Everyone seems to be talking about Spyware these days. I’d like to know how big a problem Spyware is for readers of this blog. Is Spyware a top 3 concern of yours?
Absolutely. I'm not worried about it infecting me personally, but we've got an entire network of PCs (over 2500) to watch over, and it is definitely one of the biggest concerns we have.
I don't worry so much for myself as I do for people in my family who don't know how to protect themselves.
The spyware/rootkit/trojan protection space is incredibly important and the products are simply not in the league of, say, Norton AntiVirus.
I just spent three days with a 5 machine network completely shut down due to (I hope) a false positive from one of the spyware scanners. The problem is, if it's a sophisticated rootkit then it's designed to actively hide from scanners, so I don't really have any way to know if the initial infection report was a false positive or if the infection was/is real and is simply now more effectively hidden from the scanner. All I know is that I was getting reports of an infection and now I'm not, which is an extremely troubling state to be in.
I'm a network administrator for a department of the University of XXXXXXXX - XXXXXX XXXX, and was previously a network admin for the University of XXXXXXXXX - XXXXXXXXX. (Note, I'm talking about Windows+AD+Ghost, etc; not Routers+Switches+Topology, etc).
I can say that Spyware (and other types of malware) is a HUGE problem. We have started combating with a three-pronged approach:
1) Having a strongly-worded Network Usage policy with "teeth."
2) User education (ha ha).
3) A complex GPO with Software Restriction Policies (names, hashes, certificates) applied to the domain.
Of course, 1 and 2 aren't that effective, as you may well imagine, but do give us something to fall back on when we confront the odd indignant network user.
The third choice is effective, but only if you keep on top of it (new stuff is coming out all the time). At both places, we ended up hiring student labor to go out and actively download as much crapware as they could, and then add all that to the GPO. Students in the IS department are the best for this, as they're usually on top of the hottest p2p programs, etc.
Users are usually mollified when they hear what "spyware" is, especially faculty who are doing super-secret (HIPAA & FERPA) research.
So to answer your question, yes, *anything* that creates an opening that might be a vector for attack on my machines is looked-out-for. I would say it is in my top 3.
Spyware is my top concern. The destruction of data is one thing but the migration of data from the system is it on to one which should have the data is inexcusable.
I would like to be better protection from microsoft in this respect. If it requires less automation from the Operating system for certain tasks, so be it.
Spyware is flat-out the top most security problem. I recently moved to a different job because I was so tired of dealing with uneducated users who installed spyware. Spyware was one of the sole reasons for quitting. If I have my way, I'll never do desktop support again because of it.
Absolutely. This kind of thing is a headache. It is first and foremost wrong that their makers intentionally place resource-consuming applications on a user's PC without their expressed permission. It is secondly wrong, in my opinion, to 'collect research information' without my consent.
These types of applications are a burden on Administrators and users. Spyware is a source of an invasion of privacy and often will cause an unknowing user's PC to become slow with the loss in resources (programmers making malicious programs aren't interested in resource conservation? you must be joking!) and can (in the case of my parents) wish to purchase a new PC to replace their current apparently slow machine - even though it's plenty fast.
Very. Easily a top three. I would estimate 1-2 laptops and/or desktops are re-imaged a week due to suspected spyware issues. There needs to be an Enterprise-level spyware program to deal with this. The AV vendors simply have not responded fast enough with a good enough product. Sunbelt-software has an enterprise version in Beta and Webroot has released one as well but I am told it is simply the consumer version with an admin console added on. CA's Pest Patrol is weak as far as the "management of clients" is concerned.
Nothing to honk the horn about so far . . .
So when can we expect to see Microsoft Anti-Virus or Microsoft Spyware Stopper? :)
Spyware is the biggest problem out there. I spent 6 hours on Thanksgiving working on a family PC trying to get rid of a spyware. I am no dummy either, Safe, Mode MSConfig, Registry Editing, Stopping services, 6 Hours trying to track down how I could keep deleting it and it keep reinstalling itself. Following Guide on Norton which aparently is outdated, Using Adaware, tracking it down. Finally Installing Mozilla and changing the Icon to look like IE will get me by until christmas when I return to give it another attempt. This spyware makes surfing the web with IE impossible even on a XP SP2 machine. Go to google type in something to search for, get 20 pop up adds related to what you search for. Go to MSN search same thing, something is in there somewhere. And Can not be removed how much time is wasted world wide by spyware.
For me no I never get spyware then again I do not click on the install things on every page I go to. SP2 has helped to eliminate them some but it still is a major nusance.
Definitely. Have you seen your relative's computers lately? It ain't pretty.
I can say with total honesty that I have no idea what our product groups may be cooking up related to this topic.
I think I am starting to get a feel that Spyware is bugging security people pretty bad (I figured it was, but you know what they say about assuming!).
I have, however, noticed that most of the comments have focused on personal systems and home users. What about your organizations: Is Spyware causing major headaches at work?
Huge problem. While the amount of spyware that I get personally is near nil, the fact that as a IT professional that I can get any is a concern. If seasoned computer users can get spyware, what hope does the rest of the computer using public have? I'm also exremeley worried about the rest of the users in my office, and the people that I know. I've had machines come back unusable since they run so slow and open 5,000 popups, all spyware related.
And the other major problem that I see with spyware is that unlike a typical virus, which with a competent anti-virus app frequently updated, we can stop viruses in their tracks. But, spyware (and to the same extent, spam), we have a much less chance of stopping it proactively. All of our spyware problems are reactive, meaning we are infected and don't know it most of the time.
Everyone who even deploys web applications should be concerned about it. We have users who call all the time because our web application has stopped working for them. Or demanding to know why when they click a link within our application, a new window opens trying to sell them cheap mortgages. Its usally stuff like IWon causing the problem. Our customer staff has been educated on helping users remove spyware, so should yours.