Anti-Spyware Victory
Besides, managing spyware is not easy. According to Consumer Reports, spyware infections prompted 850,000 households to replace their PCs in the past six months. Just last month, an important spyware case that threatened to undermine the effectiveness of anti-spyware technology was decided in favor of consumers. "The case pitted Kaspersky Lab—which offers a range of anti-spyware and anti-virus tools—against notorious adware distributor Zango," writes Center for Democracy & Technology Deputy Director and Coordinator of the Anti-Spyware Coalition Ari Schwartz. "A ruling in favor of Zango would have had wide-ranging negative impact, not just for Kaspersky, but for all antispyware developers, and, in turn, for the millions of consumers who rely on those companies to keep their computers free of unwanted, often malicious programs." While the law protects consumers' rights to decide what goes on their own computers, Schwartz notes that it is anti-spyware and anti-virus technologies that allow consumers to enforce those rights. "User empowerment is the best response we have to emerging Internet threats. The more control consumers have over their own computers, the less likely they are to fall victim to the unceasing flood of scams and exploits that menace the global Internet," states Schwartz.
Keeping defenses up while staying connected, gets even more complicated with the ever-growing bot and zombie malware that continually feed spam and identity theft networks. The Messaging Anti- Abuse Working Group (MAAWG) released in October the first best practices developed cooperatively by major Internet and email service providers for managing infected subscribers. The MAAWG Best Practices for the Use of a Walled Garden provides recommendations for directing customers to a safe online environment where downloadable self-remediation tools can help users remove the malicious code installed on their computers. "The industry needs to define best practices to address this problem, just as a public health department would define quarantine procedures for a biological infection that is affecting its citizens. These best practices are the first effort at unifying and educating ISPs and service providers on how to effectively confront this rapidly spreading malware," said Scott Chasin, editor of the MAAWG walled garden recommendations and chief technology officer for MX Logic, Inc. Wall gardens are closed online environments created by service providers where subscribers can safely disinfect their systems. When subscribers with infected computers try to access the Web, their browsers are automatically redirected to a protected environment provided by the ISP where the malicious code can be securely purged. The MAAWG best practices recommend these walled garden sites include downloadable tools that allow users to remove the malware themselves and that once the malicious code has been deleted, subscribers' Web access will be restored.
Currently, a large percentage of spam is sent through these illgotten networks. According to Richard Cox, the chief information officer at the Spamhaus Project, a nonprofit that tracks malicious online activity, "Every day we see between 750,000 and 1.2 million new IP addresses, proxies and botnet zombies attempting to send spam. This does not mean they are all new infections, as infected PCs tend to move around the Internet IP address space of the users' ISP."
"It is very confusing to consumers. They are looking for signposts, and ideally would like the problem to just go away." —Fran Maier, TRUSTe