What is Spyware?

Spyware/adware, herein referred to as spyware, is software that covertly gathers user information through the user’s Internet connection. This occurs with or without his or her knowledge, usually for advertising purposes. Spyware applications are typically bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet; however, it should be noted that the majority of shareware and freeware applications do not come with spyware.

Unlike viruses and worms, spyware does not usually self-replicate. Like many recent viruses, however, spyware exploits infected computers for commercial gain. Typical tactics furthering this goal include delivery of unsolicited pop-up advertisements; theft of personal information, including financial information such as credit card numbers; monitoring of Web-browsing activity for marketing purposes; or routing of HTTP requests to advertising sites.

Spyware does not directly spread in the manner of a computer virus or worm. Generally, an infected system does not attempt to transmit the infection to other computers. Instead, spyware gets on a system through deception of the user or through exploitation of software vulnerabilities.

Most spyware is installed without users being aware. Since they tend not to install software if they know that it will disrupt their working environment and compromise their privacy, spyware deceives users, either by piggybacking on a piece of desirable software such as a free screen saver, or tricking them into installing it. Some “rogue” spyware programs even masquerade as anti-spyware software, and actually install the spyware they detect and offer to remove, for a price.

The distributor of spyware usually presents the program as a useful utility, e.g.: as a “Web accelerator” or as a helpful software agent. Users download and install the software without immediately suspecting that it could cause harm. For example, Bonzi Buddy, a spyware program targeted at children, claims that:

He will explore the Internet with you as your very own friend and sidekick! He can talk, walk, joke, browse, search, e-mail, and download like no other friend you’ve ever had! He even has the ability to compare prices on the products you love and help you save money! Best of all, he’s FREE!

Once installed, spyware can monitor user activity on the Internet and transmits that information in the background to someone else. Spyware can also gather information about e-mail addresses and even passwords and credit card numbers.

Spyware is similar to a Trojan horse in that users unwittingly install the product when they install something else. A common way to become a victim of spyware is to download certain peer-to-peer file swapping products that are available today. Spyware can infest the computer turning it into a “zombie” that will spoof email usernames and send spam to other computers without the user’s knowledge.

This will usually only occur on a computer with an “Always On” broadband connection since the dialup process can be easily detected by the user. If using a dialup connection, an indication that the computer has active spyware running is its constant attempts to dialup the internet connection. Another good indicator of a computer being infected with spyware is an extended boot up time. Since spyware is designed to do many of its dirty deeds undetected, there will be no reference to it in the system taskbar, or in the Add or Remove Programs dialog.

Aside from the questions of ethics, privacy and it being illegal, spyware steals from the user by using the computer’s memory resources and also by eating bandwidth as it sends information back to the spyware’s home base via the user’s Internet connection. Because spyware is using memory and system resources, it can lead to system crashes or general system instability. Spyware can get so resource consuming that it becomes impossible to use the computer.

Spyware exists as independent executable programs, and therefore has the ability to monitor keystrokes, scan files on the hard drive, snoop other applications such as chat programs or word processors, install other spyware programs, read cookies, change the default home page on the Web browser, and consistently relay this information back to the spyware author who will either use it for advertising or marketing purposes or sell the information to another party.

Licensing agreements that accompany software downloads sometimes warn the user that a spyware program will be installed along with the requested software, but the licensing agreements may not always be read completely because the notice of a spyware installation is often couched in obtuse, hard-to-read legal disclaimers.

Some likely sites that may try to push this spyware to you include free greeting cards, free games, free game cheat codes, free screen savers, free anything, etc. If the site is offering something for free, check it closely, very closely and be absolutely certain of the sites trustworthiness.

Even if all they ask for is your email address, it is entirely possible that they will be selling your address to spammers. This is one place where this old adage really applies, “If it sounds too good to be true, it probably is”.

Why free music is bad for your computer

The music itself is not bad for your computer, actually. However, the means and methods of getting free music, or free anything, can be bad for your computer. A lot of the free stuff comes with a catch in a nicely packaged form of a Trojan. These Trojans are malicious computer programs that hook themselves into your operating system and then phone home to download more junk in the background – or worse, spy on you and send your personal information to their masters. For those of you who have experienced pop-ups, fake anti-virus alerts, or stuff that wants you to buy something, may have actually experienced the effects of sophisticated Trojans. If you go online and do a Google search for “free music”, you’re more likely to come across a malicious website than if you were to search for “buy music”.

Several ways of getting free music, and free stuff in general are via peer 2 peer (p2p) networks. One popular client is called Limewire. This free program gives you access to a network of thousands of free songs. This free program also gives you access to the same networks that virus writers like to upload their programs to lure people into downloading and running them. The files they upload are named in such a way that anyone searching for their favorite artist or song will be misled into downloading a Trojan that masquerades itself as a song. The virus authors do this because they make tons of cash selling ads or products to unsuspecting users. In fact, one guy in Arizona was raided by the FBI because he was a suspected virus author and spammer that made millions. They found hundreds of thousands of dollars in cash stuffed in cereal boxes throughout his house, as well as a yellow Lamborghini parked on his driveway. This guy made his millions off unsuspecting Limewire users and by sending billions of spam messages per day.

So,  while Limewire as a program itself is not malicious in any way, the large peer 2 peer network that it connects to is a haven for malicious software. It does have tons of free music available but some of the music does masquerade as a virus. The best thing you can do if you must use Limewire is to make sure that you have an up-to-date operating system, the latest and greatest anti-virus engine, and the know-how on what to look for and how to avoid getting your system infected.

Information Privacy and Encryption

Pretty much anyone who has dealt with ordering goods and services online or doing online banking has heard of encryption. But what exactly is it and how important is it really?

I would say it is absolutely crucial that any personal information being transmitted online be encrypted to the highest level possible. Modern web browsers such as Mozilla FireFox or Internet Explorer have good encryption and do a good job in letting you know if you’re about to send personally identifiable information to a third party. You should always look out for the yellow lock icon whenever you’re about to send a password, address, or other personally identifiable information. Anything less, you should avoid doing so.

Encryption does not end at web browsing and using services on the Internet, however. It’s also important to have strong encryption for your home or office wireless network. The most common type is WEP, which unfortunately, is not as secure as originally thought. With the right tool, it can be hacked in less than a minute. I recommend at least WPA encryption security, or WPA2 if your wireless router and laptop support it.

A growing trend in data privacy and security is the encryption of storage media such as the hard disk drive or even flash drives. I use a Lexar JumpDrive, which can be configured to have an encrypted, password-protected volume. There is a new flash drive called the IronKey. It not only encrypts and protects your data with a hardware Cryptochip, it can also self-destruct. Should it get in the wrong hands, it will literally fry itself so the data cannot be recovered.

For encryption of your files on your computer, there is a non-profit organization called TrueCrypt that has developed a great, free software program. Their program, TrueCrypt, allows you to encrypt entire drives, folders, or individual files with ease.

Here are some quick tips for making sure your data is safe and protected:

• Make sure the yellow lock is on and visible whenever you send information via a form online.
• Make sure the website address is prefixed with an https:// instead of just plain http://. This denotes Secure Socket Layer (SSL) SSL security.
• If you need to transmit sensitive information or documents via e-mail, you really shouldn’t. Instead use fax, certified postal mail, or a secure file-sharing service such as ShareFile.com.
• Contact me if you have any concerns about the privacy of your sensitive data.

For a great article on on encryption, check out How Stuff Works. It is rather technical, but still offers insights on protecting your information online.

How to be more productive on your computer

Computers and the Internet have made all of us incredibly productive. Long gone are the days of writing letters on paper with a pen. With typing speeds on average of 30-45 words per minute, computer users can type up an e-mail and send it off far quicker than mailing a letter via the United Slow Postal Service. With such a dramatic increase in productivity with computers, it may be hard to imagine even faster ways to get things done and do things on a computer. Well, in this blog post, I’m going to talk about several ways to increase your productivity with your computer.

Use the Keyboard More
Moving your hand constantly from the keyboard to the mouse is a time-waster. For example, filling out a form online where it has fields that ask you to fill in your name, e-mail, and other information can quickly be navigated with the Tab key instead of using the mouse to click on each individual field. Here are some other great keyboard shortcuts to speed up your productivity:

Alt+tab: Hold down the Left Alt key and tap on the Tab key to quickly navigate the open applications that are running on your computer. Let go of the Left Alt key to switch to that application. The slow method: use your mouse to click on the application on the bottom task bar.

Windows Key+M: Need to quickly see your desktop screen? Hit the Windows Key (it has a logo of Microsoft Windows) and then M to minimize all the open windows on your screen. The slow method: clicking that minimize button one after the other with the mouse.

Ctrl+N: Need to make a new document, e-mail, or web browser window? Just hit Ctrl+N to create a new whatever.

Alt+F4: Close a bunch of windows and applications that are open by hitting Alt+F4 repeatedly. The slow method: clicking all those X buttons one after the other with the mouse.

Ctrl+Enter: If you use Microsoft Outlook, Outlook Express, or Windows Mail, you can send off e-mails faster by hitting Ctrl+Enter instead of clicking the send button with the mouse. You can also do Ctrl+R for replying to an e-mail, or even Ctrl+F to forward.

For a more comprehensive list of virtually all available keyboard shortcuts, check out the following knowledge base article on Microsoft’s site.

Go Dual Monitor, or more
The more you see on the screen, the more information is there to help you get things done even quicker. Before, it was all about getting the bigger sized monitor so you can have the biggest desktop screen space. Nowadays, however, it’s not uncommon for businesses and individuals to have dual monitor setups. Personally, I started out with a 24-inch Dell widescreen monitor that sports a 1920×1200 resolution. I have tons of desktop screen space. However, I quickly outgrew it so I added another 17-inch monitor. The result is I am now, statistically speaking, up to 30% more productive with two monitors than with just one. For more information on this great productivity gaining idea, check out this article.

How about going Triple Monitor?!

Find & Open Programs Faster With Launchy
This great, free software lets me use the keyboard to launch any program I want that’s in my Start Menu or Quick Launch bar. All I have to do is hit Alt+Spacebar (by default; it can be changed to any keyboard combination you want), then type in a partial phrase of the program I want to launch. For example, I can type “quic” and right away it shows QuickBooks, which I hit Enter to launch. I don’t even have to worry about spelling. Wait a few more seconds and other program suggestions will come up. This increased my productivity tenfold because I no longer have to dig around endless Start Menu entries to find the one obscure program I’m looking for. Check it out here: www.launchy.net. Don’t forget to check out the Tips & Tricks of the program as well.

Do you have ideas for increasing productivity on the computer? Please feel free to share them with me!

Ways to Reduce Spam/Junk E-mail

In this post, I’m going to talk about one of the most hated things about computers and the Internet — spam. Spam, also called Junk Email, hits our inbox daily whether we like it or not.

Most of you already have some kind of anti-spam mechanism, whether it’s by hosting with me, using a big ISP’s e-mail, or using a free webmail service like Yahoo! or Google. These all have server-side spam filtering. However, anti-spam is not a perfect science, so some junk mail still slips through. Below, I have listed seven different tips on reducing or circumventing spam.

• Don’t use any “auto-preview” features in your mail client. Examples of this are the Reading Pane in Outlook 2003/2007 or the Preview Pane in Outlook Express/Windows Mail. These should be turned off as they auto-load the e-mail. Most spam is easily identifiable by its sender and subject, which is okay to view.
• Don’t post your e-mail address in plain text on the Internet. Examples include having it on your website (use a contact form instead), posting in forums, chat dialogs, or blogs. Having your e-mail in plain text can easily be found by spam robots that crawl the Internet to harvest e-mails for spamming. Spammers are very sophisticated with this, much like how Google is sophisticated with web search.
• Don’t unsubscribe. Some spam e-mails have an “opt-out” link that simply verifies that you’re a real, active e-mail user who opened their junk e-mail message. Legitimate newsletters, however, usually have good privacy policies, are e-mails that you know you signed up for, and are from trusted, known sources.
• Don’t open suspicious/unknown attachments. Spam e-mails may come with an attachment that looks like it’s a picture or a text file of some sort. This is usually malicious in nature and will usually infect your system with a Trojan that gathers even more e-mail from your own address book. A good anti-virus solution usually circumvents this very well. In fact, AVG AntiVirus 8.0 does this very well. It has plugins that scan incoming emails for these malicious attachments and will either silently take care of it for you, or prompt you to do something about it.
• Don’t open spam e-mails with pictures. The pictures are downloaded from a spammer’s server on the Internet. This lets them track you and see that you opened their message. It’s a welcome mat for even more spam.
• Use a throw-away e-mail address. If you regularly find yourself having to sign up on various websites just to gather information on something, download something, or get something, it may be a good idea to have a “throw-away” e-mail address. This is an address that you can use for sign-ups only and it would be separate from your business or personal address that you only give to friends or family. Free e-mail services such as Google’s Gmail, Yahoo, or MSN Hotmail are easy to sign up for and use. On the more advanced side, I have my own domain “neuroncomputers.com”. So what I do is I create some random, jargon e-mail address like signups392@neuroncomputers.com and use that for awhile. When I see that it gets hit with tons of spam, I simply delete it and create a new one called signups405 and so on so forth.
• And the #1, perfect anti-spam solution is…Don’t Use Email! Of course that would be impossible since email has really become a staple in business and in our personal lives. The good news is, as technology gets better and better, so does the fight against spam. From my own observations with clients and how their email systems are set up, I’ve seen first hand that approximately 98% of all emails have been effectively blocked and discarded as spam. So if you’re actually getting 5-10 spam e-mails per day, that’s only a small fraction of the 2% of e-mails that are not being blocked. I’d certainly hate to have thousands of spam e-mails in my inbox!

If you have any spam-blocking/prevention ideas, questions, or comments, please feel free to share them with me, and I’ll be sure to add your comments to my blog and in my next newsletter edition.

Bill Gates Retires

Microsoft Corp Chairman Bill Gates is stepping down from daily operations at the software maker, to focus on his philanthropic efforts. Go here to see a cool time line of all the major events in the life of Microsoft, the company he co-founded in 1975, and in the Gates’ life.

Simplify Your Online Logins

RoboForm is software that literally does the grunt work of remembering your online logins and passwords. It also automatically logs you in to websites. Sure, Internet Explorer and FireFox have password remembering features, but RoboForm takes it a step further with automatic website navigation, logging in, and even form filling – all with full, encrypted security. With form-filling, you don’t have to type your address or shipping information when you place online orders, ever again. I have been using this software for years and highly recommend it. Check it out, there’s a free 30-day trial.

Website Update Coming Soon

I am excited to announce that I will be completely revamping my website in the near future. I’m excited to announce more resources for your business IT needs such as:

- Data loss prevention and protection recommendations
- Network and computer security recommendations
- Software and utility recommendations

I will also be outlining all my rates, policies, and procedures on my website. Moreover, I’ll be adding more information on what I can do for you and your business’ computer service and IT needs.

Stay tuned!

Remote Support Services

This thing I came across by a good friend of mine has absolutely, positively blown me away. It’s called LogMeIn Rescue and it is the coolest thing since sliced bread. I signed up for the 2 week free trial and it has already “paid” for itself many times over. I was able to provide computer repair services to several satisfied clients. I cannot wait to purchase this thing.

Basically the way it works is I send an e-mail with a link or send customers to a special website (customizable later by me), and a PIN code. They input the PIN code, download and run the special program, and we’re connected. It’s as simple as that. Once it’s running, we can chat one on one in an AOL Instant Messenger-like chat window. I can then request various important functions such as the current PCs resource load (CPU, memory, hard drive space used, etc), programs that are running, and even take complete control of their desktop — all with their permission first of course. The best thing of all is this is safe and extremely secure, as it uses 256-bit encryption to transmit information back and forth between me and the client.

What I envision doing in the the very near future is implement a website that is an extension of www.neuroncomputers.com and have clients be able to provide their information and click “Connect”. Initially, I will just offer instant connect access and ask for billing information post-session. In the future, I will accept credit cards and offer the option to purchase “prepaid minutes” or flat-rate services such as “Set up your music player” or “Install your office suite program”.

It is so amazing how technology has progressed to this. With Windows Vista coming out very, very soon (if it hasn’t already — I’m so behind with that), then there will be even more of a need for remote support.