Monday, June 3, 2002
If you're online, your privacy is under attack and your activities are under the microscope. It's both worse than you know and every bit as bad as you fear. Yet, you're not helpless, defenseless or without allies. In this column I'm going to outline a few basic threats to your online privacy and point you toward some strategies for defending yourself.
Snoopware, spyware, adware, scumware and malwareï¿½these are some of the terms used to describe software designed to gather information about your computing habits for the benefit of people other than yourself.
So, who wants to know what you're habits are? Advertising brokers want to get to know your surfing habits in order to target advertising at you more accurately, allowing them to charge top dollar to the advertisers they do business with. Your employer has an interest in making sure you're not wasting office time and resources or creating any legal exposure for the company. Parents, spouses and even children may have an interest in the surfing and e-mail habits of other household members. And of course, the much-feared malicious hacker wants to know everything about you, from your social security number to the password you use for online banking.
You're probably wondering how software that makes you vulnerable to such information mining would find it's way onto your computer. Some may have been directly installed on your machine by a member of your company's I.T. department or by a member of your household without your knowledge.
Such programs usually operate in the background without any overt clue that they're gathering everything from screen shots from your monitor, keywords in e-mail or instant messages, a list of every single Web site you visit or every single keystroke you enter.
The courts have supported employers' claims to have access to this kind of information about employee activity. Employees typically lack the access to company machines to install applications that can detect monitoring activity. Short of installing a personal firewall such as Zone Labs free "ZoneAlarm" (http://www.zonelabs.com/products/za/) that detects all incoming and outgoing data transfers from your computer, there is little you can do beyond being circumspect about your office computer use.
For some advice on a few ways you can look for traces of such programs on office or home machines I suggest you read "Is Your PC Watching You?" by PC World's Bill Wallace and Jamie Fenton.
Some come as modules that install with "free," advertiser-supported software such as KaZaa or Morpheus. Programs like Gator that deliver advertising often come bundled as part of the installation of these programs. The best tool for removing such annoyances is LavaSofts's "AdAware." Be warned however, some stealthy invaders, including Radlight DivX movie player are known to seek out and delete AdAware as part of their installation process!
Items such as the hacker's current best friend "Back Orifice," may come hidden in "Trojan horses" that circulate through e-mail or are imbedded in downloaded files from the Web, sometimes unintentionally downloaded. The best defense against these is to install, use and diligently update a virus detection utility such as those available from Norton or McAfee. PC World has a free Back Orifice detection utility available for downloading.
Some monitoring takes place when so-called "Web bugs," tiny, invisible image files imbedded in some Web pages, leave cookies with your browser and interact with databases and track your surfing activities. Bugnosis distributes a free application for detecting bugs at http://www.bugnosis.org/.
Sometimes you can simply be caught assisting in the information gathering interests of others without realizing what's going on. If you're a regular user of Yahoo!'s various services you may have noticed an increased frequency in encountering requests to enter your Yahoo! password in order to proceed. You may have also noticed that those login screens now include what appear to be innocent survey questions. Do you have pets?, etc. Don't be surprised when the Yahoo!-induced pop-up ads start showing you dog food. Your responses to these "surveys" are nothing less than data being added to your account profile.
These tips represent just the tip of the iceberg when it comes to protecting your privacy online. In my next column, I'll write about my own experiences as I employ the aforementioned tools, as well as a few others, and speak more about cookie handling, using encryption, utilities for creating hidden folders and cleaning up the trail your surfing leaves behind. Until then, I'd like to recommend reading the Electronic Frontier Foundations "Top 12 Ways to Protect Your Online Privacy."