anti-spyware solutions for mit it partners conference, april 19, 2005 jonathan hunt [email protected]...
TRANSCRIPT
Anti-Spyware Solutions for Anti-Spyware Solutions for MITMIT
IT Partners Conference, April 19, IT Partners Conference, April 19, 20052005
Jonathan HuntJonathan [email protected]@mit.edu
Senior Manager Software Service, Senior Manager Software Service, IS&TIS&T
AgendaAgenda
• What is Spyware and why is it a What is Spyware and why is it a problemproblem
• Is it all bad?Is it all bad?
• How do I get Spyware?How do I get Spyware?
• What to do about Spyware today?What to do about Spyware today?
• How to avoid getting Spyware?How to avoid getting Spyware?
• When will it get better? (Soon When will it get better? (Soon ))
What is Spyware and why is it What is Spyware and why is it a problema problem• Microsoft’s DefinitionMicrosoft’s Definition
– Spyware and other unwanted software refers Spyware and other unwanted software refers to software that performs certain tasks on your to software that performs certain tasks on your computer, typically without your consent. This computer, typically without your consent. This may include giving you advertising or may include giving you advertising or collecting personal information about you.collecting personal information about you.
• Exposes (or potential to expose) Private Exposes (or potential to expose) Private Information:Information:– Credit Card # (Bank Accout Numbers)Credit Card # (Bank Accout Numbers)– SSNSSN– Usernames & PasswordUsernames & Password– Address Book (to SPAM)Address Book (to SPAM)
Is all Spyware Bad?Is all Spyware Bad?
• A lot of Spyware is not intentionally A lot of Spyware is not intentionally malicious, but… malicious, but… – Causes system problemsCauses system problems– Hard to removeHard to remove– Collects info that another program could Collects info that another program could
grabgrab– Show Ads (some people enjoy Ads)Show Ads (some people enjoy Ads)
• Dependent on Personal OpinionsDependent on Personal Opinions
How do I get Spyware?How do I get Spyware?
• Installing software from unknown sourcesInstalling software from unknown sources– ““Free” versions of commercial softwareFree” versions of commercial software– Freeware from untrusted sites or mirrorsFreeware from untrusted sites or mirrors
• Peer-to-Peer (e.g. Kazaa) file sharing systems (often Peer-to-Peer (e.g. Kazaa) file sharing systems (often trojanned)trojanned)
• Added components for browsersAdded components for browsers
– Services that give credit for surfing sites that Services that give credit for surfing sites that require you to install something locallyrequire you to install something locally
– E-mail attachments (usually in SPAM)E-mail attachments (usually in SPAM)
• Not reading the fine print of End User Not reading the fine print of End User License Agreements (EULA)License Agreements (EULA)
What to do about Spyware What to do about Spyware todaytoday
• Microsoft says to use their Beta*:Microsoft says to use their Beta*:– http://www.microsoft.com/athome/security/http://www.microsoft.com/athome/security/
spyware/spywarewhat.mspxspyware/spywarewhat.mspx– Available for Windows 2000, XP and Server 2003Available for Windows 2000, XP and Server 2003
• Or use one of the leading shareware Or use one of the leading shareware programs on the market:programs on the market:– Lavasoft’s Ad-AwareLavasoft’s Ad-Aware
• http://www.lavasoftusa.com/software/adaware/http://www.lavasoftusa.com/software/adaware/
– Spybot Search & DestroySpybot Search & Destroy• http://www.safer-networking.org/en/download/index.htmlhttp://www.safer-networking.org/en/download/index.html
* Slide corrected since presentation to note the MS tool available for more than just XP
ComparisonComparison
ToolTool Long Long TermTerm
DetecDetectt
CleaCleann
BlockBlock UpdatUpdatee
CostCost
Spybot Spybot S&DS&D
?? GoodGood MosMostt
YesYes YesYes ?$?$
AdawareAdaware okok GoodGood GooGoodd
NoNo NoNo ?$?$
MS Anti-MS Anti-SpywareSpyware
GooGoodd
GoodGood GooGoodd
YesYes YesYes freefree
VirusScaVirusScan Plug-inn Plug-in
?? GoodGood GooGoodd
YesYes YesYes $$$$
How to avoid getting How to avoid getting SpywareSpyware• Keep your operating system, browsers, and other Keep your operating system, browsers, and other
applications patchedapplications patched• Only install software from trusted sourcesOnly install software from trusted sources
– Free isn’t always “FREE” of problemsFree isn’t always “FREE” of problems
• Read EULA before acceptingRead EULA before accepting• Install and Use Anti-Virus and Spyware blocking Install and Use Anti-Virus and Spyware blocking
softwaresoftware– Anti-Virus: MIT licensed Virus Scan Enterprise 8.0iAnti-Virus: MIT licensed Virus Scan Enterprise 8.0i– Anti-Spyware & Spyware Blocker: Microsoft Anti-Spyware Anti-Spyware & Spyware Blocker: Microsoft Anti-Spyware
(Beta)(Beta)
• Only open attachment that you were expectingOnly open attachment that you were expecting
When will it get better?When will it get better?
• Major Vendors getting involvedMajor Vendors getting involved– Microsoft release a Beta AntiSpywareMicrosoft release a Beta AntiSpyware
•http://www.microsoft.com/athome/security/http://www.microsoft.com/athome/security/spyware/software/default.mspxspyware/software/default.mspx
– NAI/McAfee released a Beta plugin for NAI/McAfee released a Beta plugin for VirusScan Enterprise 8.0i VirusScan Enterprise 8.0i