Portal de Periódicos da CAPES

Defend Computer Privacy from “Spyware” while Using the Internet

2002; Lippincott Williams & Wilkins; Volume: 24; Issue: 5 Linguagem: Inglês

10.1097/00132981-200205000-00016

1552-3624

Ash Nashed, Glenn Fink,

Privacy, Security, and Data Protection

One of the risks of having a computer parked on the curb of the information superhighway is that highwaymen can enter through the machine's back door. These interlopers can collect information about people's online browsing or purchasing activity, and sell it to the highest bidder. As Internet users become accustomed to being connected full-time to the now ubiquitous worldwide network of computers, they will have to adopt new security measures to protect their valuable personal data. Many security breaches are actually carried out by freeware applications, offered for download on the web. Some of these programs are distributed free in return for agreeing to view advertisements while using the program. Alternatively, paying a small subscription fee entitles viewers to use the software without the ads. What is frequently not obvious to most users is that many of these programs' lengthy licensing agreements, which are often accepted unread, state that software will be installed on their computer allowing the company to track their actions and distribute that information as the company sees fit. Even software that is paid for can have this stipulation in the licensing agreement. There has been a tremendous proliferation of such programs, and many unknowing computer users already have them installed on their computer. Some programs, called keyboard sniffers or monitors, might be installed and provide snoopers with information about Internet activities, including credit card numbers and the passwords to email or online banking accounts. These programs can enter computers while online, or someone can intentionally install them. Some of these programs actually record each keystroke made on the computer or take screenshots of what the user is viewing. They can transmit this information via the Internet to an email account or another computer. Scumware Alert Another type of unwanted intruder program, called scumware, will find keywords in any document on your computer, and convert those words into an Internet link to a third party's advertisement. In addition to being a threat to privacy, these programs are frequently poorly written, and use computer resources in such a way that the computer will experience performance degradation. In other words, the computer will gradually slow down. Fortunately, help is available. The Ad-aware program from Lavasoft (http://tomcoyote.com/lsindex.html) will scan the computer for a host of known spyware applications, and will remove most of them. As an added plus, the software is free and easily installed. Those running Microsoft Internet Explorer also may be vulnerable to hackers when using the Internet. An object tag in a web page, e-mail, or newsgroup posting is capable of giving someone access to database files on the hard drive. Information and a fix are available at www.microsoft.com/technet/security/bulletin/MS00–049.asp. Loss of Privacy Sometimes, the loss of privacy may be outweighed by the potential benefits of the application. For example, the popular ePocrates medication program for the Palm OS, which is free on the Internet, functions as spyware. When a user synchronizes with the ePocrates server to obtain a monthly update, the PDA sends information regarding their use of the program to ePocrates, which it then sells to the pharmaceutical industry. Revenue from such data and messaging services allows ePocrates to offer their program at no charge. Other industries also are turning to such technology for different reasons. As a response to Napster and other unofficial music services, the recording industry is considering using spyware to track unauthorized distribution of music products on the Internet. People with “always on” connections such as DSL or cable are particularly vulnerable to outsiders trying to enter their computers. Hackers can actually find the address of the computer, referred to as an IP (Internet protocol) address, and gain access to the hard drive. Many organizations protect themselves from this type of threat by setting up firewalls, which prevent hackers from finding the IP address of the computers behind the firewall. Firewalls can be implemented using software or hardware.Table: Protecting Privacy on the WebFor network systems, a router is commonly employed to serve as a firewall, shielding all computers on the network from the outside world. Unfortunately, such systems do not prevent installed software from communicating outbound across the Internet without a user's knowledge. To prevent such outgoing activity, several personal firewall software products such as ZoneLab's Zone Alarm (www.zonealarm.com) are available that require programs to ask for a user's permission any time they try to connect outward to the Internet. Similarly, permission must be granted when a “foreign” program tries to come in to the host machine. Users can set various security levels depending on their environment and security needs. Zone Alarm comes in free and full-featured versions. Finally, for those determined to clean and protect their computers, some experts recommend simply starting fresh to do it right. With the assistance of a local computer specialist, the hard drive should be backed-up, reformatted, and a new operating system installed. The computer can then be set up to utilize an administrative account and encryption so that a password will be needed every time there is an attempt to install software. That will prevent unwanted software from entering the computer and automatically installing itself. Online or offline, security and safe practices are key to minimizing risks. The increased sophistication of hackers today and the higher stakes associated with the use of online banking and financial transactions mean that extra diligence and technology will be necessary.