A piece in the Financial Times contains the following startling claim:
Webroot, a small US security software company that provides spyware blocking software for Earthlink, estimates up to 18 per cent of computers could be infected with keystroke loggers or RATs. Its estimate is based on results from 300,000 people who in November used its “spyware audit”, a free internet-based program that detects whether a computer has been infected.
18 per cent sounds like a crazily high number to me — the sort of number people come up with when they have a commercial interest (you know, “piracy is costing the music industry $40 trillion per nanosecond”). But it would be interesting to have some indication of how widespread the problem really is.
Also, he is selecting from people who believe they are being spied upon. They can’t all be schizophrenic.
This “18%” claim is contrary to common sense. Do 18% of all computer users do something with their computers that would be worth the time and effort for somebody to spy upon? I doubt it.
Actually, 18% may be an understatement. The 300,000 computers scanned belonged to people who were at least aware of spyware and perhaps were more likely to take precautions against becoming infected. One would expect a lower rate of infection among such users.
I’m afraid rea is operating from wrong premises. Spamers don’t target you because they think you might respond; they send spam to as many people as possible. Virus writers don’t aim their viruses at specific users; they send them out to attack as many computers as possible. Spyware, too, aims at universal colonization, or at least as close as possible. It may well cost more in time or effort to target specific users with spyware than to spread it randomly. Just as most spam yields no response, most spyware installations report nothing interesting. But once in a while some idiot respond to a 419 and once in a while a keylogger reports back actionable intelligence.
Right. Anyone who downloads Kazaa or a similar file sharing program downloads spyware with it. I would think 18% would be about right.
I am your typical paranoid PC user and always try everything I can to protect myself, but that hasn’t saved me from spyware. Besides a good antivirus, Ad-aware, a free software, is the minimum protection every PC user should download and use regularly. Users of Windows XP can disable certain administrative services that pose security risks. I have prepared a list of services and would gladly send the list to anybody who emails me.
Jam and rv agnos:
Are you telling me that a large percetnage of computers are infected with spyware, but probably no one is watching? I could live with that, I guess—I can’t think of anyone with a sensible motive to spy on what I do on the computer.
Or are you telling me that all that spyware is actually being used? That would border on the insane. How could anyone hope to find any needle of useful information in the resulting giant haystack of data?
I agree with Jam that the number is at least correct. I would put it at much higher.
It might be a bit overexagerated, seeing as how both Ad-Aware and Spybot-Search & Destroy classify advertizing cookies as spyware, but if they did, I would think the numbers would be much higher than that. Anyways, it’s fun to run Spybot-Search & Destroy just to see what it finds. You might be surprised. Oh, and a firewall is another good barrier to have. I believe ZoneAlarm is free to non-corporate sponsers.
Haha. Sponsors. That’s what I get for trying to post in multiple topics at once.
Since FT is subscription-only, I can’t read the article, and the webroot.com website doesn’t have an obvious article that could have been the source of the reported information. However, the post refers to “keystroke loggers”, not to spyware in general. Keystroke loggers record what you type, by intercepting the low-level messages flowing between the keyboard hardware and the operating system. This translates into an ability to collect passwords or passphrases, which could enable an attacker to access online financial services, restricted computers, etc. Depending on whether a virus installing such a logger is doing more (e.g. recording URLs as well as keystrokes so that the use of a password can be easily determined), this could be a very efficient and targetted way to collect account information, not to spy on massive amounts of useless personal files.
Sorry, I thought that was one of their free-to-web pieces else I wouldn’t have linked to it. Maybe they moved it behind their wall today.
“Spyware” is not synonymous with “keystroke loggers”. Keystroke loggers are a small subset of spyware. I’ll believe 18% penetration of some form of “spyware”, loosely defined (as, for example, Ad-Aware defines it). 18% penetration of key logging programs? Not a chance. For one thing, that’s a buttload of data.
One of my services rendered to my family on visits home is the application of Windows security updates. Another is the removal of spyware, adware and general malware.
My understanding of spyware is that it comes with desirable programs. The well known example is Kazaa, but often the latest cool screensavers, and random websites with funny pictures install spyware or adware.
If my family is a good example, almost any household with children or teenagers who regularly browse the web in search of cool screensavers, free music and funny pictures that isn’t also blessed with a Household Geek probably has some nasties, and so I suspect 18% is a low figure.
Besides a good antivirus, Ad-aware, a free software, is the minimum protection every PC user should download and use regularly.
As I understand it, a keystroke logger works in conjunction with port scanning. So, if you use the net for shopping, banking etc, the minimum requirement would definitely include a firewall as well. Windows XP has its own.
Is an RAT another term for a keystroke logger? It’s ambiguous in the excerpt, and it is sort of relevant for the meaning of the 18% number.
RAT = “remote administration tool”.
The following websites have excellent infomation and links to helpful sites
and sotware that will help you uninstall/check for malware or spyware:
http://www.cexx.org/neuter.htm
http://accs-net.com/smallfish/advw.htm
http://www.resnet.bris.ac.uk/docs/adware.html
http://www.unwantedlinks.com/spyware-info.htm
Windows users beware - uninstalling the software isn’t always what your
system likes. It also may affect the software it was bundled with :(
Good reason to use linux…
good luck
I think we can all agree that scum-ware has gotten much more agressive over the last 4 years. My friends often ask me to get rid of stuff from their computers, and lately I’ve been running into stuff that Ad-Aware is unable to remove. Sometimes you have to go into the Registry and delete keys, which is always a cause for worry.
Whether the real number is 2% or 18% I really, really wish some government somewhere would make scum-ware illegal. Apparently scum-ware doesn’t violate property rights (thought I don’t understand why that is), but it needs to be illegal.
À Gauche
Jeremy Alder
Amaravati
Anggarrgoon
Audhumlan Conspiracy
H.E. Baber
Philip Blosser
Paul Broderick
Matt Brown
Diana Buccafurni
Brandon Butler
Keith Burgess-Jackson
Certain Doubts
David Chalmers
Noam Chomsky
The Conservative Philosopher
Desert Landscapes
Denis Dutton
David Efird
Karl Elliott
David Estlund
Experimental Philosophy
Fake Barn County
Kai von Fintel
Russell Arben Fox
Garden of Forking Paths
Roger Gathman
Michael Green
Scott Hagaman
Helen Habermann
David Hildebrand
John Holbo
Christopher Grau
Jonathan Ichikawa
Tom Irish
Michelle Jenkins
Adam Kotsko
Barry Lam
Language Hat
Language Log
Christian Lee
Brian Leiter
Stephen Lenhart
Clayton Littlejohn
Roderick T. Long
Joshua Macy
Mad Grad
Jonathan Martin
Matthew McGrattan
Marc Moffett
Geoffrey Nunberg
Orange Philosophy
Philosophy Carnival
Philosophy, et cetera
Philosophy of Art
Douglas Portmore
Philosophy from the 617 (moribund)
Jeremy Pierce
Punishment Theory
Geoff Pynn
Timothy Quigley (moribund?)
Conor Roddy
Sappho's Breathing
Anders Schoubye
Wolfgang Schwartz
Scribo
Michael Sevel
Tom Stoneham (moribund)
Adam Swenson
Peter Suber
Eddie Thomas
Joe Ulatowski
Bruce Umbaugh
What is the name ...
Matt Weiner
Will Wilkinson
Jessica Wilson
Young Hegelian
Richard Zach
Psychology
Donyell Coleman
Deborah Frisch
Milt Rosenberg
Tom Stafford
Law
Ann Althouse
Stephen Bainbridge
Jack Balkin
Douglass A. Berman
Francesca Bignami
BlunkettWatch
Jack Bogdanski
Paul L. Caron
Conglomerate
Jeff Cooper
Disability Law
Displacement of Concepts
Wayne Eastman
Eric Fink
Victor Fleischer (on hiatus)
Peter Friedman
Michael Froomkin
Bernard Hibbitts
Walter Hutchens
InstaPundit
Andis Kaulins
Lawmeme
Edward Lee
Karl-Friedrich Lenz
Larry Lessig
Mirror of Justice
Eric Muller
Nathan Oman
Opinio Juris
John Palfrey
Ken Parish
Punishment Theory
Larry Ribstein
The Right Coast
D. Gordon Smith
Lawrence Solum
Peter Tillers
Transatlantic Assembly
Lawrence Velvel
David Wagner
Kim Weatherall
Yale Constitution Society
Tun Yin
History
Blogenspiel
Timothy Burke
Rebunk
Naomi Chana
Chapati Mystery
Cliopatria
Juan Cole
Cranky Professor
Greg Daly
James Davila
Sherman Dorn
Michael Drout
Frog in a Well
Frogs and Ravens
Early Modern Notes
Evan Garcia
George Mason History bloggers
Ghost in the Machine
Rebecca Goetz
Invisible Adjunct (inactive)
Jason Kuznicki
Konrad Mitchell Lawson
Danny Loss
Liberty and Power
Danny Loss
Ether MacAllum Stewart
Pam Mack
Heather Mathews
James Meadway
Medieval Studies
H.D. Miller
Caleb McDaniel
Marc Mulholland
Received Ideas
Renaissance Weblog
Nathaniel Robinson
Jacob Remes (moribund?)
Christopher Sheil
Red Ted
Time Travelling Is Easy
Brian Ulrich
Shana Worthen
Computers/media/communication
Lauren Andreacchi (moribund)
Eric Behrens
Joseph Bosco
Danah Boyd
David Brake
Collin Brooke
Maximilian Dornseif (moribund)
Jeff Erickson
Ed Felten
Lance Fortnow
Louise Ferguson
Anne Galloway
Jason Gallo
Josh Greenberg
Alex Halavais
Sariel Har-Peled
Tracy Kennedy
Tim Lambert
Liz Lawley
Michael O'Foghlu
Jose Luis Orihuela (moribund)
Alex Pang
Sebastian Paquet
Fernando Pereira
Pink Bunny of Battle
Ranting Professors
Jay Rosen
Ken Rufo
Douglas Rushkoff
Vika Safrin
Rob Schaap (Blogorrhoea)
Frank Schaap
Robert A. Stewart
Suresh Venkatasubramanian
Ray Trygstad
Jill Walker
Phil Windley
Siva Vaidahyanathan
Anthropology
Kerim Friedman
Alex Golub
Martijn de Koning
Nicholas Packwood
Geography
Stentor Danielson
Benjamin Heumann
Scott Whitlock
Education
Edward Bilodeau
Jenny D.
Richard Kahn
Progressive Teachers
Kelvin Thompson (defunct?)
Mark Byron
Business administration
Michael Watkins (moribund)
Literature, language, culture
Mike Arnzen
Brandon Barr
Michael Berube
The Blogora
Colin Brayton
John Bruce
Miriam Burstein
Chris Cagle
Jean Chu
Hans Coppens
Tyler Curtain
Cultural Revolution
Terry Dean
Joseph Duemer
Flaschenpost
Kathleen Fitzpatrick
Jonathan Goodwin
Rachael Groner
Alison Hale
Household Opera
Dennis Jerz
Jason Jones
Miriam Jones
Matthew Kirschenbaum
Steven Krause
Lilliputian Lilith
Catherine Liu
John Lovas
Gerald Lucas
Making Contact
Barry Mauer
Erin O'Connor
Print Culture
Clancy Ratcliff
Matthias Rip
A.G. Rud
Amardeep Singh
Steve Shaviro
Thanks ... Zombie
Vera Tobin
Chuck Tryon
University Diaries
Classics
Michael Hendry
David Meadows
Religion
AKM Adam
Ryan Overbey
Telford Work (moribund)
Library Science
Norma Bruce
Music
Kyle Gann
ionarts
Tim Rutherford-Johnson
Greg Sandow
Scott Spiegelberg
Biology/Medicine
Pradeep Atluri
Bloviator
Anthony Cox
Susan Ferrari (moribund)
Amy Greenwood
La Di Da
John M. Lynch
Charles Murtaugh (moribund)
Paul Z. Myers
Respectful of Otters
Josh Rosenau
Universal Acid
Amity Wilczek (moribund)
Theodore Wong (moribund)
Physics/Applied Physics
Trish Amuntrud
Sean Carroll
Jacques Distler
Stephen Hsu
Irascible Professor
Andrew Jaffe
Michael Nielsen
Chad Orzel
String Coffee Table
Math/Statistics
Dead Parrots
Andrew Gelman
Christopher Genovese
Moment, Linger on
Jason Rosenhouse
Vlorbik
Peter Woit
Complex Systems
Petter Holme
Luis Rocha
Cosma Shalizi
Bill Tozier
Chemistry
"Keneth Miles"
Engineering
Zack Amjal
Chris Hall
University Administration
Frank Admissions (moribund?)
Architecture/Urban development
City Comforts (urban planning)
Unfolio
Panchromatica
Earth Sciences
Our Take
Who Knows?
Bitch Ph.D.
Just Tenured
Playing School
Professor Goose
This Academic Life
Other sources of information
Arts and Letters Daily
Boston Review
Imprints
Political Theory Daily Review
Science and Technology Daily Review