Seeking at all the ads which promise to get rid of all spy programs, 1 will wonder why there exists however plenty of them everywhere and the situation is by no means getting better. So let me spoil the advertisers' mood and show a few of the "holes" in the most significant majority of programs products we expect to protect our information.
Speaking about drawbacks of anti-spyware, let's take the word "spyware" in the narrow feel for a change and call "spyware" only programs products that really spy, i personally.east. steal valuable information you wish to keep personal. Let's leave aside adware -- this motley crew of advertising stuff; information that a few of them "steal" is not valuable enough. It's keylogging programs that we should associate with the term "spyware" 1st of all. This breed is exceptionally dangerous -- such threats as flourishing online bank fraud and the recent case of keylogger-containing Trojans prove this.
Typically speaking, virtually all anti-spyware works like that? Do not prevent reading, please. Do not ignore on top the paragraph. Do you think that if you are not a tech host, it's none of your business? You do not write this programs, you just assume it -- so what? You have not mass-produced the car you are driving, either (well, there can be a few exceptions?). However you do know (at least in general) what makes it move -- and you won't forget to fill higher its tank or even have it serviced from time to time. You know what will arise if you do not. For the equivalent reason you'd better know a bit about anti-spy programs installed on any PC you employ.
We all should know it to understand what exactly to expect from all these anti-spy products with cool list. Their creators and sellers promise you that these programs products will "kill all spyware on your PC" (or something like that). 1st, is absolute protection possible? 2nd, what should we expect from a average anti-spy program and what it's only unable to do? To answer these questions, we should realise how it works.
Usually speaking, virtually all anti-spyware works like that: it scans the operating system in lookup for suspicious bits of code. Should the program find any, it compares these suspicious pieces with bits of code (they are called signatures), which belong to already found and "caught" spy programs. Signatures are saved in so-called signature base -- the inseparable share of any anti-spy program. The even more signatures it contains, the even more spyware such program will detect, so your PC will be protected even more effectively. As long as you upgrade your anti-spy programs regularly and the system does not come across a few unknown spyware product, every single thing is going to be ok.
As for me, this pattern looks pretty like police records and works like them, too. However?the problem is just like the 1 with police records ? the fact that all included there are criminals does not at all mean that all the criminals are included into the records.
Well, do you need the criminals (spy programs) that aren't included into the records (signature bases)? There are lots of such programs -- even more than that -- a few of them will never be in any signature base. Just like with criminals -- a few of them have not been caught yet, and a select few will never be caught ? because of their "right of inviolability". Anti- spy products built on signature base analysis will never be able to protect against these spies. Do not expect them to.
Let's take a speedy look on these elusive spy programs.
Group one. Those which hasn't been caught yet, because they are:
one. brand-new ones. It is being constantly written, released, wore (for a incredibly short time), found and, eventually, included into signature bases. Anti-spyware developers are today in the vicious circle of endless "spy hunt", trying to include as many spyware signatures (pieces of code) into the bases as possible - and rapid! Faster, to outrun the competitors; faster, for new spyware - which is being written and released constantly ? not to spread like a wildfire. That's the way a signature base grows.
two. written to be utilized only when.
These "tailor-made", or even should we say, "custom-made", keyloggers are incredibly unlikely to be ever found. As soon as they've done their jobs (stealing information, of course ?reasonably often from the particular computer) they only disappear, never to be seen again. Just here belong keyloggers mass-produced mostly for such tasks as espionage.
The main problem: keylogging programs is relatively elementary and not too demanding to compile. Even an average computer programmer can write a elementary keylogger in two or three of days. Even more sophisticated 1 will take longer to produce, of course, however not too long. Hackers typically compile source code of many keyloggers (it's simple to find them in the Web--for those who know right where to look for) -- and get a brand-new 1 with an unknown signature even faster. If a keylogger can be installed remotely without the victim's knowledge, it gives the hacker outstanding possibility to steal any information he pleases. If there exists an opportunity, there always will be 1 to assume it. The time period when a new spy already survives, however the updates haven't been released yet, is the extremely time when hackers produce their biggest gains. Trying to catch them all is a hopeless idea; it looks too similar to getting fleas 1 by 1.
Group two. "Sacred cows".
No signature base will ever have their signatures. Right here belong mostly monitoring programs, which can be utilized for spying as well. 1st, the ones created by (or for) government agents ? like the famous Magic Lantern (the brainchild of the Cyber Knight project). No product which manipulates a signature base will protect against it; an ordinary anti-spy will never detect such a program. The equivalent situation with more monitoring programs, which certain agents utalise. These monitoring products easily "don't exist" for signature-base-using anti-spyware (though they can well exist on any PC--yours included)
If you think I am painting it too black let's recall what happened when code of D.I personally.R.T. (a covert spying thing developed by Codex Information Systems) leaked out couple of years ago and was uncovered in the Web (merely by accident, per way). When a top-secret project, it did turn into an open secret -- however the signature of this powerful monitoring programs hasn't been included in any signature bases. That's what worries me the most; after this information leak nobody knows for sure WHO can be employing it --and WHAT FOR. What if a few more government monitoring program trickles into the Internet, too?
Monitoring programs for parental control or even workplace surveillance are quite common and simply available from the Web. Even so, they can be wore not only for those absolutely valid purposes. Any monitoring program is actually a double-edged sword because it almost always contains a keylogging module. It's higher to an end user to utalise them--perhaps for spying. Valid monitoring programs are another time not included into signature bases, so 1 can assume an anti-spy program and be spied on in any case.
At present the last (but not the least) threat -- spy modules incorporated into viruses and Trojan horse programs. Unfortunately, all malware, including viruses, Trojan horses, worms and more animal, "evolves" (due to their malicious creators). There already are so many hybrids between 1 an additional that it's hard to find, say, a "pure" virus like ones utilized only many years ago. Lots of this animal can contain a keylogger -- like MyDoom (sure you remember this virus). They multiply and develop, becoming even more and even more malicious.
So, what conclusions may we draw out of this entire story (sorry if it turned to be too pessimistic)?
Is absolute anti-spy protection possible? With existing anti-spy programs which utilizes signature bases - no.
Nonetheless, there exists a relatively new trend in programs development -- not to utilize signature base analysis at all. This approach is rather promising; it means that such software--it already exists--can counteract even brand-new and custom-made spies. You might read even more about it if you follow the link in our signature.
What should we expect from an average anti-monitoring or even anti-spy program? It does protect from spy programs which it "knows". If it's the particular signature in its base, it protects your PC from this particular program. If anti-spyware employs a signature base, it will never "kill all spies on your PC--"whatever the salesperson promises you. Do not expect complete security-- there appears to be no such thing anymore.
The only hope is for totally new technologies. If developers cannot succeed in fighting spyware, they should try something else.
Alexandra Gamanenko now works at the Raytown Corporation, LLC -- an independent programs developing company. Visit its website http://www.anti-keyloggers.com
Article source: http://www.topiccenter.com/Computers-and-Technology/Software/