The term Adware or advertising-supported software is used to refer to any software package that automatically downloads or displays advertising material on a computer after being installed on it or while the application is being used by an unsuspecting user. Adware is nothing but a software with advertising functions integrated into it and which is usually bundled with a utility or program. Adware is commonly seen by the programmers as a tool to recover the program development costs. When accompanied with an Adware, a program or utility may be provided to the user free of charge or at a reduced price. The advertising income may act as an incentive for the programmer to continue writing, maintaining and upgrading the software product.
Some of the adware is licensed as shareware. In this way, the word is used to make distinction between different types of shareware available on the Internet. In comparison to other software products, an adware is primarily advertising-supported. An adware may offer its users an option to upgrade to a ‘registered’ or ‘licensed’ copy to do away with any annoying advertisements.
An adware is usually harmless to the user but the real concern is that it often morphs into a spyware, in which information about the user's activity is tracked, reported, and often re-sold, often without the knowledge or consent of the user. This can go a step further and turn into a malware that may interfere with the normal functioning of other software applications, in order to force the users to visit a particular web site.
People often confuse the term ‘adware’ with ‘spyware’ and ‘malware’, especially since all these concepts are closely related to each other. For example, if one user installs an ‘adware’ on a computer, and consents to a tracking feature, the ‘adware’ turns into a ‘spyware’. When another user visits that computer, and interacts with it, he is also tracked by the ‘adware’ without their prior consent that makes it a ‘malware’.
Increasing reports of Spyware have prompted a loud outcry from computer security experts and privacy advocates around the world. Often, spyware applications send the user's browsing habits to an ad-serving company, which then indulges in targeted advertising based on the users’ interests.
Adware programs other than spyware do not invisibly collect and upload the activity record or personal information when the user of the computer has not approved of such a transfer. However, some adware vendors maintain that applications offerred by them are not spyware due to the disclosure of the program activities: for example, a product vendor may indicate a clause in the product's Terms of Use that third-party software will be included in the package that may collect and report on the computer usage. Such a disclosure in the Terms of Use makes it an adware.
A number of software applications are available to help the common computer users search for and modify adware programs to block the presentation of advertisements and to remove any accompanied spyware modules. To avoid a backlash, as with the advertising industry in general, creators of adware must balance their attempts to generate revenues with users' desire to be left alone.
Emmanuel Aigbehi
Monday, June 01, 2009
What is Phishing?
The term ‘phishing’ refers to a criminal activity in which attempt are made to fraudulently acquire sensitive personal information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. Phishing is an example of social engineering techniques used to fool the unsuspecting users. eBay and PayPal are two of the most targeted companies, and online banks are also used as common targets for such attacks. A Phishing attack is typically carried out by email or instant messaging, and often directs users to give details at a website, although phone contact has been used in the past as well.
With a substantial growth in the number of reported phishing incidents around the world, various measures are being employed to combat this menace which include user training, technical measures, and legislative provisions to make this a criminal offence with severe punitive measures. The term phishing is a variant of fishing, probably influenced by phreaking, and alludes to the use of increasingly sophisticated lures to ‘fish’ for a user's financial information and passwords.
Emmanuel Aigbehi
With a substantial growth in the number of reported phishing incidents around the world, various measures are being employed to combat this menace which include user training, technical measures, and legislative provisions to make this a criminal offence with severe punitive measures. The term phishing is a variant of fishing, probably influenced by phreaking, and alludes to the use of increasingly sophisticated lures to ‘fish’ for a user's financial information and passwords.
Emmanuel Aigbehi
What is a BotNet?
Botnets are software robots. The term is used to refer to a collection of autonomous software robots that are frequently referred by the term bots. These software robots run on groups of ‘zombie’ computers that are remotely controlled by crackers. The term can also refer to the network of computers using distributed computing software.
Although the term ‘botnet’ can refer to a group of software robots such as the IRC bots, it is generally used to refer to a collection of computers (called zombie computers) whose security has been compromised and which are used for running malicious programs such as Trojan horses, viruses, worms etc. under a common command and control infrastructure. A botnet's originator, also referred to as the ‘bot herder’ can exercise remote control over the group of computer systems, usually through means such as the Internet Relay Chat (IRC).
Individual programs manifest themselves as IRC ‘bots’. Quite often, the command and control is exercised via an IRC server or a specific channel on a public IRC network. Newer bots have the capability to automatically scan their environment and propagate themselves using vulnerabilities such as weak passwords. Generally, the more vulnerabilities a bot can scan and propagate through, the more valuable it becomes to a botnet controller community. The process of stealing computing resources as a result of a system being joined to a ‘botnet’ is given a unique name called ‘scrumping’.
Although hidden, Botnets have become a significant part of the Internet. Since a majority of the conventional IRC networks are taking preventive measures and blocking access to the previously-hosted botnets, the bonet controllers continuously strive to find their own servers. Often, a botnet spans a variety of connections ranging from cable, dial-up, ADSL and a variety of different types of networks including corporate, educational government and even the military networks.
Of late, several botnets have been found and removed from the Internet.
Internationally coordinated large scale efforts to shut down botnets have also been initiated around the globe. Despite all these efforts, it has been estimated that up to a quarter of all personal computers connected to the internet are part of some botnet.
Emmanuel Aigbehi
Although the term ‘botnet’ can refer to a group of software robots such as the IRC bots, it is generally used to refer to a collection of computers (called zombie computers) whose security has been compromised and which are used for running malicious programs such as Trojan horses, viruses, worms etc. under a common command and control infrastructure. A botnet's originator, also referred to as the ‘bot herder’ can exercise remote control over the group of computer systems, usually through means such as the Internet Relay Chat (IRC).
Individual programs manifest themselves as IRC ‘bots’. Quite often, the command and control is exercised via an IRC server or a specific channel on a public IRC network. Newer bots have the capability to automatically scan their environment and propagate themselves using vulnerabilities such as weak passwords. Generally, the more vulnerabilities a bot can scan and propagate through, the more valuable it becomes to a botnet controller community. The process of stealing computing resources as a result of a system being joined to a ‘botnet’ is given a unique name called ‘scrumping’.
Although hidden, Botnets have become a significant part of the Internet. Since a majority of the conventional IRC networks are taking preventive measures and blocking access to the previously-hosted botnets, the bonet controllers continuously strive to find their own servers. Often, a botnet spans a variety of connections ranging from cable, dial-up, ADSL and a variety of different types of networks including corporate, educational government and even the military networks.
Of late, several botnets have been found and removed from the Internet.
Internationally coordinated large scale efforts to shut down botnets have also been initiated around the globe. Despite all these efforts, it has been estimated that up to a quarter of all personal computers connected to the internet are part of some botnet.
Emmanuel Aigbehi
What is a Zombies?
Zombie is a generic term used to refer to a computer system that is attached to the Internet and has been compromised by a Malware such as a Trojan horse, a computer virus or an individual hacker. In majority of the cases, the compromised machine is found to be one of the many in a ‘botnet’, and is used to perform malicious tasks of one sort or another under the remote direction. A majority of zombie computer owners are not even aware that their systems are being put to such a malicious use.
Since the computer system in such a scenario tends to be unconscious, it is metaphorically compared to a zombie. Zombies have been used extensively to send e-mail Spam. In the year 2005, zombie computers sent an estimated 50–80% of the global Spam. The use of Zombies allows the spammers twin advantages of avoiding detection as well as reducing their bandwidth costs, since the owners of zombies pay for the bandwidth consumed by such systems.
Due to the advantages offered by the use of zombies, they are frequently employed to commit click fraud against the web sites that display pay per click advertisements. Other frequent uses include hosting phishing websites or money mule recruiting websites.
Zombies have also been used to conduct distributed denial of service attacks. In the year 2000, several prominent Web sites such as Yahoo and eBay etc were clogged to a standstill by a distributed denial of service attack undertaken by zombies.
Want to find out more about USB Encryption, then visit Anthony Andrews's site on how to choose the best Protected USB for your needs.
Since the computer system in such a scenario tends to be unconscious, it is metaphorically compared to a zombie. Zombies have been used extensively to send e-mail Spam. In the year 2005, zombie computers sent an estimated 50–80% of the global Spam. The use of Zombies allows the spammers twin advantages of avoiding detection as well as reducing their bandwidth costs, since the owners of zombies pay for the bandwidth consumed by such systems.
Due to the advantages offered by the use of zombies, they are frequently employed to commit click fraud against the web sites that display pay per click advertisements. Other frequent uses include hosting phishing websites or money mule recruiting websites.
Zombies have also been used to conduct distributed denial of service attacks. In the year 2000, several prominent Web sites such as Yahoo and eBay etc were clogged to a standstill by a distributed denial of service attack undertaken by zombies.
Want to find out more about USB Encryption, then visit Anthony Andrews's site on how to choose the best Protected USB for your needs.
What is Worm?
Unlike a virus, a worm aims at eating up the resources on a computer network and brings the entire network to a grinding halt due to the ensuing resource crunch. A worm is a small piece of software that exploits a security loophole in a computer system attached to a network to replicate itself. A copy of the worm scans the network for another machine that has the same security hole.
When any such machine is discovered, it copies itself to the new machine exploiting the same security flaw and starts replicating from there as well. This process continues unabated. In this way, a worm continues to copy itself from machine to machine while eating up the computer time and network bandwidth in the process and they may also have some sinister intent. An infectious worm could clog the Internet very effectively and bring the global network to a standstill due to a severe resource crunch.
Emmanuel Aigbehi
When any such machine is discovered, it copies itself to the new machine exploiting the same security flaw and starts replicating from there as well. This process continues unabated. In this way, a worm continues to copy itself from machine to machine while eating up the computer time and network bandwidth in the process and they may also have some sinister intent. An infectious worm could clog the Internet very effectively and bring the global network to a standstill due to a severe resource crunch.
Emmanuel Aigbehi
What is a Virus?
A computer virus is the most common and frequently misunderstood security threat faced by the computer systems connected to the global network called the Internet. A computer virus inserts a particular set of instructions into other computer program called the host program. This allows the virus code to execute along with the host program. In this way, a virus replicates itself and spreads to other computer systems attached to the network. In the process, the virus code may also execute any unwanted operations on the system based on some trigger such as a particular date, time, or the occurrence of some specific event. A virus performs all these activities without the consent or knowledge of the owner/user of the machine.
Emmanuel Aigbehi
Emmanuel Aigbehi
What is Malware?
Any software with a malicious intent may be called a Malware. The term ‘Malware’ is used to refer to the software that is designed to infiltrate or damage a computer system without the owner's informed consent. Malaware is a generic term used by the security experts to include a variety of harmful software or program code that are intrusive, hostile or annoying to the end-user and it covers all the common security threats such as a virus, worm, trojan horse, spyware etc. The term Malware is derived from a combination of the words "MALicious" and "softWARE".
The perceived intent of the creator is a prime consideration in designating a particular software as malware. Malware includes computer viruses, spyware, trojan horses, worms, dishonest adware, and other unwanted and malicious software. However, malware should not be confused with defective software that has a legitimate purpose but contains harmful bugs due to a poor design.
A majority of the common computer users are unfamiliar with this generic term and therefore never use it. Instead, the term ‘computer virus’ is used in common parlance and usually in the general media to describe all kinds of malware, despite the fact that all malware cannot be categorized as a virus. Another common term used for malware is Badware. It refers to the bad characteristics of malware and is most likely a corruption of the term ‘Malware’.
Emmanuel Aigbehi
The perceived intent of the creator is a prime consideration in designating a particular software as malware. Malware includes computer viruses, spyware, trojan horses, worms, dishonest adware, and other unwanted and malicious software. However, malware should not be confused with defective software that has a legitimate purpose but contains harmful bugs due to a poor design.
A majority of the common computer users are unfamiliar with this generic term and therefore never use it. Instead, the term ‘computer virus’ is used in common parlance and usually in the general media to describe all kinds of malware, despite the fact that all malware cannot be categorized as a virus. Another common term used for malware is Badware. It refers to the bad characteristics of malware and is most likely a corruption of the term ‘Malware’.
Emmanuel Aigbehi
What is Computer Security?
Computer security is a term that we hear increasingly nowadays. With the arrival of home PCs, computers have become household electronic gadgets that are used for a variety of purposes such as word processing, music, e-mail, and gaming etc. Since the PCs also hold significant amounts of personal data (credit card numbers and bank account details etc.) they have become enticing targets for the hackers. This is a primary reason behind an explosive growth in the computer security discipline within the larger context of the Information Technology (IT) domain. An accelerated growth in the Information and Communication Technologies (ICT) has brought the computer security issues into the limelight. The term ‘computer security’ may be defined as:
An effort to create a secure computing platform, designed in such a way that the agents (users or programs) can only perform some limited/allowed actions. This involves specifying and implementing a stringent security policy that includes protection of information assets through the use of technology, processes, and training. It also includes the various measures and controls to ensure the security and availability of the information that is processed, stored, and transmitted by a computer system over a network.
Emmanuel Aigbehi
Subscribe to:
Posts (Atom)