Spyware, Malware, Adware and Security Related Definitions and Terms

This section provides the definitions and descriptions for various adware, spyware, anti-virus, and computer security terms. These terms could be broken into some categories such as:

  • Networking Terms
  • Computer security terms
  • Spyware, Adware, and privacy terms.
  • Email terms

Need to Understand Adware and Spyware Terms

There is a need for readers to understand many of these terms to understand information on this and other websites. Many of these terms are common terms and knowing what they mean will help readers learn how to avoid problems with malware.

Spyware, Malware, Adware and Security Related Terms and Definitions

  • Adware – Software designed to serve advertising to the computer user. It may be thought of as spyware since it usually contains the ability to gather information about the user but if it only serves ads, it is not technically spyware. Adware is legal so long as it is installed without hacking but the act of hacking is illegal in most places.
    How ads are displayed:
    Ads are usually displayed using pop up windows. These pop up windows may appear even when the user is not actively surfing the internet. Ads may also appear in a bar at the bottom of the screen such as a search bar.
    Justification:
    Adware vendors try to justify the use of adware as a means to recover programming costs to hold pricing down.
    Installation Methods:

    1. It may have came with another program installed by a user.
    2. Installed through a hacker tool or by using a computer hack.

    Damaging Characteristics:
    Removal Prevention – Many times adware programs are written to prevent their removal. This should not be allowed under any circumstances since it can damage the user’s computer software and hinder ir disable the computer operation.

    System Resources – Requires processing power to run the program and will do the most damage by consuming the user’s internet bandwidth. It will request advertising pages from the internet and serve them to the user.
    When it is Legitimate:
    Adware is only legitimate when the user is informed up front that they will be served ads. If the adware also gathers information about the user (spyware) it must inform the user of this to be legitimate. If the adware is designed to prevent its removal or was installed using a computer hack, it is not legitimate.

  • Attack – An attempt to gain unauthorized control of someone’s computer
  • Backdoor – A program which allows an unauthorized user to have access to a victim’s computer. This is considered a hacker tool used to maintain control of a victim’s computer.
  • Browser – The computer program that is used to access information on the internet. Commonly, most prople use Internet Explorer, Netscape Navigator, or Mozilla for this purpose.
  • BHO – Browser Helper Objects – Programs written to run with a web browser to extend the functionality of the browser. an example is the Google toolbar which is a good browser helper object, but there are also many browser helper objects that may be malicious programs and can be used to take over a computer system.
  • Browser Hijacking – The term used to indicate that someone has changed some of your browser settings without your permission. They may change your home page, favorites, or other browser settings. Many times this action is done by spyware or adware programs running on a computer.
  • Cookies – A simple text file which is stored on a user computer. It is used by the web page server to store information about you so it knows what to display when you visit the web site. It should only be readable by it’s creator (and therefore should not normally be a security concern), but some software flaws may allow other’s to read or modify cookies from another creator. A cookie is used to keep track of a condition such as when a user puts an item in their shopping cart. Most cookie use is legitimate and very helpful for computer users but it may be abused when software program flaws allow it. The existence and use of cookies is not hidden from users.
  • Dialers – Software that may lure unsuspecting victims with free games or other items. It uses your dial up device to dial a service and may change your default internet connection dialing number. The number set by the dialer may be a very expensive toll number.
  • Firewall – Somply put, firewalls limit remote access to specific parts of the operating system or programs running on the system. They may block incoming data which attempts to connect to an application or exploit a vulnerability. Firewalls block many of the possible methods used to break into a computer without permission. It can help stop hackers, viruses, worms, and trojans. It may also block spyware from contacting the spying entity.
  • Hack – The act of breaking into a computer by utilizing a software vulnerability that allows a third party to get control of a user’s computer without their consent. Although the act of hacking is usually thought of as an act performed manually by one individual, it many times is automated by programs today. Viruses may try to exploit known vulnerabilities and this is a computer hack. Also other progams such as adware or spyware may get installed on a victim’s computer using a computer hack.
  • Hacker Tool – A hacker tool can be any tool used by a person to gain illegitimate control over a user’s computer. It could be used to break in or installed on the victim’s computer and used to maintain control.
  • Legitimate – Software is legitimate when it does not violate the rights of the user. If this is the case, the software creators have integrity and may be trustworthy. If the software violates user rights, the creators have no integrity and violated one of the user rights.
  • Malware – Any software that behaves in a fashon that is hostile to the computer user. This includes viruses, spyware, adware, worms, trojans, and hacker tools.
  • Packet – Data that is part of a message or traffic being sent between two or more computers over the internet or a network.
  • Parasite – A slang term for adware and spyware which is software installed on a computer that the user did not want and was unaware of. the software is used for commercial purposes.
  • Port – Used with the TCP/IP networking protocol, this is a networking reference number which associates network packets (information sent over the network) with services or application programs. The port number indicators which program running on a receiving computer will process the information received.
  • Process – A computer program running on a computer. A process is an actively running program.
  • Spyware – A program that is used to gather information about a person or organization. This information may be targeted toward their internet habits such as what sites they visit but the collection of information is not necessarily limited to one area of information. The spyware program may or may not be installed with the user\’s knowledge. Spyware is generally considered to collect information without the user\’s knowledge. Cookies may be used to help spyware track user activity. Spyware is legal so long as it is installed without hacking but the act of hacking is illegal in most places. Programs that perform spying activity but are installed and run legitimately are not technically considered spyware.
    Installation Methods:

    1. It may have came with another program installed by a user.
    2. Installed through a hacker tool or by using a computer hack.

    Damaging Characteristics:
    Removal Prevention – Many times spyware programs are written to prevent their removal. This should not be allowed under any circumstances since it can damage the user\’s computer software and hinder ir disable the computer operation.

    System Resources – Requires processing power to run the program and will do damage by consuming the user\’s internet bandwidth. to provide accumulated information to the agency collecting the information. When it is Legitimate and not necessarily classified as spyware:
    Spyware is only legitimate when the user is informed up front that information about the user will be collected. If the spyware is designed to prevent its removal or was installed using a computer hack, it is not legitimate.

  • TCP/IP – The networking protocol of the internet. It is a set of standards which defines how information is sent across the internet. It provides the standard that supports the ability for data to reach its proper destination (address) and be processed by the proper computer program (port).
  • Trojan – A program which is usually given away for free which has a hidden purpose. It may be some type of file such as a video that user\’s may be interested in. The user would normally install and run this program although the installation would be so simple the user would be unaware of it. This program may or may not use a vulnerability to spread. It will usually lie dormant until the creator gives it instructions. It may be used to gain unauthorized access to a computer system.
  • User rights – User rights are similar to human rights but are what users of computers should be able to expect from the computer industry, especially creators of software. Some of these rights include:
    1. The right to know up front when software is being installed on their system.
    2. The right to use their computer resources (processing power, storage, and internet bandwidth) as they see fit.
    3. The right to be able to remove software from their system without paying or being forced to call an IT professional.
    4. The right to expect reasonable quality of computer software. Security problems with software should be repaired at no cost to the user and these software flaws should not be used to extort the user into purchasing an upgrade.

    See the Code of Backchannel Conduct at http://grc.com/oo/cbc.htm

  • User responsibilities – Users have both rights and responsibilities. Just as a person accepts responsibility when they drive a car, they must do the same when they operate a computer on the internet. They must take reasonable precautions to prevent their computer from being conpromised. This is to prevent attackers from using their computer as a platform to attack others. By users not being careful and using the internet without knowing the steps to safely do it, the performance and useability of the internet is compromised for all users. There are many examples of how internet performance has been degraded due to excessive virus or malware infections.
  • Virus – Malicious software that spreads by attaching itself to files or creating files that may be executed in some way. Usually it is sent to users as an email attachment. It may require a computer software vulnerability to spread depending on the type of program it uses to spread. It runs on a system against the owner\’s or user\’s wishes and knowledge.
  • Vulnerability – Software errors that allow some kind of unauthorized access when they are used or exploited. Typically, a software bug or misconfiguration which affects the operation of an operating system or other program run on a computer allowing it to be more easily accessed. Hackers, worms, viruses, and trojans use vulnerabilities to gain access to computer systems without the user’s knowledge.
  • Worm – A term used to describe an unwanted program that uses system or application vulnerabilities to infect a computer without the user doing anything but connecting to an infected network. Spreads without the user taking any action and usually exploits a bug (or vulnerability) in an operating system or some other program that may be running on a computer. This requires a computer software vulnerability to spread.