By ARUN MARBALLI
In the movie �Firewall,� Harrison Ford plays the role of Jack Stanfield, a bank security officer whose identity is stolen and subsequently his family is placed in grave danger. This movie demonstrates that identity theft can happen to even the most security-savvy individual, and we must all take heed and take steps to protect ourselves. According to the Federal Trade Commission, 58 million consumers experienced unauthorized access to their personal information in 2005. In this era of data breaches, phishing and dumpster diving, we must develop a personal data protection plan to secure one of our most valuable assets � our identities.
Spyware, as a class of software, represents one of the most insidious forms of problems that can lead to identity theft. Perhaps not as openly deadly as a virus, their danger lies in the fact that their existence on our machines is often unknown and they quietly go on about their business behind the scenes silently stealing and recording information while we, the unsuspecting user, work on our computers. Worse, much like the proverbial gophers, they keep reappearing even after they have been diligently excised.
So, how does spyware or adware get on our computers? Very simply! They get on our computers when we surf the Internet looking for information or when we respond to those tantalizing �come ons� offering a free download of games or software. Remember the acronym TNSTAFL? It stands for �There�s no such thing as a free lunch� and it holds true in this arena more than any other. Adware programs such as GATOR have been notorious for their intrusiveness and they get loaded and installed on your computer when you download one of these �free� offerings.
The origin of spyware can probably be traced to the use of cookies by Web sites. Cookies are small chunks of programming that Web sites often leave on the visitor�s computer for storing different kinds of information pertaining to that visitor�s trip to their Web site. The intent being to use this stored information when the person re-visits the website for providing the visitor with some continuity of experience. From these benign beginnings the concept of cookies has mutated into spyware and adware with a completely different agenda � a mostly malignant one � to record our personal information and make it available to the originator of the spyware who can then turn around and sell or use the information for personal gain including identity theft! The important difference between cookies and spyware is that cookies are mainly passive containers of information while spyware is almost always constantly active recording information of all kinds, including the key-strokes when we type on the computer keyboard.
Why can�t we stop spyware from being installed on our computers like we can with anti-virus software, you ask? Well, the mechanics of how spyware is installed tends to be different from the way viruses get on our computers. Viruses, worms and other software of that ilk usually come as attachments or files that can be scanned and blocked. Spyware, on the other hand, is installed most often along with another software item that we would like installed or disguised as a cookie.
So we often cannot stop it from getting installed. What then can we do about this lurking menace? The answer is to install an anti-spyware program that can search for and remove from our computers these pesky objects. There are good free anti-spyware products available, including Microsoft�s Anti-Spyware Beta that work just great. Unlike anti-virus programs, however, these anti-spyware programs can only clean but not block the installation of this malware. Consequently, it is necessary to periodically run the software and clear the computer of any unwanted resident pests.
A second precautionary step is possible only on computers that use the Microsoft XP operating system. In the XP Environment, it is a good policy to set up a separate User Account with Administrator privileges. All other User Accounts should be set up as Non-Administrator Accounts. The Administrator Account should never be used during normal usage of the computer. It should be used only when installing new programs and when carrying out computer maintenance actions such as back-ups, applying software updates, scanning the computer for viruses and other similar tasks. For all normal computer usage, only the Non-Administrator Accounts should be used. Further, ensure that the Administrator Account has a password because setting up an Administrator Account without a password is tantamount to building an electrified fence and leaving the gate wide open.
Finally, it is important to understand that the anti-spyware software is yet another element of our computer�s defenses and hence it cannot by itself protect us. It is imperative that we take all the steps that I have discussed in my earlier columns to ensure that we do not have a weak link in the fence we have built around our computers.
Arun Marballi has worked in the Information Technology arena for more than 20 years with extensive experience in software development, process design and network/workstation management. For comments, questions, tips or suggestions, e-mail [email protected].
|
Contact Information
Anything that appears in Khaas Baat cannot be reproduced, whether wholly or in part, without permission. Opinions expressed by Khaas Baat contributors are their own and do not reflect the publisher's opinion.
The Editor: [email protected] Advertising: [email protected] Webmaster: [email protected] Send mail to [email protected] with questions or comments about this web site. Copyright � 2004 Khaas Baat.
Khaas Baat reserves the right to edit and/or reject any advertising. Khaas Baat is not responsible for errors in advertising or for the validity of any claims made by its advertisers. Khaas Baat is published by Khaas Baat Communications.
|