Yes, our weekly article is back on track, due to time constraints and a huge workload, I was unable to write articles for the blog the last couple of months. Things are slowly getting back to normal and hopefully I will be able to fill our regular timeslot each week with a brand new article about cyber crime.
Before we get to this week's article, just a little interesting background information. The article was initially titled "Hardcore Porn - Fuel For Spyware And Spam". According to EzineArticles, this is in violation of Section 2-a of their Editorial Guidelines, more specifically "Website/Author/Brand Names are not Allowed in Your Title". My idea behind the words "Hardcore Porn" was to emphasise the hardcore facts that we are stuck with the most explicit and disgusting material shoved down our throats (and the throats of our children) everyday. I had to change the title to get it approved on EzineArticles, hence I stuck to the same title here.
Do you think Hardcore Porn is a brand name? Generally speaking, isn't this exactly the reason why we are stuck with this junk in our mailboxes? A brand being protected instead of our freedom to use the Internet without being plagued by psychopaths and sex maniacs. What do you think? Please post your comments.
Article written by Coenraad De Beer
People can't thank you enough when you helped them to get rid of spyware from their computer. But this gratefulness soon changes to disgruntlement when you tell them they need to stay away form their favourite porn websites, 3d sex games, sexy desktop mates and screen savers if they do not want to fall victim to another spyware attack. For these people it is too much to sacrifice, but what they don't realise or don't want to accept, is that all these things are not worth the damage they may cause.
Porn is not good for the human psyche, it becomes an addiction just like any other addictive substance. Whether you believe porn is immoral or not, is beside the point, it remains a fact and it is no good for your computer either. But lets forget about the adults for a while and think about our children. In homes where everyone does not have his or her own computer, is a family computer, used by each member of the family. If mom or dad surfs porn websites, do you think it will remain for the eyes of mom and dad only? Unfortunately no. It is not only mom or dad who gets hooked on porn, the family computer gets hooked as well, hooked by spyware. These websites make sure you come back for more by constantly throwing offensive pop-up advertisements in your face while browsing the Web or simply by working on your computer while being connected to the Internet. The spyware does not know and does not care who is in front of the computer screen, it is only the ad that counts.
A while ago I worked with a HijackThis log from someone struggling with annoying website redirects and Google warning him about being infected with spyware. I replied with the disinfection instructions, but also warned him about the adult related software that caused the infections. I never received any response from him, he was probably not prepared to get rid of his virtual desktop girlfriend. I guess he must love her very much for being willing to sacrifice his own online security, privacy and the freedom to browse without being redirected to websites he does not want to visit. Not my idea of an ideal relationship. The best of all is that this person also had Parental Control Software installed on his computer. This is either a naughty teenager bypassing the content filters installed by his parents, or even worse, a father who believes the content filters will prevent his children from being exposed by the filthy software installed on the computer. Parental content filters and control software are designed for Internet adult content filtering, like offensive images, websites, e-mails and text, not spyware or adult related software already installed and allowed to run on your computer. Using parental monitoring software (which does not block content) may help you monitor the activities of your children online, but it does not prevent them from being exposed to adult content in the first place. Anyway, what does it help to monitor your children if you can't set them a better example yourself?
With all the free e-mail services available today, everyone with Internet access have their own e-mail account, even your children. Some spyware programs are also e-mail address harvesters. When a child uses the same computer a parent or older family member use for browsing porn sites, chances are good that this poor child will fall victim to endless offensive, disgusting and explicit adult related e-mails. Everyone who uses the infected computer is at risk. If the spyware is a keylogger, the e-mail address is stolen the moment you type your e-mail address into a web form, this can be the page where you log into your e-mail account or when you sign up for a newsletter or web service. The most common method used by spyware is the extraction of e-mail addresses from the e-mail accounts set up with e-mail clients like MS Outlook, Outlook Express or Thunderbird. The spyware may even pull all the addresses from your address book and you may end up becoming a distributor of spam without even knowing it. I don't think your friends and family will be chuffed if they receive porn spam because of your inability to control yourself. If you continue to browse porn websites with the same computer used by your children for e-mail and other Internet activities, don't be surprised if they suddenly ask you out of the blue about Viagra or genital enlargement patches.
When your e-mail address lands on a spammer's list, you are in a catch-22 situation. It is futile to try and get your e-mail address removed from this list. By the time you succeed in getting your e-mail address removed, which is in any case unlikely to happen, your e-mail address will be distributed among many other spammers. Once a spammer has your e-mail address, it is an open channel for him to send you absolutely anything under the sun and no spammer is ethical, they don't mind how many children they pollute with porn spam, as long as someone reads their e-mails, they are happy.
Porn and spam have 2 things in common, they waste bandwidth and they are the same thing over and over again. Many people believe that porn is only innocent mischievousness. Whenever you encounter cyber crime, porn and adult related content is often involved. In a recent article by Scambusters.org (http://www.scambusters.org/fakeantivirus.html) it was mentioned that adult sites are special favourites for causing trojan infections, taking control over your computer once you visit the website. I find it hard to believe that something that's responsible for things like trojan horses, identity theft, spam and many other cyber crimes, can be innocent.
Taking action against the injustice committed against our children, committed against the people who don't want this junk shoved down their throats, is really hard with poor legislation and so many people supporting the sites responsible for it. Many people browse porn websites without realising the dangers they pose (no pun intended). Off course many people don't care about these dangers, even if they know about it. It is just like any other addiction, people smoking crack don't care about the negative effects it has on their health. Next time when you have to convince someone about the harmful effects of porn, tell them about the dangers of visiting these sites. Educating people about the dangers of web porn and porn spam is the best way to battle an ever-increasing problem in cyber space.
About the Author
Coenraad is webmaster and founder of Cyber Top Cops, leaders in Internet security, prevention of online fraud and raising awareness about online scams and malicious software.
Showing posts with label Spyware. Show all posts
Showing posts with label Spyware. Show all posts
Monday, June 04, 2007
Wednesday, April 04, 2007
Internet Security Is More About Prevention Than Disinfection
By Coenraad De Beer
Almost everywhere you go on the Internet, you come across victims of malware, hackers, phishing attacks and e-mail scams. These victims turn up like wounded civilians at all the malware removal forums and the security divisions of community driven web sites, seeking for help and advice to recover from the damages caused by these malicious threats. It is like a war ground, claiming casualties everyday. As with any war, you suffer a lot of casualties when you allow the enemy to get past your defences and it is even worse when you have no defences at all.
An anti-malware application is just as good as its resident shield. Anything that gets past an active resident shield will seldom be detected by any anti-malware protection system. Today's generation of anti-malware packages have heuristic detection technology helping them to detect virus- or spyware-like activity without actually knowing anything about the threat. But heuristic analysis is only a secondary layer of protection, your primary line of defence against malicious software is a definition or signature file containing the details and characteristics of specific malware threats. Even firewalls and spam filters have definition files in the form of blacklists. Neglecting to keep your signature or definition files up to date is like neglecting to pay your monthly insurance premium. Your insurance company will refuse to pay out any claims because you did not maintain your insurance policy. An update a day keeps the malware at bay.
A decent anti-malware application will isolate any known malware before it enters your system, but becomes vulnerable when unknown malware enters your system undetected. It is harder for anti-malware applications to take over a system, already infected with malware, than protecting a clean system from getting infected. Anti-malware software is primarily designed to protect your system from getting infected and its secondary objective is to neutralise threats as quickly as possible before they start to spread throughout your system. I have seen how top class anti-virus systems self-destruct when they are infected with high-risk viruses that were already present on the system, before the anti-virus software was installed. It basically means that the virus infects critical components and files of the anti-virus application, the anti-virus application detects these infected files and delete them or move them to the virus vault. If the anti-virus software deletes any of its critical components, it will eventually shut down, crash or become inoperable. The only way to repair the damaged anti-virus software is to re-install it.
Installing an anti-malware application on a system already infected with malware can be troublesome. Many viruses and spyware are aggressive and kill the setup wizard of many well-known anti-virus and anti-spyware packages, preventing them from gaining control over the system. They even terminate some anti-malware scanners if they attempt to disinfect infected files or remove any threats. It is a case of taking over some territory and defending it. Malware can be programmed to do almost anything in order to retain control over your system and it is hard to get rid of stubborn and aggressive programs refusing to surrender to an anti-malware package. Viruses and spyware are normally small, operate very fast and are very flexible. They mutate all over your system, making it hard for anti-malware applications to pin them down. On Microsoft Windows systems, you can always start your computer into Safe Mode when malware refuses an anti-malware application from being installed in Normal Mode, but many anti-malware applications rely on the Windows Installer, something that is normally disabled under Safe Mode. When it comes to disinfecting an infected system, you can't expect the installer to rely on faulty, damaged, infected or disabled components of the operating system. Off course it is not possible to make the anti-malware application completely independent, but at least develop its own independent installer, with built-in malware protection. This will make it possible to run the software under Safe Mode, where many malicious programs are automatically disabled, making the job of disinfection a little easier for you and the anti-malware application.
Unfortunately there are people under the false impression that they are untouchable when they have an anti-malware application installed on their system. Any defence system will eventually fail if you continue to expose it to constant attacks. I have come across people asking for the best anti-virus protection because they have a friend or cousin using their computer to browse porn web sites, but they do not want to confront this person about it, they rather want to increase the protection on the computer. Porn sites are polluted with viruses and spyware, not viruses alone. It is because if this approach that people fail to remove spyware from their computer, because they are using the wrong tools for the job. You can't protect your system effectively against spyware, or remove spyware from your computer if you are using an anti-virus package or vice versa. You can't keep viruses from infiltrating your system by using a firewall alone. It may block a virus attempting to enter your system through a blocked port, but it will not be able to block a virus travelling through a trusted application like your browser.
Today you need protection against malware (viruses, spyware, rootkits, trojans, etc) not just viruses or spyware alone. You also need a firewall and a good spam filter. You need a browser that protects you from phishing attacks, browser hijackers and pop-up windows. Anti-malware applications are not super applications, they have their limitations and you can't expect your system to stay malware free if you constantly expose it to malware attacks from porn, illegal music and pirate software web sites. You can keep your system clean, your identity safe and prevent someone from destroying his/her life with junk like porn, by disallowing anyone (including your cousin) from using your computer for illegal and indecent activities. Who do you think is going to take the fall for illegal porn, music or pirated software? Your cousin? I don't think so, especially if YOUR computer and YOUR Internet connection were used. Even if you can prove it wasn't you, you will still be seen as an accomplice.
So what is the bottom line? Internet security is more about prevention than disinfection. The large number of single purpose disinfection tools, available for specific threats, is proof of this. Definition files are mainly for prevention and detection purposes. When a malicious program exploits vulnerabilities beyond the reach of definition files, you need a specific tool to get rid of it and often a special patch to prevent re-infection. This is why anti-malware developers have to release new versions of their software on a regular basis to stay abreast of the latest threats and vulnerabilities. Developing anti-malware applications, limited by strict standards, protocols and rules, is like arming a S.W.A.T. team with water pistols when they need to go up against a group of terrorists armed with AK47's. Malware does not play by the rules, it is time that anti-malware developers follow the same route, but without compromising the stability and performance of our computer systems.
About the Author
Coenraad is webmaster and founder of Cyber Top Cops, leaders in Internet security, prevention of online fraud and raising awareness about online scams and malicious software.
Almost everywhere you go on the Internet, you come across victims of malware, hackers, phishing attacks and e-mail scams. These victims turn up like wounded civilians at all the malware removal forums and the security divisions of community driven web sites, seeking for help and advice to recover from the damages caused by these malicious threats. It is like a war ground, claiming casualties everyday. As with any war, you suffer a lot of casualties when you allow the enemy to get past your defences and it is even worse when you have no defences at all.
An anti-malware application is just as good as its resident shield. Anything that gets past an active resident shield will seldom be detected by any anti-malware protection system. Today's generation of anti-malware packages have heuristic detection technology helping them to detect virus- or spyware-like activity without actually knowing anything about the threat. But heuristic analysis is only a secondary layer of protection, your primary line of defence against malicious software is a definition or signature file containing the details and characteristics of specific malware threats. Even firewalls and spam filters have definition files in the form of blacklists. Neglecting to keep your signature or definition files up to date is like neglecting to pay your monthly insurance premium. Your insurance company will refuse to pay out any claims because you did not maintain your insurance policy. An update a day keeps the malware at bay.
A decent anti-malware application will isolate any known malware before it enters your system, but becomes vulnerable when unknown malware enters your system undetected. It is harder for anti-malware applications to take over a system, already infected with malware, than protecting a clean system from getting infected. Anti-malware software is primarily designed to protect your system from getting infected and its secondary objective is to neutralise threats as quickly as possible before they start to spread throughout your system. I have seen how top class anti-virus systems self-destruct when they are infected with high-risk viruses that were already present on the system, before the anti-virus software was installed. It basically means that the virus infects critical components and files of the anti-virus application, the anti-virus application detects these infected files and delete them or move them to the virus vault. If the anti-virus software deletes any of its critical components, it will eventually shut down, crash or become inoperable. The only way to repair the damaged anti-virus software is to re-install it.
Installing an anti-malware application on a system already infected with malware can be troublesome. Many viruses and spyware are aggressive and kill the setup wizard of many well-known anti-virus and anti-spyware packages, preventing them from gaining control over the system. They even terminate some anti-malware scanners if they attempt to disinfect infected files or remove any threats. It is a case of taking over some territory and defending it. Malware can be programmed to do almost anything in order to retain control over your system and it is hard to get rid of stubborn and aggressive programs refusing to surrender to an anti-malware package. Viruses and spyware are normally small, operate very fast and are very flexible. They mutate all over your system, making it hard for anti-malware applications to pin them down. On Microsoft Windows systems, you can always start your computer into Safe Mode when malware refuses an anti-malware application from being installed in Normal Mode, but many anti-malware applications rely on the Windows Installer, something that is normally disabled under Safe Mode. When it comes to disinfecting an infected system, you can't expect the installer to rely on faulty, damaged, infected or disabled components of the operating system. Off course it is not possible to make the anti-malware application completely independent, but at least develop its own independent installer, with built-in malware protection. This will make it possible to run the software under Safe Mode, where many malicious programs are automatically disabled, making the job of disinfection a little easier for you and the anti-malware application.
Unfortunately there are people under the false impression that they are untouchable when they have an anti-malware application installed on their system. Any defence system will eventually fail if you continue to expose it to constant attacks. I have come across people asking for the best anti-virus protection because they have a friend or cousin using their computer to browse porn web sites, but they do not want to confront this person about it, they rather want to increase the protection on the computer. Porn sites are polluted with viruses and spyware, not viruses alone. It is because if this approach that people fail to remove spyware from their computer, because they are using the wrong tools for the job. You can't protect your system effectively against spyware, or remove spyware from your computer if you are using an anti-virus package or vice versa. You can't keep viruses from infiltrating your system by using a firewall alone. It may block a virus attempting to enter your system through a blocked port, but it will not be able to block a virus travelling through a trusted application like your browser.
Today you need protection against malware (viruses, spyware, rootkits, trojans, etc) not just viruses or spyware alone. You also need a firewall and a good spam filter. You need a browser that protects you from phishing attacks, browser hijackers and pop-up windows. Anti-malware applications are not super applications, they have their limitations and you can't expect your system to stay malware free if you constantly expose it to malware attacks from porn, illegal music and pirate software web sites. You can keep your system clean, your identity safe and prevent someone from destroying his/her life with junk like porn, by disallowing anyone (including your cousin) from using your computer for illegal and indecent activities. Who do you think is going to take the fall for illegal porn, music or pirated software? Your cousin? I don't think so, especially if YOUR computer and YOUR Internet connection were used. Even if you can prove it wasn't you, you will still be seen as an accomplice.
So what is the bottom line? Internet security is more about prevention than disinfection. The large number of single purpose disinfection tools, available for specific threats, is proof of this. Definition files are mainly for prevention and detection purposes. When a malicious program exploits vulnerabilities beyond the reach of definition files, you need a specific tool to get rid of it and often a special patch to prevent re-infection. This is why anti-malware developers have to release new versions of their software on a regular basis to stay abreast of the latest threats and vulnerabilities. Developing anti-malware applications, limited by strict standards, protocols and rules, is like arming a S.W.A.T. team with water pistols when they need to go up against a group of terrorists armed with AK47's. Malware does not play by the rules, it is time that anti-malware developers follow the same route, but without compromising the stability and performance of our computer systems.
About the Author
Coenraad is webmaster and founder of Cyber Top Cops, leaders in Internet security, prevention of online fraud and raising awareness about online scams and malicious software.
Subscribe to:
Posts (Atom)
