1 Protect Against Spywares – SpywareBlaster
1
Protect AgainstSpywares – SpywareBlaster
2
Content Introduction –
- What is Spyware?
- Danger- Sign of Trouble
Solution Cleaning -- Spybot Protection -- SpywareBlaster
Evaluation & Conclusion
3
Introduction Prevention is better than cure –
SpywareBlaster prevents the installations of spywares as well as the running of the installed spywares
4
What is spyware? According to spywareinfo.com, spyware is
software or hardware installed on a computer without the knowledge and the consent of the users. These components gather information about the user for later retrieval by whoever controls the spyware.
If the spywares aim at marketing some product or services, they are called adware.
5
DangerThe threat can be categorized as follows:- Annoyance; profile users, fairly easy to removeThreat; profile users and broadcast data back to a server,
removal is not easyDangerous; logs activity, open communication ports,
difficult to remove, may contain security flaw and/or anti-spy counter measures
Extremely dangerous; logs activity, open communication ports, high possibility of potential system damage or security flaw, may attempt to disable anti-virus or firewall programs.
6
Sign of Trouble System is slow Mysterious new toolbar in browser Advertising windows pop up even when
not browsing the web Surprise 900-number charges on phone bill
7
SolutionGame plan:-
- clean up the system (with Spybot)- take a snapshot of the system in its clean state- run SpywareBlaster to protect the system- periodically restore the system to its clean state to preserve integrity
8
Cleaning with Spybot A free software from
http://www.safer-networking.org/
to detect and remove spywares Allow recovery Provide immunization
9
I. Search and destroy
10
List the problems found
11
The result is colour-coded Red entries – problems that should be fixed
to avoid security and/or privacy problems Black entries – system internals, better
remain untouched Green entries -- indicate usage tracks, may
be removed.
12
Remove the threats Select Fix selected problems
13
System is cleaned
14
15
II. Possible recovery A list of back-ups is provided.
16
III. Immunization To prevent future spyware installation
17
Protection -- SpywareBlaster
http://www.javacoolsoftware.com SpywareBlaster creates a snapshot (an image of
various browser and system settings) of the computer in its clean state.
Protect the system from installation of spywares and action of installed spywares by setting a “kill bit” for spyware ActiveX controls
Snapshot can be restored, changes and additions detected will be reported to provide full control
18
1. Creating a snapshot Run SpywareBlaster. Select System
Snapshot then Create a System Snapshot
Choose a meaningful name for the snapshot such as after_cleaning, nothreat, and etc.
19
20
21
2. Protect the system Current list of problematic spywares and tracking
cookies is provided. The ones displayed in red are the one that the computer is not protected against.
User can choose the ones to be protected against. Press “Select All” or manually make the selection.
Press “Protect Against Checked Items” button.
22
23
Information about the spyware/cookies is available. Select More Info on Items
24
3. Restoring the system Select System Snapshot choose Restore
system Snapshot
25
Select a snapshot
26
Changes and additions will be reported
27
4. Other options Settings
28
Tools
1. Brower Pages – allow changes to the settings
29
2. Hosts Safe – Encrypted backup copies of the Hosts file. Can be restored by “Restore Saved Backup
30
3. Misc. Internet Explorer Settings – edit Internet Explorer settings
31
4. Flash Killer – Provides the option to set the kill bit for the Macromedia Flash control (versions 4.x, 5.x, or 6.x).
32
5. Custom Blocking – Allows customization of the list of ActiveX controls to be blocked.
33
Updates
SpywareBlaster can be effective only if the threats are known, thus it is important to update the database frequently
34
Information on spyware/adware Wilders.org http://www.wilders.org SpywareInfo
http://www.spywareinfo.com Doxdesk.com http://www.doxdesk.com
35
Evaluation SpywareBlaster can protect a system only
if it is possible to reach the clean state, not contaminated by surveillance programs.
Spybot Search & Destroy was known to be unable to find and remove keyloggers.1
36
Conclusion Spywares, or serveillance programs, remain a
major security issue. They are capable of invading a computer system, tracks users’ keystrokes and thus gain control of the systems.
The Software principles Yielding Better Levels of Consumer Knowledge (SPYBLOCK) Act was introduced in US Congress. The act would make downloading and installing software without alerting the user illegal.2
37
Critics would like to add provision to provide avenue for the users to take legal actions against companies that create and use spywares.
The Federal Trade Commission plans a workshop on spyware in mid-April !!
38
References1. Scott Spanbauer, “Fight Back Against
Surveillance Software”, PC World Magazine, April 2004 issue (Posted Thursday, February 26, 2004).
2. Adrienne Newell, “Anti-Spyware Law Proposed”, Medill News Service, February 26, 2004