Home | Headlines | Annex Bulletins | Index 2004 | About Founder | SearchFeedbackClips | Activism | Client quotes | Workshop | Columns | Subscribe

The copyright-protected information contained in the ANNEX BULLETINS and ANNEX NEWSFLASHES is part of the Comprehensive Market Service (CMS).  It is intended for the exclusive use by those who have contracted for the entire CMS service.

An OPEN Client Edition

INDUSTRY TRENDS

Updated 9/27/04, 10:00 A.M. PDT (updates "Readers' Forum")

An Annex Research Editorial: Beware the Spyware

Spy Wars

New Internet Epidemiology Labs to Open in San Diego, Berkeley

PHOENIX, Sep 25 – If you think, “well, I have an Antivirus program and a Firewall so I am safe, think again,” warned Owen, an Internet security guru, in a Sep 23 message to this writer.  “A firewall is a firewall and it stops the hackers.  And Antivirus program is an Antivirus program and it stops viruses.  (But) there is one big gaping hole that probably causes more problems than the latter - Spyware.  No protection.  You are just another victim for the (Spyware) makers money-making scheme.”Text Box:  
I spy with my little eye

Spyware?  What’s that?  Even my Microsoft software spellchecker choked on the word.  But after battling the invisible Darth Veder’s for over a week in one of cyberspace Spy Wars, I can probably write a book about it.  Or at least a chapter… which is what I am doing.

My Spy Wars saga ended happily, as it turns out, thanks to Owen and other volunteer security experts.  So I decided to share it with you.  Sort of like spreading good cheer around, and helping enlighten other Internet users who may be still deluding themselves that they are safe from malicious intruders. 

* * *

Day 1 - As Hurricane Ivan (the Terrible) unleashed its fury upon the wary citizens of Alabama, all seemed calm in this corner of the Southwest.  Deep below the Windows XP surface, however, a powerful storm was brewing, imperceptible by a naked eye at computer desktop.  Darth Veder and his invaders were about to pay me a visit.  In fact, their advance reconnaissance units had already arrived, unbeknownst to me, and were fast at work, stealthily siphoning the privates out of my XP.

My Spy Wars started innocently enough, though.  My computer toolbar flashed one of those automatic messages that Microsoft was ready to update my XP operating system.  Being a trusting soul when it comes to Microsoft, I replied, “sure, go ahead.” 

Big mistake!  For, this was no ordinary update.  Even though I use one of the fastest PCs on the market, the process seemed to take forever.  It was only then that I checked and realized that Microsoft was installing Service Pack 2 (SP2), a practically new version of its operating system.  Gobs of new software was pouring into my computer, along with potential bugs that inevitably seemed to downgrade the results of any so-called software “upgrades.”

“Yikes,” I thought, recalling what one of my clients said long ago about what it means to be a pioneer of new software or hardware releases.  “We are on the bleeding edge of technology.”  Ever since, I have been trying to stay well back of the pack, waiting for the new releases to get stabilized before installing them.  Until now…

Alas, I was too deeply into the installation process to reverse the course.  I figured I’d better let Microsoft finish its installation rather than interfere.  That would be risking self-inflicted wounds.

When the SP2 was installed, successfully I was told, I was asked to reboot the system.   I did.  It seemed a little slower than before, but I did not pay much attention.  Then.

Day 3 - A few days went by.  Everything still seemed normal.  Then one of my applications “did a Bill Gates” – our family euphemism for a software crash.  The failure caused my screen to freeze.  So figured I’d better reboot the whole system again.

This time, I did notice that the start-up process was taking longer than before.  So I made mental and physical notes to do something about it when I find the time.

Day 4 - The following day, I contacted Microsoft.  It turned out they had already set up a special support center for SP2 customers.  “Uh, oh…” I took that as a bad news sign.  Evidently I was not the only one.

Eventually, I got to “chat” via the Internet with a Microsoft technical support rep.  He was an East Indian, of course (is there any other kind these days? J). 

“Would you like me to show you how to fast your computer?” he asked.

“Sure,” I replied.  “As long as you don’t starve it to death.” J

The tech didn’t see any humor in my reply.  Guess some of them still have to work on their English language skills after they are done with speeds and feeds.

After having me do some arcane operating system tests, the tech came up with a verdict.  “I think your system is infected with Spyware,” he pronounced.

Text Box:  
Source: Annex Research

“Spyware?”  That was the first I’d heard the word.  Naturally, I wanted to know more about it, and the tech was quite obliging, but limited in his own knowledge.  I got a distinct impression that he was following some sort of a flowchart.  “If the answer is X, then you do Y.”  So he told me to go to the Microsoft web site and download Spybot.  That’s is one of the two recommended anti-spyware software programs.  The other one is Ad-aware (you’ll find them both at the above link).

I did.  Alas, my browser showed the Spybot link to be invalid (I got the usual white screen error message – “The page you are looking for is currently unavailable. The Web site might be experiencing technical difficulties, or you may need to adjust your browser settings”).  The Microsoft technicians, however, insisted that the link was good. 

Then I tried the Ad-aware link.  The same problem.  The page was “currently unavailable,” at least according to my browser.

Day 7After a few of days of going back and forth with various Microsoft tech reps about whether or not their links were good, and the possible reasons why I could not access them, I got in touch with Hestia, another Internet security company from whose site you can download the Spybot Search & Destroy software.  Hestia was slow do respond (it took three days), but when they did, they hit the nail on the head.

“I suspect your PC is infected with Malware/Hijackers,” wrote Laura, an evidently knowledgeable Hestia tech.  “Some of them prevent users from downloading known anti-spyware programs and spyware removers, or from visiting their websites.”

Bingo!  Finally, an explanation that made sense.  Yet one that had eluded all other Microsoft experts with whom I had dealt.  (Eventually, one Microsoft rep even suggested that I de-install the new SP2!  So much having faith in one’s own product… I did not [deinstall]).

Laura suggested that I join D-A-L, a user group to which she also belonged, and where she thought I might get help. 

She was right.  D-A-L is where I met Owen, the British security expert who eventually helped me fight off Darth Veder’s cyberspace invaders. 

What’s D-A-L?  Think of it as an Internet humanitarian organization.  It’s a place to which unfortunate Internet users can bring their sick PC puppies for “Dr. Owen” and his assistant “Bear” to examine and prescribe the cure.  Free of charge.  As real humanitarians, they donate their time and expertise for the betterment of mankind, or “cyberkind,” in this instance.

Day 9After a couple of days of back and forth with Owen and Bear, which included many hair-raising Windows XP registry searches (a hallowed Microsoft software ground upon which no Internet mortal should tread, lest he wants to risk his Windows system blowing up and disintegrating), I found out that I had at least 92 sites blocked by the invisible spyware invaders.  Plus a dozen or so other Windows registry intrusions and piracy acts. 

And just think… we found all these breaches of my Windows XP security after I had already run the Spybot program that supposedly cleaned out the most aggressive of Darth Veder’s invaders (several dozens of them).  And, of course, after I had already installed the Microsoft SP2 that was supposed to have given me a Firewall, and fixed many of the Windows security problems.  Worse, after I was now able to install and run Ad-aware, this program found and quarantined another 174 spyware intrusions into my system.

Naturally, once identified, it was easy to kill or disable the cyber vermin. 

EpilogueSo now that I was free of imminent danger, it was time to do a post mortem.  “How did all these bad guys get into my system unbeknownst to me, and how do I guard against that happening again?” I asked Owen.

“Basically, low IE Security settings, and a lack of protection, can sum it all up.  Spyware can also come bundled with software, and you will never know it unless you either have 1. Protection; or 2. Read the license agreement and the small print.”

So what can one do to protect oneself from spyware invasions in the future?  Well, Spybot has an “Immunize” option that serves that purpose.  Be sure to use it.  But there is much more you can do…  Here’s what “Dr. Owen” recommends:

After your problem has been resolved on the forum, it is an absolute MUST to do the following steps to prevent the problem returning. Click on the link to get access to the software or webpage that I'm referring to.

1. Visit Windows Update

Pay a visit to Windows Update and scan for and download ALL Critical Updates and Service Packs. New updates are usually released monthly so check back to Windows Update every month.

2. Download Antivirus Software

If you haven't already got Antivirus software, you should download and install AVG Antivirus. It is freeware and is updated nearly every 2 days (sometimes more frequently if there are a lot of new viruses) and in my opinion, is better than some Antivirus software such as Norton. Antivirus software will prevent viruses infecting your system and it is important that you update it every two days or every week at the most.

3. Download a Firewall

If you haven't already got a firewall, it is Very important that you download one. Firewalls will prevent unauthorized access to your computer and stop data leaking out of your computer. You may think that it won't happen to you, but Hackers don't care who you are, what you do, where you live or what you had for tea last Sunday on your holiday in the Lake District, they want your data. Firewalls will keep these sneaks out and one of the best is Sygate Personal Firewall, which happens to be freeware.

4. Spyware Scanners

It is important that as well as having real time spyware protection, you have a spyware scanning application. If you have not already been told to download one earlier in this thread, it is a good idea to download Spybot Search And Destroy and Ad-aware. They are both spyware scanners and will search for a remove spyware. It is recommended that you have both, because one will pick up entries that the other misses. It is even a good idea to download these if you have other programs such as ASE, Spysweeper, Pest Patrol, etc, because one spyware scanner will not pick up everything. Please remember to update your spyware scanners weekly/fortnightly.

5. Prevent Spyware slipping through Internet Explorer

Quite a lot of spyware slips through Internet Explorer if your settings are not tight enough. Spyware Blaster will help you prevent spyware slipping through and installing tracking cookies. Simply run it via Start> Programs> Spyware Blaster and click Enable All Protection and it will protect you. It doesn't even have to be open! Remember to update weekly/fortnightly.

(Annex Ed.: Make that at least weekly, based on my recent experience.  I’ve just run Spybot again – AFTER I had implemented ALL SIX protection measures that Owen recommended.  It found and neutralized three new instances of spyware intrusions).

6. Constant Spyware Protection

It is important to have constant spyware protection. Spyware Guard works like an antivirus program but detects Spyware instead. It will constantly protect your system. Check for updates monthly.

All Of these steps are very important and it is HIGHLY recommended that you download ALL of the programs mentioned for your own safety. Remember to Update everything (including Windows using Windows Update)! It is also a good idea to perform weekly/fortnightly scans with Spybot S&D, Ad-aware and your Antivirus software.

And last of all, please remember, that common sense is your greatest tool. Without it, spyware and other related Malware would rule!

And the last thing we want is for an Evil Empire to rule the Internet.  There are just too many great benefits that the Internet provides to tens of millions of Netizens around the globe to allow a few bad apples to try to take them away from the rest of us.

New Internet Epidemiology Lab

How pervasive is the spyware problem?  We’ll never know for sure unless we raise the awareness of the Internet community about spyware, which is the purpose of this article.  But it suffices to say that security breaches are a big enough concern to have caused some of the best and the brightest of the Internet scientists to put their money, brains and time behind a new effort to rid the cyberspace of the evil Darth Veder’s.

Just as I was cleaning up the last remnants of my own spyware mess, I came across the news that a new Internet epidemiology labs were being formed.  Here’s an excerpt from a Forbes story about it:

NEWSWISE Science News, 22-Sep-2004 -- The International Computer Science Institute (ICSI) and UC San Diego announce the opening of the Center for Internet Epidemiology and Defenses, a collaborative research center led by Vern Paxson of ICSI and Stefan Savage of UC San Diego. The new center is sponsored by a multi-million dollar grant from the National Science Foundation's Cyber Trust program. In addition to the NSF funding, CIED will receive support from Microsoft, Intel and Hewlett-Packard.

The Center aims to combat the threat of Internet worms and viruses. It will work towards understanding how the Internet's open communications and software vulnerabilities permit worms and viruses to propagate, devising a global-scale early warning system to automatically detect epidemics in their early stages, developing forensics capabilities for analyzing wide-ranging infections, and devising techniques and devices that can suppress outbreaks before they reach pandemic proportions.

Summary

So there you have it… a micro and a macro view of the ongoing and future Spy Wars - my private battle topped by a global effort to improve the Internet security.

The good news is Darth Veder’s invaders can be beaten, even now, before the scientists devise new global solutions.  The bad news is one must never get complacent, or savor the victory even for a moment.  For every spyware intruder that is struck down, another one may pop up.  There is no such thing as victory in Spy Wars, only temporary reprieve.

As with all security solutions, physical or in cyberspace, vigilance is the most important one.  Even after you implement all the suggestions that our good “Dr. Owen” has recommended, you must never let your guard down.  Just remember… you are the only guardian of your own security; not your secretary or your EA; not your tech support staff; not your CIO; not Bill Gates or your hardware vendor; not even the good “Dr. Owen.”  Only you can ensure that your PC is free of spyware, whether you are a single Internet user, or one of a corporate cast of thousands.

We suggest you take this advice personally.  For, Darth Veder’s of this world do.  They are after your privates and will stoop from nothing trying to get them.

Happy bargain hunting!

Bob Djurdjevic

P.S. Feel free to propagate the link to this Spy Wars article to all your family, friends and/or user groups whose privacy and security are close and dear to your heart.  And keep your comments coming... We will consider them for our Spy Wars Readers' Forum.

 

For additional Annex Research reports, check out... 

2004: Spy Wars (Sep 2004); Outsourcing Boomerang (Sep 2004); EDS to Cut Up to 20,000 More Jobs (Sep 2004); Capgemini Stock Plummets on Unexpected Loss (Sep 2004) HP Savaged by Wall Street (Aug 2004); Moody's Lowers the Boon on EDS (July 2004); HP: Delivering Value Horizontally (June 2004); Accenture: Revving Up a Notch (June 2004); Beware Your CFO! (May 2004)IBM: Changing of the Guard (May 2004); Capgemini: Texas-size Home Run (May 2004); Following the Money (May 2004);  EDS: On a Wink and a Prayer (Apr 2004); HPS Wins by a Nose! (Octathlon 2004); Accenture: Burning the Track (Mar 2004);  IGS: "Crown Jewel" Restored? (Mar 2004); HP: Still No Cigar (Feb 2004); Cap Gemini: Another, Smaller Loss (Feb 2004); CSC: Good Quarter Gets Boos (Feb 2004); EDS: "Hot Air Jordan" Flaunts Flop as Feat (Feb 2004); IT Industry: Whither Goeth It? (Jan 2004); Cronyism Is Alive and Well at EDS" (Jan 2004)

2003 IGS:  "IBM OnDemand: Different Strokes for Different Folks" (Dec 2003); "Investing in Growth" (Apr 2003)

2003 IBM: "IBM vs. HP: Spinning Global Server Market Shares" (Nov 2003);  "Finally Heard, Part II," (Nov 2003), “Small Is Now Big at Big Blue” (Oct 16),  “On the Nose But No Cigar” (July 16), “A Paler Shade of Blue” (June 2), “Save, Spend and Split” (May 8), “Shrunk by the Marketplace” (Apr 17), “Turnaround Continues...” (Apr 15), "Finally Heard!" (Jan 29), “Start of a Real Turnaround?” (Jan 17).

2002 IGS: "Half or Double Trouble?" (Aug. 12, 2002), "IBM to Take $500M Charge" (Sep 3, 2002), IBM-PwCC Update (Oct 2, 2002), Analysis of IBM Second Quarter Results (July 17, 2002), IBM Layoffs Confirmed! (Aug 14, 2002), Analysis of IBM Third Quarter Results (Oct 16, 2002), Boom Amid Gloom and Doom (Oct 10, 2002)

2002 IBM: “Gerstner: The Untold Story”  (Dec 27), "Gerstner Spills the Beans" (Dec 13), "On a Wing and a Prayer" (Oct 21), "IBM-PwC Tie the Knot" (Oct 2), Big Blue Salami (June 19), "Looming IBM Layoffs" (May 14), "IBM 5-Yr Forecast: From Here to Eternity?" (Apr 2002),  “Tough Times, Soft Deals,” (Apr 25, 2002), “Gerstner’s Legacy: Good Manager, Poor Entrepreneur” (Jan 2002), IBM Pension Plan Vapors: Where Did $17 Billion Go? (Mar 2002), "Sir Lou OutLayed Lay!" (Apr 1, 2002).

A selection from prior years: Is IBM Cheating on Taxes, Annex Bulletin 99-17 (May 1999),  IBM 5-year Forecast 2001: An Unenviable Legacy (June 2001) "Break Up IBM!" (Mar. 1996), Fortune on IBM (June 15, 2000), “Smoke and Mirrors Galore,” July 2000), "Slam Dunk of Bunk" (Jan 2000), Annex Bulletin 98-14 ("Wag the Big Blue Dog"), Armonk's Fudge Factory (Apr. 9, 1999)Where Armonk Meets Wall Street, Greed Breeds Incest (November 1998)Stock Buybacks Questioned: Is IBM Mortgaging Its Future Again?, 97-18 (4/29/97),  "Some Insiders Cashed In On IBM Stock's Rise, Buybacks" 97-22, 7/27/97,  Djurdjevic’s Forbes column, "Is Big Blue Back?," 6/10/97;  “Executive Suite: How Sweet!,” (July 1997), "Gerstner: Best Years Are Behind", Aug. 10, 1999), "IBM's Best Years Are 3-4 Decades Behind Us" (July 1999), "Lou's Lair vs. Bill's Loft" (June 1999),  "Corporate Cabbage Patch Dolls," 98-39, 10/31/98; Djurdjevic’s Chronicles magazine October 1998 column, "Wall Street Boom; Main Street Doom", “Louis XIX of Armonk,” (Aug. 1996), "Mountain Shook, Mouse Was Born" (Mar. 25, 1994), “A Nice Guy Who Lost His Compass” (Jan 26, 1993), “Akers: The Last Emperor?” June 1991), Industry Stratification Trend (Mar. 30, 1990) etc.]

Or just click on and use appropriate  keywords.

Volume XX, Annex Bulletin 2004-20
September 25, 2004

Bob Djurdjevic, Editor
(c) Copyright 2004 by Annex Research, Inc. All rights reserved.
e-mail: annex@djurdjevic.com

4440 E Camelback Rd #29, Phoenix, Arizona 85018
TEL/FAX: (602) 824-8111

Home | Headlines | Annex Bulletins | Index 2004 | About Founder | SearchFeedbackClips | Activism | Client quotes | Workshop | Columns | Subscribe