[Paleopsych] CHE: The Next Plague (and related)
checker at panix.com
Mon Jan 24 21:35:20 UTC 2005
The Next Plague
The Chronicle of Higher Education, 5.1.28
As spyware and adware invade campus computers, officials ponder what
By VINCENT KIERNAN
Kerry McQuade knew something was amiss when ads started appearing on
her computer screen every time she started it.
First Ms. McQuade, a public-affairs assistant at Marist College, in
Poughkeepsie, N.Y., was subjected to the ads when she visited certain
Web sites. She had to click through and close three or four of the ads
before being able to view the site.
Then they became more frequent. "I got pop-ups every time I tried to
access pretty much any Web site," recalls Ms. McQuade. Finally, they
started surfacing even without a Web browser open.
Marist's information-technology staff found that her computer was
infested with more than 900 pieces of spyware and adware -- programs
installed without her knowledge, which covertly monitored her Web
usage or dispensed pop-up advertisements.
After the spyware and adware were removed, all seemed fine. Then, she
says, "a scantily clad woman popped up on my screen." She summoned the
IT staff again, and they removed an additional 200 pieces of spyware
and adware and installed two anti-spyware programs. Her computer today
appears to be free of the demons.
Like Ms. McQuade, untold numbers -- probably tens of thousands -- of
students, professors, and staff members at colleges have discovered
that their computers are riddled with adware and spyware. For example,
the University of Arkansas at Fayetteville estimates that 25 percent
of the computers on its residence-hall network are infected, Scott
Fendley, a senior security analyst there, said during an online
discussion sponsored by the SANS Institute, of Bethesda, Md., which
promotes computer security.
"This is the next plague," says Kathleen L. LaBarbera, manager of
information-technology operations at Marist.
More than simply annoying, the unauthorized software can proliferate
like a virus, forcing individual computers and even whole networks to
their knees. And the worst of the spyware secretly records private
information, such as Social Security numbers and passwords typed into
an infected computer. Security officials worry that individuals could
be vulnerable to identity theft and institutions could be open to
There appears to be no reliable estimate of identity thefts linked to
spyware, either in academe or more generally. But the Federal Trade
Commission told a Congressional committee that "spyware appears to be
a new and rapidly growing practice that poses a risk of serious harm
"With PC users unknowingly running these programs, I believe that
there is a real connection between spyware and identity theft," says
Campus computing officials are scrambling to stop, or at least
contain, that plague. Some have installed anti-spyware software,
others have imposed new limits on campus networking in an attempt to
stem the flow of the software from one computer to another, and many
have begun to educate users about safe computing practices that can
minimize the chances that a scantily clad woman will appear unbidden
on their computer screens.
But many officials fear the problem is likely to get worse before it
gets better. The malicious software used to be the province of lone
hackers, but experts believe that adware and spyware increasingly are
being quietly sold as services to individuals and companies that seek
to advertise online or steal private information.
Computing officials often discuss spyware and adware together because
both creep onto computers in similar ways -- furtively piggybacking on
free software downloaded online, or secretly inserted on a computer by
a Web site.
Spyware silently monitors and records a user's online activities. By
contrast, adware often is annoyingly evident, as it displays
advertisements based on the user's purchases and other online behavior
(although not all pop-up ads are the product of adware). Some adware
can also change a user's home page or even direct the computer's modem
to make calls to telephone numbers that then charge fees to the user's
File-sharing programs, which are so popular with students, often bear
spyware. Pornographic Web sites are also common carriers.
Whether such programs are illegal is unclear. The Federal Trade
Commission in October asked a federal court to order one alleged
purveyor from distributing spyware, on the grounds that the spyware
was an unfair trade practice because the company also sold software to
remove the spyware. This month the company agreed to stop distributing
A bill pending in the U.S. House of Representatives, HR 29, would
ban adware and spyware altogether, with violations subject to fines of
up to $3-million.
Some free programs actually disclose that they incorporate adware
-- in the licensing terms that users commonly ignore when installing
software. "People have gotten in the habit of clicking next, next,
next, next, next, without reading" when they install software, said
Joseph Telafici, director of operations on the Antivirus Emergency
Response Team at McAfee Inc., which tracks spyware and adware as well
In one recent demonstration at Marist College, a staff member used a
computer that was known to be free of spyware and adware to visit Web
sites that are known purveyors of spyware. Within minutes, the machine
was laden with hundreds of pieces of spyware.
Even instant-messaging programs can transmit spyware and adware.
Marist's Ms. McQuade recalls that her problems with pop-ups got much
worse after she used AOL's AIM Express instant-messaging software. "I
won't even go near that now," she says. (Andrew Weinstein, an AOL
spokesman, says that AOL's instant-messaging software does not include
adware and that the unwanted software is more likely to be distributed
through other channels, but acknowledges that adware and spyware can
be secretly attached to instant messages.)
'A Very Big Deal'
Infections by adware and spyware are on the rise, both in academe and
elsewhere, many officials say. "There is actually probably more adware
on people's computers than there is viruses," says McAfee's Mr.
The surge is placing new demands on already-overloaded campus IT
staffs. For example, at Hollins University, in Roanoke, Va., about 80
percent of the calls to the help desk over the past two years have
been related to spyware, says Greg Henderson, director of computing
and systems at the institution.
Spyware and adware often are so poorly written that they interfere
with a computer's functioning. And they can burrow so deeply into a
computer's software that they can be nearly impossible to remove. In
such cases, the hard drive needs to be erased and new copies of the
operating system and applications programs installed, which can take
hours and erase data.
At Temple University, for example, "hundreds and hundreds" of students
have had their computers rendered virtually inoperable by spyware and
adware, says Timothy C. O'Rourke, vice president for computer and
information services there. At Metropolitan Community College, in
Omaha, Neb., more than 200 computers have had to have their software
reinstalled during the last 18 months because of spyware, says
Christopher C. Vaverek, director of network services. "It's gotten to
be a very big deal," he says. Many other campus officials report
Some spyware and adware transmit information that they gather to their
authors or handlers elsewhere on the Web. If many computers at a
college are infected, the transmissions can clog the campus network.
"When it's bad, it brings the network to a halt," says Paul V.
LaClair, associate director of computer services at Franklin Pierce
Law Center, in Concord, N.H.
Mr. LaClair says that Franklin Pierce's network was so overloaded
toward the end of the last semester that downloads happened at about
half the speed of a typical dial-up connection. Once students with
their spyware-laden laptops went home for the holidays, download
speeds jumped tenfold, he says. The increase was too big to be
accounted for by the fact that there were fewer users on the network,
The Software Solution
To protect themselves, many colleges are turning to software that can
purge a computer of adware and spyware and even prevent some from
being deposited on the computer in the future.
A popular strategy relies on two programs: Ad-Aware SE and Spybot
Search and Destroy. Site licenses for the former are available at
modest cost, and the latter can be used free.
The University of Pittsburgh is one institution that has taken this
route. In two months, more than 4,200 copies of Ad-Aware were
downloaded to computers there, says Jinx P. Walton, director of
computing services and systems development.
Colleges commonly provide the software for faculty and staff members,
and point students to Web sites where they can download Spybot and a
free version of Ad-Aware. (A spokeswoman for Lavasoft Inc., which
makes Ad-Aware, says her company has no information on its academic
use. A spokeswoman for Spybot declined comment on the number of
colleges using its product.)
Austin Community College spends about $3,000 annually for a site
license for Ad-Aware for its 2,000 college-owned computers, says
William E. Carter, its associate vice president for information
technology. Before the software was available, cleaning a single
infected computer manually took one of his staff members as much as
two hours. The new program "probably paid for itself within a couple
of months," he says.
Others have reached the same conclusion. The athletics department at
Cornell University, which has about 250 computers, spent about $3,500
for a site license for Pest Patrol. That program, sold by Computer
Associates, allows a central administrator to scan other computers on
the network for spyware and to remove any that is found.
"It's freed me up," says Ricky Stewart, the department's
information-technology director. "It really has cut down on a lot of
the labor hours."
The University of Vermont's business school bought about 60 licenses
for Pest Patrol, at $20 apiece, for use by faculty and staff members.
The college also bought one "traveling license," so one copy of the
software can be easily moved from one computer to another for use in
disinfecting student machines. That license cost less than $1,000, he
Some products cost more. Webroot Software Inc. charges $12 to $15 per
computer for 2,500 or more copies of its anti-spyware software, says
Richard Stiennon, vice president of threat research. This month the
Microsoft Corporation released a test version of anti-spyware
software. The test version is free, but the company has not said
whether it plans to charge for the final version.
Many college computing officials say they would prefer not to have to
buy software separate from the antivirus programs they have already
bought. But, so far, antivirus software hasn't been up to the task.
"They've been slow to include the level of functionality that we
need," says H. Morrow Long, the director of Yale University's
That is changing, however. McAfee recently announced that it will add
optional anti-spyware capabilities to its VirusScan Enterprise 8.0i
product, which is in use at many campuses. The list price will be as
low as $4.95 per computer for purchases of more than 10,000, says John
Bedrick, the company's group product-marketing manager for system
The Symantec Corporation, another major vendor of antivirus software
to colleges, has not yet announced an increased anti-spyware
capability but is expected to soon.
File Sharing Under Fire
One question is whether colleges should act more forcefully to stem
the spread of spyware by severely restricting one major conduit,
H. Jacob Picart, a junior majoring in political science at San Jose
State University who also runs a computer network for a nonprofit
organization, says that public institutions should restrict file
sharing in the interest of making campus networks function better.
"It's taxpayers' money that's paying for the connection," he says.
Indeed, Temple University has taken that route by forbidding music
downloads on its network. "When we find it, we stop it," says Mr.
O'Rourke, the vice president. Moreover, the university has notified
students that its technical-support staff will not help students whose
computers are infected with spyware if the computer contains illegally
But security experts note that restricting file sharing is no cure-all
for spyware, because that move does not, for example, block spyware
that is silently dispensed by Web sites.
Bentley College, for example, shut down illegal peer-to-peer
networking from the campus to the Internet even before the surge in
spyware and adware. Nevertheless, the programs have made their way
onto the campus network, says Jonathan Everett, Bentley's director of
Other colleges have taken a different approach. Worcester Polytechnic
Institute encourages faculty and staff members to use Spybot and
students to use Ad-Aware. But in addition, the college has configured
its network to block the downloading of specific files that college
officials have decided are spyware. The college adds a couple of files
to that list every month, says Jon E. Bartelson, assistant director of
Some institutions are focusing on educating users about how to avoid
spyware and how to remove it if it appears. For example, Marist held a
series of workshops on computer security issues, including one on
spyware. It has made a video recording of the sessions available on
At Hollins University, Erin Adams, a freshman, was frustrated by the
unreliability of her network connection, due to stresses caused by
spyware on students' computers. The university's IT help staff was not
able to keep pace with the burgeoning spyware infections, she says, so
she formed the Student Coalition Against Viruses, Adware, and Spyware,
a group of about two dozen volunteers who check students' computers
for adware and spyware.
"The vast majority of the problems are very, very easily solved," says
Ms. Adams, a psychology major.
Mr. Henderson, the computing director, says he appreciates the help.
"I've got staff actually doing their jobs again," he says.
Many officials at colleges and anti-spyware companies believe that, as
with computer viruses, the prognosis is bleak. Adware and spyware will
increase, forcing campus officials to devote more time and money to
"It's only going to get worse," says Mr. Stiennon, of Webroot.
Glenn Taylor, director of academic sales at Symantec, predicted that
spyware increasingly will be part of "blended threats" incorporating
components such as spyware, spam e-mail, and viruses.
"On the Internet, anytime people can make a buck, they're going to do
it," says Temple's Mr. O'Rourke. "That's what this is all about."
Checking Your Computer for Spyware
The Chronicle of Higher Education, 5.1.28
By VINCENT KIERNAN
Worried that your computer might have adware or spyware? Free
resources are available online for checking a computer running
Experts recommend using at least two products because each detects
different types of infections. Many antivirus programs also assert
that they detect spyware and adware, but college computing officials
generally discount their capabilities.
There are few free resources for use with Apple and Linux computers,
but spyware and adware are not thought to be a major problem for these
types of computers, both for technical reasons and because their
market share is so small that they are singled out less frequently.
Here are free resources for Windows:
* Ad-Aware SE Personal is a free program distributed by Lavasoft
Inc. (http://www.lavasoft.com), which can detect and remove
adware and spyware on Windows computers. The company does not
allow its use on machines owned by businesses or colleges, so the
free version can be used by professors and staff members on their
home machines, but not on computers in their offices. For those
computers, a college must purchase a site license to Ad-Aware SE
Professional or Ad-Aware SE Plus, which offer more capabilities.
* Computer Associates, which sells Pest Patrol anti-spyware
software, offers a free online scan for spyware
(http://www.pestpatrol.com). The site does not remove any
* Microsoft AntiSpyware (http://www.microsoft.com/spyware) is a
free test version of software that Microsoft recently acquired in
its purchase of another company. The program, which can detect and
remove spyware and adware on Windows computers, can be scheduled
to scan your computer regularly, and it also can be set to block
* Spy Audit is a free Web-based scan by Webroot Software
(http://www.webroot.com) that does not require any software to
be downloaded. The company also sells Webroot Spy Sweeper, which
can find and remove spyware and adware on Windows computers.
* Spybot Search and Destroy (http://www.safer-networking.org) is
a free program that detects and removes adware and spyware on
Windows computers. It also can block new adware or spyware from
being downloaded. Unlike Ad-Aware SE, Spybot can be used on both
personal computers and machines that are owned by a college.
More information about the paleopsych