 |
Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
|
| View previous topic :: View next topic |
| Author |
Message |
SaraTeb
Newbie
Joined: 30 Oct 2004
Last Visit: 31 Oct 2004
Posts: 2
|
 Posted: Sat Oct 30, 2004 9:26 am Post subject: question about the fundamental nature of spyware |
 |
|
Hiya - just wondered if anyone could explain something to me about the fundamental nature and problem of spyware:
Regarding the sort of spyware that doesn't collect any personally identifiable information about anybody, but simply collects browsing history etc of users in order to profile them for targeted banner advertising or web-stats purposes - in which ways are these types of spyware harmful to ones computer? If the answer is 'it slows your computer down', then how and when exactly does this happen, and typically how much computer power or connection bandwidth are we talking?
Are there any other ways that such 'purely monitoring' spyware is undesirable on one's PC, apart from the privacy issue?
In this particular instance I'm not interested in the fact that much or most spyware causes adware - I'm simply curious about the very technical aspect of the monitoring/data-capture itself.
much obliged!  |
|
| Back to top |
|
 |
daveai
SWW Expert
Joined: 03 Jul 2004
Last Visit: 08 Apr 2008
Posts: 1363
Location: Western Washington
|
| Posted: Sat Oct 30, 2004 2:30 pm Post subject: |
|
|
Thanks for visiting Spyware Warrior.
I'm taking a short break from HijackThis logs, and found your post.
I'm going recommend some background information on the general topic of malware (malicious software). Spyware and Adware are just variants on a larger theme, and do not exist in a vacuum.
This is a fine tutorial which helps one to see that the question is a little more complex than simply the technical impacts of spyware or adware on a system:
Understanding Spyware, Browser Hijackers, and Dialers: http://www.bleepingcomputer.com/forums/tutorial41.html
I'll also try to touch on your comments/questions:
| Quote: |
| Regarding the sort of spyware that doesn't collect any personally identifiable information about anybody, but simply collects browsing history etc of users in order to profile them for targeted banner advertising or web-stats purposes - in which ways are these types of spyware harmful to ones computer? |
I have to seperate the harm to the individual from the potential harm to that person's computing asset.
Spyware is by definition misappropriation of someone else's property. So, even hypothetically "benign" data collection (which I do not believe in, by the way) constitutes a "taking without permission," commonly referred to as theft.
Malware also is known to make changes the system and network configuration settings affecting security, which leads to greater vulnerability for the system (and owner) in question against other more hienous forms of malicious code.
| Quote: |
| If the answer is 'it slows your computer down', then how and when exactly does this happen, and typically how much computer power or connection bandwidth are we talking? |
The technical answer is ... it depends on the specific program, the interaction (often not predictable) between each program and all the other programs (some legit some not) that may be on a given box, and the intent of the developer as expressed in the program logic.
I've fixed numerous systems that were totally disabled by the infections.
But, the technical mechanics of a 'performance hit' is less relevant than the harm done to the intended use of the asset and the cost to the victim.
On business systems, the downtime and effort involved in dis-infecting them causes loss of function in the business process as well as real and material cost impact to the victims.
On personal systems, one suffers loss of use and often has to pay for technical support.
| Quote: |
| Are there any other ways that such 'purely monitoring' spyware is undesirable on one's PC, apart from the privacy issue? |
Heh ... It's been hard for me to consider these questions with you and disregard the "privacy issue"... but your questions seem sincere, so I'm trying I have to say, though, this is a 'funny' way to look at it.
The performance demand of a given piece of software is really the least of it.
I'm sure there are some other harms in additon to misappropriation of assets, increased risk from weakened security configurations, loss of business or personal use, and cost of counter measures.
Perhaps some other respondants to your question will add to the list. I'll doubtless think of others later, as I mull this thread over in my own mind, but may not find time to come back to you.
| Quote: |
| I'm simply curious about the very technical aspect of the monitoring/data-capture itself. |
Not sure I understand...you're interested in how the logic of the malicious code works? Hmmmm
If you want to learn about malware...sign up for the Spywareinfo Bootcamp or the TomCoyote Classroom. You'll learn a ton in a relatively short time.
And...there sure are plenty of systems out there that need fixin'
I'm heading back now 
Thanks
daveai
_________________
If you found our service worthwhile, and want to help keep Spyware Warrior running please consider donating here.
"Applying computer technology is simply finding the right wrench to pound in the correct screw." Anonymous |
|
| Back to top |
|
|
SaraTeb
Newbie
Joined: 30 Oct 2004
Last Visit: 31 Oct 2004
Posts: 2
|
| Posted: Sun Oct 31, 2004 4:49 am Post subject: |
|
|
Hi! Thank you so much for answering my post, but I realise now I was throwing a bit of a screw-ball into the ether, in that I wasn't clear enough on what exactly I am really after...
I'm currently writing on an MSc thesis (in the U.K.) about a range of issues to do with 'Internet Nuisances', analysing the relevant legal aspects and the marketing business model context - but it crucially relies on a 'sensitive' as well as definite technical and functional definition of the issues. So as much as I'm an 'annoyed PC user' myself when it comes to various forms of malware mucking up my computer and indeed invading my privacy, for the purposes of my thesis I need to keep as un-emotional as possible, and just analyse the relevant facts regarding the specific form(s) of malware that is spyware/adware. If nothing else, I'm deliberately staying clear of much of the general malware-discussion, simply because I haven't found it to be as interesting (read: ambiguous ) from a legal point of view, but also, the entire field of malware is too large to cover in one MSc thesis.
Thus if you (or anyone else) has the time, I'd much appreciate some technical views and confirmation on my understanding of the following:
1. Has a tracking cookie (say, by DoubleClick) got any other features than being 'just' a cookie that, because of the ad-network, is recognised across many sites? I.e. does a tracking cookie by itself cause any weakened security configurations, in the purely technical sense?
2. Could a cookie itself potentially contain any data (albeit encrypted) other than the 'normal' ones? I.e. could a cookie contain, say, the credit card details a user typed in to pay for something on one (unsecure) site?
3. Regarding the type of spyware/adware that actually connects to its server to upload or download information (as opposed to a cookie that is just 'passively' identified and compared to server-side data?), do they always just 'piggyback' on an existing connection, or are they known to also create their own connections (like a dialler)?
Thank you so much for your help!  |
|
| Back to top |
|
|
daveai
SWW Expert
Joined: 03 Jul 2004
Last Visit: 08 Apr 2008
Posts: 1363
Location: Western Washington
|
| Posted: Sun Oct 31, 2004 5:57 am Post subject: |
|
|
Well..it the Daylight Savings Time change here, and I can't sleep
Thanks for the clarification. Best wishes for your work.
In addition to the 'sensitive' and the 'technical and functional' dimensions, there is of course a legal/ethcial dimension.
Your questions:
| Quote: |
1. Has a tracking cookie (say, by DoubleClick) got any other features than being 'just' a cookie that, because of the ad-network, is recognised across many sites? I.e. does a tracking cookie by itself cause any weakened security configurations, in the purely technical sense? |
Tracking cookies don't exist in a vacuum.
How did the cookie get there? Were purely technical security confirguartion parameters altered without the owners knowledge or explicit permission? What is the full set of purely technical changes on a system that stem from the program that among its activities, left this cookie behind?
| Quote: |
2. Could a cookie itself potentially contain any data (albeit encrypted) other than the 'normal' ones? I.e. could a cookie contain, say, the credit card details a user typed in to pay for something on one (unsecure) site? |
I think so...within the standard format constraints, aren't cookie data contents dependant on the given program's cookie handling logic. That leaves it up to the intent of the developer, some of whom wear 'black hats'.
| Quote: |
3. Regarding the type of spyware/adware that actually connects to its server to upload or download information (as opposed to a cookie that is just 'passively' identified and compared to server-side data?), do they always just 'piggyback' on an existing connection, or are they known to also create their own connections (like a dialler)? |
Different coders have done all three: piggyback on open port/connection pairs, open unique ports on open connection, fire up new connections...thus the need for outgoing firewall protections.
Think about trying this if you haven't already:
Take a look at the different types of protection programs in a system's 'layered defense' (e.g. AV, fire wall, registry monitor, malware scanners, IE-Spyad, Hosts files, etc. etc.).
Since each type of program specializes in a particular type of weakness that malware exploits, the exercise may give you a fair overview of the specific technical weaknesses at issue.
Here's a good link of protection programs by category.
http://forums.maddoktor2.com/index.php?showtopic=921
Good luck with your thesis.
daveai
_________________
If you found our service worthwhile, and want to help keep Spyware Warrior running please consider donating here.
"Applying computer technology is simply finding the right wrench to pound in the correct screw." Anonymous |
|
| Back to top |
|
|
mikey
Malware Expert
Joined: 12 Feb 2004
Last Visit: 03 Sep 2012
Posts: 1061
Location: CenTex
|
|
| Back to top |
|
|
daveai
SWW Expert
Joined: 03 Jul 2004
Last Visit: 08 Apr 2008
Posts: 1363
Location: Western Washington
|
| Posted: Sun Oct 31, 2004 10:56 am Post subject: |
|
|
Heh...thanks mikey I try to come up for air every now and then.
Sara -- Take a look at this thread about cookies...it may contain some information of interest:
http://www.dslreports.com/forum/remark,11682094~mode=flat
daveai
_________________
If you found our service worthwhile, and want to help keep Spyware Warrior running please consider donating here.
"Applying computer technology is simply finding the right wrench to pound in the correct screw." Anonymous |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group
|
