1 Protect Against Spywares – SpywareBlaster. 2 Content Introduction – - What is Spyware? -...

1

Protect AgainstSpywares – SpywareBlaster

2

Content Introduction –

- What is Spyware?

- Danger- Sign of Trouble

Solution Cleaning -- Spybot Protection -- SpywareBlaster

Evaluation & Conclusion

3

Introduction Prevention is better than cure –

SpywareBlaster prevents the installations of spywares as well as the running of the installed spywares

4

What is spyware? According to spywareinfo.com, spyware is

software or hardware installed on a computer without the knowledge and the consent of the users. These components gather information about the user for later retrieval by whoever controls the spyware.

If the spywares aim at marketing some product or services, they are called adware.

5

DangerThe threat can be categorized as follows:- Annoyance; profile users, fairly easy to removeThreat; profile users and broadcast data back to a server,

removal is not easyDangerous; logs activity, open communication ports,

difficult to remove, may contain security flaw and/or anti-spy counter measures

Extremely dangerous; logs activity, open communication ports, high possibility of potential system damage or security flaw, may attempt to disable anti-virus or firewall programs.

6

Sign of Trouble System is slow Mysterious new toolbar in browser Advertising windows pop up even when

not browsing the web Surprise 900-number charges on phone bill

7

SolutionGame plan:-

- clean up the system (with Spybot)- take a snapshot of the system in its clean state- run SpywareBlaster to protect the system- periodically restore the system to its clean state to preserve integrity

8

Cleaning with Spybot A free software from

http://www.safer-networking.org/

to detect and remove spywares Allow recovery Provide immunization

9

I. Search and destroy

10

List the problems found

11

The result is colour-coded Red entries – problems that should be fixed

to avoid security and/or privacy problems Black entries – system internals, better

remain untouched Green entries -- indicate usage tracks, may

be removed.

12

Remove the threats Select Fix selected problems

13

System is cleaned

14

15

II. Possible recovery A list of back-ups is provided.

16

III. Immunization To prevent future spyware installation

17

Protection -- SpywareBlaster

http://www.javacoolsoftware.com SpywareBlaster creates a snapshot (an image of

various browser and system settings) of the computer in its clean state.

Protect the system from installation of spywares and action of installed spywares by setting a “kill bit” for spyware ActiveX controls

Snapshot can be restored, changes and additions detected will be reported to provide full control

18

1. Creating a snapshot Run SpywareBlaster. Select System

Snapshot then Create a System Snapshot

Choose a meaningful name for the snapshot such as after_cleaning, nothreat, and etc.

19

20

21

2. Protect the system Current list of problematic spywares and tracking

cookies is provided. The ones displayed in red are the one that the computer is not protected against.

User can choose the ones to be protected against. Press “Select All” or manually make the selection.

Press “Protect Against Checked Items” button.

22

23

Information about the spyware/cookies is available. Select More Info on Items

24

3. Restoring the system Select System Snapshot choose Restore

system Snapshot

25

Select a snapshot

26

Changes and additions will be reported

27

4. Other options Settings

28

Tools

1. Brower Pages – allow changes to the settings

29

2. Hosts Safe – Encrypted backup copies of the Hosts file. Can be restored by “Restore Saved Backup

30

3. Misc. Internet Explorer Settings – edit Internet Explorer settings

31

4. Flash Killer – Provides the option to set the kill bit for the Macromedia Flash control (versions 4.x, 5.x, or 6.x).

32

5. Custom Blocking – Allows customization of the list of ActiveX controls to be blocked.

33

Updates

SpywareBlaster can be effective only if the threats are known, thus it is important to update the database frequently

34

Information on spyware/adware Wilders.org http://www.wilders.org SpywareInfo

http://www.spywareinfo.com Doxdesk.com http://www.doxdesk.com

35

Evaluation SpywareBlaster can protect a system only

if it is possible to reach the clean state, not contaminated by surveillance programs.

Spybot Search & Destroy was known to be unable to find and remove keyloggers.1

36

Conclusion Spywares, or serveillance programs, remain a

major security issue. They are capable of invading a computer system, tracks users’ keystrokes and thus gain control of the systems.

The Software principles Yielding Better Levels of Consumer Knowledge (SPYBLOCK) Act was introduced in US Congress. The act would make downloading and installing software without alerting the user illegal.2

37

Critics would like to add provision to provide avenue for the users to take legal actions against companies that create and use spywares.

The Federal Trade Commission plans a workshop on spyware in mid-April !!

38

References1. Scott Spanbauer, “Fight Back Against

Surveillance Software”, PC World Magazine, April 2004 issue (Posted Thursday, February 26, 2004).

2. Adrienne Newell, “Anti-Spyware Law Proposed”, Medill News Service, February 26, 2004