18-03-2011, 04:14 PM
[attachment=10518]
Spyware Tutorial Session
What is Spyware?
A class of software agents that reside on user computers and provide access and information to outside parties via network connections
Schwartz, Davidson & Steffan (2003)
“Spyware is just one of many startling examples of how our privacy is being eroded”
Sen. John Edwards (2001)
Who knows? It could have been a formative campaign issue.
What is Spyware?
The FTC defines it as software that aids in gathering information about a person or organization without their knowledge, and that may send that information to another entity without user consent
Urbach & Kibel (2004)
Spyware guru Steve Gibson considers it to be anything that surreptitiously utilizes a computer’s Internet “back channel” to communicate with an external server
Gibson (2003)
Spyware…Everywhere
Over 78,000 applications designed to remotely monitor and report on computer user activities
Metz (2004)
85% of computers probably have spyware running on them
Farrow (2003)
Computers even come from the OEM with spyware on them
Levine (2004)
Thompson (2003)
Network administrators consider spyware a worse problem than Spam
Berman (2004)
Types of Spyware
Adware, Key Loggers and Trojan Horses
Internet Journal (2002)
Levine (2004)
Schwartz, Davidson & Steffan (2003)
Any of these, at best, can monopolize your computing resources and bandwidth…at worst, compromise your passwords and intrude upon the sanctity of your identity
Townsend (2003)
You also have Browser Hijackers, Dialers, Drive-By Downloads, and Scumware
Mikusch (2003)
Daniels (2004)
Adware is Legal
More’s the pity…
It’s certainly not proper under Gibson’s definition
Typically installed as a bundle with P2P file sharing packages and legally enabled by vague and hard-to-find provisions of the bundle EULA (End User Licensing Agreement)
A licensing finesse, frankly…but the FTC does have the power to regulate deceptive and unfair practice under Title 5
The EULA defense is holding up
Generally upheld by Federal courts as a technically legal justification for software installation
cf., Berman ( 2004), Bruening and Steffen (2004), Klang (2003), Townsend (2003).
However, Big Bureaucracy is watching this issue
FTC workshops, Senate and House committee hearings
Adware is Legal
Claria’s Gator
You get it with your KaZaa EULA
They will sue if you get caught calling Gator “spyware”
Why? They have a license agreement with you. Your KaZaa media desktop is physical proof of that.
Fully authorized in the eyes of the law, if not the eyes of the consumer
Urbach & Kibel (2004)
In conflict with “liberal contract theory,” however
All parties should be aware of all terms, and all should be in agreement
Klang (2003)
Adware is Economic
It is a proven business model
Holleyman (2004)
Naider (2004)
Klang (2004)
Targeted pop-ups have clearly better click through rates than standard on-site banners
Anything would be better than 1%!
The Freeware Bundle
How do you think Freeware producers get paid?
No Free Lunch, online
Klang (2004)
Some folks actually want it on their computer
Save!Ô SaveNow!Ô For the bargain conscious shopper online
Naider (2004).
Adware…not always legal
The key question is who has the legal right to use the competition’s trademark and copyrighted names and characterizations for business purposes?
Adware’s all based on monitoring users for specific search terms…
Pops up competitive ads based on the competition’s name and functional activity names
Have to have that copyrighted info in a database for the targeting system to work
Is that legal? Hertz, Dow Jones, Washington Post and U-haul don’t think so
But the jury is still out on the matter
Hagerty & Berman (2003)
Where do you get it?
Bonzi Buddy, Comet Cursor, Gator, Xupiter Toolbar, Bargains.exe, SaveNow!
All proliferated via free music and video file sharing applications
Coggrave (2003)
Taylor (2002)
If you do file sharing, you’ve likely given legal permission for any of those to be installed on your machine…whether you remember doing so, or not
My Spybot Search & DestroyÔ agent caught eBay trying to repeatedly download DoubleClick code to my computer just the other day!
Remote Administrative Trojans
RATs, by any other name
Covert installation of programs that can be contacted by outside computers and which provide control over the host computer
Network administration tools such as Back Orifice or SubSeven exploit holes in the Microsoft operating system to give outside users the ability to capture screen displays and keyboard input or actually take control of a remote computer
Internet Journal (2002)
Recent RATs such as SubSeven, Bionet and hack’a’tack are built around easy-to-use graphic interfaces simple enough for most anyone with malicious intent to use
Carfarchio (2002)
RATs
Exploit weaknesses in the Microsoft browser or operating system
Installs itself, then triggers installation of utilities that monitor and control the target computer
Purposes as mild as Web site re-directs and as threatening as zombie-like production and transmission of bulk email spam
Fisher (2004)
RATs come unannounced in viral form, as email attachments or as drive-by downloads
Legitimate remote administration tools are installed in the open and with full user knowledge and consent.
Mikusch (2003)
Key Loggers
Key Loggers can be legal
Employers
Family members who own the computer
These can also be hardware or software
Legal purpose is to monitor those you are responsible for
Unethical uses include the cheating spouse syndrome and industrial espionage
A common payload for an illegal Trojan Horse attack
Purpose is to collect passwords and account information for identity theft purposes
Legal Remote Monitoring
Windows Update
Product Registration
Quicken
Macromedia
Kodak Digital Cameras
Legal is not the same as considerate or well-designed, in my personal experience
BackWeb Lite…what does Patrick Kolla think of this?
59 “hooks” into my system after digital camera software installation
Spyware Tutorial Session
What is Spyware?
A class of software agents that reside on user computers and provide access and information to outside parties via network connections
Schwartz, Davidson & Steffan (2003)
“Spyware is just one of many startling examples of how our privacy is being eroded”
Sen. John Edwards (2001)
Who knows? It could have been a formative campaign issue.
What is Spyware?
The FTC defines it as software that aids in gathering information about a person or organization without their knowledge, and that may send that information to another entity without user consent
Urbach & Kibel (2004)
Spyware guru Steve Gibson considers it to be anything that surreptitiously utilizes a computer’s Internet “back channel” to communicate with an external server
Gibson (2003)
Spyware…Everywhere
Over 78,000 applications designed to remotely monitor and report on computer user activities
Metz (2004)
85% of computers probably have spyware running on them
Farrow (2003)
Computers even come from the OEM with spyware on them
Levine (2004)
Thompson (2003)
Network administrators consider spyware a worse problem than Spam
Berman (2004)
Types of Spyware
Adware, Key Loggers and Trojan Horses
Internet Journal (2002)
Levine (2004)
Schwartz, Davidson & Steffan (2003)
Any of these, at best, can monopolize your computing resources and bandwidth…at worst, compromise your passwords and intrude upon the sanctity of your identity
Townsend (2003)
You also have Browser Hijackers, Dialers, Drive-By Downloads, and Scumware
Mikusch (2003)
Daniels (2004)
Adware is Legal
More’s the pity…
It’s certainly not proper under Gibson’s definition
Typically installed as a bundle with P2P file sharing packages and legally enabled by vague and hard-to-find provisions of the bundle EULA (End User Licensing Agreement)
A licensing finesse, frankly…but the FTC does have the power to regulate deceptive and unfair practice under Title 5
The EULA defense is holding up
Generally upheld by Federal courts as a technically legal justification for software installation
cf., Berman ( 2004), Bruening and Steffen (2004), Klang (2003), Townsend (2003).
However, Big Bureaucracy is watching this issue
FTC workshops, Senate and House committee hearings
Adware is Legal
Claria’s Gator
You get it with your KaZaa EULA
They will sue if you get caught calling Gator “spyware”
Why? They have a license agreement with you. Your KaZaa media desktop is physical proof of that.
Fully authorized in the eyes of the law, if not the eyes of the consumer
Urbach & Kibel (2004)
In conflict with “liberal contract theory,” however
All parties should be aware of all terms, and all should be in agreement
Klang (2003)
Adware is Economic
It is a proven business model
Holleyman (2004)
Naider (2004)
Klang (2004)
Targeted pop-ups have clearly better click through rates than standard on-site banners
Anything would be better than 1%!
The Freeware Bundle
How do you think Freeware producers get paid?
No Free Lunch, online
Klang (2004)
Some folks actually want it on their computer
Save!Ô SaveNow!Ô For the bargain conscious shopper online
Naider (2004).
Adware…not always legal
The key question is who has the legal right to use the competition’s trademark and copyrighted names and characterizations for business purposes?
Adware’s all based on monitoring users for specific search terms…
Pops up competitive ads based on the competition’s name and functional activity names
Have to have that copyrighted info in a database for the targeting system to work
Is that legal? Hertz, Dow Jones, Washington Post and U-haul don’t think so
But the jury is still out on the matter
Hagerty & Berman (2003)
Where do you get it?
Bonzi Buddy, Comet Cursor, Gator, Xupiter Toolbar, Bargains.exe, SaveNow!
All proliferated via free music and video file sharing applications
Coggrave (2003)
Taylor (2002)
If you do file sharing, you’ve likely given legal permission for any of those to be installed on your machine…whether you remember doing so, or not
My Spybot Search & DestroyÔ agent caught eBay trying to repeatedly download DoubleClick code to my computer just the other day!
Remote Administrative Trojans
RATs, by any other name
Covert installation of programs that can be contacted by outside computers and which provide control over the host computer
Network administration tools such as Back Orifice or SubSeven exploit holes in the Microsoft operating system to give outside users the ability to capture screen displays and keyboard input or actually take control of a remote computer
Internet Journal (2002)
Recent RATs such as SubSeven, Bionet and hack’a’tack are built around easy-to-use graphic interfaces simple enough for most anyone with malicious intent to use
Carfarchio (2002)
RATs
Exploit weaknesses in the Microsoft browser or operating system
Installs itself, then triggers installation of utilities that monitor and control the target computer
Purposes as mild as Web site re-directs and as threatening as zombie-like production and transmission of bulk email spam
Fisher (2004)
RATs come unannounced in viral form, as email attachments or as drive-by downloads
Legitimate remote administration tools are installed in the open and with full user knowledge and consent.
Mikusch (2003)
Key Loggers
Key Loggers can be legal
Employers
Family members who own the computer
These can also be hardware or software
Legal purpose is to monitor those you are responsible for
Unethical uses include the cheating spouse syndrome and industrial espionage
A common payload for an illegal Trojan Horse attack
Purpose is to collect passwords and account information for identity theft purposes
Legal Remote Monitoring
Windows Update
Product Registration
Quicken
Macromedia
Kodak Digital Cameras
Legal is not the same as considerate or well-designed, in my personal experience
BackWeb Lite…what does Patrick Kolla think of this?
59 “hooks” into my system after digital camera software installation