The Spyware Weekly Newsletter is distributed every week to 20,000 subscribers and read online by hundreds of thousands of visitors. Click here to subscribe. Please read our Terms of Use for quoting guidelines.This edition of the Spyware Weekly Newsletter is archived permanently at http://www.spywareinfo.net/july31,2005.

Wherever the term "adware" is used, it is referring to a category of software, not to any particular company or product.

The contents of this newsletter is commentary. It should not be mistaken for unbiased, objective journalism.

Permalink | Top

Telemarketers and their lobbyists are attempting to circumvent state "Do Not Call" lists in the United States. No, I'm not talking about the Federal "Do Not Call" list. After several lawsuits and at least two separate acts of Congress, the Federal "Do Not Call" list is in effect and there really isn't much they can do about that.

There are, however, a number of individual states with their own rules about telemarketing. Five states in particular have regulations which are stricter than the Federal law. The Federal law allows telemarketers to pester call you if they are calling on behalf of a company with whom you have an "existing business relationship". Indiana's Attorney-General says that under the Federal law, simply buying a cup of coffee would entitle the coffee shop to start calling you at home, even if your number is on the "Do Not Call" list.

The states which have the telemarketers hot and bothered - Indiana, Florida, New Jersey, Wisconsin and North Dakota - don't allow telemarketers to call anyone on their lists for any reason whatsoever, no exceptions. Florida even bans the use of automated computers to make telemarketing calls.

Telemarketers want the Federal government to overrule the state governments so that they can again annoy the people in these states during dinner. They claim that it is unfair to have to follow different rules in different states and want a single, national law.

Boohoo. If telemarketers want to do business in those states, they will have to follow the laws of those states, just like everyone else. Why should they be allowed to break the law? For crying out loud, these people have put themselves on a list so that the telemarketers will leave them alone.

Honestly, I wish Congress would work up the nerve to simply ban telemarketing completely. Telemarketers are among the worst of the scum in this society. I would be more embarrassed to admit to someone that I worked as a telemarketer than I would be to admit that I was a drug dealer. There are some people who LIKE drugs. Nobody likes a telemarketer.

Permalink | Top

Program: Spy Sweeper v 4.03
Author: Webroot Software
Platform: Windows 98, ME, NT, 2000, XP
License: $29.95 Only $19.95 for SpywareInfo readers. (Reduced price valid until August 4, 2005)
Purchase: http://www.webroot.com/products/specialsdb.php?code=btwg51&rc=325

"Spy Sweeper is the most effective standalone tool
for detecting, removing, and blocking spyware."
-PC Magazine, January 12, 2005

Webroot released a new version of Spy Sweeper recently and some of the new features are very nice. There are so many things that it protects that I'm just going to list them rather than discuss them.

• Internet Explorer favorites are protected from changes made by malicious web sites.
• Tracking cookies are detected and removed in real time.
• The Internet Explorer search and start pages are protected from being changed automatically.
• The HOSTS file is monitored to detect changes made to it. You also can edit the existing HOSTS file.
• A memory shield detects known spyware as it loads in memory.
• There is a "Spy Installation Shield" which blocks known spyware as it tries to install.
• Files hidden inside of Alternate Data Streams (ADS) are blocked from executed. ADS refers to metadata information that can be embedded within a folder, similar to the ID3 tag in an MP3 file.
• Pop-ups sent through the Windows Messenger service are blocked.
• There is an integrated tool for managing start up entries as well as an active shield that pops up an alert if a program suddenly shows up in a start up location.
• A new item is installed on the menu you see when you right-click on a folder in Explorer. This option allows you to scan that particular folder for spyware files inside of it.

The new scanning engine is a tad swifter than in the past. A quick scan (the option to "sweep only folders where threats are known to reside") completed in just under four minutes on my computer. A full scan however..... I suggest using the built-in scheduler to set it to do that only when you are sleeping or for some other time when you are not using the computer. It took a long time to finish when I ran a full scan.

While scanning, I noticed that it was looking at the modules loaded into memory. I don't mean just processes. I mean that it was scanning every file loaded as a module by every process running in memory to see if it matched a known spyware.

Any items detected after a scan are quarantined before deletion. If something stops working or the computer has a psychotic episode after removing an item, it can be restored. If you are not sure what a detected item is, you can click on its name in the results and go to Webroot's web site to read a description.

Nearly every program you install, legit or otherwise, will try to make itself load when the computer starts and it is very annoying. You would be shocked at how slow a computer can become because far too many programs are loading unnecessarily whenever the computer starts. Spy Sweeper's new startup monitor will alert you when it happens and allow you to block it. You also can disable programs which already are set to load on start up.

This new version of Spy Sweeper is extremely nice. It is very easy to use. It is very thorough. The protective options are very good - far better than the obligatory option of locking the Internet Explorer home page that many other programs provide. The start up monitor and manager are fantastic features. I definitely recommend this new version of Spy Sweeper.

Until August 4, 2005, you can buy Spy Sweeper with a one year subscription to updates for $10.00 off the normal price. If you have any problems with the ordering page, please email Catherine http://www.spywareinfo.com/email2.php.

Anyone buying as a corporate customer and needing many copies of this program, please contact Catherine.

Permalink | Top

The US Federal Deposit Insurance Corporation (FDIC) is asking banks to warn their customers against logging into their accounts on public machines. Many computers used for public internet access have surveillance spyware installed on them. The spyware might take screenshots, record keystrokes and monitor web addresses visited; ... then send all of that data to the person who installed the spyware on the machine. This is no theoretical problem. It has happened before.

I think the safest thing to do is to assume that someone IS watching your net traffic when you are on a public machine, whether they really are or not. Assume that someone is peeking and don't give them anything valuable to peek at. I wouldn't even log into a Hotmail account from a public computer, much less a bank. Logging into a bank or into Paypal or anything that controls money is something you should never do from a public computer. Ever.

If you are traveling and have no other way to check your email, a public machine in an internet cafe might be your only option. There are a few steps that you can take to make that a little safer, though it still is not "safe". Before doing anything else, go into the options of the browser to disable autocomplete. In Internet Explorer, go to the Tools> Internet Options > Content tab and disable all autocomplete options there. In Firefox, go to Tools > Options > Privacy. In Opera 8 or above, go to Tools > Preferences > Wand.

Now you need to verify that it has actually stopped recording autocomplete information. Go to your email site and try to log in with a fake password. If it offers to save the password, something wasn't done correctly. If it doesn't offer to save the password, close the browser and then go right back to the site. If it has saved the previous fake password you used, something wasn't done correctly. Go back and try to turn off autocomplete again. If it continues to save the password no matter what you do, do not use that machine.

Next, you can check for spyware. You may or may not be able to install programs or access a floppy or CD drive on the computer. Chances are, you can't. Go to SpywareInfo's online scanning page instead. That uses an ActiveX version of X-Cleaner which will do a scan for spyware and adware. Since it is ActiveX, it will work only with Internet Explorer. If the computer is using a different browser, try the online scanner at Trend Micro Europe.

If it finds spyware, you may not be able to remove it, depending on what has been done to the computer, so don't try. You may not be able to reboot a public computer anyway. If the scanner does report spyware, either move on to another machine or just go elsewhere. Be sure to report the problem to the manager of whatever business is providing the computer if possible.

If it doesn't find any spyware and you have successfully disabled autocomplete - and you are certain that you really want to log into an account from there - then go ahead and log in. If it has an option such as "this is a public machine" or "save your password on this machine" or similar, make sure you take the option of not saving the password. Afterward, close the browser window, then go into options again and delete all temporary files, as well as all cookies. Then go right back to the site you just used and make certain it doesn't log into your account automatically.

Don't assume that you are safe even if you are using your own laptop. For one thing, you are using a strange network and who knows what may be monitoring that network. For another, you can never know if the person in the next room or parked outside is sniffing at your wi-fi signal.

Once you return home to your own PC (which hopefully is spyware-free), you might want to change the password at any site you logged into while traveling. If all of this sounds a little paranoid, just remember, it's not paranoia if someone really is watching.

Permalink | Top

My last newsletter discussed proposed legislation to restrict data brokers. I received an interesting email afterward that is worth publishing.

Hi there!

I just went through this weeks article and noticed the section on the new Identity Theft bill and some other identity theft issues and felt that you left out some important details. My comments follow yours below:

Quote:
For starters, any person can instruct the credit reporting agencies to put a freeze on their credit report.
end quote

One can already do this with each credit agency by filing a report. Try it! All major agencies allow you to do this by request.

Quote:
Unfortunately, this freeze would not prevent credit card companies from issuing "pre-approved" credit card applications via junk mail. That is a mistake. Those credit card applications often are an identity thief's most useful tool.
end quote

Quite correct. However, you can eliminate the pre-approved applications by also requesting the credit reporting agencies not to allow the release of the information. Information is available from experian and transunion on this matter.

Quote:
Businesses will be forbidden to ask for a social security number unless knowing that number is absolutely required for them to serve the person. If they do need it, they will be forbidden to use the number for identification documents. Government agencies would be prohibited from having any sort of prison-labor program which would lead to a prisoner having access to social security numbers.
end quote

With the exception of the prisoner issue, this is ALREADY true. The history of the Social Security Number was quite full of mistrust and Congress assured the public that it was NEVER to be used as an ID number when it was first issued. Got a credit card? Got a house? Now watch me laugh. Yeah, sure, they'll abide by this law too, right? Then it'll be another number associated with the Social Security Number....and can you still see the dominos falling?

At any rate, I read every newsletter you put out and enjoy every one! Thanks for putting your time and effort into this endeavor. Your work is appreciated!

A huge fan,
Ben

Permalink | Top

The last newsletter mentioned that Microsoft Antispy now lists adware on the ignore list by default. I've received a few letters asking how to configure Microsoft Antispy's ignore list.

Open the main window of the program, click on Options, then Tools. Click on the "Spyware Scan" button and you should see the ignore list. Remove anything you would prefer not to be in the list. I can't promise that this will make the program list adware because I don't know that much about it. It seems logical however.

You also might want to go to the "Alert" options and check the option to "Show alert if an ignored threat has been detected and allowed to run" just in case Microsoft decides to tamper with your settings again.

In related news, Sunbelt's CounterSpy program also now puts certain products from WhenU on the ignore list. I wrote an article in my blog about how antispyware vendors seem to be giving adware a free pass. I didn't want to include it here but feel free to read it on my site.

Permalink | Top

The Washington Times has published an interesting editorial about the public's perception of surveillance cameras in the wake of the recent London bombings. London has something on the order of half a million cameras recording public areas.

On the one hand, few people like the idea of being on camera everywhere they go. On the other, mentally unstable people who attempted to commit mass murder have been captured thanks to these cameras.

People have been debating the usefulness of these cameras for years. Many people view them as an invasion of privacy. Others view them as being a deterrent to crime. Every time I wade into the argument, people are surprised to learn that I think public surveillance cameras are a good idea.

My opinion is this: outside of my house, I don't expect privacy. If I am in public, there is no privacy to be had anyway. If I am going to do something that I would be embarrassed to see published, I wait until I am home to do it. By the same logic, I would rather have a cop following me around a dark neighborhood than a shifty-looking fellow wearing a ski mask. I might be annoyed that the cop is following me but at least I know that I won't be mugged while he's doing it.

I will take issue with one thing in that editorial.

When these gadgets mainly served to deter petty street crime, they seemed debatable. But when the cameras help to catch terrorists bent on mass slaughter, civil liberties complaints suddenly sound pathetically trivial.

If he is referring only to the cameras, then I will agree. If, however, he is saying that anything is justified in the name of catching terrorists and civil liberties be damned, then I will have to disagree with that. I have no problem with being watched while I am in public. Now, if London police were to start breaking down every door in the city to search for explosives and detaining everyone who looks even a little suspicious, I could not support that. I wouldn't have supported the idea of the FBI breaking down every door in Boston on September 12, 2001 either (the 9/11 murderers took off from the Boston airport).

I gave this article the title "Privacy or Safety?", but it is not a matter of choosing one over the other. You can have both privacy and safety at the same time. The goal is to protect our society from these terrorists, not to help the terrorists destroy it. Catching these terrorists is important in order to protect our society. Having civil liberties to keep the government in check is just as important. Otherwise, the society will be destroyed anyway. I might be safe from muggers and terrorists in Beijing or Pyongyang but I sure wouldn't want to live in either city.