thePipeline

I spy with my little eye ...

Spy games may be fun for kids, but they cause a lot of headaches in the grown-up world.

One of the latest trends in computer security threats is spyware, software that users unwittingly install via downloads or other software installations. Without the user's knowledge, spyware can monitor keystrokes, scan hard-drive files, snoop other applications, read cookies and more.

Spyware also can monitor users' Internet activity and gather information about e-mail addresses, passwords and credit card

numbers.

Vendors have responded with solutions designed to detect and remove spyware applications. Here is a sampling of current anti-spyware products, each with its own claim to fame.

Blue Coat Systems officials are introducing the second version of their first enterprise anti-spyware solution, which debuted last October.

They say the solution is the only product that uses advanced proxy-based controls to stop "drive-by" spyware installations. This is important to prevent spyware that does not conform to known signatures and patterns.

The new version introduces predefined spyware reports and two new URL filtering categories.

The reports enable administrators to track spyware activities enterprisewide. The results graphically show spyware traversing the network, infecting client computers and being blocked at the gateway.

One of the new URL-filtering categories applies policy controls to known spyware sources, and the other applies policy controls to known destinations where spyware attempts to contact its home base.

Meanwhile, Sunbelt Software officials have unveiled the first component of their upcoming CounterSpy Enterprise product. It detects and removes spyware with a documented 90 percent catch rate, according to Sunbelt officials.

In the near future, they will introduce a version with real-time protection on desktop computers. Microsoft officials, through an agreement with Sunbelt, will provide definition file updates to Sunbelt's spyware database until July 2007, with the two companies sharing exclusive ownership of the files.

In addition, CounterSpy's users participate in augmenting the spyware database by reporting instances to Sunbelt's lab. The lab tests the applications and adds them to the database.

Sunbelt officials say that between the Microsoft agreement and user participation numbers, they have one of the largest spyware databases.

Not to be outdone, Webroot Software's Spy Sweeper Enterprise incorporates the anti-spyware industry's first automated spyware research system designed to discover and identify spyware anywhere on the Web.

The research system even has its own nifty name, Phileas. We suppose "Bob" didn't sound sophisticated enough. Phileas can scan thousands of sites per second — up to 60 million a day.

By automating the research, Spy Sweeper Enterprise can find spyware as soon as it's released and deploy protective measures before it infects computers.

This contrasts with the portion of Sunbelt's protection that relies on user reports. Webroot officials believe the user-reporting approach is flawed because it places an unnecessary burden on users and assumes that some of the community must become infected before a solution can be created.

2014 Rising Star Awards

Help us find the next generation of leaders in federal IT.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above