Anti-Spyware Solutions for Anti-Spyware Solutions for MITMIT

IT Partners Conference, April 19, IT Partners Conference, April 19, 20052005

Jonathan HuntJonathan Huntjmhunt@mit.edujmhunt@mit.edu

Senior Manager Software Service, Senior Manager Software Service, IS&TIS&T

AgendaAgenda

• What is Spyware and why is it a What is Spyware and why is it a problemproblem

• Is it all bad?Is it all bad?

• How do I get Spyware?How do I get Spyware?

• What to do about Spyware today?What to do about Spyware today?

• How to avoid getting Spyware?How to avoid getting Spyware?

• When will it get better? (Soon When will it get better? (Soon ))

What is Spyware and why is it What is Spyware and why is it a problema problem• Microsoft’s DefinitionMicrosoft’s Definition

– Spyware and other unwanted software refers Spyware and other unwanted software refers to software that performs certain tasks on your to software that performs certain tasks on your computer, typically without your consent. This computer, typically without your consent. This may include giving you advertising or may include giving you advertising or collecting personal information about you.collecting personal information about you.

• Exposes (or potential to expose) Private Exposes (or potential to expose) Private Information:Information:– Credit Card # (Bank Accout Numbers)Credit Card # (Bank Accout Numbers)– SSNSSN– Usernames & PasswordUsernames & Password– Address Book (to SPAM)Address Book (to SPAM)

Is all Spyware Bad?Is all Spyware Bad?

• A lot of Spyware is not intentionally A lot of Spyware is not intentionally malicious, but… malicious, but… – Causes system problemsCauses system problems– Hard to removeHard to remove– Collects info that another program could Collects info that another program could

grabgrab– Show Ads (some people enjoy Ads)Show Ads (some people enjoy Ads)

• Dependent on Personal OpinionsDependent on Personal Opinions

How do I get Spyware?How do I get Spyware?

• Installing software from unknown sourcesInstalling software from unknown sources– ““Free” versions of commercial softwareFree” versions of commercial software– Freeware from untrusted sites or mirrorsFreeware from untrusted sites or mirrors

• Peer-to-Peer (e.g. Kazaa) file sharing systems (often Peer-to-Peer (e.g. Kazaa) file sharing systems (often trojanned)trojanned)

• Added components for browsersAdded components for browsers

– Services that give credit for surfing sites that Services that give credit for surfing sites that require you to install something locallyrequire you to install something locally

– E-mail attachments (usually in SPAM)E-mail attachments (usually in SPAM)

• Not reading the fine print of End User Not reading the fine print of End User License Agreements (EULA)License Agreements (EULA)

What to do about Spyware What to do about Spyware todaytoday

• Microsoft says to use their Beta*:Microsoft says to use their Beta*:– http://www.microsoft.com/athome/security/http://www.microsoft.com/athome/security/

spyware/spywarewhat.mspxspyware/spywarewhat.mspx– Available for Windows 2000, XP and Server 2003Available for Windows 2000, XP and Server 2003

• Or use one of the leading shareware Or use one of the leading shareware programs on the market:programs on the market:– Lavasoft’s Ad-AwareLavasoft’s Ad-Aware

• http://www.lavasoftusa.com/software/adaware/http://www.lavasoftusa.com/software/adaware/

– Spybot Search & DestroySpybot Search & Destroy• http://www.safer-networking.org/en/download/index.htmlhttp://www.safer-networking.org/en/download/index.html

* Slide corrected since presentation to note the MS tool available for more than just XP

ComparisonComparison

ToolTool Long Long TermTerm

DetecDetectt

CleaCleann

BlockBlock UpdatUpdatee

CostCost

Spybot Spybot S&DS&D

?? GoodGood MosMostt

YesYes YesYes ?$?$

AdawareAdaware okok GoodGood GooGoodd

NoNo NoNo ?$?$

MS Anti-MS Anti-SpywareSpyware

GooGoodd

GoodGood GooGoodd

YesYes YesYes freefree

VirusScaVirusScan Plug-inn Plug-in

?? GoodGood GooGoodd

YesYes YesYes $$$$

How to avoid getting How to avoid getting SpywareSpyware• Keep your operating system, browsers, and other Keep your operating system, browsers, and other

applications patchedapplications patched• Only install software from trusted sourcesOnly install software from trusted sources

– Free isn’t always “FREE” of problemsFree isn’t always “FREE” of problems

• Read EULA before acceptingRead EULA before accepting• Install and Use Anti-Virus and Spyware blocking Install and Use Anti-Virus and Spyware blocking

softwaresoftware– Anti-Virus: MIT licensed Virus Scan Enterprise 8.0iAnti-Virus: MIT licensed Virus Scan Enterprise 8.0i– Anti-Spyware & Spyware Blocker: Microsoft Anti-Spyware Anti-Spyware & Spyware Blocker: Microsoft Anti-Spyware

(Beta)(Beta)

• Only open attachment that you were expectingOnly open attachment that you were expecting

When will it get better?When will it get better?

• Major Vendors getting involvedMajor Vendors getting involved– Microsoft release a Beta AntiSpywareMicrosoft release a Beta AntiSpyware

•http://www.microsoft.com/athome/security/http://www.microsoft.com/athome/security/spyware/software/default.mspxspyware/software/default.mspx

– NAI/McAfee released a Beta plugin for NAI/McAfee released a Beta plugin for VirusScan Enterprise 8.0i VirusScan Enterprise 8.0i