They're watching you

Many home PC users inadvertently download spyware programs that can strangle their system. Thomas Greene shows how to regain control

If your home computer has turned sluggish - programs open slowly, web pages take forever to load - it's probably not because you need a new machine. It's more likely that some hidden software is secretly using your CPU and is pushing your work aside, cuckoo-style, as it pursues its own ends. A survey in April by the US ISP Earthlink and Webroot software, for example, found that one in every three PCs scanned online at the user's request had a "Trojan horse" or spyware program on board.

If your home computer has turned sluggish - programs open slowly, web pages take forever to load - it's probably not because you need a new machine. It's more likely that some hidden software is secretly using your CPU and is pushing your work aside, cuckoo-style, as it pursues its own ends. A survey in April by the US ISP Earthlink and Webroot software, for example, found that one in every three PCs scanned online at the user's request had a "Trojan horse" or spyware program on board.

And where has it come from? Probably, to be honest, you. Many people have downloaded one or many of the free utilities available on the web: system "optimizers", plugins (especially "blockers" for pop-up ads) for Internet Explorer, toolbars and taskbars, news tickers, jukeboxes and so on.

The trouble is that such software, and especially the "free" applications supported by ads that appear on your desktop ("adware"), often reaches out to remote servers you know nothing about to track you across the net ("spyware"), aiding advertisers to develop marketing profiles of what people like you do online. The programs also slurp up system resources, leaving your PC sluggish. Often, that's the only way you discover they're there.

With Windows, it's down to you to install applications such as office suites, graphics programs, multimedia applications, system utilities, instant messaging and chat clients. But it's expensive putting together a truly useful software collection exclusively from retail packages, so many people seek free alternatives. Unfortunately, much free software is laced with those secret networking capabilities and "phone home" features. This is the privacy-invasion industry's Trojan horse: you get a free application, but they look over your shoulder while you surf the web.

So how do you search your computer for spyware? Your antivirus software is designed to ignore it, so you'll need something designed specifically to identify and remove it. Thousands of Windows programs contain adware and spyware; that in turn has created a whole industry dedicated to removing them. Fortunately, utilities such as Ad-Aware from Lavasoft ( www.lavasoftusa.com/support/download), Spy Sweeper from Webroot.com ( www.webroot.com/wb/products/spysweeper/index.php), and SpybBot Search & Destroy by Patrick Kolla ( www.safer-networking.org) do a good job of detection and removal, and you can use more than one to ensure that everything is caught. If any of these tools contains spyware of their own, one of the others is likely to pick that up as well.

Having purged your PC of malware, you still need to avoid future contamination. You could pick and choose between the widely advertised products out there... but that's how you got into trouble in the first place.

Instead, a simple long term approach is to replace as much "closed-source" commercial software with open-source alternatives as possible. Why? Because when everyone can examine the source code, it's virtually impossible to conceal malicious functions. You never know exactly what a "closed-source" commercial application contains, but there are no secrets in an open-source product. The price is often the same - free - but the open-source products, being a collaborative effort, don't have the same profit motive that leads companies to collect data secretly about their customers.

Open-source also has the advantage that it's often developed to work on many operating systems, including Windows, Linux, and BSD (and so Apple's OS X). That means that applications are less deeply integrated than platform-specific ones such as Microsoft's Internet Explorer, Outlook Express, IIS Web server, or even MSN Messenger chat client. A flaw in one of these applications often involves a corresponding flaw in Windows itself, making a "patch" hard for Microsoft to construct. By contrast, with cross-platform products, a patch is a relatively quick and straightforward affair.

One warning, though. Open-source applications often don't have the slick user interfaces of their closed-source rivals. That's probably because good UI design is a very specialist art; programming, though, is open to many.

So what should you use?The Mozilla web browser and e-mail client ( www.mozilla.org) make excellent alternatives to Microsoft's Internet Explorer and Outlook Express. Mozilla offers more control over code and script execution - dubious inbuilt features of Internet Explorer that enable good websites to run all sorts of codes on your computer to liven up your surfing. However, they also allow malicious sites to do just the same thing, and it can be hard to tell which is which.

Mozilla also lets you control image display, cookies, and browser traces more easily. For example, Mozilla Mail can be configured to ignore "remote images", which are image URLs e-mbedded in the message. This defeats the "tracer" images increasingly used by spammers to identify valid e-mail addresses (when you open the message, your computer fetches the image, which has your email as part of its title, from the spammer's server). It also prevents pornography from being fetched and displayed in spam messages children might encounter. (The latest versions of Outlook include this function, but it's paid-for.)

The Mozilla browser can be set to ignore third-party images and cookies on a web page, which helps defeat those who serve them up. You can also set it to delete cookies whenever it's closed; and traces of your online behavior, such as the download and URL history and page cache, can be removed easily; Internet Explorer makes it rather harder. Finally, Mozilla is not deeply integrated with the Windows operating system, which means its bugs are less likely to have significant impact on the guts of the system, and are easy to patch without changing how your system functions.

For instant messaging, try Gaim for Windows or Linux ( www.gaim.sourceforge.net). Gaim is open source and adware-free, and features cross-network compatibility, so you can talk to people on systems besides MSN's Messenger. It lacks the handsome user interface of many commercial IM clients, but it works well and is a good choice for security reasons; MSN Messenger and other IM clients are major vectors of infection, and may contain adware or spyware, while exploits against MSN Messenger are increasing.

Another major source of malware is peer-to-peer (P2P) file sharing programs such as Morpheus, KaZaA and Grokster. Most are infected with adware or spyware to help fund development - though the makers soft-pedal the facts. For example, Sharman Networks, which develops KaZaA, says it "contains no spyware". However, the KaZaA client feeds advertisements to users through third-party ad servers. There is a good open-source file sharing utility for the Gnutella network called Gnucleus (www.gnucleus.com). (Beware: many viruses and Trojans are spread through P2P networks, under attractive names. It's a good idea to have a "sandbox" so you can check files you download before you open them.)

There are also open-source applications that can save you considerable amounts of money: namely the GIMP graphics manipulation application ( www.gimp.org) and the OpenOffice.org office suite ( www.openoffice.org). For the graphics professional, the GIMP may not be an adequate substitute for Photoshop, but it's free. Likewise, OpenOffice might not satisfy those who need all of the features of Microsoft Office, but will certainly suit most students and home users. Together, they'll save you around £1,000 per machine, based on retail prices for the commercial alternatives. Photoshop and MS Office may be better, but it's hard to imagine they're that much better for most people. (There is a good catalog of open-source applications for Windows and other operating systems located online at www.jairlie.com/oss/suggestedapplications.html.)

One final thing: many commercial developers like to call their products "open". But if the source-code files are not freely available somewhere, so that you can build the application yourself, then it is not open-source. And not having the source is how you got into this problem in the first place.

Thomas C Greene is associate editor for The Register, an online IT news daily based in London. He is the author of 'Computer Security for the Home and Small Office', a security and online privacy manual published by Apress

PROMOTED VIDEO
News
ebooksAn unforgettable anthology of contemporary reportage
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

iJobs Job Widget
iJobs General

SSRS Report Developer - Urgent Contract - London - £300pd

£300 Per Annum: Clearwater People Solutions Ltd: SSRS Report Developer – 3 Mon...

KS1 Teacher

£95 - £150 per day: Randstad Education Birmingham: Key Stage 1 teacher require...

HR Business Partner - Essex - £39,000 plus benefits

£32000 - £39000 per annum + benefits + bonus: Ashdown Group: Generalist HR Man...

Trainee Recruitment Consultant

£18000 - £30000 per annum + uncapped: SThree: Do you feel like your sales role...

Day In a Page

How could three tourists have been battered within an inch of their lives by a burglar in a plush London hotel?

A crime that reveals London's dark heart

How could three tourists have been battered within an inch of their lives by a burglar in a plush London hotel?
Meet 'Porridge' and 'Vampire': Chinese state TV is offering advice for citizens picking a Western moniker

Lost in translation: Western monikers

Chinese state TV is offering advice for citizens picking a Western moniker. Simon Usborne, who met a 'Porridge' and a 'Vampire' while in China, can see the problem
Handy hacks that make life easier: New book reveals how to rid your inbox of spam, protect your passwords and amplify your iPhone

Handy hacks that make life easier

New book reveals how to rid your email inbox of spam, protect your passwords and amplify your iPhone with a loo-roll
KidZania lets children try their hands at being a firefighter, doctor or factory worker for the day

KidZania: It's a small world

The new 'educational entertainment experience' in London's Shepherd's Bush will allow children to try out the jobs that are usually undertaken by adults, including firefighter, doctor or factory worker
Renée Zellweger's real crime has been to age in an industry that prizes women's youth over humanity

'Renée Zellweger's real crime was to age'

The actress's altered appearance raised eyebrows at Elle's Women in Hollywood awards on Monday
From Cinderella to The Jungle Book, Disney plans live-action remakes of animated classics

Disney plans live-action remakes of animated classics

From Cinderella to The Jungle Book, Patrick Grafton-Green wonders if they can ever recapture the old magic
Thousands of teenagers to visit battlefields of the First World War in new Government scheme

Pupils to visit First World War battlefields

A new Government scheme aims to bring the the horrors of the conflict to life over the next five years
The 10 best smartphone accessories

Make the most of your mobile: 10 best smartphone accessories

Try these add-ons for everything from secret charging to making sure you never lose your keys again
Mario Balotelli substituted at half-time against Real Madrid: Was this shirt swapping the real reason?

Liverpool v Real Madrid

Mario Balotelli substituted at half-time. Was shirt swapping the real reason?
West Indies tour of India: Hurricane set to sweep Windies into the shadows

Hurricane set to sweep Windies into the shadows

Decision to pull out of India tour leaves the WICB fighting for its existence with an off-field storm building
Indiana serial killer? Man arrested for murdering teenage prostitute confesses to six other murders - and police fear there could be many more

A new American serial killer?

Police fear man arrested for murder of teen prostitute could be responsible for killing spree dating back 20 years
Sweetie, the fake 10-year-old girl designed to catch online predators, claims her first scalp

Sting to trap paedophiles may not carry weight in UK courts

Computer image of ‘Sweetie’ represented entrapment, experts say
Fukushima nuclear crisis: Evacuees still stuck in cramped emergency housing three years on - and may never return home

Return to Fukushima – a land they will never call home again

Evacuees still stuck in cramped emergency housing three years on from nuclear disaster
Wildlife Photographer of the Year: Intimate image of resting lions claims top prize

Wildlife Photographer of the Year

Intimate image of resting lions claims top prize
Online petitions: Sign here to change the world

Want to change the world? Just sign here

The proliferation of online petitions allows us to register our protests at the touch of a button. But do they change anything?