Spyware is more malicious, more dangerous and ultimately more threatening than any other hazard facing us online. Over the past six months, it's come to take up more of my time than any other problem -- friends' computers are riddled with the stuff, it's behind most corporate firewalls, often in force, and it doesn't give up without a fight. The potential for serious damage to the way we like to work is considerable: if things carry on as they are, we will lose the ability to run personal computers as we know them.
Spyware is more dangerous than viruses primarily because its success depends on it remaining hidden: if it attracts attention to itself, it risks removal. And unlike viruses, there's a lot of money being invested. Virus writers are over-talented misfit loners, engaged in online willy-waving contests with their peers. Spyware writers are paid professionals operating to commercial standards, often as part of a sophisticated and multi-layer marketing effort.
The result is a series of exceptionally precise parasites, each building on the lessons of the last. The most tenacious know enough about Windows to survive detection and deletion, hiding copies of themselves away to regenerate after excision. Windows, being of baroque construction with some elements dating back to the Neolithic, offers many dark nooks and damp crannies to hide this stuff: a quick check on a laptop fresh out of the box this afternoon revealed 17,773 files. Nobody on this or any other planet knows what they all do.
Designers of spyware have an embarrassment of choice when it comes to ways to hide their cleverness. Between the time you turn your computer on and the time the hard disk light goes off, the computer goes through six different phases. Each corresponds in some sense to a historical step in the operating system's evolution from its distant single-user, single-tasking ancestor -- and each loads information from many different sources. (If you want to see the full horror, check Microsoft's own description of the process http://www.microsoft.com/resources/documentation/Windows/XP/all/reskit/en-us/Default.asp?url=/resources/documentation/Windows/XP/all/reskit/en-us/prmc_str_reii.asp but be sure to take a native guide and a full canteen of water.) The security stuff, of course, goes in last, well after various other services have woken up and long after the more advanced spyware has dug its tendrils deep into the system.
It is this rich, confusing mess of twists that allows spyware to thrive, and there is no reason to think SP2 will solve this problem. It does add some new tools to manage Internet Explorer - one of spyware's primary routes into the system - which will help clear out some of the beasties, and it takes a more intelligent approach to start-up management by not starting many services until the security stuff is ready. Many existing examples of spyware will be caught and defanged: many others will not. And all future spyware products will be designed to operate in a SP2 environment, safe among the many Windows intricacies that remain.
We can do something to minimise the threat. Any company, government department or organisation that insists on Explorer and Active X to provide an online service should be publicly laughed to shame. It's not necessary: it's like denying access to a shopping mall to anyone who isn't driving a Ford SUV equipped with Firestone tyres. With things as they are, any attempt to use Windows browser controls to filter out the bad stuff will be swamped by 'legitimate' controls requesting installation: users will just give in and take the lot, as is their right when asked to micromanage the technicalities of a complex operating system.
In the end, Windows must evolve in a different direction. Its biggest lack is applications management. Stuff that's installed must remain detectable and removable or not be allowed in at all. All we have now is the Control Panel's Add or Remove Programs applet, which a program must choose to register with when it installs. Clearly, spyware isn't going to do any such thing: registering with the system must be non-optional before execution rights are granted and what the software can then do has to be properly monitored and restricted.
.Net, C# et al have some of this, but while Windows drags around its unprotected past there's really not much point. It's like Lockheed designing a fighter where only the cockpit has stealth protection: the wings and engine remain flapping in the breeze, liable to any old whoosh-bang-nasty.
And if Windows can't so evolve, then we must change our operating system. It could be Longhorn, if Longhorn is fierce enough, it could be Linux: even the Mac OS could be ported to the PC and be presented as a fair competitor to the mess we've inherited. What we cannot do is accept the status quo or any variant thereof: Service Pack 2 is no answer.
Talkback
I can't really take this guy's comments, this is the second time of my life I chose to "talk back", simply because he pisses me off.
All he says is that there is a problem in Windows, but any answer is never given. Should Mac OS X be any less complex than windows? should linux be? if 80% og all users used linux don't you think there would be quite a lot spyware for linux too?
The problem is not windows, the problm is the users that believe that their computers are "smart" or even "intelligent", and are thereby able to take care of themselves. a computer is a dump tool, which is supposed to help you do a bunch of trivial stuff.
If you stick to software that you trust, you should never face any problems with spyware, but if you use a 1000 different "freeware" program for various small companies it is like bying a "real Rolex" in China, and trusting the man to be honest.
I look forward to some more serious comments from this guy!
At last!
I was beginning to think I needed commiting to an asylum. Why is the media not addressing this for the rather serious situation it is?
Rupert - thankyou. I'm not what you'ld term a 'newbie'. I learnt it all from the bit and byte, to the where we are now. I've known about trojans, virii, spyware/malware for years, but the last few months have seen spyware evolve to a different plane.
As you have quite rightly identified; these are no longer geeks showing off - without any real malice. We are dealing with seasoned professionals with a commercial pay-off and a specific agenda. They actually don't want the software found...they want it to keep working. Just about every virus ever written, was written to be found, and anyone with an IQ above 20 could 'see' the weaknesses.
What we have here is acompletely different kettle of fish..and nearly all the commercial means of addressing these issues are behind the times.
The industry needs to take this seriously now - and the sooner the better.
I downloaded the latest patches and my comp crashed!!!
I reinstalled XP Pro, downloaded the patches from teh microsoft site again, and it crashed AGAIN!!!
HELP and advice needed here
I couldn't even finish the article... This author is ridiculous. I'm sorry all your friends raid the warez, porn, and "free" games sites and click 'yes' to every certificate popup. There are tons of freeware programs to remove this spyware. It's not Microsoft's fault you don't know enough to read before you start accepting installations. Get real. BTW... Pound for pound, Linux has more vulnerabilities than Windows, but none of you MS bashers ever seems to mention that.
I wouldn't want you consulting for us - Mr Anonymous. Are you aware that pages which exploited a certain vulnerability which MS seemed unable to patch for nearly two months, allowed installation and execution of backdoor trojans, without raising a single request for certificate authorization???
I'm glad 'IT Consultants' are so well informed these days...
linux and the mac os are just as bad if not worse, especially linux which is classed as safe as such a small minority of people use it.
Windows is large and monolithic but at least you dont have to spend days trying to work out how to get the operating system to recognise a usb device unlike linux which i promptly gave up with and went back to windows which under XP at least does what i want it to.
Spyware should be made illegal and be punishable with the same penalties as hacking ie jail, ban on using computers for a sizeable time and for the company paying for its development....liquidation.
Also its maybe gotten to the stage where the indutry like law, medicine etc needs to be licensed and those found developing without a license punished, as unfortunately there are far too many unscupolous people working in computing, ive met several that have done jail time for dishonesty etc yet are still allowed to work with computers?!?
i think the best thing microsoft could do id ditch everything they have with XP etc and ensure longhorn is a total newbuild, properly referenced etc, even if older programs stop working with it,. it would be a price id be willing to pay to use a secure operating system.
I thought this guy was an excellent technology editor, until I read this article, he suddenly comes across as the typical Windows user that expects wonders from his Windows machine. He puts down virus writers, but seems to congratulate the authors of spyware on their professional approach to the task. At the end, he says if Windows won't evolve we should change OS, but of course he'll never do that, he'll stick with Windows, because, he can change his OS already, and do away with spyware and viruses forever.
As long as something can install itself at system level without asking permission, the system won't be safe.
I hardly used my XP partition but I thought I'd scan for spyware and I was in for a shock. Thousands of things were found whereas I hardly ever use XP, let alone to go a stupid web sites.
Since then, I've hardly touched XP. I don't think Linux or MacOs don't have exploits but like it or not, their rarity (amongst plenty of other things) makes them safer.
There is a saying that goes : "to live happy, live hidden". Suits me fine.
I love windows really