"Spyware" is a term generally used to refer to software that is installed on a users computer, usually without their knowledge, for the purpose of tracking their computer usage. They access the Internet through a users existing connection and send this information to their creators. (Anti-spyware advocates often refer to this as "phoning home.") The information they may send includes but is not limited to browser histories, copies of the windows registry, lists of all the files a user has stored on their computer, the type of software (especially web browsers) a user has installed on their computer, unique identifying Windows GUIDs (long numbers stored in your windows registry that Microsoft legitimately uses to keep track of your software registrations) and some even track the usage of other software. The vast majority of spyware programs are created to run on Windows, as the majority of applications are written for Win32, and Windows hides most of its actions from the user.

Spyware can affect system performance or create situations in which unscrupulous people can further take advantage of the user. Spyware such as Web3000 and WebHancer modify important windows sytems files that are used for networking. Any modifications to these files can make a users system, programs, or Internet connection unstable or unusable. Most of the information collected by spyware is sent back to the DCA as plaintext, which means that ANY computer the packets pass through on the way to their destination can read the information and use it for their own purposes. Furthermore, spyware, like spam emails, use up bandwidth, system resources, and disk space, all of which are important and expensive commodities.

The most common way a user will introduce spyware onto their system is when spyware is bundled with third-party freeware or shareware. ("Freeware" is a term used to mean programs which are offered to the end-user free of charge, and "Shareware" refers to programs which are offered either on a trial basis, or with some features disabled, so that the end-user can decide whether they want to buy it or not.) Sometimes the Windows installation wizard will ask the user if they want to install other programs as well as the one they wanted to, and other times, the spyware is installed in the background without notifying the user.

The End User License Agreement (EULA) is a series of text that a user must agree to in order to install and run the software. Most people don't read them, because they are long, boring, and confusing. Spyware vendors often obfuscate the true meaning of their EULAs so it is very difficult to understand what the software even does from its description.

Some spyware programs, such as Go!Zilla Download Manager, don't even include a EULA. The most current version of Go!Zilla includes eZula Top Text (I will discuss this one in the next section), web3000 (a trojan that replaces the windows file wsock32.dll which is used to connect to the Internet), and Aureate's Radiate (this is a link to a page at cexx.org that will open in a new window.) Go!Zilla itself keeps track of all downloads in a file usually called "DownloadLog.txt" which is sent to Go!Zilla's DCA. The details it keeps track of include the IP number (the network device's "address" on the internet that all protocols must use in order to contact the user's computer), the URL of the file downloaded, the directory the file was stored in, the file size and how long the download took, and whether or not the download was successful. The log file is never deleted by the program, and only grows larger as the user downloads more files.

In the next section, I will discuss some of the worst offenders.

previous        main        next