Wednesday, May 25, 2005

What are the Differences between Viruses and Spyware?

I guess I should have known that my last blog would bring several questions from readers about what are the differences between viruses and Spyware. I guess I can understand the confusion since there are no definitions that all can agree on when defining these terms.

So here are my answers to the questions I received.

Just bear in mind that they are my answers and I know that not everyone would agree with them but I feel that they generally define the problem and clarify these terms. They are based upon my own experiences and judgments and certainly aren’t intended to be considered as definitive. They are just my perspective based upon my years of working with computers and fighting viruses, Spyware, and other malware.

What is a virus?
It’s any program containing all the code necessary to reproduce itself from a self-contained package that allows it to replicate from computer to computer and network to network without any human intervention. Virus can range from being nesciences to being dangerous threats. All of them cause some damage and some can completely destroy a computer system or network.

How do viruses spread and how do they do it so fast?
Viruses are spread when their code is run on a computer allowing the virus to replicate and make other copies of its self. These copies are then spread to other computers as payload within another program. Often it’s contained in an email but it can be hidden in any program that is downloaded to a computer ranging from an mp3 file to a text document. Since viruses are small self-contained packages that can be copied quickly and are sent as small payloads they can and do spread very fast.

What is Spyware?
Spyware is any program that resides on a computer with the intent of gathering user information and secretly sending it to someone else. Spyware in general doesn’t try to replicate itself but is only interested in residing on the machine it’s installed on and gathering information. Spyware may be as innocent as a program that watches what sites you go to and thus allows for targeted ads or it may gather any and all information typed or located on a computer. Key loggers are a good example of the latter. It is this wide difference in what Spyware does that make it so hard to define, detect, and control.

How do I get Spyware?
Spyware gets on a computer through active content on a web site or by downloading a program that then secretly installs the information gathering portion of the program. The information gathering is then done without the user’s knowledge or informed consent. Often a computer user willingly installs Spyware on their computer by installing a program that purports to do some innocent function but ends up spying on them and reporting back to someone with the information.

(Remember to use caution since many of the screen savers, weather monitors, wallet programs, and other freeware on the web are really marketing Spyware and should be avoided.)

Why is Spyware getting so much of the attention now and not viruses?
Well I’m not sure which is getting the most attention but I know that Spyware is becoming more of a problem than viruses. Spyware is much harder to detect and scan for and it’s much harder to get rid of. Currently most virus detection programs are close to 100% effective at virus detection while Spyware detection is luck to hit an 80 to 85 % detection rate. Worse still is that while it’s easy to define a virus just what is Spyware is much harder to define.

What can I do to prevent Spyware and viruses from getting on my computer and compromising my system?
Well you’ve all heard the standard answers. Be careful and trust no one. Watch what sites you go to and don’t open email that seems to be suspicious. Use a good firewall program, keep your antivirus program up to date, and scan for Spyware with a good Spyware detection program. And I agree that if that’s done with the right tools you will avoid trouble with not only viruses and Spyware but the Trojans and the other malware that’s out there as well.

That leads to the question of; what are the best choices for these programs and how should a person go about using them? I think that this matter is important enough that I will write a second article describing the methods I’ve use for over 5 years to avoid having any major problems with viruses, Spyware, or the other dangers out there on the net. Being in the tax and accounting business I have had to deal with these and other problems so as to protect both my computer systems as well as my client’s data. The method that has evolved has grown over these years becoming more and more involved and using several programs but it’s still easy enough for most people to implement it.

So stay tuned and we’ll discuss my solution to protecting my system in detail. Hopefully it will help you to develop a system for yourself that will work and protect your computer from attack and surveillance.

No comments: