wat by liuqingzhan

VIEWS: 731 PAGES: 32

									                 DEPARTEMENT BEDRIJFSKUNDE BME
                       Schoonmeersstraat 52
                           9000 GENT

                           ACADEMIEJAAR 2004-2005




ONDERWERP: spyware




Naam: Mireille Van Damme                            Mr. D Coorde
Klas: TIN 3B
Voorwoord
In dit document zal u meer informatie vinden over de term ―spyware‖ en aanverwanten.
Dit werk is gemaakt naar aanleiding van een opdracht voor sociale en juridische aspecten
een vak uit het derde jaar van de opleiding Bachelor Toegepaste Informatica aan de
Hogeschool Gent.
Naar mate ik meer informatie vond over spyware gingen mijn ogen open dat spyware
overal zit. Een gratis tool is snel eens gedownload, evensnel zal spyware op de harde
schijf staan.
Spyware is gevaarlijke software, zeker voor computers in een bedrijf. Veel interne en
private gegevens kunnen zomaar aan de buitenwereld getoond worden. En dit zonder dat
de gebruiker dit merkt.
Ik heb getracht de term spyware uit te leggen. Ook hoe het op de harde schuif komt. Als
men geïnfecteerd is wat men kan doen om het te verwijderen. Aangezien dit werk voor
sociale en juridische aspecten is, heb ik er ook een juridisch aspect aan verbonden. Nl, of
het al dan niet legaal is. In bijlage kan u meer informatie vinden over termen ivm met
spyware. Daarnaast is er een databank met een uitgebreide lijst van spyware
programma’s.




Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                         2
Inhoudstafel


Voorwoord ............................................................................................................ 1
Inhoudstafel ......................................................................................................... 3
Algemeen ............................................................................................................. 4
  Definitie............................................................................................................. 4
  Wat is het? ........................................................................................................ 4
  Wat kan er gebeuren? ......................................................................................... 5
  Vanwaar de naam "Spyware" ? ............................................................................. 5
  Hoe wordt het geïnstalleerd? ................................................................................ 5
  Is Spyware illegaal? ............................................................................................ 6
  Wat kan je er aan doen? ...................................................................................... 7
  Spyware en bedrijven .........................................................................................11
  Peer-to-peer file-swapping programma’s met spyware? ..........................................12
  De test .............................................................................................................13
Enkele termen ......................................................................................................16
Bijlage ................................................................................................................18
  Identity Theft and Spyware- The New Threat ........................................................18
  KaZaA Tampers With System File ........................................................................24
  180 affiliaten .....................................................................................................25
  Dell’s spyware puzzle .........................................................................................27
  Databank spyware .............................................................................................28
bronnen ..............................................................................................................31




Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                                                       3
Algemeen

Definitie
                        Spyware is elke technologie dat helpt in het verzamelen van
                        informatie van een persoon of arganisatie zonder hun kennis
                        ervan. Op het internet(waar het soms een spybot of tracking
                        software wordt genoemt), is spyware een programma dat wordt
                        geplaatst op iemand zijn computer om in het geheim informatie
                        te verzamelen over die persoon. Om dan zo deze informatie
                        door te geven aan reclamebureau’s of andere geïntresserde
                        partijen. Spyware kan op de computer komen als een software
                        virus of bij het installeren van een nieuw programma.

Gegevens verzamelende programma’s dat geinstaleerd zijn met de kennis van de
gebruiker zijn geen spyware. Maw als de gebruiker weet wat het programma aan
gegevens verzamelt en aan wie het wordt doorgegeven, spreekt men niet van spyware.
Maar, spyware wordt meestal geinstalleerd zonder de kennis van de gebruiker. Dit kan
door een drive-by download of door het klikken in een pop-up.
Adware, software gemaakt voor reclame, kan aanzien worden als spyware. Omdat het
meestal ook een mechanisme bevat om gegevens van gebruikers op te zoeken en te
rapporteren.

Een cookie is een mechanisme om internet gegevens op te slaan op de gebruiker zijn
eigen computer. Deze cookies worden meestal niet verborgen gehouden voor de
gebruiker. Zijn er cookies waar men niet van weet, kunnen deze aanzien worden als
spyware.

Spyware is een deel van een algemeen publiek belang over privacy op het internet

Wat is het?
Spyware is software (welke vaak in gratis software verwerkt zit) die op de pc van de
gebruiker geïnstalleerd wordt, waarna deze onopgemerkt informatie verzamelt over de pc
en het surfgedrag van de gebruiker.
Er zijn 2 soorten:
    1. Surveillance spyware
        Verzameld wordt o.a. het surfgedrag. (welke programma’s worden er gebruikt,
        hoe vaak wordt per dag gebruik gemaakt van het internet, hoeveel mail word er
        ontvangen etc.)
        Dit omvat key loggers, screen capture devices en trojan horses

      De verzamelde informatie wordt op de harde schijf opgeslagen.
      Als het programma geïnstalleerd of opgestart wordt proberen ze contact te maken
      met een centrale server, alwaar deze gegevens verwerkt worden waardoor het
      kan zijn dat er ―advertenties op maat‖ naar de gebruiker verstuurd worden.

   2. zo komen we bij Advertising spyware
      Ook kan het zijn dat deze informatie doorverkocht wordt aan marketing bureau’s.
      Behalve dat spyware inbreuk maakt op je privacy kunnen deze programma’s ook
      het computersysteem en de internetverbinding belangrijk vertragen, ook kunnen
      er conflicten ontstaan met andere programma’s met vastlopen van de pc tot
      gevolg. Zie 180 affiliates




Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                       4
Wat kan er gebeuren?
Allereerst bekijken ze in detail de browser geschiedenis. Ze kunnen daarnaast een groot
assortiment van DLL’s en andere uitvoerbare programma’s installeren.
Spyware zendt een continue data stroom naar de verantwoordelijke vanuit uw computer.
Hierbij maken ze gebruik van uw internetverbinding, CPU, RAM, geheugen,...
Omdat dit continue stromen zijn laten deze een achterdeur open voor hackers.
Eens er spyware aanwezig is kan deze op zijn beurt andere spyware/adware uitnodigen
om te installeren op uw computer.
Veel van de spyware programma’s zijn volledig onafhankelijke uitvoerbare bestanden. Ze
bevatten een auto install en auto update en kunnen elke poging tot verwijdering of
wijziging rapporteren.
Deze programma’s kunnen uw auto signature wijzigen, uw bestanden/mails scannen,
chat programma’s, ...
Verschillende van deze programma’s kunnenbestanden lezen, schrijven en wissen.
Zelf is het moeilijk om spyware op de normale manier te wissen.



Vanwaar de naam "Spyware" ?
Op zich is dit een goed concept, was het niet dat de adverterende bedrijven ook
bijkomende opzoeking software in de reclame plaatsen. Dit systeem wordt om de
gebruiker zijn computer geplaatst en stuurt continu gegevens door naar de reclame
bureau’s. Om dit te kunnen doorsturen wordt er gebruik gemaakt van de gebruiker zijn
internet verbinding. Volgens de privacy overeenkomsten van de bedrijven, zullen er geen
identificerende noch gevoelige gegevens verzameld worden en blijf je anoniem. Toch
blijft er een server zitten op de computer dat gegevens over u en uw surfgedrag
doorstuurt naar een andere locatie.

Hoe wordt het geïnstalleerd?
Spyware installeert normaal gezien zichzelf door een of twee van de onderstaande
methoden:
   1. Spyware componenten worden samengevoegd met een gratis software
      programma. Zo moedigt men de verspreiding ervan. Dit wordt vooral gebruikt bij
      file-sharing clients zoals Kazaa en oudere versies van Bearshare.
   2. Spyware maakt misbruik van de fouten/gaten in internet explorer.
Spyware kan zich ook installeren via een virus, mail of trojan hors. Maar dit zijn
uitzonderingen.

Een cookie is een mechanisme om internet gegevens op te slaan op de gebruiker zijn
eigen computer. Deze cookies worden meestal niet verborgen gehouden voor de
gebruiker. Zijn er cookies waar men niet van weet, kunnen deze aanzien worden als
spyware. Voorbeeld, een zoekmachine kan een individuele ID code toekennen aan een
gebruiker die voor de eerste keer de pagina bezoekt. De zoektermen kunnen in een
databank opgeslaan worden met het ID als key. De zoekmachine kan deze data
gebruiken om advertenties uit te zoeken die passen bij die bepaalde gebruiker. De
verzamelde gegevens kunnen ook aan derden worden door gegeven.

Toegang toekennen voor een web-based applications om in iemand zijn systeem binnen te
dringen kan ook spyware bevatten. Deze browser helper objects, ook wel Browser Hijackers
(http://www.2-spyware.com/browser-hijackers-parasites) genoemt, kapselen zich zelf in als
een deel van een web brouwser.




Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                           5
Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB   6
Is Spyware illegaal?
Spyware maakt inbreuk op onze privacy. Sommige programma's geven in hun
voorwaarden onomwonden toe dat ze uw informatie doorgeven aan andere partijen.
Zodra u akkoord gaat met de kleine lettertjes, geeft u toestemming voor dit soort
praktijken. Een goede tip: lees dus altijd de kleine lettertjes! In de nabije toekomst is het
voor marketeers verboden om nog langer gebruik te maken van cookies, spyware en
'webbugs', zonder dat Europese computereigenaars daar uitdrukkelijke toestemming
voor hebben gegeven - tenminste, als voorstellen hierover een meerderheid weten te
verwerven. In het wetsvoorstel is onder meer het volgende te lezen. "Zogenaamde
cookies, spyware, webbugs, verborgen codes en andere manieren die gebruik maken van
de apparatuur van eindgebruikers, zonder dat zij daarvan expliciet op de hoogte zijn of
zonder dat zij daarvoor expliciet toestemming hebben gegeven, met als doel om
verborgen informatie op te slaan of activiteiten van de gebruiker vast te leggen, kunnen
de privacy van die eindgebruiker in belangrijke mate aantasten . Het gebruik van
dergelijke methoden dient daarom verboden te worden, tenzij de gebruiker daarvoor
expliciet en vrijwillig toestemming heeft gegeven."

Niet enkel in Europa worden er maatregelen genomen tegen spyware. Zoals men kan
lezen uit een artikel verschenen op 10/10/2004.


       WASHINGTON – The U.S. House on Thursday passed the second bill in three
       days that would outlaw “spyware,” irritating software that quietly monitors the
       activities of Internet users.
       It would add penalties of up to five years in prison for people convicted of
       installing such programs without a computer user’s permission.
       The bill, known as the “Internet Spyware Prevention Act,” passed 415-0. It
       would give the Justice Department $10-million (U.S.) to crack down on
       companies and others that secretly install spyware and those who attempt to
       trick victims into disclosing personal details and financial information in e-
       mail scams popularly known as “phishing.”
       The bill’s sponsor, Rep. Bob Goodlatte, R-Va., said such problems were
       growing and serious. Offenders under his bill would be sentenced for up to five
       years for secretly installing spyware to break into someone’s computer and
       committing another federal crime.
       Anyone caught installing spyware to change a computer’s security settings or
       steal a victim’s personal information – such as an e-mail address, telephone
       number or bank account number – could be sentenced up to two years in
       prison.




Wat kan je er aan doen?
Online spying wordt meer en meer ingewikkelder. Er zijn verschillende lagen van spying.
Voobeeld, Alexa een populair software programma van Amazone.com wordt een‖
BackDoor Santa‖ genoemd. Het neemt geen logbestanden van de keystrokes of geen
snapshots van het systeem. Maar het houdt wel enkele surf activiteiten bij. Maar
programma’s gelijk Spector kunnen paswoorden achterhalen, chatlogs bijhouden, emails
controleren, ...



Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                           7
Een goede firewall detecteert het geheime gegevensverkeer en kun je inzien in de logfile,
je kunt dus wel zien dat een programma contact zoekt met het internet maar niet welke
gegevens het doorgeeft.
Je kunt ook controleren of de aangeboden gratis software voorkomt op de lijst van
bekende spyware programma’s.

Spychecker (http://www.spychecker.com/)
Spywareguide (http://www.spywareguide.com/index.php)
Surasoft (http://spywareinfo.surasoft.com/)

Daarnaast zijn er goede anti-spyware programma’s die het merendeel van deze spyware
detecteren en kunnen verwijderen.

Ad-aware 6.0 (http://www.lavasoft.de/dutch/software/adaware/)

                                              Ad-aware is één van de betere en vaak
                                              gebruikte antispyware-tools. Er zijn niet veel
                                              opties en de interface is wat mager, maar de
                                              basisfunctionaliteit is dik in orde.

                                              Nadat u Ad-aware Personal hebt gedownload
                                              en geïnstalleerd, doet u er goed aan eerst
                                              met een simpele druk op de knop de
                                              software te laten zoeken naar updates. Zo
                                              weet u zeker dat u ook tegen recente
                                              spyware wordt beveiligd.

Vervolgens kunt u Ad-aware het beste van zijn standaardinstelling 'snelle systeemcheck'
afhalen. U kunt veel beter kiezen voor 'gebruikersinstellingen', en deze vervolgens zelf
aanpassen. Zo kunt u de scan namelijk veel grondiger laten gebeuren en dat is toch wat
u wil: zo veel mogelijk zekerheid dat uw systeem vrij is van spyware.

U kunt onder Instellingen overigens ook aangeven of u wil dat Ad-aware elke keer na het
opstarten van Windows automatisch een systeemcontrole uitvoert, iets wat aan te raden
is als u veel surft en regelmatig bestanden of software download.

Bestanden die door Ad-aware worden gevonden, worden in een overzichtelijk logboek
weergegeven, voorzien van informatie zoals het bestandtype en hoe gevaarlijk het wordt
ingeschat. U moet uiteindelijk zelf beslissen welke bestanden u wil verwijderen. Deze
bestanden worden dan in quarantaine gezet: u kunt ze dus altijd nog terughalen als blijkt
dat u zich vergist hebt en per ongeluk een nuttig bestand hebt weggegooid.

De software van het Zweedse Lavasoft is gratis te downloaden en te gebruiken - zolang
het voor persoonlijk gebruik is. De enige functie die niet werkt in de gratis versie, is Ad-
watch. Deze module houdt uw pc ook tijdens het werk in de gaten en waarschuwt u
bijvoorbeeld wanneer u dreigt een gevaarlijke handeling te verrichten tijdens het surfen.

Spybot Search & Destroy 1.3
                                         (http://www.safer-
                                         networking.org/nl/download/index.html)

                                         Wie antispyware zegt, zegt al snel Spybot -
                                         Search & Destroy. Iedereen kan met deze
                                         software overweg. Daarnaast zijn er nog veel
                                         extra opties voor de gevorderde gebruiker.




Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                              8
Bij het installeren van Spybot wordt u de mogelijkheid geboden een Register-back-up te
maken. Dit is zeker aan te raden: mocht u de tool per ongeluk nuttige of zelfs
noodzakelijke bestanden laten verwijderen, dan kunt u via deze back-up altijd nog
terugkeren naar de situatie vóór de systeemscan. Spybot geeft u ook de mogelijkheid de
definities te updaten, zodat u ook tegen nieuw ontwikkelde spyware wordt beschermd.

De software kent een aantal talen, waaronder het Nederlands. De interface is simpel,
maar - of misschien juist wel daardoor - zeer helder. Functies als 'Zoek naar updates' en
'Controleer alles' zijn ook door de minder begaafde computergebruiker nog wel te
begrijpen.

Spybot kent twee modi: Easy en Advanced. In de Easy-modus kunt u updates zoeken en
Herstelwerkzaamheden uitvoeren. En natuurlijk scannen. Handig is de optie om
bestanden uit te sluiten. Als Spybot een bestand vindt waarvan u zeker weet dat het in
orde is en dat u het wil behouden, dan kunt u met een rechtermuisklik dit bestand
toevoegen aan een lijst van 'uit te sluiten bestanden'. Bij een volgende scan zal Spybot
dit bestand dan niet meer noemen. Met de linkermuisknop kunt u meer informatie over
een spyware-bestand opvragen.

De Advanced-modus biedt u een hele reeks extra opties, zoals het nalopen van alle
cookies of het bekijken van alle geïnstalleerde browserextensies en deze desgewenst te
blokkeren. De knop 'Immuniseer' tenslotte, helpt u malafide downloads te blokkeren in
IE.

De software van PepiMK Software is gratis te downloaden en te gebruiken op alle
Windows-systemen.

Spy Cleaner Free Version 8.0.5

De gebruikersinterface van Spy Cleaner is één van de overzichtelijkere van alle
antispyware-tools. Misschien niet belangrijk voor het functioneren, maar wel zo prettig
voor het gebruik. De tool is bovendien zeer grondig. ,

                                             Met een simpel vinkje is aan te geven welke
                                             drives wel of niet moeten worden
                                             gecontroleerd. Klik vervolgens op 'Scan now'
                                             en de software gaat aan de slag.

                                          Het programma doorloopt werkelijk elk
                                          bestand op een geselecteerde drive. Er
                                          wordt daarbij niet gediscrimineerd: ook
                                          plaatjes van 1 KB groot en MP3-
                                          muziekbestanden worden onder de loep
genomen. Deze zoekmethode vergroot natuurlijk de kans dat ook goed verstopte
spyware wordt gevonden. Op sommige systemen, van bijvoorbeeld (MP3-
)muziekliefhebbers, kan deze methode echter voor een extra lange scan zorgen.

Aangetroffen spyware wordt overzichtelijk weergegeven. Wanneer u een bestand
aanklikt, wordt op een zeer begrijpelijke en gebruikersvriendelijke manier
achtergrondinformatie gegeven, onder andere over wat de spyware precies doet. De
spyware kan vervolgens naar keuze automatisch of handmatig worden verwijderd.

De Free Version is - het zal u niet verbazen - gratis. Naast deze versie is er Spy Cleaner
Pro, die ook een updatefunctie bevat. Deze versie kost - na een gratis proefperiode - 20
dollar.




Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                            9
Bazooka 1.13.1

Deze tool is voor computerkenners en liefhebbers die er niet van houden dat hun
systeem allerlei handelingen automatisch uitvoert. Bazooka is bovendien razendsnel.

De software bevat de zo belangrijke updatefunctie, die ervoor zorgt dat u altijd de laatste
spyware-definities gebruikt. De interface van Bazooka is erg eenvoudig, maar daardoor
ook heel overzichtelijk.

                                             De tool scant uw systeem razendsnel.
                                             Gevonden items worden op een rijtje gezet.
                                             Wil u deze verwijderen, dan dient u ze aan te
                                             klikken waarna de software u naar een
                                             webpagina stuurt van de Bazooka-makers
                                             (Kephyr), waarop u kunt zien hoe u de
                                             spyware zelf kunt verwijderen. Dit maakt
                                             Bazooka met name geschikt voor mensen
                                             met een always-on verbinding.

Op de instructiesites krijgt u werkelijk alle beschikbare informatie over het gevonden
item. Voor kenners die graag precies willen weten hoe de vork precies in de steel zit, is
dit ideaal. Voor gebruikers die gewoon snel van hun spyware af willen, is Bazooka
waarschijnlijk te omslachtig.


Er zijn ook programma’s die preventief op de achtergrond meedraaien en in actie komen
als er een bekend spyware programma geïnstalleerd wordt.
      Spywareblaster, dit programma zet een kill bit in het register bij het spyware
       programma zodat dit niet uitgevoerd kan worden.

      Spywareguard, dit programma scant op de achtergrond naar spyware (zoals een
       virusscanner) zodra een spywareprogramma geïnstalleerd zal worden geeft
       spywareguard een melding.

      MRU-Blaster, Verwijdert de z.g. 'most recently used lists', oftewel
       gebruikerssporen

      Spywareblocker, werkt in principe zoals spywareguard.
Voor alle bovengenoemde programma’s geldt dat ze regelmatig geupdate dienen te
worden via de update functie.




Soorten spyware:
Adware:
Dit is meestal een programma dat je gratis kan gebruiken, in ruil voor het vertonen van
reclame in het programma zelf, soms ook wel "sponsored mode" genoemd.
Adware is een extra code in software die ervoor zorgt dat de makers reclame kunnen
tonen als je die software gebruikt. Reclame kan in het venster van die software, maar
ook als popup venster worden getoond. Tevens kan Adware ook informatie verzamelen
en naar de makers sturen.
Malware:
Verandert systeem settings en voert verschillende taken op het systeem uit.
Hijacker:
verandert je internet startpagina.



Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                           10
Trojan Horse:
Zoekt op aanvraag contact met het internet (Remote Procedure Call) om gegevens naar
de software maker te sturen.
Dialer:
Linkt ongemerkt de internetverbinding door naar een betaalde site (dure inbelnummer).
Collectware:
Verzamelt informatie over de gebruiker en zijn surfgedrag.

Spyware en bedrijven
Een recent onderzoek van Symantec windt er geen doekjes om: meer dan 75 procent
van de pc's in de Benelux is besmet met een virus, worm of een ander malafide
programma. Vooral spyware blijkt een serieus probleem.

Bij het onderzoek werden tweehonderd computergebruikers in België, Luxemburg en
Nederland betrokken. Zij werden gevraagd om hun computer te laten scannen met
Norton AntiVirus 2004 en het resulterende logbestand naar Symantec te sturen.
Uiteindelijk waren 140 van de bestanden bruikbaar voor verdere analyse. Overigens
werden enkel Windows-pc's betrokken in het onderzoek.

Uit de analyse bleek dat 76 procent van de onderzochte pc's besmet was met één of
andere vorm van malware. De grote schuldige is spyware, dat op tweederde van alle
computers aanwezig is. Bovendien zitten in de toptien van specifieke computerinfecties
niet minder dan negen spywaretoepassingen. Reden voor Symantec om te concluderen
dat spyware in de toekomst een belangrijke bedreiging gaat vormen en dat
beveiligingssoftware in de toekomst ook met deze plaag rekening moet houden.

Virussen en Trojaanse paarden zijn een minder groot probleem. Niettemin is het
onthutsend om te ontdekken dat bijna één op de drie pc's sukkelt met een trojan. Zulke
programma's hebben een groter schadepotentieel, want een typische trojan is erop uit
om persoonlijke informatie, zoals kredietkaartnummers, te stelen.

Opvallend is het grote aantal dialers die de onderzoekers terugvonden. Gelukkig is er een
lichtpunt: dankzij de hoge penetratiegraad van breedband in de Benelux vormen dialers
een kleiner gevaar. Ze kunnen immers hun werk enkel doen bij mensen die nog
vertrouwen op een analoge modem.

Symantec verbindt aan het onderzoek een opvallende conclusie. "In het verleden is
gebleken dat de beste manier om malware te ontkrachten, is om een ander
besturingssysteem te gebruiken", zeggen de auteurs. "Vandaag de dag is het verschil in
gebruik tussen Windows, Mac OS X en Linux-varianten zo klein, dat dit voor veel
gebruikers een optie kan zijn." Al merkt het beveiligingsbedrijf op dat zo'n overstap in
het verleden maar tijdelijk soelaas bood - totdat er voor het nieuwe OS malware opduikt.

Misschien even opmerkelijk is het feit dat de hoge infectiegraad samengaat met een
relatief hoog gebruik van beveiligingsmaatregelen. Slechts 11 procent van de bevraagden
gebruikten géén antivirusprogramma en firewall, 44 procent had wel beide
beveiligingstoepassingen op hun pc draaien. De conclusie lijkt dan ook dat dergelijke
oplossingen (voorlopig) niet tegen spyware zijn opgewassen




Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                        11
Peer-to-peer file-swapping programma’s met spyware?
Al eens afgevraagd of uw favorite peer-to-peer file-swapping program, dit zijn download
programma’s, spyware bevatten?
     Geinfecteerde programma’s:

       -   KaZaa (biedt een betalende versie aan zonder spyware)
       -   Limewire
       -   Audiogalaxy
       -   Bearshare (biedt een betalende versie aan zonder spyware)
       -   Imesh
       -   Morpheus
       -   Grokster
       -   Xolox
       -   Blubster 2.x aka Piolet (Blubster 2.0 en hoger en Piolet zijn adware)
       -   OneMX
       -   FreeWire
       -     BitTorrent (alleen de Unify Media version, andere versies zijn veilig. Zie ook
             opmerking)

      Niet-geïnfecteerde programma’s
       - WinMX (aanbevolen)
       - Shareaza
       - E-Mule
       - Gnucleus
       - Blubster 1.2.3 (Latere versies bevatten adware)
       - Soulseek
       - BitTorrent (zie opmerking)
       - Direct Connect
       - Mute
       - EarthStation5 (niet aanbevolen, zie opmerking)
       - Regarding EarthStation5

Opmerkingen:
  1. Earth Station 5 bevatte eens bepaalde code waardoor een hacker elk bestand kon
     wissen van uw harde schuif. Of het met opzet of een bug was in de code is niet
     duidelijk.

   2. BitTorrent is een open code programma, maw iedereen kan deze code
      downloaden en aanpassen. Jammergenoeg, een bedrijf Unify Media Ltd heeft een
      geïnfecteerde versie op de markt geplaatst met de C2Media/Lop parasite. Haal
      dus dit programma af van de officiële website.

   3. er zijn twee programma’s Kazaalite en Groksterlite waar er heel wat discussie
      over geweest is. Beide programma’s zijn spyware-free versies. Sommige personen
      geloven dat dit alternatieve versies zin van de makers van resp. KaZaa en
      Grokster. Dit is niet zo! Deze programma’s zijn cracks, dit betekend dat personen
      die deze programma’s verspreiden hun User License Agreements schenden en ze
      halen er de spyware uit. Door deze programma’s te gebruiken bevestigt men dat
      de programma’s die spyware bevatten zo goed zijn dat men er ver voor gaat om
      ze te kunnen gebruiken. Hierdoor worden de reclame bureau’s aangemoedigd.
      Daarom is het aanbevolen dat er geen gebruik wordt gemaakt van versies met of
      zonder spyware van KaZaa of Grokster. Spyware bedrijven betalen goed aan de
      onwikkelaars van deze producten. De enige manier om de ontwikkelaars te
      ontmoedigen is aantonen dat de gebruiker een ander product gebruikt. Geen
      gebruikers betekend geen sponsers en op zijn beurt geen geld.
      voor meer zie http://www.spywareinfo.com/articles/p2p/


Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                             12
De test
naar aanleiding van het maken van dit werk heb ik ook eens mijn pc gecontroleerd op
spyware. Jammer genoeg moest ik constateren dat mijn pc geïnfecteerd was met kleine
en grote spyware programma’s.

   1. Full Name:
      Aureate Websearch
      Type: Adware
      Also Known as:        Radiate
      Danger Level: 2 [Explain]
      Official Description: Probably one of the first real adwares that started the whole
      craze. Inserted banner advertsing into freeware and shareware applications.
      Profiled surfing habits and sent information back to the home server without
      permission.
      Comment:       Defunct- No longer supported by its creators.

      Information URL:     http://www.aureate.com/

      Properties:
      Shows ads
      Removal tools:       List of products that detect/remove/protect against Aureate:

      X-Cleaner
      PestPatrol

   2. Full Name:
      Ezula Websearch
      Type: Adware
      Also Known as:         TopText ContextPro
      Danger Level: 2 [Explain]
      Official Description: This a browser plug-in for Internet Explorer. This means that
      the TopText software cuddles up in Internet Explorer's process; from the outside,
      no-one can tell if either native Internet Explorer code or TopText is
      communicating to the Internet.
      After installation of Toptext, network traffic logs revealed that there was unusual
      HTTP traffic between Internet Explorer and a foreign server, each time the user
      navigated between URLs. The data transmitted is small and cryptic so we don't
      know if this is confidential information or not.

      Comment:      This "product" seems to change names everytime the wind blows.

      Information URL:     http://www.ezula.com/
      Properties:
       Stealth Tactics
       Connects to the internet
       Shows ads
       Changes browser
       Stays Resident
      Manual removal:      Check for a program called Ezulamain.exe running in the
      background.

      It can be removed by going to Start > Settings > Control Panel > Add/Remove,
      selecting TOPtext
      Removal tools:      List of products that detect/remove/protect against Ezula:
      X-Cleaner
      RegBlock


Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                       13
   3. Full Name:
      Gator Websearch
      Type: Adware
      Also Known as:        Gator eWallet Claria gain
      Danger Level: 2 [Explain]
      Official Description: Gator is a software product that can automatically fill in
      passwords and other form-elements on Web pages. Its main purpose is to load an
      advertising module called OfferCompanion, which displays pop-up ads when
      visiting some Web sites.

      Gator boasts that since it's software is always running, it can target users with
      "Special Offers" and other ads anywhere they go (even competitors' sites) with
      remarkable targeting capabilities, since it can analyze the domain name/content
      of the sites the user is visiting.

      Currently Claria maintains that only user's first name, postal/zip code, and
      country are sent to GAIN Publishing.

      It is noteworthy that there are different versions of the Gator application in
      circulation and each version is governed by a seperate privacy policy.

      For additional information on each version/policy user's should consult the privacy
      agreement located at http://gator.com/help/privacy_statement.html

      Comment:       Gator Corporation has changed their name to Claria Corporation.

      Information URL:      http://www.gainpublishing.com

      Properties:
       Connects to the internet
       Shows ads
       Changes browser
       Stays Resident
      Removal tools:       List of products that detect/remove/protect against Gator:
      X-Cleaner
      RegBlock
      PestPatrol
      Ad-Aware

   4. Full Name:
      HotBar Websearch
      Type: Browser Plugin
      Also Known as:        hotbar.hostie
      Danger Level: 2 [Explain]
      Official Description: Marketed as a program to add graphical skins to IE toolbars,
      it also adds its own toolbar. It monitors all URLs you visit to add link buttons to its
      toolbar dependent on the site.

      Hotbar.hostie is a "Travel Comparison" toolbar component of HotBar. There have
      been reports that it uses stealth installations.
      Comment:      From the developer: HOTBAR COLLECTS AND STORES
      INFORMATION ABOUT THE WEB PAGES YOU VIEW AND THE DATA YOU ENTER IN
      SEARCH ENGINE SEARCH FIELDS WHILE USING THE SOFTWARE. HOTBAR USES
      THIS INFORMATION TO DETERMINE WHICH ADS AND BUTTONS TO DISPLAY ON
      YOUR HOTBAR TOOLBARS AND WHICH ADS TO SHOW YOUR BROWSER.
      HOWEVER, HOTBAR DOES NOT (A) ASSOCIATE OR STORE SUCH WEB USAGE
      DATA OR SEARCH INFORMATION WITH ANY PERSONALLY IDENTIFIABLE



Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                          14
      INFORMATION SUCH AS NAME OR EMAIL ADDRESS OR (B) ANALYZE SUCH WEB
      USAGE DATA OR SEARCH INFORMATION TO DETERMINE THE IDENTITY OF ANY
      HOTBAR USER. SOME INFORMATION COLLECTED BY THE HOTBAR SOFTWARE IS
      PERSONALLY IDENTIFIABLE, SUCH AS NAME AND EMAIL ADDRESS. THIS
      PERSONALLY IDENTIFIABLE INFORMATION IS STORED SEPARATELY FROM THE
      INFORMATION 'ABOUT THE WEB PAGES YOU VIEW AND THE DATA YOU ENTER IN
      SEARCH ENGINE SEARCH FIELDS AND THE TWO TYPES OF INFORMATION ARE
      NOT CORRELATED OR LINKED. FURTHERMORE, HOTBAR DOES NOT USE THIS
      PERSONALLY IDENTIFIABLE INFORMATION TO DETERMINE WHICH ADS AND
      BUTTONS TO DISPLAY ON YOUR HOTBAR TOOLBARS OR WHICH ADS TO SHOW
      YOUR BROWSER.

      Information URL:     http://hotbar.com

      Properties:
       Connects to the internet
       Changes browser
       Stays Resident
      Manual removal:         Removable from "Add/Remove Programs" on the Control
      Panel. However it leaves some components behind in the registry, which you can
      clean up by running regedit if you want. Keys you can delete:
      HKEY_CURRENT_USER\Software\Hotbar
      HKEY_USERS\.DEFAULT\Software\Hotbar
      HKEY_LOCAL_MACHINE\Software\Hotbar
      HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\B195B3B3-
      8A05-11D3-97A4-0004ACA6948E
      HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet
      Settings\User Agent\Post Platform\Hotbar 3.0
      This is particularly irritating as it tells every site you go to that you have HotBar
      installed. You can also clean up the 'HotBar 3.0' string from
      "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent"
      if you like, though it doesn't seem to do anything.

      Removal tools:       List of products that detect/remove/protect against HotBar:

      X-Cleaner
      RegBlock

   5. Full Name:
      OverPro Websearch
      Type: Adware
      Official Description: This seems to be a variant of New.Net.
      Comment:         Their own comment on a forum:
      ...to clarify a couple things. we are similiar to netpalnow.

      Information URL:     http://www.overpro.com/
      Download URL:        http://download.overpro.com/WildApp.cab

      Removal tools:       List of products that detect/remove/protect against OverPro:
      X-Cleaner




Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                        15
Enkele termen
The Internet is the publicly available worldwide system of interconnected computer
networks that transmit data by packet switching using a standardised Internet Protocol
(IP). It is made up of thousands of other, smaller commercial, academic, and
government networks. It carries various information and services, such as electronic
mail, online chat, and the interlinked web pages of the World Wide Web. Because this is
by far the largest, most extensive internet (with a small i) in the world, it is simply called
the Internet (with a capital I).

                           Walware: Two common types of malware are viruses and
                           worms. These types of programs have in common that they are
                           both able to self-replicate; they can spread (possibly modified)
                           copies of themselves. Not every program that copies itself is a
                           virus or worm; for instance, backup software may copy itself to
                           other media as part of a system backup. To be classified as a
                           virus or worm, at least some of these copies have to be able to
                           replicate themselves too, such that the virus or worm can
                           propagate itself. The difference between a virus and a worm is
that a worm operates more or less independently of other files, whereas a virus depends
on hosts to spread itself.

A trojan horse program is a harmful piece of software that is disguised as legitimate
software. Trojan horses cannot replicate themselves, in contrast to viruses or worms. A
trojan horse can be deliberately attached to otherwise useful software by a programmer,
or it can be spread by tricking users into believing that it is useful. To complicate
matters, some trojan horses can spread or activate other malware, such as viruses.
These programs are called 'droppers'.

A backdoor is a piece of software that allows access to the computer system bypassing
the normal authentication procedures. Based on how they work and spread, there are
two groups of backdoors. The first group works much like a Trojan, i.e., they are
manually inserted into another piece of software, executed via their host software and
spread by their host software being installed. The second group works more like a worm
in that they get executed as part of the boot process and are usually spread by worms
carrying them as their payload.

Spyware is a piece of software that collects and sends information (such as browsing
patterns in the more benign case or credit card numbers in more serious ones) on users.
They usually work and spread like Trojan horses. The category of spyware is sometimes
taken to include adware of the less-forthcoming sort.

An exploit is a piece of software that attacks a particular security vulnerability. Exploits
are not necessarily malicious in intent — they are often devised by security researchers
as a way of demonstrating that a vulnerability exists. However, they are a common
component of malicious programs such as network worms.

A rootkit is software inserted onto a computer system after an attacker has gained
control of the system. Rootkits often include functions to hide the traces of the attack, as
by deleting log entries or cloaking the attacker's processes. Rootkits may also include
backdoors, allowing the attacker to easily regain access later; or exploit software to
attack other systems.

A dialer is a computer program which creates a connection to the Internet or another
computer network over the analog telephone or ISDN network. Many operating systems
already contain such a program for connections through the Point-to-Point-Protocol
(PPP).



Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                           16
Regulatory law in Germany
On 15 August 2003 a new law came into effect called "Gesetz zur Bekämpfung des
Missbrauchs von (0)190er/(0)900er Mehrwertdiensterufnummern" ("Law for the combat
of misuse of (0)190/(0)900 value added service numbers").

The law contains the following regulations:

      Forced price notices for service providers

      Maximum price limits, legitimacy checks and automatic disconnects

      Registration of dialers

      Blocking of dialers

      Right of information for consumers from the RegTP
On 4 March 2004 the German Federal Supreme Court in Karlsruhe decided that fees for
the usage of dialers do not have to be paid if it was used without the user's knowledge.

A DLL In computer science, a library is a collection of subprograms used to develop
software. Libraries are distinguished from executables in that they are not independent
programs; rather, they are "helper" code that provides services to some other
independent program.

The central processing unit (CPU) is the part of a computer that interprets and carries
out the instructions contained in the software. In most CPUs, this task is divided between
a control unit that directs program flow and one or more execution units that perform
operations on data. Almost always, a collection of registers is included to hold operands
and intermediate results.
Random Access Memory or RAM is a type of computer storage whose contents can be
accessed in any order. This is in contrast to sequential memory devices such as magnetic
tapes, discs and drums, in which the mechanical movement of the storage medium
forces the computer to access data in a fixed order. It is usually implied that RAM can be
both written to and read from, in contrast to Read-Only Memory or ROM. RAM is usually
used for primary storage in computers to hold actively-used and actively-changing
information, although some devices use certain types of RAM to provide long term
secondary storage.

Generally, a peer-to-peer (or P2P) computer network is any network that does not rely
on dedicated servers for communication but instead mostly uses direct connections
between clients (peers). A pure peer-to-peer network does not have the notion of clients
or servers, but only equal peer nodes that simultaneously function as both "clients" and
"servers" to the other nodes on the network.




Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                          17
Bijlage

Identity Theft and Spyware- The New Threat

Index: Topics Covered

What is Identity Theft?
Real World Scenario
Identity Theft and Spyware
Spyware vs. Adware- Know the Difference
Public Terminals and Spyware
Monitor Your Credit
Periodically Request Your Social Security Statement
Use Cross-Cut Shredders
Secure Your Snail Mail
Watch your Snail Mail
Opt-Out of ―Pre-Approved‖ Credit Card Offers
Protect your Information
Guard Your Cards
Add a Password
Password Safety
Watch For Spoofing Attacks
Always Use Security Software
Check Safety
Hope on The Horizon
Have you been targeted by identity theft?
Disclaimer
Contents

What is Identity Theft?
Identity theft is the wrongful taking of someone else’s ―real world’ identity for the
purpose of committing fraud. Typically the thief gets their hands on enough information
to pretend to be someone else. The thief may open up fraudulent credit card accounts,
apply for loans, or try to secure other property using the stolen identity. Some may even
go as far as using your name to land a job and stick you with the taxes from the I.R.S.
Perhaps the scariest aspect is that you could actually be arrested for a crime that
someone else committed while using your identity.

The Federal Trade Commission released a survey in September of 2003 showing that
27.3 million Americans have been victims of identity theft in the last five years, including
9.9 million people in the last year alone. That equates to approximately 4.6% of the U.S.
population! According to the FTC survey, 2002 identity theft losses to businesses and
financial institutions totaled nearly $48 billion and consumer victims reported $5 billion in
out-of-pocket expenses. This is a growing problem.
Real World Scenario

We talked to a victim of identify theft to get a first hand look at what happens when
identify theft strikes. For purposes of anonymity we will refer to our interviewee as Kim
Smith. Kim explains that a few years ago she and her spouse applied for a mortgage on a
home the planned to use as a summer vacation property. The house was modestly priced
and the Smith’s didn’t foresee any problems getting the mortgage. They had stellar
credit, good paying jobs, plenty of money in the bank and the amount of the mortgage
was relatively small. They were told by their banker that getting their mortgage should
be easy but at closing time they ran into major problems.



Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                          18
―It was scary and embarrassing‖, said Kim, ―We went to close on the home when the
mortgage officer asked if us if we had any outstanding loans or credit card payments. To
the best of our knowledge we didn’t have a single outstanding balance. We always paid
our bills on time and we had no credit card debt.‖

The mortgage officer then began asking Kim about various credit card accounts that had
outstanding balances, an account at a hunting supply store and many other
miscellaneous accounts. The balances ranged from a few hundred dollars to several
thousand on major credit cards.

―This thief had real gall. He actually applied for the credit cards using the name Kimball,
a derivation of my own first name. To add insult to injury he actually paid the minimum
balance of some of the accounts for a couple of months. At first this made the
investigators skeptical, after all why would a thief pay anything on the balance?‖

Fortunately the story has a happy ending. The Smith’s did manage to get their mortgage
and immediately contacted authorities after learning of the identity fraud. The individual
who had stolen her identity was later apprehended and received a prison term. According
to authorities she was only one of more then a dozen identities they had assumed in
order to open up fraudulent credit card accounts.

―It has certainly caused us a lot of time, effort and money to track down this thief and
cleaning up our credit report has taken years. The most frightening thing about the
incident was that it was going on for months and we had no idea. It made me feel
violated.‖ According to the FTC it cost the average victim more than $1,000 to cope with
the damage from identity theft.
Identity Theft and Spyware

Obviously one of the latest and most dangerous threats to privacy in the digital age lies
at the doorstep of spyware. Spyware can be used to surreptitiously gather all types of
confidential information and in most cases the user has no idea the information is being
taken. This form of ―snoopware‖ lets the spy access everything you do online including
usernames, passwords, online shopping purchases and e-mail or chat correspondence. In
the hands of an identity thief this type of information is a deadly treasure trove.

Many of today’s most popular spyware applications promise the ability to execute via
―remote installation‖. Remote installation is the ability to put a spyware program on a
computer without having physical access to the machine. Obviously this is crossing a thin
line into illegal behavior and this type of software should be classified as a Trojan horse.
Nevertheless, these programs are sold every day to consumers who want to monitor
their kids, employees, or spouse and perhaps to people that have more nefarious
purposes in mind. While there are certainly legitimate uses for monitoring software we
find it hard to believe there is any legitimate scenario where a parent or employer would
need to use remote installation to install a monitoring program. Make no mistake that
spyware can certainly be used to illegally obtain your personal information

Spyware vs. Adware- Know the Difference

It is also very important to understand the difference between spyware and adware
(a.k.a. pestware). There has been a large outcry from consumers and privacy advocates
over intrusive software and cookies that are in reality more of a nuisance than a security
threat. This does not mean that adware is not a problem, but cookies and adware should
not be treated on the same level as spyware. They are fundamentally different situations
altogether and lumping them together dilutes the threat of real spyware.

Adware generally refers to software that installs a reminder service or spawns targeted
ads as you surf. These advertisements are referred to in the advertising industry as



Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                         19
interstitials or simply ―pop-ups‖. They might also profile your surfing habits, shopping
habits and most gather information in aggregate.

In a recent decision in the case of U-Haul versus WhenU a judge determined that the use
of adware was ―legal‖. In short it meant that WhenU was not violating trademarks by
having their bundled software, SaveNow, display pop-up advertisements.

We do believe that more legal precedents will be handed down and legislation will be
enacted to control the use of adware that uses drive-by downloads and deceptive
installation techniques, but until that time comes we urge users to read the End User
License Agreement for any software before they install it and to educate themselves on
the use of adware.

Spyware, as we know it, is software used to monitor actual computer activity. As we
mentioned before it can log your keystrokes which means whatever you do on your
computer is open to the eyes of prying spies. This problem is greatly exacerbated in
environments where different users have access to a single machine. For example, a
local copy shop, a computer rental kiosk, a university or even a friend’s home machine.
These are typical targets for a thief who wants to quickly grab information from
unsuspecting users.

Public Terminals and Spyware

One particular case stands out as a red flag for using public terminals. For over a year,
unknown to people who used Internet terminals at Kinko's stores in a New York store,
Juju Jiang was logging everything users typed including their passwords to financial
institutions. Jiang had covertly installed, in at least a dozen Kinko's stores, spyware that
logged keystrokes. He captured more than four hundred user names and passwords,
using them to access and even open bank accounts online. This is a real world example
underscoring the dangers of how spyware can be used to steal someone’s identity. It is
logical to conclude that more of this type of ID theft will occur because it is relatively
easy to execute.

A thief doesn’t even have to be technically skilled to install a commercial keylogger and
to retrieve your personal information. Once installation is deployed the thief can have
information e-mailed back to them or the software will open up a ―backdoor‖ where the
spy can log into the machine and retrieve keystroke or snapshot logs. Consumers must
exercise even more caution when using public computer systems and realize that in open
computing environments there are situations that can leave them vulnerable.

Monitor Your Credit

It is absolutely critical that you monitor your credit report on a regular basis. If you find a
change of address you did not initiate or financial accounts you did not apply for request
a copy of your personal credit report. The credit report will include contact information
for requesting an investigation of incorrect information. It's also important to watch your
monthly billing statements for errors or unusual activity. In Kim Smith’s case using a
credit monitoring service would have alerted her to far in advance to the activities of the
thief and saved her some embarrassment at closing time. After applying for a loan, credit
card, rental or anything else that requires a credit report, request that your Social
Security number on the application be truncated (x’ing out key numbers) or completely
deleted and your original credit report be shredded before your eyes or returned to you
after a decision has been made. A lender needs to retain only your name and credit score
to justify a decision. It is worthy to note that in the FTC study on identity theft fifty-two
percent of all ID theft victims, approximately 5 million people, discovered that they were
victims of identity theft by monitoring their accounts.




Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                            20
You can request credit reports at the sites below:
EquiFax
Experian
ConsumerInfo
CreditReporting.Com
... other credit monitoring solutions ...
Periodically Request Your Social Security Statement

Along with checking out credit reports U.S. consumers should request their Social
Security Earnings and Benefit Statement at least once a year to make sure there is no
sign of fraud. You can do this online by surfing to here. The statement will come via snail
mail and is not sent online. If you aren’t comfortable doing it online you can use Form
SSA-7004 located here.

Use Cross-Cut Shredders

You should shred all old bank and credit statements, as well as pre-approved credit-card
offers, before throwing them into the trash. Always use a crosscut shredder. Crosscut
shredders cost more than regular shredders but do a better job. Although a cross cut
shredder is more expensive and may need more maintenance, it offers some advantages
that make it a better choice. A cross cut shredder cuts up waste paper in two directions:
vertically and horizontally. This provides you more security for the shredded documents.
The shredded paper is in tiny pieces instead of strips which make reconstruction of the
documents a lot more difficult.

Example shredder products: Fellowes S70C, PS80C, ROYAL AG10X, Other shredders...
Secure Your Snail Mail

One way identity thieves grab information is simply by stealing it out of mailboxes. You
can use a locking mailbox to prevent theft of mail sent to you. You also might consider
dropping off your mail inside the post office whenever you send out bills to ensure mail is
never intercepted. Thieves will go as far as to steal checks sent out by consumers and
using chemical washes to remove ink. If you're planning to be away from home and can't
pick up your mail, call the U.S. Postal Service to request a vacation hold on your mail.
Watch your Snail Mail

Be sure to tear up all pre-approved credit card offers and pay close attention to your
credit card billing cycles. If a credit-card bill is more than a few days late, call the issuer
and ask if there have been any inquiries or changes to your account. One of the most
common tricks ID thieves use is to simply change the snail mail address of your
accounts.

If you don't want to receive unsolicited credit card applications in the mail, by law you
can demand that your name be removed from the marketing lists that credit bureaus sell
to credit grantors looking for new customers.
Opt-Out of ―Pre-Approved‖ Credit Card Offers

The Fair Credit Reporting Act gives U.S. consumers the right to "opt out" or stop credit
bureaus from providing your name and address for marketing lists for credit or insurance
offers. Call toll-free 1-888-5-OPT-OUT (1-888-567-8688), a special phone number set up
by the nation's top three credit bureaus and another nationwide company called Innovis.
When you call this number, you can opt out of these lists for two years or opt out
permanently. We recommend the permanent opt-out route. Be advised that if you want
to permanently opt out you will receive a form, usually within in five (5) business days
that you will have to return. They will also ask for your social security number on the call.
The entire process takes about five minutes and is time well spent.
Protect your Information



Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                             21
Never give your credit-card number or personal information over the phone unless you
have initiated the call and trust the business. It is critical that you don’t reveal highly
personal information, like social security numbers, on documents like bank checks. Nor
should you let merchants write down your social security number as a form of
identification on a check. The general rule of thumb about personal information is less is
better.

Guard Your Cards

One easy way to protect yourself against identity theft is to limit the amount of
confidential information you carry in your wallet or purse. You should not carry around
bank account numbers; personal identification numbers (PINs), passwords, passports,
birth certificates, and most importantly, Social Security cards. Leave them at home,
preferably in a safe until they are needed.
Add a Password

Ask your financial institutions to add extra security protection to your financial accounts
including your credit card, bank and phone accounts. Most will allow you to use an
additional code or password (a number or word) when accessing your account. Do not
use your mother's maiden name, Social Security Number, or date or birth, as these are
easily obtained by identity thieves. See password safety below.

Password Safety

Avoid using easily available information like your mother's maiden name, your birth date,
the last four digits of your SSN or your phone number, or a series of consecutive
numbers or keyboard strokes.

If you use online banking or financial services never select a password that matches your
username. This is the most common mistake- and the most easy to exploit.

Avoid using words that are in the dictionary. Hackers simply run a ―dictionary-attack‖
where they rapidly scan through common words and attempt to brute force an account.
Avoid adding a digit in front or at the end of a word or reversing a word (irish ->hsiri) are
not good password choices. Crackers routinely try these combinations. Nor should you
use the same password over and over. If a hacker should break one password, the rest
of your information or files will be safe. If you have used the same password over and
over- they will have no problem accessing more accounts. Never give your password to
anyone and be sure to change passwords frequently.

If your store passwords locally on your machine be sure the software uses some type of
strong encryption.

Watch For Spoofing Attacks

"Spoofing" frauds attempt to make surfers believe that they are receiving e-mail from a
trusted source, or that they are securely connected to a trusted web site, when that is
not the case. Spoofing is generally used as a means to convince individuals to give out
personal or financial information by deception.
In "E-mail spoofing" the header of an e-mail appears to have originated from someone or
somewhere other than the actual source. Spammers and criminals often use spoofing in
an attempt to get recipients to open and possibly even respond to their mails.

"Page Spoofing" involves altering the return address in a web page so that it goes to the
hacker’s site rather than the legitimate site. This is accomplished by adding the hacker's




Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                             22
address before the actual address in any e-mail, or page that has a request going back to
the original site, often with a form that looks identical to the legitimate site.

A page spoof might look something like this:
http://www.paypal.com@spiesrealdomain.com/index.html the domain will always resolve
to the address AFTER the @ sign. If you were to surf to this web address and submit any
information via a form it would go to the spy and not to PayPal. Try to get into the habit
of visually inspecting addresses in your browser address location bar.

If you receive an e-mail requesting that you "click here to update" your account
information, and then are redirected to a site that looks exactly like your ISP, or a site
like EBay or PayPal, be on the alert. This is type of spoofing attack is increasingly more
common and becoming more sophisticated. Don’t click on the links in the e-mail. The
safest way to investigate your account is to type in the domain name you want to reach
directly into the browser address location bar and hit enter.

Always Use Security Software

As an informed Internet user it is absolutely vital that you keep your operating system up
to date with that the latest patches. We also recommend that you are running three
types of security software. We recommend a solid firewall, an anti-virus package, and an
anti-spyware package. Naturally it is important to not only use these products but to
keep them up-to-date with the latest definitions and patches. Don’t be lulled into a false
sense of safety though. Even with a strong defensive perimeter it is still possible to get
hijacked or infected. Use caution and common sense. Above all: Don’t panic.

Check Safety

Do not pre-print your checks with your social security number or your driver’s license
number. Never permit your credit card number to be written onto your checks. When you
order new checks arrange to pick them up at the bank and not to be dropped off at your
residence. If possible, never take more checks then you actually need when going out.
Hope on The Horizon

Starting in May of 2004, victims of identity theft will be able to alert banks, credit card
companies and law enforcement with one call under a pilot program announced by the
Financial Services Roundtable. The Financial Services Roundtable represents 100
institutions handling about 70 percent of the U.S. economy's financial transactions. They
are creating an Identity Theft Assistance Center to help fight the rising incidence of the
crime. The safest bet is to minimize your risks and practice good privacy.




Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                            23
KaZaA Tampers With System File
By: Mike Healan
July 7, 2003

                      A posting on SpywareInfo's antispyware developer's mailing list
                      caught my eye recently. It seems that the latest version of KaZaA is
                      tampering with a Windows system file.

                      The HOSTS file is the first place Windows goes to look up the IP
                      address of a remote server that your computer wants to connect to,
                      such as a web site or a gaming server. If it is not listed in the
HOSTS file, then it will send a request to your ISP's DNS servers to look up the IP
address of the server.

A common trick is to use the HOSTS file to make Windows think that a dedicated
advertising server is located at the IP address 127.0.0.1. That is the internal IP address
of your own computer. When something wants to contact the advertiser's web server to
load an ad, Windows believes that the server is located on your own machine, the real
server is never contacted, and the ad is never loaded.

As of the latest version (2.5) of KaZaA, if certain entries are present in the HOSTS file,
KaZaA will not load. Instead KaZaA pops up the following notice:

The "More Info" button leads to http://www.certifiedkazaa.com/certified.htm, which has
this to say:
When KaZaA Media Desktop runs, if we detect some known changes that non-certified
products make to your system, we will inform you that we have detected this and ask
that you make some changes before running KaZaA.

Simple: If it is a simple change then we will offer to fix the problem for you
automatically. An example of this is when your 'HOSTS' file has been changed to prevent
your computer reaching KaZaA.com or one of the other important domains that are
required for KaZaA to function correctly. In this case we will comment the problem
entries if you agree to let us fix the problem. If not, you will need to close KaZaA.

If you click the "Fix and Continue" button, KaZaA will alter the HOSTS files by disabling
any entries relating to web sites owned by Sharman Networks or by their sponsors.

After some testing, I found that if the NTFS security settings are changed to restrict read
access to the c:\windows\system32\drivers\etc\ folder by users (see next picture),
KaZaA is unable to read this system file or tamper with it. It will still load however,
although, for some reason, it takes about 20 seconds (on my system) to load.

If you are using Windows 2000 Pro or Server with the NTFS file system, you can simply
right-click the folder while logged in as an administrator, select properties, and then click
the security tab. Click the box to deny "Read" permissions and click OK. (screenshot)

If you are using Windows XP Pro with the NTFS file system, Microsoft hides these options
from you by default. You will need to turn off "Simple File Sharing" from Control Panel >
Folder Options > View before you can access the settings. I don't know whether XP Home
allows access to these security options or not.

If you are using Windows 95, 98, or ME, or are using 2000 or XP with the FAT32 file
system, then I'm afraid that you are out of luck. These security features do not exist on
the FAT32 file system.



Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                            24
If you are not sure whether you are using NTFS or FAT32, open your My Computer
folder, right-click on your hard drive icon, and select properties and your type of file
system will be listed. (screenshot)

For those wondering about my publicly-stated opposition to hacking the spyware out of
KaZaA and other file sharing programs, that has no bearing on this. I have reviewed
KaZaA's license and it makes no mention of altering Windows system or network files,
and it does not mention the HOSTS file or anything related to it in any form.

It is my opinion that KaZaA crosses the line to become malware by making unauthorized
alterations to Windows network files. The instructions above will prevent these alterations
if you are using the NTFS file system.

My recommendation is that KaZaA should not be used. There are several file sharing
programs that do not include spyware and other unwanted advertising parasites. There
are also music services becoming available that allow consumers to purchase, download,
burn, and copy music files for reasonable amounts of money.

This article is located at http://www.spywareinfo.com/articles/kazaa/



180 affiliaten
Overview & Summary

Some web sites ("merchants") pay commissions to independent third-party web
publishers ("affiliates") who recommend and link to merchants' products. Proper
tabulation of affiliate commissions relies on a multi-step process, requiring coordination
by merchants, affiliates, and (often) affiliate networks who help track the transactions.
(Details about affiliate programs.) Software from 180solutions (also known as
MetricsDirect) interferes with this tracking process, seizing affiliate commissions for 180's
benefit and for 180's advertiser partners.

In my testing, 180 software specifically and systematically causes merchants' tracking
systems to conclude that users reached merchants' sites thanks to 180's efforts, even
when users actually reached merchants on their own or through other affiliates. As a
result, merchants pay commissions to 180 even when no commission is properly payable
(under affiliate program rules), i.e. when users reach merchants' sites without receiving
bona fide recommendations from independent affiliate web sites. In addition, 180 causes
merchants to pay commissions to 180 even when commission is properly payable to
other affiliates -- who actually recommended, encouraged, and facilitated users'
purchases from the merchants.

To seize affiliate commissions, software from 180 must first become installed on users'
PCs. See discussion in 180solutions Installation Methods and License Agreement.

Once installed on users' PCs, 180 software performs four main functions:

   1. 180 transmits to its servers information about the web sites that users visit. Each
      transmission bears a domain name (or other trigger condition), as well as a
      unique user ID that lets 180 build profiles of users' online activities.

   2. 180 shows popup ads, which generally cover substantially all of the targeted web
      sites. In my testing, 180 typically cover web sites with the sites of their
      competitors.

   3. 180 shows duplicate copies of merchants' sites, where the second copy has been
      reached via an affiliate link. As a result, merchants pay commissions to 180 (and
      its advertisers) on the resulting purchases.


Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                          25
   4. 180 opens hidden windows with invisible copies of merchants' sites, where the
      invisible sites are reached via affiliate links. As a result, merchants pay
      commissions to 180 (and its advertisers) on the purchases of affected users.
      Since 180's activities are silent and (to a user watching the computer's screen)
      invisible, this behaviour is particularly difficult to detect.

180's activities have attracted attention from some targeted merchants, leading some
merchants to remove 180 from their affiliate programs. (Nonetheless, at least 300 major
online merchants remain affected. ) 180's activities have also attracted attention from
affiliates who are upset to lose commissions when 180 overwrites their tracking codes.

To date the two largest affiliate networks (LinkShare and Commission Junction) have
failed to remove from their networks all affiliates using 180solutions, despite behavior
that seems to violate the networks' rules. In the short run, the affiliate networks benefit
financially from 180's activities -- even as merchants, other affiliates, and users suffer.
Meanwhile, the next-largest affiliate network (Shareasale) has removed 180 from its
network.

Example Silent affiliate code replacement without the use of popup windows

       Not all 180 "cookie-stuffing" requires showing a duplicate window of the
       merchant's site. Some 180 cookie-stuffing uses hidden windows -- opened
       off-screen via IFRAMEs and similar methods -- to create or replace users'
       affiliate tracking codes without causing an extra window to be opened on
       the user's screen. Such an approach is implemented via instructions --
       from 180's servers to 180 software on users' PCs -- of form shown below:

              keyword trigger

              GET /showme.aspx?keyword=.rei.com+rei.com&did=...
              ...

              <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0
              Transitional//EN">
              <HTML>
              <HEAD>
              <meta name="vs_targetSchema"
              content="http://schemas.microsoft.com/intellisense/ie5">
              </HEAD>
              <body>

                                               embedded reference to ad to be
                                         rendered off-screen, not shown to user

              <iframe src="http://click.linksynergy.com/fs-
              bin/click?id=...&offerid=20594.10000191&type=4&subid=0"
              ></iframe>
              ncase_ad_id: <input id=ncase_ad_id name=ncase_ad_id
              value=266410><BR>
              ncase_keyword_id: <input id=ncase_keyword_id
              name=ncase_keyword_id value=172482><BR>
              ncase_ad_windowtitle: <input id=ncase_ad_windowtitle
              name=ncase_ad_windowtitle value="Brought to you by the
              Zango Search Assistant"><br>
              <INPUT ID=kw_exclude TYPE=text style="VISIBILITY:
              hidden;" VALUE="%3dwsi+empty+keyword+mailbox"><br>
              <INPUT ID=ad_shown TYPE=text VALUE="y"
              style="VISIBILITY: hidden;"><br>
              <SPAN class="957085619-06032003"><FONT face="Arial"


Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                         26
               color="#ff0000" size="5">Thank you
               for your patience.&nbsp; You will be redirected to your
               destination site in a
               few seconds.</FONT></SPAN>
               </body>
               </HTML>

zie http://www.benedelman.org/spyware/180-affiliates/ voor meer informatie ivm met
dit onderwerp.

Dell’s spyware puzzle
http://www.benedelman.org/news/060404-1.html
Lots of companies have a puzzling relationship with spyware. For
example, a recent eWeek article pointed out the complexities in
Yahoo!'s relationship with Claria: My research of last year found
that yahoo.com is the the single most targeted domain of the
many thousands Claria targets with its context-triggered popups.
More recently, Yahoo! released a toolbar that uninstalls Claria
software. These facts suggest that Yahoo! would dislike Claria and
would actively oppose Claria's activities. Nonetheless, Yahoo!
remains a major supplier to Claria (via Yahoo!'s Overture
sponsored link service, which reportedly provides 30% of Claria's
revenue, per Claria's S-1 filing).

Even more puzzling, Dell both suffers from spyware and receives
web traffic from Claria's advertising services. In recent comments to the FTC (PDF page
70), Dell's Maureen Cushman reported that spyware is Dell's "number one call driver" as
of late 2003, and that spyware is responsible for as much as 12% of calls to Dell tech
support.

Nonetheless, my testing shows that Dell UK ads run on the Claria ad network. See the ad
shown at right (among several other ads also from Dell UK), which I received while
viewing the IBM.COM site. My further testing indicates that Claria shows several Dell UK
ads when users visit the sites listed below (perhaps among others). (Note that users
might have to visit particular parts of the sites listed here -- i.e. the computers section of
amazon.co.uk, not just other parts of the Amazon site.)



ebay.co.uk     bt.com            ebuyer.com      priceguideuk.com       cclcomputers.co.uk
hp.com         pricerunner.com   pcworld.co.uk   toxiclemon.co.uk       morgancomputers.co.uk
msn.co.uk      dabs.com          dixons.co.uk    packardbell.co.uk      timecomputers.com
apple.com      dealtime.co.uk    acer.co.uk      microwarehouse.co.uk   sony-cp.com
amazon.co.uk   johnlewis.com     abrexa.co.uk    evesham.com            europc.co.uk
ibm.com        dooyoo.co.uk      sony.co.uk      toshiba.co.uk          empiredirect.co.uk
kelkoo.co.uk   comet.co.uk       simply.co.uk
Dell staff tell me that the ads were unauthorized, placed by an affiliate without Dell's
permission. My inspection of the ads (and their link destinations) is consistent with this
claim. But my inspection of Claria configuration files further suggests that the ads ran on
the Claria network since at least February 6, 2004 -- some four months ago. Why didn't
Dell notice this problem until I brought it to their attention?

If this is just a glitch, what procedures could Dell (and other companies) implement to
make sure their ads are placed through only authorized channels? I'd be honored to work
with interested advertisers to think through the possibilities for automatic or scheduled
monitoring, testing, etc.




Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                           27
Databank spyware
123 PC Spy             Aphex Institution      Chat Watch            Desktop Scout
2.10.1                 2004 (0.3.0\           Chota                 2.2.1
123mania               Apophis                CIA 1.1               Desktop Spy
123Messenger           AppsTraka              ClearStream           Devil 1.3
123Search              AproposMedia           Accelerator           DialerData
2020Search             Ardamax                CleverIEHooker        DialerFactory
2nd-thought            Keylogger              Click Till U Win      DialerOffline
2Spy!                  Armageddon             ClickTheButton        DialXS
3rdEye                 ASpam                  ClientMan             Digital Spy
764 Dialer             Assasin Trojan         ClockSync             DKS KeySpy
7AdPower Dialer        AtomicLog              CLogger               Dogpile Search
7AdPro                 Aureate                CnsMin                Toolbar
7FaSSt                 AutoSearch             Coder Dialer          Doly
@KeyLogger             AVKillah               Cold Fusion 1.1       Donald Dick 1.53
Home 2.15              B-S Spy                COM                   Dotcomtoolbar
A Better Internet      babetv                 Com Policy            Download Plus
AB System Spy          Back Web               Comet Cursor          DownloadReceiv
About Blank            Backdoor Agent         Comload               er
Absolute               BadTrans.B             CommonName            DownloadWare
Keylogger              BargainBuddy           Computer              DP Trojan 2.5
AccessPlugin           Barok                  Snooper               Drater 1.0
AceSpy                 BDE                    ComputerSpy           DSK Trojan
Acid Shivers           Beast                  Conducent             DSSAgent
AcidBattery            begin2search           Content Monitor       DTr
Aconti                 Belkin PCSpy           Cool Remote           Dynamic
Actions Monitor        BillByCall             Control 1.12          Desktop Media
Activity Logger        BizDefender            Coolbar               E-mail Password
Activity Monitor       Black Box              CoolCat               Logger
2002                   BlackCore              Coolsavings           e-Surveiller
ActualNames            Blaster Worm           CoolWebSearch         Easy Search
ACXInstall             BlazeFind              Covenanteyes          EasyBar
Adblaster              Blazer                 CrashCool             EasySearchBar
AdBlock                Blue Eye 1.0b          CrossKirk             EBlaster
AdBreak                BonziBuddy             CSJami MiniCom        eicar Standard
AdDestroyer            BookedSpace            4.0                   Anti-Virus Test
AdGoblin               Boss EveryWare         ctor.dll              File
AdLogix                Boss Watcher           Cyber Informer        el Espia
AdRoar                 1.0                    Cyber Predator        Email PI
Adult Chat Dialer      BrAin Wiper            Cyber Snoop           Email Spy Pro
Adult-Links            BroadCast PC           Cydoor                EnjoySearch
Advanced               BrowserAid             Cyn                   EroticAccess
Keylogger              BrowserToolbar         Cytron                EtherScout 1.10
Adware.WinFavo         BrowserVillage         DailyWinner           EvilFTP
rites                  Toolbar                DameWare Mini         eXactSearch
Ajan 1.0               BTV Dialer             Remote Control        ezSearchBar
AlertMobile Pro        BuddyLinks             4.5                   Ezula
Alexa Toolbar          Bulla                  DashBar               Family Key
Ambush                 ButtMan                Date Manager          Logger
Amitis                 C2.lop                 DealHelper            FamilyCam
Amitis 1.1             CAFEiNi                Deep Throat           FarSighter
ANTIantivirus          Call Online Two        Delfin Media          Fast Tracker
1.4                    Captain Mnemo          Viewer                Fastseeker
AntiPC                 1.4                    Delta Source 0,7      FavoriteMan
AOL Trojan             Catch Cheat Spy        Desktop               FavSearch 1.5
Aornum                 Cero                   Detective 2000        Fearless Key Spy


Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                 28
FeRAT                  HXDL                   Key Zip               MPGcom
FizzleWizzle           I am BigBrother        Keyboard              Musqkito
Toolbar                i Wonder               Collector             Marketing
FKWP 1.5               Ibero Dialer           Keyboard              My Demise 1.0
FlashTrack             IBIS ToolBar           Guardian              My Little Spy
Flux 1.0               IBS                    Keyboard Logger       MyDoom
Flyswat                ICU Surf               Keyboard              MySearch
Forbes                 Idonate                Monitor               n-Case
FreeLoad               IEAccess               Keyboard              Nano
FreeScratchAnd         IEengine               Spectator 3.30        NavExcel
Win                    IEfeats                KeyKey                Net Devil
Frenzy                 IEFeatures             Keylog 95             Net900
Frsk                   IEHelper               keylog5.exe           NetBus
FTP99cmp               IEHost                 Keylogger.IEHoo       NetCrack
GateCrasher 1.1        IEPlugin               k                     NETObserve
GateCrasher 1.1        IESearchToolbar        KeyLogWn              NetPal
Gator                  IETray                 KeySpy                NetPumper 1.2
Ghost                  iGetNet                Keystroke             NetRadar
Ghost Key              Ikitek Key             Monitor 2.0           NetSky
Logger                 Logger                 KeyTrap               NetSpy
GhostLog               ILL-Eagle DL           kILLer                NetTrack & Spy
GirlFriend 1,35        ill-logger             Klez Worm             NetVizor
GlobalDialer           ILookup                Kotu Dialer           NetworkEssential
GlobalNetcom           IM Web                 ksLogger              s
God2                   Inspector              LANfiltrator          New.Net
Godwill 1.06           In the Know            Let Me Rule! 2.0      NewtonKnows
GoHip                  Ineb Helper            LinkReplacer          Noptify
Golden Eye             InetSpeak              Lirva                 NowBox
GonnaSearch            InLook Express         Lithium               OnFlow
Gratisware             InsaneDL               LittleWitch           Online Recorder
GSim                   Instant-Access         LoadFonts             Online-Dialer
Guardian               Integrated             Look2Me               Optix
Monitor                Search                 Looxee                OverPro
GURL Watcher           Technologies           Loveletter            P2P Networking
H@tKeysH@@k            Interfun               LZIO                  PAL Keylogger
Hack'a'Tack            Internet               MagicControl          Pro
Hacker Defender        Marketing              MAILSENDER            PAL PC Spy
Hacker Spider          Toolbar Pro            Margoc                ParisVoyeur
Hacker Wacker          Internet               MarketScore           PasTmon
HaczYK                 Optimizer              Masta Cash            PC Activity
Haldex                 Invisi Eyes            Dialer                Monitor
Hanuman                Invisible              Masterbar             PC Activity
Happy 99               Keylogger 97           MasterDialer          Monitor Net
Hatred Fiend 1.3       IPInsight              MateWatcher Pro       PC Bloodhound
Hatred-Fiend           iProtectYou            MatureToolbar         Professional
HelioS                 IRTTHPack              MediaTickets          PC Spy
Hiddukel III           ISearch Toolbar        Memory Meter          PC-Parent
HighSpeed              iSpy                   Mendware              Peer
Connector              iSpyNOW                Messenger Spam        Peper
Hithopper              ISTbar                 Mind-Control          Perfect
Home Keylogger         janNet                 MindControl           Keylogger
HotActionDating        KaoTan                 Mirar                 PerfectNav
HotBar                 Webdownloader          ModemSpy              Permedia Ads
Hotmail Hacker         KeenValue              MoM                   Pest
X-Edition              key count              MoneyTree             Pest 1.0
Httper                 Key Spy Pro            Mosaic                Phoenix
Huntbar                Key Thief              Mostrar Dialer        PluginAccess



Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                 29
Poly-DL                Searchex               Stealth               TotalVelocity
Porn385                SearchExplorer         Keyboard Logger       zSearch
Portal of Doom         Searchforit            Stealth               TradeExit
Power Key              SearchitBar            Redirector            Tranzhva
Logger                 SearchLocate           StealthWatcher        Trojan.Win32.S
PowerStrip             SearchScout            2000                  mall.hs
Precision Time         SearchSquire           Stop Popup Ads        TrojanDownload
Probot                 Searchwww              Now                   er.Win32.Dluca
Proces Logger          SecondPower            Storm 1.2             Tron
Proclaim Dialers       SeekSeek               StripPlayer           TSCash
ProRat 1.8             SentryCam              Sub Seven             TV Media Display
PRW                    SexFiles               SubSearch             Twain-Tech
Purityscan             ShareAll v1.1          SubSeven 2.2          Twistedhumor
PWD Trojan             ShopAtHomeSel          Super Spider          TX
Quickflicks            ect                    Super Stealth         Typerecorder
QuickSearch            ShopNav                Key Capturer:         TypO
Search Bar             Show Bar               SuperBar              UCmore
Radar Spy              Sidesearch             Superlogy             UCSearch
RadMin                 Silent Spy             Surf Control          Ultrasoft Key
RapidBlaster           SinRed Killer 0.1      Surf Spy              Interceptor
Raven                  SKL !.0                Surfairy              Unknown Dialers
Real Spy 1.49          Slammer worm           SurferBar             URLBlaze
Real Spy Monitor       SmartBrowser           Surfmonkey            Vampire 1.2
Realbar                Snape                  SyncroAd              Verticity
Realphx                Snapshot Spy           Sys Detective +       Viewpoint Media
Realtime-Spy           Specrem                Syscpy                Player
RedHand                Spector                SysMon                Virtual Bouncer
RedShell               SpotOn                 System Spy            VLoading
RelatedLinks           Spy Guardian           System                Voonda Toolbar
Remote Control         Pro                    Supervisor            VX2
Pc 2000                Spy Keylogger          SystemVXD             W32.Hawawi.Wo
Remote Havoc 2         Spy Wiper              Dialer                rm
remote password        Spy-Keylogger          T.H.U. Zer0           W97M_SPY.A
stealer                SpyAgent               Tolerance 1.9         Wazam
Reverse Trojan         SpyAnytime PC          Tdak Searchbar        Weaddon.dll
ReWind                 Spy                    Tellafriend           WeatherScope
Roach                  SpyAnywhere            TGDC                  Web Behavior
Roimoi                 spyAOL                 THC-CUPASS 1.0        WebHancer
RSC                    SpyAssault             The Search            WebMail Spy
S-Redirect             Spyblast               Accelerator           WebRebates
Sabotage               SpyBuddy               The Snake             Websearch
SafeguardProtect       SpyCapture             Trojan                Whazit
Safenet                SpyGraphica            The TIc.K 4.0         WildTangent
SafeSearch             Professional           Theef                 Win Key Genie
SafeSurfing            SpyRex                 Thing                 Win-Spy
Sam Spade              SpyTech Shadow         TIB Browser           WinDialer
Sandboxer              SSKC                   TIBS                  Windows
Sasser Worm            ssppyy                 Timbuktu Pro          Keylogger
Save Keys              Starcross              Tiny Keylogger        Windows Remote
SaveNow                StarDialer             Tiny Spy Agent        Windows Search
SC-Keylog              StarLogger             TinyBar               Bar
SCBar                  STARR                  ToneLoc 1.1           Windows Spy
Search Assistant       Stealth Activity       ToolbarCC             WinGuardian
Search Miracle         Reporter               Top Moxie             Winhost
SearchAndBrows         Stealth                TOPicks               Winpup
e                      Keyboard               Total Monitor         WinRecon
SearchBarCash          Interceptor                                  Winshow



Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                 30
WinSpy                 X-Driver               Xupiter               Zamingo
Winvestigator          XDialer                XXXDial               ZestyFind
WinWhatWhere           XLoader                xxxtoolbar            ZipClix
WNAD                   XLog                   Y3KRAT                Zippylookup
Wonderland             XPCSpy                 YourSiteBar           ZoneKIller
WurldMedia             Xpehbam Dialer         YSK KeyLog 1.0
X-Diver                Xtractor Plus 3.6      Zaffi

http://www.spywareguide.com/product_list_full.php?pageNum_Rs1=12&totalRows_Rs1=
614

Bronnen
http://www.cexx.org/adware.htm
(spyware removal help)
http://www.cexx.org/startup.htm
remove annoying programs from startup
(realplayer, quicktime, corel's 15 tray icons, etc.)
http://www.spywareinfo.com/~merijn/winfiles.html
Good info on CWS & it's variants
also downloads for Hijack This & CWShredder
http://cexx.org/newnet.htm
Specific Information new.net, removing it, and
restoring your internet connection's functionality
http://www.spywareinfo.com/articles/hijacked/
Detailed information about browser hijacking
http://cexx.org/webhancer.htm
Specific Information on Webhancer, removing it, and
restoring your internet connection's functionality
http://www.doxdesk.com/parasite/
Information and removal on many specific spyware
problems.
http://www.wilders.org/
various security information
(spyware, antivirus, firewalls, etc.)
http://www.mlin.net/
Home of the ―Startup Control Panel‖
http://www.accs-net.com/smallfish/advw.htm
Information on Bonzi, Comet, Timesink, Cydoor,
Flyswat, GoHip, DSSAgent, Aureate, and Web3000
http://www.windowsstartup.com/
Home of ―Startup Inspector‖
http://www.spywareguide.com/
Detailed information on many different spyware
threats
http://www.javacoolsoftware.com/spywareblaster.html
Javacool's Spywareblaster. A good prevention
program to run if you have a problem user who just
can't stop clicking on every ActiveX warning they see.
Counterexploitation: http://www.cexx.org/
Spywareinfo: http://www.spywareinfo.com/
Spywareguide: http://www.spywareguide.com/
Simplythebest: http://simplythebest.net/info/spyware.html
PCHell http://www.pchell.com/support/spyware.shtml
Wilders http://www.wilders.org/spyware.htm
Microsoft http://www.microsoft.com/security/articles/spyware.asp
Filterguide http://www.filterguide.com/monitoring.htm


Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB                 31
Sociaal en juridisch recht – Spyware – Mireille Van Damme – 3TINB   32

								
To top