aside part of the empty space on your hard drive and then sells that space as storage to its customers. The spyware creates what’s called a “cab” file, which simply stands for cabinet, and like any cabinet it’s used to store things. If you search your computer for files ending in “.cab” – callled “dot cab,” you’ll find many, but unless you’re very expert there is no way to tell if any of them are stealing your hard drive space. That’s called hijacking; your computer has been hijacked.

 

   There are other uses for hijacked computers. They can be use as transmission nodes to send out mail or advertising. Your hard drive can be used to store somebody’s MP3 music collection or pictures. The spy might even use it as a warehouse for selling music and pictures. Movies will probably come next.

 

   One of the most insidious characteristics of this huge expansion in spyware is that some of it is being placed by programs presented as tools to remove spyware. But most of it just comes from little utility programs that are designed to amuse or offer small computing aids. Who are they? The list is always changing but we went looking on the web. There are 138 web sites devoted to the identification and removal of spyware and hijackware. Six program names kept came up repeatedly as well-known offenders. I could list them right here but I don’t want to be sued into bankruptcy. If you browse on the subject “hijackware” you will come across them soon enough.

 

Slicing Spam

 

   Spyware is also being put in place by anti-spam programs.

 

   Some of these are sold but many are free. Spam is such a nuisance that it has become an issue before Congress. (Spam of course is information and advertisements you didn’t ask for and don’t want. Among computer geeks, by the way, the notices you didn’t ask for but happen to like are called “ham” instead of spam.) We have tried may anti-spam programs and nearly all of them work to some extent, but require so much time to adjust and maintain that it becomes a losing proposition.

Thomas Bayes
Thomas Bayes

   So … anti-spam doesn’t work very well and neither does anti-spy. What can you do about it? Not much. Macintosh users like to brag that they get very little spam or spyware, but that’s mainly because at just five percent of the installed base of all personal computers not many spammers or spies are willing to spend time hitting on Macs. It’s just not worth  the bother. (That should draw torch-bearing crowds to the hustings.) And when we get to Linux and Unix users, we’re talking less than one percent of all computers.

   The most helpful spam blocker to surface so far is a program based on the probability theories of 18th century English mathematician Thomas Bayes. This is available for free at http://spambayes.sourceforge.net. SourceForge is the world’s largest web site for the development of open source software. “Open source” means the program code is available to anyone and everyone. If you need or want priority technical support there’s a charge of $39 a year.

 

   The good news is that the SpamBayes spam blocker is great. It uses probability analysis to “learn” what looks like spam and what doesn’t, and the more you refine it the more accurate it gets. The bad news is it only works with Microsoft Outlook, not Outlook Express. Since all new Windows computers come with Outlook Express already on board, not many people are interested in paying an extra charge to get the larger and more comprehensive Outlook.

 

   This is not the end of defensive maneuvers but the beginning.

 

Books

Anti-Hacker Tool Kit

For the technically inclined who are concerned about computer security , there is a new second edition of the “Anti-Hacker Tool Kit,” by Shema and Johnson; $60 from Osborne/McGraw-Hill www.osborne.com. The content here is heavy slogging and not for the faint of heart. There are nearly 800 pages plus a CD with security tools. Some of the security tools can be used to gain unauthorized access to other computers, so this really should be handled carefully. New security tools not on the CD are available at www.antihackertoolkit.com.

NOTE: Readers can search over four years of On Computers columns at our web site: www.oncomp.com. You can contact Bob Schwabach at bobschwab@aol.com and Joy Schwabach at joydee@oncomp.com.