Saleswomen on the phone

Enter your email address on our Newsletter Page  and get special software offers by email.

Never miss out on our special sales!

Also get the latest breaking privacy news as well as Spyware, Privacy, and Security  Software Reviews.

 

Meeting Room Discussion About Spyware


Not convinced you have Spyware? Scan your PC for free and find-out! Click Here.
 

For Navigation Help See Our Site Map And Search Engine Page

 

Visit Spy Software Solutions.Com Your Online Spy, Anti-Spy, And Security-Privacy Software Comparison Guide with Free Spyware Removal Software.

Testimonials

Contact Us



Privacy & Security Education

Personal Privacy for Computer Users (continued)


Technological Threats

Office software

Modern computer technology offers many avenues for violating users’ privacy. For example, few users realize that if they allow Microsoft Office products to use "fast saves," they silently keep a full record of all the changes that they have made in a document. The same principle applies to changes made with "track changes" enabled. When such documents are sent to others, much more information may be revealed than expected; examples include comments from editors, reconsidered phrases, and even factual information that was supposed to be suppressed. Even the seemingly inoffensive Properties sheet may carry more freight than a user wants; many documents show the names of previous employers, details of managers' names and positions, and even comments that should not be made public. Before sending any MS-Office products to anyone else, all users should check to see that

  • The properties sheet has no more information that they wish to reveal;
  • They have unchecked "fast save" in the TOOLS | OPTIONS | SAVE menu;
  • They have turned off TRACK CHANGES by using the TOOLS | TRACK CHANGES | ACCEPT OR REJECT CHANGES menu and converting all changes into decisions on the final copy to be released.

Malware and Spyware

Malicious software such as viruses (programs that reproduce by inserting themselves into other programs) and worms (self-reproducing programs that propagate through networks) sometimes carry victims’ documents with them. Recent examples of such privacy-busting malware include the Sircam worm and the Nimda virus-worm .

Spyware is software that covertly transfers information about an unsuspecting user to a corporate site where the information can be collated and used for marketing or as material to be sold for a profit. Spyware often enters a system through freeware or shareware, especially those that are ad-supported . Some browser plug-ins that offer new functions may contain spyware. Even HTML-enabled e-mail sometimes contains tiny one-pixel graphics images (Web bugs) that reside on undocumented Web sites; reading such e-mail causes a hit on the data collection site, thus confirming that the message has been opened and allowing an advertiser to be charged for the potential exposure to another victim of covert monitoring .

Many spyware products allow uncontrolled downloading of arbitrary code, thus threatening the integrity of the operating system; for example, the update-dll.exe file has already been found in three different versions in the wild, some of which may be transformed to download unauthorized code. This file is installed by the Aureate / Radiate toolkit, which is used in programs that currently reside on over 30 million computers today.

Spyware programs have also been demonstrated to cause browser and operating system crashes. For example, one of the files associated with the Aureate/Radiate toolkit is advert.dll, which is routinely removed by technical support personnel to stop repeated system crashes.

One way of discovering that a computer is infested with spyware is to set a personal firewall to alert the user whenever a new request for an outbound connection is made. Tools such as BlackIce , Norton Personal Firewall , and ZoneAlarm provide such functions. In addition, a spyware-blocking tool called Silencer can block all messages from being returned to spyware "mother ships." Steve Gibson, a highly-respected programmer, makes a free utility called LeakTest that checks your firewall or spyware-blocker to be sure that unauthorized messages are in fact being blocked.

Many spyware programs resist uninstallation; even after going through the uninstall routines, functional programs may persist and continue to communicate with their host systems (this is known as "phoning home" in a reference to the movie "E.T."). It can be frustrating and time-consuming to remove all vestiges of unwanted spyware, and most users lack the technical ability to ferret through the system registry and file system looking for unauthorized entries.

Another category of threats to privacy is the remote-administration trojan, sometimes called RAT. These tools masquerade as legitimate programs for administrators to use when providing technical support; however, products such as BackOrifice , NetBus , and SubSeven are trojan horses which include undocumented functions that allow unauthorized individuals to gain complete control over the compromised systems. Infested systems can show bizarre behavior, such as repeated opening and closing of the CD-ROM tray, disabled keyboards, and pop-up messages. Worse still, the remote attackers can extract all kinds of information, including screen snapshots, lists of files, copies of private files, and even keyboard logs showing the keys pressed while entering passwords. Any online activity, including instant messaging, is vulnerable to invasion by these stealthy invaders.

A number of products are available to address the removal of some or all of these types of malware. Aureate/Radiate DLL Remover and Adaware from Lavasoft specifically address certain types of spyware; PestPatrol , from the company that commissioned this paper, addresses the removal of trojans, hacker tools and denial-of-service attack agents in addition to spyware and adware.

Check out these practical tips to improve your privacy protection while you're online.

  1. Look for privacy policies on web sites:
    Web sites can collect a lot of information about your visit - what computer you use, what type of hardware and software you have, what web sites you have visited. Web sites that ask you to provide even a small amount of personal information can tie the data you provide to your browsing habits. When you go to a web site that has no privacy policy, write and tell the company that you are a user of their site, your privacy is important to you and you would like to see them post a policy. An increasing number of web sites has begun to provide privacy policies that detail the sites' information practices. Look for these policies and read them carefully. While privacy statements are not the only answer to online privacy risks, the effort should be encouraged and commended.
  2. Use a separate account for your personal e-mail:
    Often, online users do not realize that e-mail sent from their work accounts is likely to be an open book to their employers. Even if you send an e-mail from your home, a copy is often stored on your employer's main computer server. Your boss has a legal right to read any and all correspondence in this account or on your work computer at any time. Getting a separate account for home allows you to check your personal messages without using your workplace e-mail server.
  3. Teach your kids that giving out personal information online means giving it to strangers:
    Teach your children that they need your permission before they can give out their name, address or other information about themselves or the family. Several years ago, a number of web sites encouraged children to give information about themselves or their family; some enticed kids with games and free gifts. In 1998, a law was passed requiring companies to gain parental consent before collecting personal information from children under 13 years old. If you are concerned about a web site collecting information from children without consent, you should communicate your concern to the Federal Trade Commission at kidsprivacy@ftc.gov.
  4. Clear your browser cache after browsing:
    After you browse the web, copies of all accessed pages and images are saved in your computer's memory. While these copies make subsequent visits to the same sites faster, the browsing record has grave implications for personal privacy, particularly if you share a computer or browse at work. You can delete most of your online trail by simply going to the "Preferences" folder in your browser and clicking on the "Empty Cache" button. Sometimes this option is in the "Advanced" menu of the browser preferences. In Internet Explorer, go to "Internet Options" from the "Tools" menu and click on "Clear History".
  5. Make sure that online forms are secure:
    Online forms may be digitally transported in ways that leave them vulnerable to undesired access. Alternatively, online forms may be encrypted so that only the intended recipients can readily translate the information. Ensuring that your information is stored and transferred in secure ways is one of the keys to protecting your privacy online. Fortunately, browser companies have realized the importance of data security; newer browsers are designed to indicate whether the accessed page allows encrypted transfers. The commonly used graphics are a key, which is broken if the page is insecure, and a lock—locked is secure and unlocked is not secure. The graphic appears in the corner of the browser screen; clicking on the lock or the key will inform you of additional security information about the page. You should not input sensitive personal information about yourself (such as financial or medical data) on web pages that are not secure.
  6. Reject unnecessary cookies:
    Cookies enable web sites to store information about your visit on your own hard drive. Cookies inform site operators if you have visited the site and, if you have obtained a username and password, cookies remember that information for you. Many of the "personalized" search engines use cookies to deliver news topics that users select; sites often use these same preferences to target advertisements. Cookies can also be used to track you online and enable a creation of a profile without you realizing it. You can search your hard drive for a file with the word "cookie" in it (e.g., cookies.txt or MagicCookie) to view the cookies that have been attached to your computer. Newer browsers allow you to recognize sites that send you cookies and reject them outright by accessing the "Advanced" screen of the "Preferences" menu. In Internet Explorer, delete cookies by clicking on the "Delete Files" button in the "General" icon of "Tools" "Internet Options" menu.
  7. Use anonymous remailers:
    Anonymity is essential to privacy and free speech. It protects whistle blowers and writers of controversial material; most simply, it may enable one to publish without a forwarding address. The e-mail technology creates problems for the right to anonymous communication since the sender of a message can be traced back through digital paths. Created to address privacy risks and concerns, "anonymous remailers" presently allow you to send anonymous e-mail messages. One very good remailer was created as a joint project of the George Mason Society and the Global Internet Liberty Campaign and is available on the web at http://www.gilc.org/speech/anonymous/remailer.html.
  8. Use encryption to keep your e-mail private:
    E-mail is not as secure as many believe. E-mail can be easily rerouted and read by unintended third parties; messages are often saved for indefinite periods of time. Presently, there exist technologies that allow you to encrypt your messages in order to protect their privacy. Some e-mail programs (e.g., Internet Explorer Outlook and Netscape Messenger) have encryption. Pretty Good Privacy (PGP), popular encryption software, is free for non-commercial use. Read more on PGP and download the encryption software at http://web.mit.edu/network/pgp.html.
  9. Use anonymizers while browsing:
    From the moment you type in a web address, a log is kept with information about your visit. Every day, most of us walk down the street without being recognized or tracked. While anonymity is often taken for granted in the physical world, such luxury is not available online. Tools that strip out user information, thus preserving anonymity, have been created; a few are readily available on the net. Visit http://www.freedom.net and http://www.anonymizer.com.
  10. Opt-out of third party information sharing:
    Many online companies provide you with the option to get off (or "opt-out" of) the lists that share your information. Some companies enable users to easily opt out—users are often able to do so online. A number of companies go a step further and ask your permission (opt-in) before sharing personal information that they have collected. Often, however, companies make opting out difficult or virtually impossible: addresses are buried, one cannot opt-out online, etc. Don't be afraid to contact the sending company if you want to be removed.


Next Page