6. Run at least two spyware cleaners.
You know from experience that no spyware cleaner even comes close to wiping every piece of malicious code. All utilities have blind spots that spyware programmers exploit. Every vendor says its product catches everything, but whenever I clean a hundred threats with one utility, a second always finds another dozen or so.
Every spyware cleaner checks the Registry, but because spyware follows Microsoft rules for Registry entries, nothing can clean it completely. Just when you think you have spyware beaten, the Task Manager process list will start to grow as spyware hiding in the Registry revive, especially after a reboot.
Run several utilities, run them regularly, vary them and make sure they're all up to date. Paid cleaners provide more constant signature file updates, but even freeware adds new capabilities regularly. Run, update, run, update, repeat. I clean a system, reboot into Safe Mode and clean it with a second tool, then reboot again.
7. Close desktop communication holes.
Every spyware upload means more future problems as spyware updates itself and adds new "features." Blocking the outgoing messages improves your users' quality of life.
Some, but not all, resident anti-spyware utilities block spyware uploads. Commercial products are a bit better. But installing a personal firewall also will block uploads. ZoneAlarm and Sygate Personal Firewall are both excellent.
Nearly all name-brand routers sold today also include firewall protections. Look for products that do stateful packet inspection of incoming and outgoing packets. A combination of personal firewall and router controls isn't overkill, especially for users who can't resist the lure of spyware-laden sites.
8. Deal with DRM.
One reason spyware will be around for the next several years is that companies are increasing their use of digital rights management (DRM) on entertainment files and software authorization license files that let certain applications execute. The holes we leave open for these apps will be exploited by spyware for years. Tracking cookies, such as frequent buyer perks for online stores, make Web sites easier to use. The trouble is, they look just like spyware, making it hard to kill the bad files without killing the good files, too.
The same is true for emerging entertainment player applications. The music files you download today and try to write to an MP3 player tomorrow will need to verify you have the right to play the files on that mobile device. Your new spyware protection software might block the DRM query to the authorization database. Isn't one definition of spyware an app that sends system information to a third party without permission? That definition applies to business application license files and DRM application licenses alike, at least on an application-interface level.
One answer is to avoid DRM applications such as music players, especially those from Microsoft. If you prefer your music, get a resident commercial spyware utility that updates its spyware database regularly because it will coordinate protection with the music services.
9. Leverage AOL membership.
Spyware protection from AOL, free for download for AOL members, is another useful addition from AOL as it continues to regain relevance. I found scanning speed to be slower than many other spyware cleaners, but the program found seven additional spyware instances after CounterSpy and SpyBot were through.
AOL offers some valuable protections for families, such as parental controls, but its browser is based on Internet Explorer and therefore suspect. At least AOL helps its members with toll-free tech support for times you're unavailable.
10. Recommend a Macintosh or Linux system.
Spyware attacks Microsoft operating systems primarily, entering through Internet Explorer holes and hiding inside Windows weak points. Some spyware, especially malicious cookies, functions within any browser, but that's a tiny fraction of the spyware universe.
| NO SPYWARE JUSTICE |
|
While the CAN SPAM Act has started making some headway, spyware is another story. The Securely Protect Yourself Against Cyber Trespass Act, or SPY ACT, introduced by Rep. Mary Bono (R-Calif.) in 2004, passed the House by a resounding 399-1 vote margin, but died in the Senate. What happened? |
Microsoft applications such as Internet Explorer, Word, Outlook and Media Player execute applications automatically when downloaded, allowing spyware easy access. Linux and Mac operating systems don't allow this automatic execution, making them more spyware resistant. Worse, Windows lets any user (or spyware) load dynamic link libraries into the kernel, while administrator privileges for Linux are required for that level of system access.
Is the hassle of changing a friend's operating system or entire computer worth avoiding the hassle of spyware? Not to most people, but Apple and Linux will welcome you if spyware becomes too painful.
Because you're carrying a CD full of anti-spyware utilities already, throw in a CD of the Knoppix bootable Linux OS. Use it to verify badly infected systems still function booting and examining the system, and let your family and friends see how Windows-like modern Linux has become.
RELATED LINKS
Microsoft releases anti-spyware, promises more tools
IDG News Service, 01/06/05
AOL upgrade packs security tools
IDG News Service, 11/18/04
Debating what is spyware
Network World, 11/08/04
On the lookout for spyware
Network World, 08/16/04
