Spyware: have we lost the war?

Spyware: have we lost the war?

Summary: Last week, two security companies spoke to me about their new products and I suddenly realised that we are close to losing the war against spyware.There are various forms of spyware with some being more aggressive than others but they all share the same desire -- to steal personal information from their victim's computers.

SHARE:
6

Last week, two security companies spoke to me about their new products and I suddenly realised that we are close to losing the war against spyware.

There are various forms of spyware with some being more aggressive than others but they all share the same desire -- to steal personal information from their victim's computers.

Over the past week I have spoken with two companies that have created security applications designed specifically to allow a spyware-infected computer to establish a secure link so the user can safely access online banking services without fear of losing any confidential information.

On Tuesday I spoke with Wintutis about vPure, which is a 'security wrapper' for Internet Explorer. According to Chandan Kudige, one of the company's cofounders, as soon as vPure is activated, any spyware on the computer will be blocked from accessing information flowing between the browser and the Internet.

Kudige told me that the product "basically stops any way in which data can be siphoned out of the browser".

However, he admitted that the product is not yet able to protect users from spyware that collects screenshots instead of keystrokes.

However, on Thursday at the CeBIT exhibition, executives from another software developer approached me and explained how their product works in a similar manner to vPure but is also able to block screen grabbers from compromising the secure link.

Have we really got to a point where users have to admit that they cannot get rid of the spyware infesting their PCs? Why else would we need to create a 'safe' connection before accessing an online bank?

Instead of killing off spyware we are learning how to live with it, which makes me think that this battle is almost over.

But have we lost the war?

Topics: Malware, Browser, Security

Munir Kotadia

About Munir Kotadia

Munir first became involved with online publishing in 1998 when he joined ZDNet UK and later moved into print publishing as Chief Reporter for IT Week, part of ZDNet UK, a weekly trade newspaper targeted at Enterprise IT managers. He later moved back into online publishing as Senior News Reporter for ZDNet UK.

Munir was recognised as Australia's Best Technology Columnist at the 5th Annual Sun Microsystems IT Journalism Awards 2007. In the previous year he was named Best News Journalist at the Consensus IT Writers Awards.

He no longer uses his Commodore 64.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

6 comments
Log in or register to join the discussion
  • The future of anti-spyware

    The problem is the same as the problem with viruses, as long as there is enough motivation to create new technologies to infect computers the 'war' can never be won.

    After 30 odd years of malicious viruses affecting the way people use their computers the problem still continues, unfortunately with the added financial benefit of spyware and adware, and to a lesser extent malware, the problem with just continue to grow.

    The best thing people can do to avoid the problem is to run windows in a limited user mode without program installation rights. This will prevent 95% of spyware, adware, and malware from getting onto your machine.
    anonymous
  • simply a layered approach

    I don't see how this concept of securig the connection is much different from current best practice of making sure a machine has anti-virus and is patched against any security vulnerabilities. I would guess that both companies would still recommend that users install anti-spyware packages. Their solutions provides protection in the case that detection or disinfection isn't available yet for a particular spyware threat.

    It's that whole Defense in Depth approach.
    anonymous
  • World War III - The world vs Malware

    In our current operating environment? No, we'll never be safe. There's two root causes that all exploits can be traced back to - OS Security & User stupidity.

    I'm a PC and Mac system engineer. Those are the OS's I am interested in, those are the OS's I know, so in my (little?) rant below those will be the OS's I concentrate on. It will appear a lot to be a comparison article between the two.

    OS Security:
    Macs are definitely the more secure route at the moment and this comes down to a couple of reasons. Mac fans like to say "It was built on security from the ground up" then go on about BSD etc. The flavour of BSD chosen to base it on has proven to be one of the better ones, but BSD doesn't have the same usage levels as *nix. The issue of usage levels can be pushed even further as only roughly 5% of computers are Macintosh (at best).

    If you're farming for a certain drop in WoW are you more likely to target the rare spawn or farm the more common faster spawning mobs?

    Most haxx0rZ and script kiddies just go for numbers. Windows has the market share and due to this it has more people who know it better. Due to more people knowing it better there's more people working on exploits for it. Due to more people working on exploits for it it's easier to find the information required to exploit a system or better yet find a pre-made tool that will do it for you and become a script kiddie. To target macs you need to know what you're doing and generally have taught a lot of it to yourself.

    If you look at the "viruses" that have been written for mac so far (a whopping three of them at most), they were all proof-of-concept viruses. This means they were written by the white-hat community and never got released to the wild. This has proven that it's possible and I'm sure if the black-hat community wanted to start exploiting macs they'd be able to do the same things or worse without too many headaches. Apple releases close to as many patches as Microsoft do these days, yet because they are white-hat discovered nobody hears about them until the patch is getting pushed out to client machines.

    Many Mac users also like to make claims similar to "Oh, but it's not a real virus. It won't spread. I mean, you have to manually run the program (and sometimes type in your password) before it even runs!". Gee, sounds exactly the same as a large number of Windows viruses that have run rampant. If they can be called "viruses" in the PC world despite not being fully automated than so can your proof of concept viruses.

    The other area of security borders on user stupidity. By default users on a mac have standard user access. They want to do anything, they get a popup asking for their password to temporarily elevate their privelages which lasts throughout the installation/configuration changes. For a standard user created these elevated priveledges still aren't full admin access and it's almost always enough to do what you want to do. Once you drop back down, you can continue to do ... what you want to do.

    Windows on the other hand, the first account it creates for you is a full admin account with no password! Brilliant! No standard user is going to then create other accounts for themselves to use. Even if they did, the standard "user" account is so locked down that they can barely use the computer, constantly logging into an elevated user to install or do most things, unable to save anything to their main C: drive (most pre-built PC's just have the one partition), unable to do shit. They quickly revert back to the admin account, opening the system up to anything and everything.

    User stupidity:
    Even if security gets tightened on the OS so that all users have restricted access it won't stop all exploits. Backing behind my claims to this point can be seen in this link (http://sunbeltblog.blogspot.com/2006/04/pssstyou-wanna-see-firefox-exploit-in.html). When comparing browsers most look at Internet Ex
    anonymous
  • The battle is not lost...

    Good article.
    I agree with Mathew that we really need to take away administrative priviledges from the every day user who runs office productivity, web browsing and email applications.

    When there are no permissions to install back doors and trojans, we significantly reduce opportunity for internet nasties to infect machines.

    This assumes your machine is patched for security and virus updates ... now there's a challenge for the home computing market.
    anonymous
  • Spyware - Have we lost the battle

    I still don't understand, when there is such a simple solution, why people putup with viri, spyware, and all the other manifest problems with Windoze.
    I have to run Windoze at times, but I do not let it have ANY net contact.
    I generally don't need to run a firewall, and cirtainly have no need for anti-virus/anti-spyware software, and yet I remain as secure as the day I installed the OS.
    People - you are being hoodwinked by all this security mumbo jumbo as just more excuses for the existence and need of so called xsperts (x-unknown quantity, spert- drip under pressure) who keep ignoring the simplest, easiest most friendly solution on the planet for ALL users, and I have been a happy netizen since the nets existence without a virus worry.
    anonymous
  • I have the cure for Spyware... !!!!!!!!!

    www.distrowatch.org
    Simple really.


    enjoy!
    anonymous