Everybody seems to have heard about spyware now. Media

publish loads of surveys, “how to”s, and horror stories

about the victims. Readers are supposed to know exactly what

terms like “spyware”, “adware”, “malware” mean. Alas, their

meanings may vary from article to article, from author to

author– some of them still use these terms interchangeably.

It is not correct. Being an employee of an anti-spyware

developing company, I guess I know this matter well enough

to point that out.

The spyware problem is much broader and more complex than we

think it to be; it isn’t all about unwanted advertising,

pop-ups, etc., etc. It isn’t all about privacy, either.

Adware by no means equals spyware. One needn’t be a genius

to suspect it. Adware is more annoying than really dangerous

— though it slows down PCs and drives people crazy.

Programs used for targeted advertising, such as adware or

cookies, make only a tiny part of existing programs which

are usually called spyware, and the purposes they are used

for are the most innocuous, I should say.

In my opinion, these programs should better be called

“trackware” or something like that — they keep track of PC

users’ activities (to target advertising better) but not

actually spy. You disagree? Well, your browsing habits,

things you buy online–all this stuff certainly is your

private business. If somebody else uses this info to bombard

you with ads, you get angry. You are quite right. One more

question: what private info you value more–your browsing

habits or your credit card number?

Social security numbers, credit card numbers, your bank

accounts, passwords, another valuable (in the direct sense)

data–can easily be stolen by means of software programs

specially created for stealing data. That’s what I usually

mean when talking about “spyware.” These programs spy–they

log every your keystroke or mouse click, make screenshots,

compile a neat log-file and send it to the person who

installed the program (as a rule, remotely) on your PC.

Compared with keyloggers, adware seems pretty innocent, doesn’t it? Even hijacking a browser looks like petty offence. To

visualize difference between adware stuff and keylogging

spyware just compare a juvenile delinquent and, say, a


In view of that, software products which make possible

unwanted advertising are rather distant relatives of real

spyware. Cousins, so to speak. Second cousins twice removed,

to be more precise. What about brothers and sisters?

Spyware has very much in common with monitoring software —

legitimate software products widely used for parental

control, workplace surveillance, Internet access control,

etc. They pretty often are based on the same technology.

They are so similar, that a spy program can sometimes be

used for monitoring purposes, and vice versa. So, what is

the difference, if there is any?

There is a vague line between monitoring products and spy

products — this is the line between security management and

security violation. However, there are two specific program

functions that are typical to spy programs.

First, it is possible to carry out preliminary configuration

of the monitoring module (it is usually called client, agent

etc.), getting a compiled executable file as a result. This

file, when installed, doesn’t display any messages or create

windows on the screen. It “hides itself” and “shows no signs

of life”. It is impossible to notice whether the particular

PC is being secretly monitored or not. Of course, the user

is not aware of being spied — until the consequences show


Second, spy software always has built-in means of remote

installation; as a rule, the pre-configured module (agent)

is installed into the target PC remotely. Then the files

with obtained information are sent via local network or

emailed to the person who installed the spy program.

Last, but not least– spyware is always used illicitly and

behind the user’s back– here monitoring is performed by a

person who has no right for it. Unlike spyware, legally used

monitoring programs are almost never used secretly. Though

in many states your boss doesn’t break any law when he

installs monitoring devices or software without your consent

and never tells you about it, it happens not very often. As

a rule, people at work are aware of being under

surveillance. Managers are very likely to tell a new

employee that there are things that he or she had better not

do — because there are means of finding that out. Kids know

what websites they had better not visit–for the same


Remove these functions — and you will get a monitoring

program instead of spyware. If it is impossible to

pre-configure the monitoring module and install it remotely;

if you should have administrator privilege to install the

program, it is monitoring software, not spyware.

Though the basic principle is often the same, purposes

differ greatly. Monitoring software is most frequently used

in large and middle-sized companies to ensure information

security and local network accountability. At home more and

more parents install it as a “life jacket” for their

web-surfing kids. You probably use such a program already,

or going to. Use it, but remember about the illegitimate

relative of so useful and absolutely legal monitoring

program installed on your own PC.

Everybody seems to have heard about spyware now. Media publish loads of surveys, 'how to's, and horror stories about the victims. Readers are supposed to know exactly what terms like 'spyware', 'adware', 'malware' mean. Alas, their meanings may vary from article to article, from author to author-- some of...