ComputerComputerSecuritySecurity

By: Edward WoltersdorfBy: Edward Woltersdorf

&&

Jim YoungJim Young

KeyloggerKeylogger

Definition – diagnostic tool used in Definition – diagnostic tool used in software development captures the user’s software development captures the user’s keystrokes.keystrokes.Purposes – monitors employee Purposes – monitors employee productivity, police use, illegal spying.productivity, police use, illegal spying.How it effects computer – Captures How it effects computer – Captures keystrokes and records them in a file. keystrokes and records them in a file. This file is usually sent to another This file is usually sent to another computer for analysis.computer for analysis.

SpamSpam

Definition – unsolicited bulk email messages. Definition – unsolicited bulk email messages. Sometimes used to transmit viruses.Sometimes used to transmit viruses.

Purpose – sell products, market products, scam Purpose – sell products, market products, scam people, lead people to sites for ID theft.people, lead people to sites for ID theft.

How it effects computer – Puts a virus or How it effects computer – Puts a virus or program into the computer to track or program into the computer to track or accomplish tasks without the user’s knowledge.accomplish tasks without the user’s knowledge.

SpywareSpyware

Definition – computer software that is installed secretly Definition – computer software that is installed secretly (very rarely knowingly) on a personal computer to (very rarely knowingly) on a personal computer to intercept or take partial control over the user’s interaction intercept or take partial control over the user’s interaction with the computer, generally without the user’s consent.with the computer, generally without the user’s consent.Purpose – to collect, organize and transmit data back to Purpose – to collect, organize and transmit data back to a centralized location for purposes of marketing, ID theft, a centralized location for purposes of marketing, ID theft, or corruption of system resources.or corruption of system resources.How it effects computer – runs programs in the How it effects computer – runs programs in the background slowing computer’s process to a crawl. background slowing computer’s process to a crawl. Some data transmitted can be done illegally.Some data transmitted can be done illegally.

VirusVirus

Definition - computer program that can copy itself and infect a Definition - computer program that can copy itself and infect a computer without permission or knowledge of the user.computer without permission or knowledge of the user.Purpose – generally made for malicious intent, but sometimes for Purpose – generally made for malicious intent, but sometimes for humor or fun.humor or fun.How it effects the computer - Some viruses are programmed to How it effects the computer - Some viruses are programmed to damage the computer by damaging programs, deleting files, or damage the computer by damaging programs, deleting files, or reformatting the hard disk. Others are not designed to do any reformatting the hard disk. Others are not designed to do any damage, but simply replicate themselves and perhaps make their damage, but simply replicate themselves and perhaps make their presence known by presenting text, video, or audio messages. Even presence known by presenting text, video, or audio messages. Even these benign viruses can create problems for the computer user. these benign viruses can create problems for the computer user. They typically take up computer memory used by legitimate They typically take up computer memory used by legitimate programs. As a result, they often cause erratic behavior and can programs. As a result, they often cause erratic behavior and can result in system crashes. In addition, many viruses are bug-ridden, result in system crashes. In addition, many viruses are bug-ridden, and these bugs may lead to system crashes and data loss.and these bugs may lead to system crashes and data loss.

Why Do You Care?Why Do You Care?

ID TheftID Theft Surveys in the USA from 2003 to 2006 Surveys in the USA from 2003 to 2006

showed a decrease in the total number of showed a decrease in the total number of victims but an increase in the total value of victims but an increase in the total value of identity fraud to US$56.6 billion in 2006. The identity fraud to US$56.6 billion in 2006. The average fraud per person rose from $5,249 in average fraud per person rose from $5,249 in 2003 to $6,383 in 2006. Recent Surveys and 2003 to $6,383 in 2006. Recent Surveys and Studies, Privacy Clearing House, retrieved Studies, Privacy Clearing House, retrieved June 30, 2006June 30, 2006

Why Do You Care? IIWhy Do You Care? II

Erratic behavior and can result in system Erratic behavior and can result in system crashescrashes

Work placeWork place Data theftData theft Transmission of illegal filesTransmission of illegal files Usage of computer/bandwidth of illegal purposesUsage of computer/bandwidth of illegal purposes Erratic behavior and can result in system crashesErratic behavior and can result in system crashes Academic dishonestyAcademic dishonesty

Grade changesGrade changes

Stolen workStolen work

How Do You Know if You’re How Do You Know if You’re Infected?Infected?

New Toolbars in Internet ExplorerNew Toolbars in Internet ExplorerBrowser crashes unexpectedlyBrowser crashes unexpectedlyHome page changesHome page changesBandwidth traffic causes internet speeds to decreaseBandwidth traffic causes internet speeds to decreaseAds always seem to be similar to your interestsAds always seem to be similar to your interestsPages opening as you start up your computerPages opening as you start up your computerPop-upsPop-ups““Helpful” programs start up – Bonsi Buddy, Helpful” programs start up – Bonsi Buddy, CoolWebSearch, Weather BugCoolWebSearch, Weather BugCtrl-Alt-DeleteCtrl-Alt-Deletemsconfigmsconfig

How to Remove SpywareHow to Remove Spyware

Please note: Some programs you install require that you Please note: Some programs you install require that you download spyware in order to use them. By removing download spyware in order to use them. By removing some spyware, you may be in in violation of licensing some spyware, you may be in in violation of licensing agreements for some programs (Morpheus, Sony’s agreements for some programs (Morpheus, Sony’s Extended Copy Protection, DivX, AIM)!Extended Copy Protection, DivX, AIM)!Download a free program (see below for recommended Download a free program (see below for recommended programs and cautions)programs and cautions)Buy a programBuy a programRun the program often (and at full scanning capabilities)Run the program often (and at full scanning capabilities)Usually the combination of several programs is the most Usually the combination of several programs is the most effectiveeffective

Spybot: Search and DestroySpybot: Search and Destroy

http://www.safer-networking.org/en/index.hhttp://www.safer-networking.org/en/index.htmltmlRemoves programs based on reported Removes programs based on reported threatsthreats

ProsProsRemoves many spyware programs (displayed in red)Removes many spyware programs (displayed in red)Can clean usage tracks (displayed in green)Can clean usage tracks (displayed in green)Can fix registry entriesCan fix registry entries

ConsConsRequires constant updatesRequires constant updatesMany features only available through pay-versionMany features only available through pay-version

Ad-Aware SE Ad-Aware SE PersonalPersonal

http://www.lavasoftusa.com/software/adawarehttp://www.lavasoftusa.com/software/adawareRemoves spyware and tracking cookiesRemoves spyware and tracking cookies

ProsProsEasy user interfaceEasy user interfaceMultiple scans for deeper or quicker scansMultiple scans for deeper or quicker scans

ConsConsTime consuming scansTime consuming scansNeeds constant updatingNeeds constant updatingSome features not available with shareware version Some features not available with shareware version

Spyware BlasterSpyware Blaster

http://www.javacoolsoftware.com/spywareblaster.htmlhttp://www.javacoolsoftware.com/spywareblaster.htmlWorks to actively prevent installation of ActiveX-based Works to actively prevent installation of ActiveX-based spywarespyware

ProsProsProtects without being active in backgroundProtects without being active in backgroundRemoves tracking cookies in IERemoves tracking cookies in IE

ConsConsRequires constant updating to remain effectiveRequires constant updating to remain effectiveOnly blocks limited programsOnly blocks limited programsSome features not available with shareware versionSome features not available with shareware version

Hijack ThisHijack This

http://www.trendsecure.com/portal/en-US/threat_analytichttp://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.phps/hijackthis.phpScans Windows OS files to compile a list of items to Scans Windows OS files to compile a list of items to manually delete – for advanced usersmanually delete – for advanced users

ProsProsAllows users to post log onto a web forum for “experts” Allows users to post log onto a web forum for “experts” to determine what should be removedto determine what should be removedCan find programs that self-replicateCan find programs that self-replicate

ConsConsOne can delete files essential for their system and cause One can delete files essential for their system and cause a system failurea system failureAutomated tools for identifying “bad” entries are often not Automated tools for identifying “bad” entries are often not accurate or reliableaccurate or reliable

Other ProgramsOther Programs

Spy Sweeper - Spy Sweeper - http://www.webroot.com/consumer/products/spyhttp://www.webroot.com/consumer/products/spysweeper/sweeper/ ($29.95) ($29.95)Windows Defender - Windows Defender - http://www.microsoft.com/athome/security/spywahttp://www.microsoft.com/athome/security/spyware/software/default.mspxre/software/default.mspx (free) (free)Trend Micro Anti-spyware - Trend Micro Anti-spyware - http://us.trendmicro.com/us/home/index.htmlhttp://us.trendmicro.com/us/home/index.html ($29.95)($29.95)Spyware Doctor - Spyware Doctor - http://www.pctools.com/spyware-doctor/http://www.pctools.com/spyware-doctor/ (trial (trial version has limited functionality)version has limited functionality)

Fake: Spyware posing as Anti-Fake: Spyware posing as Anti-SpywareSpyware

Many programs claim to remove spyware, but Many programs claim to remove spyware, but are themselves spyware. It is are themselves spyware. It is recommended that one downloads a recommended that one downloads a recommended program.recommended program.

errorsafeerrorsafe (AKA system doctor) (AKA system doctor) Pest TrapPest Trap SpyAxeSpyAxe AntiVirusAntiVirus Gold Gold SpywareStrikeSpywareStrike SpywareSpyware Quake Quake WorldAntiSpyWorldAntiSpy SpylockedSpylocked SysProtectSysProtect Spy SheriffSpy Sheriff Spy WiperSpy Wiper PAL PAL SpywareSpyware Remover Remover PSGuardPSGuard MalwareMalware

WinAntiVirusWinAntiVirus Pro 2006 Pro 2006 WinFixerWinFixer SpydawnSpydawn ContraVirusContraVirus

A full and updated list (currently 349 programs!) A full and updated list (currently 349 programs!) can be found at - can be found at - http://www.spywarewarrior.com/rogue_anti-http://www.spywarewarrior.com/rogue_anti-spyware.htmspyware.htm

BibliographyBibliographyImage of crowded desktop from Image of crowded desktop from http://upload.wikimedia.org/wikipedia/en/5/51/Spyware_infestation.pnghttp://upload.wikimedia.org/wikipedia/en/5/51/Spyware_infestation.pngImage of spyware pop-up from Image of spyware pop-up from http://en.wikipedia.org/wiki/Image:Windows_ActiveX_security_warning_%28malwarehttp://en.wikipedia.org/wiki/Image:Windows_ActiveX_security_warning_%28malware%29.png%29.png““Free Free Free” ad from Free Free Free” ad from http://www.velnet.com/pictures/stop_popup_ads.gifhttp://www.velnet.com/pictures/stop_popup_ads.gifAOL ad from AOL ad from http://www.planetpoint.com/louisacopywriting/lsugar_aol.jpghttp://www.planetpoint.com/louisacopywriting/lsugar_aol.jpgUniversal Studios ad from Universal Studios ad from http://vil.nai.com/IMAGES/123913_A.GIFhttp://vil.nai.com/IMAGES/123913_A.GIFOsama bin Laden ad from Osama bin Laden ad from http://www.petealbrecht.com/blog/osama.jpghttp://www.petealbrecht.com/blog/osama.jpgPopular Mechanics ad from Popular Mechanics ad from http://static.howstuffworks.com/gif/web-advertising-popup-ad.gifhttp://static.howstuffworks.com/gif/web-advertising-popup-ad.gifIsrael/Lebanon ad from Israel/Lebanon ad from http://blog.pcformat.co.uk/resources/pcformat/lebanon.pnghttp://blog.pcformat.co.uk/resources/pcformat/lebanon.pngMSN Today ad from http://www.actsofvolition.com/images/msntoday.gifMSN Today ad from http://www.actsofvolition.com/images/msntoday.gifTax relief ad from http://www.taxreliefcoalition.org/docs/Chamber%20Married%20PopTax relief ad from http://www.taxreliefcoalition.org/docs/Chamber%20Married%20Pop%20Up%20Ad%2003.20.03.jpg%20Up%20Ad%2003.20.03.jpgWeather ad from http://vil.nai.com/images/133894_b.GIFWeather ad from http://vil.nai.com/images/133894_b.GIFImage of Ad-Aware from http://en.wikipedia.org/wiki/Image:Ad-Aware_Personal.pngImage of Ad-Aware from http://en.wikipedia.org/wiki/Image:Ad-Aware_Personal.pngRecent Surveys and Studies, Privacy Clearing House, retrieved June 30, 2006Recent Surveys and Studies, Privacy Clearing House, retrieved June 30, 2006