Category Archives: Site Security

Computing's Dirty Dozen: Malware (Page 1 of 2)

It seems that no sooner do you feel safe turning on your computer than you hear on the news about a new kind of internet security threat. Usually, the security threat is some kind of malware (though the term “security threat” no doubt sells more newspapers).

What is malware? Malware is exactly what its name implies: mal (meaning bad, in the sense of malignant or malicious rather than just poorly done) ware (short for software). More specifically, malware is software that does not benefit the computer’s owner, and may even harm it, and so is purely parasitic.

The Many Faces of Malware

According to Wikipedia, there are in fact eleven distinct types of malware, and even more sub-types of each.

1. Viruses. The malware that’s on the news so much, even your grandmother knows what it is. You probably already have heard plenty about why this kind of software is bad for you, so there’s no need to belabor the point.

2. Worms. Slight variation on viruses. The difference between viruses and worms is that viruses hide inside the files of real computer programs (for instance, the macros in Word or the VBScript in many other Microsoft applications), while worms do not infect a file or program, but rather stand on their own.

3. Wabbits.Be honest: had you ever even heard of wabbits before (outside of Warner Bros. cartoons)? According to Wikipedia, wabbits are in fact rare, and it’s not hard to see why: they don’t do anything to spread to other machines. A wabbit, like a virus, replicates itself, but it does not have any instructions to email itself or pass itself through a computer network in order to infect other machines. The least ambitious of all malware, it is content simply to focus on utterly devastating a single machine.

4. Trojans. Arguably the most dangerous kind of malware, at least from a social standpoint. While Trojans rarely destroy computers or even files, that’s only because they have bigger targets: your financial information, your computer’s system resources, and sometimes even massive denial-of-service attacks launched by having thousands of computers all try to connect to a web server at the same time. Trojans can even

5. Spyware. In another instance of creative software naming, spyware is software that spies on you, often tracking your internet activities in order to serve you advertising. (Yes, it’s possible to be both adware and spyware at the same time.)

6. Backdoors. Backdoors are much the same as Trojans or worms, except that they do something different: they open a “backdoor” onto a computer, providing a network connection for hackers or other malware to enter or for viruses or spam to be sent out through.

7. Exploits. Exploits attack specific security vulnerabilities. You know how Microsoft is always announcing new updates for its operating system? Often enough the updates are really trying to close the security hole targeted in a newly discovered exploit.

Antivirus Malware and Software (Page 1 of 2)

Warning: most antivirus programs will not protect you against all forms of malignant software (often called “malware”) on their own. Find out how to protect yourself.

Sure, your antivirus software will protect you against viruses. It will probably even do a good job against worms. But what Trojans, exploits, backdoors, spyware and the dozen other nasty software parasites?

Malware and Antivirus Software: a History

The war on computer viruses has led to an arms race between the designers of antivirus software and the designers of viruses (you didn’t think viruses just created themselves did you?). Some years ago, virus designers responded to ever more successful antivirus software by creating the descendents of viruses, worms, which did not infect files but rather installed themselves directly on the hard drive, making them harder to detect.

The arms race has since led to a total of at least eleven distinct types of what is now called malware, a neologism meaning bad (as in malignant rather than shoddy) software. According to Wikipedia, these eleven types of malware are:

1. Virus 2. Worm 3. Wabbit 4. Trojan 5. Backdoor 6. Spyware 7. Exploit 8. Rootkit 9. Key Logger 10. Dialer 11. URL injection

There’s a twelfth kind of malware: adware, which Wikipedia considers simply to be a subset of spyware.

Why Antivirus Software Isn’t Enough for Malware

As you can see, makers of antivirus software have their work cut out for them if they’re going to keep every instance of malware off your system. As a result, antivirus software makers have often had to pick their battles. Adware, whose makers often claim they are doing nothing illegal or even questionable, often gets treated more lightly.

Even when antivirus software makers do come out with a product that fights all twelve or so kinds of malware, responding to each new instance of malware to come on the market isn’t easy. First the malware has to be identified, which means someone’s computer, and probably tens of thousands of computers, will be infected first. Then, the malware has to be dissected. Then a removal program and a filter must both be written. Then the removal program and filter must be tested to make sure they work, and that they don’t interfere with any other functions of the antivirus software or the computer itself. When a fix for the virus is out, it then has to be loaded into an antivirus software update and transmitted to every single computer worldwide that has the antivirus software installed.

The speed with which antivirus software makers are able to deliver updates for newly discovered malware would impress even Santa Claus. Yet there’s still a crucial window of one to a few days between when the new malware has reached a critical mass of thousands of computers, and when the update is released. If your antivirus software is not set to check for updates automatically every hour or so, that window opens even wider.

Antivirus Malware and Software (Page 1 of 2)

Warning: most antivirus programs will not protect you against all forms of malignant software (often called “malware”) on their own. Find out how to protect yourself.

Sure, your antivirus software will protect you against viruses. It will probably even do a good job against worms. But what Trojans, exploits, backdoors, spyware and the dozen other nasty software parasites?

Malware and Antivirus Software: a History

The war on computer viruses has led to an arms race between the designers of antivirus software and the designers of viruses (you didn’t think viruses just created themselves did you?). Some years ago, virus designers responded to ever more successful antivirus software by creating the descendents of viruses, worms, which did not infect files but rather installed themselves directly on the hard drive, making them harder to detect.

The arms race has since led to a total of at least eleven distinct types of what is now called malware, a neologism meaning bad (as in malignant rather than shoddy) software. According to Wikipedia, these eleven types of malware are:

1. Virus 2. Worm 3. Wabbit 4. Trojan 5. Backdoor 6. Spyware 7. Exploit 8. Rootkit 9. Key Logger 10. Dialer 11. URL injection

There’s a twelfth kind of malware: adware, which Wikipedia considers simply to be a subset of spyware.

Why Antivirus Software Isn’t Enough for Malware

As you can see, makers of antivirus software have their work cut out for them if they’re going to keep every instance of malware off your system. As a result, antivirus software makers have often had to pick their battles. Adware, whose makers often claim they are doing nothing illegal or even questionable, often gets treated more lightly.

Even when antivirus software makers do come out with a product that fights all twelve or so kinds of malware, responding to each new instance of malware to come on the market isn’t easy. First the malware has to be identified, which means someone’s computer, and probably tens of thousands of computers, will be infected first. Then, the malware has to be dissected. Then a removal program and a filter must both be written. Then the removal program and filter must be tested to make sure they work, and that they don’t interfere with any other functions of the antivirus software or the computer itself. When a fix for the virus is out, it then has to be loaded into an antivirus software update and transmitted to every single computer worldwide that has the antivirus software installed.

The speed with which antivirus software makers are able to deliver updates for newly discovered malware would impress even Santa Claus. Yet there’s still a crucial window of one to a few days between when the new malware has reached a critical mass of thousands of computers, and when the update is released. If your antivirus software is not set to check for updates automatically every hour or so, that window opens even wider.