[Paleopsych] CHE: The Next Plague (and related)

Premise Checker checker at panix.com
Mon Jan 24 21:35:20 UTC 2005

The Next Plague
The Chronicle of Higher Education, 5.1.28

    As spyware and adware invade campus computers, officials ponder what
    to do
    Kerry McQuade knew something was amiss when ads started appearing on
    her computer screen every time she started it.
    First Ms. McQuade, a public-affairs assistant at Marist College, in
    Poughkeepsie, N.Y., was subjected to the ads when she visited certain
    Web sites. She had to click through and close three or four of the ads
    before being able to view the site.
    Then they became more frequent. "I got pop-ups every time I tried to
    access pretty much any Web site," recalls Ms. McQuade. Finally, they
    started surfacing even without a Web browser open.
    Marist's information-technology staff found that her computer was
    infested with more than 900 pieces of spyware and adware -- programs
    installed without her knowledge, which covertly monitored her Web
    usage or dispensed pop-up advertisements.
    After the spyware and adware were removed, all seemed fine. Then, she
    says, "a scantily clad woman popped up on my screen." She summoned the
    IT staff again, and they removed an additional 200 pieces of spyware
    and adware and installed two anti-spyware programs. Her computer today
    appears to be free of the demons.
    Like Ms. McQuade, untold numbers -- probably tens of thousands -- of
    students, professors, and staff members at colleges have discovered
    that their computers are riddled with adware and spyware. For example,
    the University of Arkansas at Fayetteville estimates that 25 percent
    of the computers on its residence-hall network are infected, Scott
    Fendley, a senior security analyst there, said during an online
    discussion sponsored by the SANS Institute, of Bethesda, Md., which
    promotes computer security.
    "This is the next plague," says Kathleen L. LaBarbera, manager of
    information-technology operations at Marist.
    More than simply annoying, the unauthorized software can proliferate
    like a virus, forcing individual computers and even whole networks to
    their knees. And the worst of the spyware secretly records private
    information, such as Social Security numbers and passwords typed into
    an infected computer. Security officials worry that individuals could
    be vulnerable to identity theft and institutions could be open to
    hacking attempts.
    There appears to be no reliable estimate of identity thefts linked to
    spyware, either in academe or more generally. But the Federal Trade
    Commission told a Congressional committee that "spyware appears to be
    a new and rapidly growing practice that poses a risk of serious harm
    to consumers.''
    "With PC users unknowingly running these programs, I believe that
    there is a real connection between spyware and identity theft," says
    Ms. LaBarbera.
    Campus computing officials are scrambling to stop, or at least
    contain, that plague. Some have installed anti-spyware software,
    others have imposed new limits on campus networking in an attempt to
    stem the flow of the software from one computer to another, and many
    have begun to educate users about safe computing practices that can
    minimize the chances that a scantily clad woman will appear unbidden
    on their computer screens.
    But many officials fear the problem is likely to get worse before it
    gets better. The malicious software used to be the province of lone
    hackers, but experts believe that adware and spyware increasingly are
    being quietly sold as services to individuals and companies that seek
    to advertise online or steal private information.
    The Problem
    Computing officials often discuss spyware and adware together because
    both creep onto computers in similar ways -- furtively piggybacking on
    free software downloaded online, or secretly inserted on a computer by
    a Web site.
    Spyware silently monitors and records a user's online activities. By
    contrast, adware often is annoyingly evident, as it displays
    advertisements based on the user's purchases and other online behavior
    (although not all pop-up ads are the product of adware). Some adware
    can also change a user's home page or even direct the computer's modem
    to make calls to telephone numbers that then charge fees to the user's
    phone bill.
    File-sharing programs, which are so popular with students, often bear
    spyware. Pornographic Web sites are also common carriers.
    Whether such programs are illegal is unclear. The Federal Trade
    Commission in October asked a federal court to order one alleged
    purveyor from distributing spyware, on the grounds that the spyware
    was an unfair trade practice because the company also sold software to
    remove the spyware. This month the company agreed to stop distributing
    A bill pending in the U.S. House of Representatives, [3]HR 29, would
    ban adware and spyware altogether, with violations subject to fines of
    up to $3-million.
    Some free programs actually disclose that they incorporate adware
    -- in the licensing terms that users commonly ignore when installing
    software. "People have gotten in the habit of clicking next, next,
    next, next, next, without reading" when they install software, said
    Joseph Telafici, director of operations on the Antivirus Emergency
    Response Team at McAfee Inc., which tracks spyware and adware as well
    as viruses.
    In one recent demonstration at Marist College, a staff member used a
    computer that was known to be free of spyware and adware to visit Web
    sites that are known purveyors of spyware. Within minutes, the machine
    was laden with hundreds of pieces of spyware.
    Even instant-messaging programs can transmit spyware and adware.
    Marist's Ms. McQuade recalls that her problems with pop-ups got much
    worse after she used AOL's AIM Express instant-messaging software. "I
    won't even go near that now," she says. (Andrew Weinstein, an AOL
    spokesman, says that AOL's instant-messaging software does not include
    adware and that the unwanted software is more likely to be distributed
    through other channels, but acknowledges that adware and spyware can
    be secretly attached to instant messages.)
    'A Very Big Deal'
    Infections by adware and spyware are on the rise, both in academe and
    elsewhere, many officials say. "There is actually probably more adware
    on people's computers than there is viruses," says McAfee's Mr.
    The surge is placing new demands on already-overloaded campus IT
    staffs. For example, at Hollins University, in Roanoke, Va., about 80
    percent of the calls to the help desk over the past two years have
    been related to spyware, says Greg Henderson, director of computing
    and systems at the institution.
    Spyware and adware often are so poorly written that they interfere
    with a computer's functioning. And they can burrow so deeply into a
    computer's software that they can be nearly impossible to remove. In
    such cases, the hard drive needs to be erased and new copies of the
    operating system and applications programs installed, which can take
    hours and erase data.
    At Temple University, for example, "hundreds and hundreds" of students
    have had their computers rendered virtually inoperable by spyware and
    adware, says Timothy C. O'Rourke, vice president for computer and
    information services there. At Metropolitan Community College, in
    Omaha, Neb., more than 200 computers have had to have their software
    reinstalled during the last 18 months because of spyware, says
    Christopher C. Vaverek, director of network services. "It's gotten to
    be a very big deal," he says. Many other campus officials report
    similar problems.
    Some spyware and adware transmit information that they gather to their
    authors or handlers elsewhere on the Web. If many computers at a
    college are infected, the transmissions can clog the campus network.
    "When it's bad, it brings the network to a halt," says Paul V.
    LaClair, associate director of computer services at Franklin Pierce
    Law Center, in Concord, N.H.
    Mr. LaClair says that Franklin Pierce's network was so overloaded
    toward the end of the last semester that downloads happened at about
    half the speed of a typical dial-up connection. Once students with
    their spyware-laden laptops went home for the holidays, download
    speeds jumped tenfold, he says. The increase was too big to be
    accounted for by the fact that there were fewer users on the network,
    he says.
    The Software Solution
    To protect themselves, many colleges are turning to software that can
    purge a computer of adware and spyware and even prevent some from
    being deposited on the computer in the future.
    A popular strategy relies on two programs: Ad-Aware SE and Spybot
    Search and Destroy. Site licenses for the former are available at
    modest cost, and the latter can be used free.
    The University of Pittsburgh is one institution that has taken this
    route. In two months, more than 4,200 copies of Ad-Aware were
    downloaded to computers there, says Jinx P. Walton, director of
    computing services and systems development.
    Colleges commonly provide the software for faculty and staff members,
    and point students to Web sites where they can download Spybot and a
    free version of Ad-Aware. (A spokeswoman for Lavasoft Inc., which
    makes Ad-Aware, says her company has no information on its academic
    use. A spokeswoman for Spybot declined comment on the number of
    colleges using its product.)
    Austin Community College spends about $3,000 annually for a site
    license for Ad-Aware for its 2,000 college-owned computers, says
    William E. Carter, its associate vice president for information
    technology. Before the software was available, cleaning a single
    infected computer manually took one of his staff members as much as
    two hours. The new program "probably paid for itself within a couple
    of months," he says.
    Others have reached the same conclusion. The athletics department at
    Cornell University, which has about 250 computers, spent about $3,500
    for a site license for Pest Patrol. That program, sold by Computer
    Associates, allows a central administrator to scan other computers on
    the network for spyware and to remove any that is found.
    "It's freed me up," says Ricky Stewart, the department's
    information-technology director. "It really has cut down on a lot of
    the labor hours."
    The University of Vermont's business school bought about 60 licenses
    for Pest Patrol, at $20 apiece, for use by faculty and staff members.
    The college also bought one "traveling license," so one copy of the
    software can be easily moved from one computer to another for use in
    disinfecting student machines. That license cost less than $1,000, he
    Some products cost more. Webroot Software Inc. charges $12 to $15 per
    computer for 2,500 or more copies of its anti-spyware software, says
    Richard Stiennon, vice president of threat research. This month the
    Microsoft Corporation released a test version of anti-spyware
    software. The test version is free, but the company has not said
    whether it plans to charge for the final version.
    Many college computing officials say they would prefer not to have to
    buy software separate from the antivirus programs they have already
    bought. But, so far, antivirus software hasn't been up to the task.
    "They've been slow to include the level of functionality that we
    need," says H. Morrow Long, the director of Yale University's
    information-security office.
    That is changing, however. McAfee recently announced that it will add
    optional anti-spyware capabilities to its VirusScan Enterprise 8.0i
    product, which is in use at many campuses. The list price will be as
    low as $4.95 per computer for purchases of more than 10,000, says John
    Bedrick, the company's group product-marketing manager for system
    The Symantec Corporation, another major vendor of antivirus software
    to colleges, has not yet announced an increased anti-spyware
    capability but is expected to soon.
    File Sharing Under Fire
    One question is whether colleges should act more forcefully to stem
    the spread of spyware by severely restricting one major conduit,
    file-sharing software.
    H. Jacob Picart, a junior majoring in political science at San Jose
    State University who also runs a computer network for a nonprofit
    organization, says that public institutions should restrict file
    sharing in the interest of making campus networks function better.
    "It's taxpayers' money that's paying for the connection," he says.
    Indeed, Temple University has taken that route by forbidding music
    downloads on its network. "When we find it, we stop it," says Mr.
    O'Rourke, the vice president. Moreover, the university has notified
    students that its technical-support staff will not help students whose
    computers are infected with spyware if the computer contains illegally
    downloaded music.
    But security experts note that restricting file sharing is no cure-all
    for spyware, because that move does not, for example, block spyware
    that is silently dispensed by Web sites.
    Bentley College, for example, shut down illegal peer-to-peer
    networking from the campus to the Internet even before the surge in
    spyware and adware. Nevertheless, the programs have made their way
    onto the campus network, says Jonathan Everett, Bentley's director of
    client services.
    Other colleges have taken a different approach. Worcester Polytechnic
    Institute encourages faculty and staff members to use Spybot and
    students to use Ad-Aware. But in addition, the college has configured
    its network to block the downloading of specific files that college
    officials have decided are spyware. The college adds a couple of files
    to that list every month, says Jon E. Bartelson, assistant director of
    computing services.
    Some institutions are focusing on educating users about how to avoid
    spyware and how to remove it if it appears. For example, Marist held a
    series of workshops on computer security issues, including one on
    spyware. It has made a video recording of the sessions available on
    At Hollins University, Erin Adams, a freshman, was frustrated by the
    unreliability of her network connection, due to stresses caused by
    spyware on students' computers. The university's IT help staff was not
    able to keep pace with the burgeoning spyware infections, she says, so
    she formed the Student Coalition Against Viruses, Adware, and Spyware,
    a group of about two dozen volunteers who check students' computers
    for adware and spyware.
    "The vast majority of the problems are very, very easily solved," says
    Ms. Adams, a psychology major.
    Mr. Henderson, the computing director, says he appreciates the help.
    "I've got staff actually doing their jobs again," he says.
    Many officials at colleges and anti-spyware companies believe that, as
    with computer viruses, the prognosis is bleak. Adware and spyware will
    increase, forcing campus officials to devote more time and money to
    fighting it.
    "It's only going to get worse," says Mr. Stiennon, of Webroot.
    Glenn Taylor, director of academic sales at Symantec, predicted that
    spyware increasingly will be part of "blended threats" incorporating
    components such as spyware, spam e-mail, and viruses.
    "On the Internet, anytime people can make a buck, they're going to do
    it," says Temple's Mr. O'Rourke. "That's what this is all about."


    2. http://chronicle.com/infotech/
    3. http://thomas.loc.gov/cgi-bin/query/z?c109:H.R.29:

Checking Your Computer for Spyware
The Chronicle of Higher Education, 5.1.28

    Worried that your computer might have adware or spyware? Free
    resources are available online for checking a computer running
    Microsoft Windows.
    Experts recommend using at least two products because each detects
    different types of infections. Many antivirus programs also assert
    that they detect spyware and adware, but college computing officials
    generally discount their capabilities.
    There are few free resources for use with Apple and Linux computers,
    but spyware and adware are not thought to be a major problem for these
    types of computers, both for technical reasons and because their
    market share is so small that they are singled out less frequently.
    Here are free resources for Windows:
      * Ad-Aware SE Personal is a free program distributed by Lavasoft
        Inc. ([3]http://www.lavasoft.com), which can detect and remove
        adware and spyware on Windows computers. The company does not
        allow its use on machines owned by businesses or colleges, so the
        free version can be used by professors and staff members on their
        home machines, but not on computers in their offices. For those
        computers, a college must purchase a site license to Ad-Aware SE
        Professional or Ad-Aware SE Plus, which offer more capabilities.
      * Computer Associates, which sells Pest Patrol anti-spyware
        software, offers a free online scan for spyware
        ([4]http://www.pestpatrol.com). The site does not remove any
      * Microsoft AntiSpyware ([5]http://www.microsoft.com/spyware) is a
        free test version of software that Microsoft recently acquired in
        its purchase of another company. The program, which can detect and
        remove spyware and adware on Windows computers, can be scheduled
        to scan your computer regularly, and it also can be set to block
        new infections.
      * Spy Audit is a free Web-based scan by Webroot Software
        ([6]http://www.webroot.com) that does not require any software to
        be downloaded. The company also sells Webroot Spy Sweeper, which
        can find and remove spyware and adware on Windows computers.
      * Spybot Search and Destroy ([7]http://www.safer-networking.org) is
        a free program that detects and removes adware and spyware on
        Windows computers. It also can block new adware or spyware from
        being downloaded. Unlike Ad-Aware SE, Spybot can be used on both
        personal computers and machines that are owned by a college.


    3. http://www.lavasoft.com/
    4. http://www.pestpatrol.com/
    5. http://www.microsoft.com/spyware
    6. http://www.webroot.com/
    7. http://www.safer-networking.org/

More information about the paleopsych mailing list