The Unique Challenge of Spyware

[~BD~]

Introduction
************

At first comparison, spyware and computer viruses might appear to have
more in common than not. They are both malicious programs, they both
impact system stability, and the effects of both can range from being a
nuisance to inflicting serious damage. They are also both programs that
require specialized tools for their removal.

And while these two different types of malicious programs might closely
resemble each another at first glimpse, there are significant differences:

• Unlike viruses, the motivations behind spyware are financial, which
has driven rapid technical innovation and broad distribution.
• Spyware is curiously difficult to locate for research, requiring
specialized, proactive methods for discovery.
• Removing spyware is especially complicated and problematic because
newer versions are highly adept at remaining on a system.
• The business impacts of spyware are greater, as it compromises
privacy, threatens assets and affects productivity beyond even the
damage caused by viruses.

The bottom line is that spyware presents a unique and serious problem
that requires its own dedicated defenses. As spyware rapidly
proliferates today, its well-funded developers are creating increasingly
sophisticated versions, and it is clear that solutions devoted to
handling the intricacies of spyware are necessary.
In this paper we will closely examine the differences between spyware
and computer viruses. The first line of defense is education, and
understanding the unique threat spyware poses is the first step in a
practical plan for protection.


**

Conclusion
**********

In summary, spyware is uniquely difficult to identify, and it becomes
entangled in the systems it infects, making its removal extremely
complicated. Spywareʼs impact can be dramatically different from that of
viruses, resulting in significant loss to theft of assets and decreased
productivity. Finally, because it is financially motivated and backed by
increasing investment from a thriving industry, spyware is advancing
rapidly and becoming progressively more complex.

When examined more closely, it is apparent that spyware has very
different properties from viruses. Understanding the unique properties
of spyware is the first defense against its dangers. Dealing with
spyware is a complex challenge that requires specialized techniques.
Today more than ever, computer users need to rely on a dedicated
solution designed specifically to help navigate the unique threats of
spyware.

Ref: http://www.webroot.com/shared/pdf/Sp...VS-Viruses.pdf

[FromTheRafters]

"~BD~" <~BD~@nomail.afraid.org> wrote in message
news:SOKdnc4y24nyUkTRnZ2dnUVZ8jednZ2d@bt.com...
> Introduction
[...]
Synopsis - apples are like oranges except for where there are
differences between them and apples may be preferred if you are baking a
pie or selling the ingredients needed for an apple pie recipe they tell
you that you *must* have as if you have no choice.

> Ref: http://www.webroot.com/shared/pdf/Sp...VS-Viruses.pdf

Haven't read it yet, but I suspect a similar scenario.

Could they explain how cryptovirology is not financially motivated, or
how stand-alone application malware can be harder to detect than a
polymorphic file infector is? Perhaps I'll find out by reading that
nifty PDF file.

[Aardvark]

On Tue, 09 Nov 2010 22:47:11 +0000, ~BD~ wrote:

> SNIP

Got a point?



--
"En un lugar de la Mancha, de cuyo nombre no quiero acordarme,
no hace mucho tiempo que vivÃ*a un hidalgo de los de lanza en
astillero, adarga antigua, rocÃ*n flaco y galgo corredor."
-Cervantes, 'Don Quixote'

[Mike Easter]

Aardvark wrote:
> ~BD~ wrote:
>
>> SNIP
>
> Got a point?

Webroot (source site) sells antispyware, AV, suite w/ or w/o firewall,
windows washer.

http://www.webroot.com/En_US/consumer-compare.html Compare Our Products
Side-by-Side


--
Mike Easter

[~BD~]

Aardvark wrote:
> On Tue, 09 Nov 2010 22:47:11 +0000, ~BD~ wrote:
>
>> SNIP
>
> Got a point?
>
>
>

Linux is good for you! ;-)

[~BD~]

Mike Easter wrote:
> Aardvark wrote:
>> ~BD~ wrote:
>>
>>> SNIP
>>
>> Got a point?
>
> Webroot (source site) sells antispyware, AV, suite w/ or w/o firewall,
> windows washer.
>
> http://www.webroot.com/En_US/consumer-compare.html Compare Our Products
> Side-by-Side
>
>

Nothing for Apple OS X though!


--
Dave - grinning!

[Mike Easter]

~BD~ wrote:
> Mike Easter wrote:

>> Webroot (source site) sells antispyware, AV, suite w/ or w/o firewall,
>> windows washer.

> Nothing for Apple OS X though!

Webroot designs software for windows users' problems, windows-aimed
viruses, spyware, and registry.

As a general rule, OS X users are in the same situation as linux/unix
users, those myriad malware 'things' designed for windows and its
operating system and registry 'don't work' - aren't a threat - to OS X
and other non-win systems.

So then the OS X user only has to worry about what s/he might 'pass on'
to Win users and the much much less common OS X threats.

In addition, the design and use of OS X is more secure than Win's,
altho' not as secure as that of linux in which the majority of users get
their apps from certified repositories and install in root/admin or
superuser mode.

Consequent to the lesser numbers of users compared to Win and the much
greater security compared to Win, the sensible/logical malware writer
would write for Win rather than the others. Because of the linux/mac
difference, there is even less linux malware than mac malware - leading
to the paradox 'the more secure you are, the less threats there are'.


--
Mike Easter

[Whoever]

Mike Easter <MikeE@ster.invalid> wrote in news:8jvpbiF7g4U1
@mid.individual.net:

>> Mike Easter wrote:
>
> In addition, the design and use of OS X is more secure than Win's,
> altho' not as secure as that of linux in which the majority of users get
> their apps from certified repositories and install in root/admin or
> superuser mode.
>
> Consequent to the lesser numbers of users compared to Win and the much
> greater security compared to Win, the sensible/logical malware writer
> would write for Win rather than the others. Because of the linux/mac
> difference, there is even less linux malware than mac malware - leading
> to the paradox 'the more secure you are, the less threats there are'.


But to what extent is it the "secureness" of the OS that is driving the
numbers of exploits written against it? While I have no doubt that it is a
part of the equation, I often wonder to what degree it actually holds true.
When one considers that Mac users comprise ~7% of all users and Linux users
comprise <2%, would it not be at least as valid to say "the fewer you are,
the less threats there are?" Especially in today's environment where the
"bad guys" are more interested in making money than in bragging rights. The
more potential "customers" they have, the larger the potential profit.



--
Don't bother trying to
contact me via email.

[Peter Foldes]

"Mike Easter" <MikeE@ster.invalid> wrote in message
news:8ju3jiF1brU1@mid.individual.net...
> Aardvark wrote:
>> ~BD~ wrote:
>>
>>> SNIP
>>
>> Got a point?
>
> Webroot (source site) sells antispyware, AV, suite w/ or w/o firewall, windows
> washer.
>
> http://www.webroot.com/En_US/consumer-compare.html Compare Our Products
> Side-by-Side


Mike

Excellent Product. Many of my customers use the Email Security Enterprise( Saas)
package and they are very high on the service and the job that it does. Only
complaint was and is the cost :-)

--
Peter
Please Reply to Newsgroup for the benefit of others
Requests for assistance by email can not and will not be acknowledged.
This posting is provided "AS IS" with no warranties, and confers no rights.
http://www.microsoft.com/protect

[Mike Easter]

Whoever wrote:
> Mike Easter

>> In addition, the design and use of OS X is more secure than Win's,
>> altho' not as secure as that of linux in which the majority of users get
>> their apps from certified repositories and install in root/admin or
>> superuser mode.
>>
>> Consequent to the lesser numbers of users compared to Win and the much
>> greater security compared to Win, the sensible/logical malware writer
>> would write for Win rather than the others. Because of the linux/mac
>> difference, there is even less linux malware than mac malware - leading
>> to the paradox 'the more secure you are, the less threats there are'.
>
>
> But to what extent is it the "secureness" of the OS that is driving the
> numbers of exploits written against it? While I have no doubt that it is a
> part of the equation, I often wonder to what degree it actually holds true.
> When one considers that Mac users comprise ~7% of all users and Linux users
> comprise <2%, would it not be at least as valid to say "the fewer you are,
> the less threats there are?" Especially in today's environment where the
> "bad guys" are more interested in making money than in bragging rights. The
> more potential "customers" they have, the larger the potential profit.

I think it is like spam. You do what works, for whatever reason.

It doesn't matter whether the spamreader opens your spam because it is
the stupidest spam subject they've ever seen or because they find the
girl's name in the From appealing.

If you make windows exploits they work and so you make some more. They
work because there have been a lot of insecurities in XP and IE6 and
there are a lot of people using them.

If Win7 is more secure and there are less people using it than XP, you
spend more time making XP and IE6 exploits than Win7 and IE8 and even
less time making Mac ones and even less making linux ones.

I don't think the question is so useful. I do this because of reason A
and reason B. Yes, but it is *more* because of reason A or reason B?
What difference does it make, they are both good reasons.


--
Mike Easter