What Spies Beneath

Cha

nces are you haven't read the Bush Administration's "National Strategy to Secure Cyberspace." Since it weighs in at a hefty 65pages, who can blame you? Still, a surprising amount of the draft report is aimed at home-computer owners. Here's the gist: the more dependent we become on the Internet, the more damage can be done by taking down large portions of it. And it doesn't take a criminal genius to realize that PC users, with their increasingly high-speed connections and low-grade security setups, are the easiest on-ramp for any kind ofattack.

Though the report doesn't tap terror groups by name, theimplication is clear: if youdon't practice good PC hygiene now, al-Qaeda or some organization like it could one day hijack your hard drive. That's not just homeland-security hype. In 2001, viruses and other malicious code caused $12 billion worth of damage to the U.S. economy with the aid of unsuspecting users. How to stop that from happening? Most of the suggestions in the cybersecurity report are pretty familiar: don't open strange email attachments; do install a firewall; choose passwords that aren't easy to crack.

LATEST COVER STORY Mind & Body Happiness Jan. 17, 2004 Past Issues Tsunami Jan. 10, 2004 ----------------- Person of the Year Jan. 3, 2004 ----------------- Secrets of the Nativity Dec. 13, 2004 ----------------- The Stealth Killer Dec. 6, 2004 ----------------- Coolest Inventions Nov. 29, 2004 ----------------- Battle for Fallujah Nov. 22, 2004 ----------------- Four More Years Nov. 15, 2004 ----------------- The Joy Of Sox Nov. 8, 2004 ----------------- The Morning After Nov. 1, 2004 ----------------- The God Gene Oct. 25, 2004 ----------------- The Vote Battle Oct. 18, 2004 ----------------- Visions of Tomorrow Oct. 11, 2004 ----------------- The Tragedy of Sudan Oct. 4, 2004 ----------------- CBS Controversy Sept. 27, 2004 ----------------- America's Border Sept. 20, 2004 ----------------- Struggle Within Islam Sept. 13, 2004 ----------------- World of George Bush Sept. 6, 2004 -----------------   SPECIAL REPORTS  Coolest Video Games 2004  Coolest Inventions  Wireless Society  Cool Tech 2004 PHOTOS AND GRAPHICS  At The Epicenter  Paths to Pleasure  Quotes of the Week  This Week's Gadget  Cartoons of the Week More graphics >> More photos >> MORE STORIES Advisor: Rove Warrior The Bushes: Family Dynasty Klein: Benneton Ad Presidency More Stories >> CNN.com: Latest News

But here's one important security measure the report failed to mention: check your hard drive for spyware. Spyware is any kind of program installed in your computer without your consent to gather information about you or your organization. A typical piece of spyware will watch over your shoulder while you browse the Web, record your mouse clicks and broadcast all that information back to another computer (ostensibly for marketing purposes). It's part of a class ofincreasingly surreptitious software that includes adware (which serves up commercials you didn't ask for — as if pop-up ads weren't enough), stealware (which leeches sales commissions away from small websites in affiliate programs) and scumware (which alters the origin of links on a Web page so that, for example, an innocent news headline will direct you to a porn site).

How does this stuff get onto your machine? Most often, it hides behind other software as you download it. Ifyou're a heavy user of post-Napster file-sharing programs like Morpheus or Kazaa, both known distributors of spyware, you're probably already infected. Sometimes spyware masquerades as cookies, those little files websites leave on your computer so you don't have to type your name and password every time you visit. Once on your PC, spyware can sequester itself deep inside your operating system in what are called registry files. Anti-virus software won't spot it, because it looks like something you chose toinstall.

Luckily, it's easy to check your computer for spyware. If you own a Windows machine, just go to www.lavasoftusa.com and download a free utility called Ad-Aware. Install it, hit the scan button and be prepared for a shock. Mac owners can try Spring Cleaning, which is $50 from Aladdin Systems.

I consider my PC to be pretty well protected — virus free and firewalled. Yet the first time I ran Ad-Aware, it spent 15 minutes turning up and removing a dozen nasty little programs with names like Xupiter Toolbar, Gator Trickler and Bargains.exe. And when I ran it again a few weeks later, five more pieces of spyware showed up.

SpyChecker.com runs a handy database that lists more than a thousand of these programs and tells you what each one does. Spywareinfo.com and Counterexploitation (at cexx.org) are also hot on the spyware trail. But this kind of malicious code is proliferating faster than it can be catalogued, so there's often no telling how a particular program is being used, what kind of sensitive information it is broadcasting or what other programs it might have secretly installed on your machine. If dotcoms can slip this stuff past our defenses, just imagine what a terrorist could do.

None of this stuff is good for you or your privacy. Clean it out, and you'll instantly feel more secure. You might even feel a little patriotic.