Tuesday, March 19, 2002 Volume 67, Issue 111


 
 









 

Internet users, beware of 'spyware'

Mike Ahlf

Everybody surfs the Internet. That's a given. Therefore, we can all
probably point out the most pervasive item found there these
days: pop-up ads.

However, the major question for users is usually, "Where exactly
are the ads are coming from?" You see, in addition to the normal
JavaScript popups that places like CNN bring in from time to time,
there are insidious programs that pop up ads on our computers
that aren't related to the Web site. They also have ways of tracking
our browsing habits, and report these back to marketing firms.

If this isn't bad enough, the "spyware" usually comes in with very
little warning to users. Until recently, MusicCity's Morpheus and
KaZaa's self-named file-sharing programs both tried to install the
infamous Gator software, as well as steering users to download the
"Bonzi Buddy" software, in their installers and inside the programs
themselves.

While Morpheus has stopped, KaZaa continues to try to glean as
much information as it can about users and pop-up ads during the
program's running time.

Of course, it's entirely possible to remove the KaZaa and Morpheus
software and spyware in a complete and relatively painless way
(unless you've been hoodwinked into downloading Bonzi Buddy,
that is). But there is software that doesn't make it so easy, and is
far more invasive to privacy. Portal of Evil
(<I>www.portalofevil.com<P>) caught the makers of AudioGalaxy
software in action, when the AudioGalaxy installer dropped two
programs into Windows machines without offering users the
chance to opt out.

The first program was somewhat benign: the Onflow player, a
little-known movie player similar to Shockwave's Flash player,
plays movie files to viewers. The problem program was called
"vx2.dll."

It's a small program that attaches itself to Microsoft's Internet
Explorer web browser and then pops up ads at random times, then
records the Web page you were on and sends it back to the vx2
marketing firm along with your own user data.

Worse yet, the vx2 program also collects data from Web forms
filled out by users, which could be anything from an Amazon.com
order form to an e-mail on a web-based service like Hotmail or UH's
own mail service.

Of course, AudioGalaxy isn't the only service guilty of collecting
user data. Microsoft has recently admitted that it was collecting
user data from Windows 98 registration and associating it with
hardware data, and also that its Windows Media Player 7.1 tracked
user data on what songs or movies people play on their computers.

Previously mentioned programs like Gator and Bonzi Buddy have
become infamous for collecting user data. Personal privacy on the
Internet is a big deal these days, and the appearance of known
spyware is usually an indication that users should be looking for
other spyware that may have tagged along into their system as
well.

How companies handle themselves <I>after<P> a breach is as
important as getting in trouble in the first place. When Microsoft
was caught, it came clean and fixed the problems (or, in some
cases, is in the process of fixing them), which did turn out to be a
minor mistake in transmitting data to the wrong places.

AudioGalaxy, on the other hand, removed the vx2 software and is
trying to pretend it was never there in the first place, even though
its user agreement still mentioned it after the removal.

Meanwhile, contact information for vx2 from the VeriSign
corporation leads only to a Hotmail address, not a good sign at all
when dealing with a business. Nobody knows where the data
collected by vx2 may have gone, which should be a big concern for
anyone infected. Well, AudioGalaxy may know, but they're not
telling.

Which leads to today's lesson: pay attention at <I>all<P> times
when downloading software, because you never know what might
be tagging along with it, or what it might be doing behind your
back. Be doubly careful when it's a free program or service. If you
don't, something worse than spyware could get into your
computer.

Ahlf, a senior electrical engineering
major, can be reached at mahlf@mail.uh.edu.


To contact the Opinon Section Editor, send e-mail to dcampus@mail.uh.edu
 

To contact other members of 
The Daily Cougar Online staff, 


 
 
 
 
 

Advertise in The Daily Cougar

Student Publications
University of Houston
151C Communication Bldg
Houston, Texas 77204-4015

©2005, Student Publications. All rights reserved.
Permissions/Web Use Policy
/opinion/oped3.html



 

Last upTuesday, March 19, 2002:

Visit The Daily Cougar