Mytidbits

Apologies for the lack of posts. I have had some difficulties in upgrading and my theme is broken :/ . Additionally I ve been scarce in free time lately. I hope to figure things out soon so it will be back to normal.

Just wanted to apologize for the lack of posts. I have managed to delete the contents of two entire hard disks and have been installing everything all over again for the past week.

Besides the loss of some pictures and documents :(, I was at least able to recover some stuff that I backed up about two months ago (sigh). Should post another one of the "terminology" posts soon hopefully.

Have a great weekend.

Johannes

As the title says, after some trial and error (underline error) I finally got v2.3 up. Had some trouble with my last theme though and have gone back to this one for now. I am not totally happy with it though. Gotta find a blue theme ready for 2.3 and 3 columns I like .

Just a quick post to let you know that GlobalTranslate has been introduced to this blog. This should make it easier for readers with a different mother tongue. Please do keep in mind that this is basically just using GoogleTranslate (Babelfish currently not working with this plugin).

I wanted to upgrade to Wordpress 2.3 today but it mucked up. So until I figure out what the issue was, we ll be on 2.2.3

In my last post I wrote about Spyware and how it can be categorised further into more specific "infections." In this post I will concentrate on Adware.

Adware is another one of those words that are actually two words put together. In this case it is advertising and software. You can have different kinds of adware. One being a programme that is supported by displaying ads at some point of using the software, or while using the software. And the other one is, that software installs itself while visiting sites and henceforth will display popups of ads while surfing the net.

I have installed an example of each on my virtual pc (I do not recommend to visit sites like that or download tools like that on a machine you use on a daily basis). See below for some screen shots (click to enlarge).

 

While the former is installed without a user’s consent and knowledge, the latter does state that the free version of the software is supported by ads. The latter thence is tagged as adware, but does not serve just as cruel to the user than the former. Having constant popups turning up on your pc while surfing the web is annoying and tedious. This can even go a step further, in that the adware installs features to track your browsing behaviour or collect other private data (such as what browser you use, what country you come from, etc pp.) further to the collection of the sites you visit. These things might even be sold to a third-party without your knowledge and thence adware can cross into spyware. This is often a reason why people confuse the terms adware, spyware, malware.

Reason for this is the possibility of its overlapping and the co-relation in itself. When adware collects data and sends it to someone else without your knowledge it can be termed spyware. However, if you have a programme that plainly displays ads during its running (like DAP) and does not serve any further ads through popups or sending information on files downloaded to a third-party, then it is plain adware.

NB.: Once a software mentions third-party data collection in its EULA and you agree to it, it is also regarded as plain adware and not spyware. With your acception of the EULA you are no longer "not aware" of the data collection and therefore the tool is not spying on you and cannot be termed spyware anymore.

If you feel you have adware installed on your pc, then there are several tools that are free and help you getting rid of the adware. The most known programmes are Ad-aware and Spybot - S&D.

If you want to rid yourself of adware shown in tools such as DAP, then you can try a google search for software that makes it possible to hide the ads displayed.

Sorry there was a little hickup earlier with this post. But here goes the real deal. Btw, sorry for the slow posting lately - been a bit busy.

So what is Spyware? This sub-category of the previously described term Malware is an artifical word consisting of the terms spying and software. It consists of programmes that have been installed on the user’s pc without his/her consent and knowledge and collects all kinds of information and then it might even send it to the author of the Spyware programme.

Spyware in itself can be broken down into several sub-categories, depending on what kind of data they collect / display. To name a few (all terms shall be described in a later post): Adware, Keylogger, Droneware, Backdoors and Trojan (horse).

The last two examples are of the nastier kind and are more dangerous. Whilst Adware is annoying (it is identified by popups, redirects of your search engines and the like), it is easier to remove than Backdoors or Trojans.

To be classified as Spyware, the software has to collect data without the user’s consent and knowledge and has to send the collected data to the hacker / author of the spyware.

One point that is being argued over, is the question of the extend of the definition. There are security experts out there that exclude software displaying a data protection guidline, or ask the user to read and accept an EULA. The arguing in regards to the latter is, that the user is not facing software installed without his / her consent, as s/he acknowledged and agreed to the EULA terms.

Crux of the matter is that there are dozens of examples with EULAs being more than 30 pages long, or are not written in a clear and concise manner. There are also examples, where the authors of these programmes have squeezed html files in 1024 x 768 resolution into windows that are made for an 800 x 600 resolution (resulting in having to scroll back and forth and up and down). This also uses methods of social engineering and the psychology involved with it.

Why does Malware / Spyware exist? Its a new source of income in today’s capitalism of the gloabal economy and the ever growing importance of the Internet. To be able to make use of the latest security holes / vulnerabilities, the Spyware authors create update abilities to make sure the code of the Spyware is always on top of the latest vulnerabilities and make use of them. Additionally, this gives the Spyware the possibility to include further routines that work against the detection of anti-spyware programmes and anti-virus tools.

If you wish to have a bit of further reading, here is a list of suggested readings:

Exploring Spyware Effects - M.Boldt, B. Carllson & A. Jacobsson
Wikipedia (en)
Google - Spyware (Link shortened by tinyurl service…)
Spyware - Know Your Enemy

to be continued…

Just wanted to let you know that I decidedto start all over and roll back to a copy of BCs tut (my original translation) while trying to work it over. Some editing had seriously stuffed the code

The term Malware derives from two words put together. Malicious and software. This is based upon the behaviour of this kind of software, it installs itself without the user’s intention or knowledge and thence also serves as kind of an umbrella term for further definitions one can discuss in further posts. To name a few of the terms falling under malware: adware, trojan horse, bots, dialers and backdoors.

What is the purpose of this kind of software? Its purpose can vary, depending on the sub term used to go into further detail. Generally speaking, it is focussing on using the missing knowledge / awareness of the average user to profit from their pc data and / or computing power to earn money.

In the really early days, these kind of software programmes where written to test the vulnerabilities of software; to show off what they can code; to see how fast a software piece can be spread, and to test their knowledge about generally installed software and operating systems.

As already mentioned above, malware can be broken down into several “sub categories” and with this their method of infection varies too, as does the interest of the malware author does in terms of “steering” your pc.

We will discuss these sub-terms in upcoming posts.

I thought it would be a good thing to have a short description of some terms that I come across on a daily basis at my cyber-home BleepingComputer. These are all to do with online security and can include the following: Spyware, Malware, Adware, Crapware, Botnet, Rootkit and some others.

I have done a few articles in German on my main page, explaining these and I will base my posts a bit on them. I am yet to restructure my site a bit and update it, I hope to get this done very soon.

If you have any suggestions for topics to cover or want me to elaborate on something else, please post a comment and I will see what I can do.

Thanks.

Thanks to the guys at F-Secure for the heads up on the “Cybercrime - Kriminalität im Netz” from the “ZDF-Mediathek”. I usually watch that program, but due to work have not been able to recently. If you are understanding German / speak it, its worth the 30 minutes the video goes for.