A “piece in the Financial Times”:http://news.ft.com/servlet/ContentServer?pagename=FT.com/StoryFT/FullStory&c=StoryFT&cid=1071251586971&p=1012571727085 contains the following startling claim:
bq. Webroot, a small US security software company that provides spyware blocking software for Earthlink, estimates up to 18 per cent of computers could be infected with keystroke loggers or RATs. Its estimate is based on results from 300,000 people who in November used its “spyware audit”, a free internet-based program that detects whether a computer has been infected.
18 per cent sounds like a crazily high number to me — the sort of number people come up with when they have a commercial interest (you know, “piracy is costing the music industry $40 trillion per nanosecond”). But it would be interesting to have some indication of how widespread the problem really is.
{ 18 comments }
Kathryn Cramer 12.17.03 at 12:07 pm
Also, he is selecting from people who believe they are being spied upon. They can’t all be schizophrenic.
rea 12.17.03 at 2:12 pm
This “18%” claim is contrary to common sense. Do 18% of all computer users do something with their computers that would be worth the time and effort for somebody to spy upon? I doubt it.
jam 12.17.03 at 2:56 pm
Actually, 18% may be an understatement. The 300,000 computers scanned belonged to people who were at least aware of spyware and perhaps were more likely to take precautions against becoming infected. One would expect a lower rate of infection among such users.
I’m afraid rea is operating from wrong premises. Spamers don’t target you because they think you might respond; they send spam to as many people as possible. Virus writers don’t aim their viruses at specific users; they send them out to attack as many computers as possible. Spyware, too, aims at universal colonization, or at least as close as possible. It may well cost more in time or effort to target specific users with spyware than to spread it randomly. Just as most spam yields no response, most spyware installations report nothing interesting. But once in a while some idiot respond to a 419 and once in a while a keylogger reports back actionable intelligence.
Rv. Agnos 12.17.03 at 3:25 pm
Right. Anyone who downloads Kazaa or a similar file sharing program downloads spyware with it. I would think 18% would be about right.
Val 12.17.03 at 3:37 pm
I am your typical paranoid PC user and always try everything I can to protect myself, but that hasn’t saved me from spyware. Besides a good antivirus, Ad-aware, a free software, is the minimum protection every PC user should download and use regularly. Users of Windows XP can disable certain administrative services that pose security risks. I have prepared a list of services and would gladly send the list to anybody who emails me.
rea 12.17.03 at 3:48 pm
Jam and rv agnos:
Are you telling me that a large percetnage of computers are infected with spyware, but probably no one is watching? I could live with that, I guess–I can’t think of anyone with a sensible motive to spy on what I do on the computer.
Or are you telling me that all that spyware is actually being used? That would border on the insane. How could anyone hope to find any needle of useful information in the resulting giant haystack of data?
Mikhel 12.17.03 at 3:56 pm
I agree with Jam that the number is at least correct. I would put it at much higher.
mattH 12.17.03 at 3:56 pm
It might be a bit overexagerated, seeing as how both Ad-Aware and Spybot-Search & Destroy classify advertizing cookies as spyware, but if they did, I would think the numbers would be much higher than that. Anyways, it’s fun to run Spybot-Search & Destroy just to see what it finds. You might be surprised. Oh, and a firewall is another good barrier to have. I believe ZoneAlarm is free to non-corporate sponsers.
mattH 12.17.03 at 4:00 pm
Haha. Sponsors. That’s what I get for trying to post in multiple topics at once.
cafl 12.17.03 at 4:42 pm
Since FT is subscription-only, I can’t read the article, and the webroot.com website doesn’t have an obvious article that could have been the source of the reported information. However, the post refers to “keystroke loggers”, not to spyware in general. Keystroke loggers record what you type, by intercepting the low-level messages flowing between the keyboard hardware and the operating system. This translates into an ability to collect passwords or passphrases, which could enable an attacker to access online financial services, restricted computers, etc. Depending on whether a virus installing such a logger is doing more (e.g. recording URLs as well as keystrokes so that the use of a password can be easily determined), this could be a very efficient and targetted way to collect account information, not to spy on massive amounts of useless personal files.
Chris Bertram 12.17.03 at 4:53 pm
Sorry, I thought that was one of their free-to-web pieces else I wouldn’t have linked to it. Maybe they moved it behind their wall today.
Keith M Ellis 12.17.03 at 5:15 pm
“Spyware” is not synonymous with “keystroke loggers”. Keystroke loggers are a small subset of spyware. I’ll believe 18% penetration of some form of “spyware”, loosely defined (as, for example, Ad-Aware defines it). 18% penetration of key logging programs? Not a chance. For one thing, that’s a buttload of data.
Mary 12.17.03 at 9:12 pm
One of my services rendered to my family on visits home is the application of Windows security updates. Another is the removal of spyware, adware and general malware.
My understanding of spyware is that it comes with desirable programs. The well known example is Kazaa, but often the latest cool screensavers, and random websites with funny pictures install spyware or adware.
If my family is a good example, almost any household with children or teenagers who regularly browse the web in search of cool screensavers, free music and funny pictures that isn’t also blessed with a Household Geek probably has some nasties, and so I suspect 18% is a low figure.
John Durkin 12.17.03 at 11:52 pm
Besides a good antivirus, Ad-aware, a free software, is the minimum protection every PC user should download and use regularly.
As I understand it, a keystroke logger works in conjunction with port scanning. So, if you use the net for shopping, banking etc, the minimum requirement would definitely include a firewall as well. Windows XP has its own.
Anno-nymous 12.18.03 at 1:27 am
Is an RAT another term for a keystroke logger? It’s ambiguous in the excerpt, and it is sort of relevant for the meaning of the 18% number.
Chris Bertram 12.18.03 at 4:50 pm
RAT = “remote administration tool”.
jerry 12.19.03 at 2:41 pm
The following websites have excellent infomation and links to helpful sites
and sotware that will help you uninstall/check for malware or spyware:
http://www.cexx.org/neuter.htm
http://accs-net.com/smallfish/advw.htm
http://www.resnet.bris.ac.uk/docs/adware.html
http://www.unwantedlinks.com/spyware-info.htm
Windows users beware – uninstalling the software isn’t always what your
system likes. It also may affect the software it was bundled with :(
Good reason to use linux…
good luck
Lawrence Krubner 12.23.03 at 9:01 pm
I think we can all agree that scum-ware has gotten much more agressive over the last 4 years. My friends often ask me to get rid of stuff from their computers, and lately I’ve been running into stuff that Ad-Aware is unable to remove. Sometimes you have to go into the Registry and delete keys, which is always a cause for worry.
Whether the real number is 2% or 18% I really, really wish some government somewhere would make scum-ware illegal. Apparently scum-ware doesn’t violate property rights (thought I don’t understand why that is), but it needs to be illegal.
Comments on this entry are closed.