How Spyware Works
Results 1 to 8 of 8

Thread: How Spyware Works

  1. #1

    How Spyware Works

    I was wondering if somebody could explain how Spyware works in general and how cookies and such harvest your material, or can they do worse like infect you? I have googled, but it is usually easier for me to understand it from someone who can put it into laymens terms I would guess cookies would use PHP, but I'm not sure. Thanks a bunch.

    -Cheers-

  2. #2
    Webius Designerous Indiginous
    Join Date
    Mar 2002
    Location
    South Florida
    Posts
    1,121
    Well, cookies are a small file that gets put onto your computer to store some type of information. This is how for instance, that AntiOnline can keep you logged on the site from a machine. There is a cookie with your username, and an encrytped password, stored on your system from here.

    Spyware is a bit different. Many spyware companies associate themselves with many high traffic websites. The websites they deal with download a cookie to your computer when you visit. So lets say you visited www.golf.com. A golfing website, and they happen to incorporate spyware/adware with their site from company X. Here is a breakdown.

    1) you visit www.golf.com and company X looks for a previous cookie from its comapny. If it doesn't find one, it puts a cookie on your machine stateing that you visited golf.com. You then leave this site, but the cookie remains.

    2) You now visit www.espn.com, which also uses company X, and company x looks for a cookie and low and behold it finds one. It sees that you go to golf.com and what do you know? Golf ads start poping up or displaying in the banner ads. Funny how that works. Company x also ads www.espn.com to the cokkies list of sites you visit.


    Based on this information, adware companies can direct ads to you based on what sites you visit. No point in putting up ads for fantasy football when grandma only visits sewing sites.

  3. #3
    I meant more code examples. I understand the basic idea. I guess I misstated it.

    -Cheers-

    PS: Thanks anyway. I appreciate a response.

  4. #4
    Senior Member
    Join Date
    Sep 2003
    Posts
    500
    You shall no longer take things at second or third hand,
    nor look through the eyes of the dead...You shall listen to all
    sides and filter them for your self.
    -Walt Whitman-

  5. #5
    Webius Designerous Indiginous
    Join Date
    Mar 2002
    Location
    South Florida
    Posts
    1,121
    Okay lets go a step furthur.

    A cookie is a small piece of information that a website can download and store on your computer. The cookie itself gets sent out with the HTTP headers of a website. The header's syntax is as follows:

    Set-Cookie: NAME=VALUE; [expires=DATE;] [path=PATH;] [domain=DOMAIN_NAME;] [secure]

    When this is called via a HTTP header, it will create a cookie called NAME with a value of VALUE. All the other stuff in braces is optional.

    • expires: This sets an expiration date that the cookie will expire and no longer be valid. If no expiration date is set, the cookie stays till you or the user manually deletes it.
    • path: The url that the cookie is valid for.
    • domain: The domain the cookie is valid for.
    • secure: This flag means that it will not be sent over a plain http connection.


    Now each time the user visits the site, you will have to look for this cookie by using some type of programming. I use PHP personally, but many other languages can create cookies.

    To create a cookie in PHP you use the setcookie() function.

    bool setcookie ( string name [, string value [, int expire [, string path [, string domain [, int secure]]]]])

    PHP Code:
    setcookie('cookiename''data'); 
    Thats basically it. You can now call the cookie each time a visitor visits a site by doing this.

    PHP Code:
    $HTTP_COOKIE_VARS['cookiename']; 
    Thats all there really is to cookies. Now its up to you to figure out what you can do with them.

  6. #6
    I think that spyware gives u an ID and that the info (profile) of the ID (you) are saved on the server. So when you go to the same site or a affiliate site it trades your info. I have asked personally some guys from the company and they say mostly that it is not spyware it is an anonymous entry on a research that tries to find how many people use windows 95 or 98 or ...
    Do you think they say the truth. I don't.

  7. #7
    Thanks for the link LB. Thank you for the code examples XM. I will not impliment either of them as they piss me off too; I just wondered how they worked. I am not real good with PHP, but I know JScript so I may be able to figure it out, and at least the website makes sense. As for the anonymous research monk, you're probably right. It is not for anonymous research but to better target advertisements or steal information.

    -Cheers-

  8. #8
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,191
    You might like to look at http://www.winpatrol.com

    Nice bit of security software that will let you handle cookies.....the squirrel thingie eats them, after reporting back that they are received.

    Cheers
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides