Monitoring Software Can be Used for Spying as Well


By Alexandra Gamanenko

We all already got used to computer monitoring both at work and at home. We got used to advertising monitoring software products as tools for parental control and workplace surveillance.

These programs are indeed helpful tools -- to a certain extent. Large and middle-sized companies use legitimate monitoring programs for workplace surveillance -- to ensure information security and local network accountability. At home more and more parents install such software as a "life jacket" for their web-surfing kids. You probably use such a program already, or going to.

But are you aware that these so handy and absolutely legal monitoring programs installed on lots of PCs -- and perhaps on yours, too -- have a very dangerous sibling called keylogging spyware?

Keylogging spyware (such programs are usually called simply "keyloggers") has very much in common with legitimate monitoring software. These programs spy -- they log keystrokes and mouse clicks, make screenshots, compile a neat log-file and send it to the person who installed (as a rule, remotely) this program on your -- or somebody else's -- PC.

The very principle is often the same. Actually, the technology applied in monitoring software is a dual-purpose one. It is neither good nor bad -- numerous things can be used for several purposes, not all of them permissible. A knife is a typical example -- while we are cutting bread with a bread knife, somebody stabs his neighbor to death with a dagger or stiletto.

Identity thieves do know how to use both kinds of this software for their nefarious purpose. I am not going to talk about moral issues, but if there is an opportunity, there always will be one to use it.

If these programs are so closely related, how to tell which is which then? Well, there are two specific program functions that are typical only to programs that spy.

First, it is possible to carry out preliminary configuration of the monitoring module (it is usually called client, agent etc.), getting a compiled executable file as a result. This file, when installed, doesn't display any messages or create windows on the screen. It "hides itself" and "shows no signs of life". It is impossible to notice whether the particular PC is being secretly monitored or not. Of course, the user is not aware of being spied -- until the consequences show up.

Second, spy software always has built-in means of remote installation; as a rule, the pre-configured module (agent) is installed into the target PC remotely. Then the files with obtained information are sent via local network or emailed to the person who installed the spy program.

Remove these functions -- and you will get a monitoring program instead of spyware. If it is impossible to pre-configure the monitoring module and install it remotely, it is not spyware. If you should have administrator privilege to install the program, it is monitoring software. (Person with administrator privilege installs major software products, and in case of a home computer, it is usually the person who owns the PC).

Nevertheless, there are some vendors who advertise monitoring products with "remote deployment", i.e. function of remote installation. In fact, nothing distinguishes these programs from malicious keyloggers. Some of them are actually Trojan Horse programs, which can be sent by email disguised as, say, a greeting card.

Many users feel that it is impossible to install a surveillance program without physical access to their PCs. Unfortunately, they are mistaken. And security experts confirm-- remote deployment of surveillance software is sharply on the rise.

Researchers from Websense Security Labs in their "Security Trends Report" call such programs "commercial keyloggers" and caution users against them: "These commercial keyloggers may be marketed as products that allow you to spy on your spouse or watch your children's online activities. They are often used as packaged attacks designed to capture keystrokes to gather online banking passwords, login credentials, Social Security Numbers and other identity-related information".

No wonder that both security experts and vendors now see keyloggers -- no matter whether they are commercial ones or those cybercriminals write themselves -- as a grave threat.

Keyloggers can be also included into freeware and shareware. Trojan programs, viruses and Internet worms often contain keyloggers, too. Security experts warn that information-stealing programs are already relatively common and predict the further rise of unlawful use of such software. That is why it is so important to apply special anti-keylogging protection.

Alexandra Gamanenko currently works at Raytown Corporation, LLC -- an independent software developing company. The company's R&D department created an innovative technology, which disables the very processes of capturing information, such as keylogging, screenshoting, etc. The company's anti-keylogging software doesn't detect spy programs or information-stealing Trojans one by one -- it brings all the "spies" to a standstill.

Learn more -- visit the company's website http://www.anti-keyloggers.com

Article Source: http://EzineArticles.com/

Recent article: Computer Networking and Security
Anti-virus software is used to find, remove or fix files that are infected with computer viruses. Most anti-virus companies release weekly updates of their databases to help keep you safe. Your anti-virus software uses these weekly updates (also known as virus signatures or definitions file) to identify newly discovered viruses.

The most basic anti-virus programs normally have several features to it, the memory resident scan, the system or file scan, and an automated updater. Many more sophisticated programs have many other integration tools that loan in to your instant messengers, your e-mail software and many other programs.

It's very important when you configure your anti-virus software to always make sure you can download new updates every week, if you scan your system for viruses, and your definitions file is out of date it may not even find a problem with your system. Additionally, you should make sure you do in fact scan your system on a regular basis. I personally set my computer to scan around 4 AM so it doesn't bother me.

When you download software, e-mail attachments, or introduce new media (diskettes, cd's, jump drives) in to your system you should scan them before running or viewing them inside another application.

Deciding on which program to use often causes people a lot of head aches. Some anti-virus programs require you to pay each year for a subscription to their virus databases so you can keep your system up to date, others are just expensive out of the box. Additionally, which tends to be the biggest factor in my decision making, is how much resources does the program use.

My favorite anti-virus program for the past couple of years is AVG Anti-Virus, by GriSoft. It's totally free for the personal edition and the updates as well. It has all the major features expected out of an anti-virus suite and is really simple to use and setup.