Editing Spyware (section)

==History==
[[File:Corte de EE.UU. rechaza apelación de NSO Group en litigio contra WhatsApp.jpg|thumb|An illustration of the [[Pegasus spyware]] by the [[NSO Group]], designed to be covertly and remotely installed on mobile phones running iOS or Android<ref>{{cite news |title=Pegasus: Spyware sold to governments 'targets activists' |url=https://www.bbc.com/news/technology-57881364 |access-date=6 April 2025 |work=BBC |date=18 July 2021}}</ref>]]
As personal computers and [[broadband]] connections became more common, the use of the internet for [[e-commerce]] transactions rose.<ref>{{Citation |last1=Abhijit |first1=C. |title=E-Business & E-Commerce Infrastructure: Technologies Supporting the E-Business Initiative |year=2002 |place=Columbus, USA |publisher=McGraw Hill |last2=Kuilboer |first2=J.P.}}</ref> Early retailers included book dealer [[Amazon.com]] and CD retailer [[CDNow|CDNOW.com]], which both were founded in 1994.<ref>{{Citation |last=Rosenberg |first=R.S. |title=The Social Impact of Computers |year=2004 |edition=3rd |publisher=Place=Elsevier Academic Press, San Diego CA}}</ref> As competition over customers intensified, some e-commerce companies turned to questionable methods to entice customers into completing transactions with them.<ref>{{Citation |last=CDT |title=Following the Money |year=2006 |url=https://www.cdt.org/files/privacy/20060320adware.pdf |publisher=Center for Democracy & Technology}}</ref>

The first recorded use of the term [[:wikt:spyware|spyware]] occurred on October 16, 1995, in a [[Usenet]] post that poked fun at [[Microsoft]]'s [[business model]].<ref name="coinage">Vossen, Roland (attributed); October 21, 1995; [http://groups.google.com/group/rec..programmer/browse_thread/thread/86a426b0147496d8/3b5d1936eb4d0f33?lnk=st&q=&rnum=8#3b5d1936eb4d0f33 Win 95 Source code in c!!] posted to rec..programmer; retrieved from groups.google.com November 28, 2006.  {{dead link|date=June 2016|bot=medic}}{{cbignore|bot=medic}}</ref> ''Spyware'' at first denoted ''software'' meant for [[espionage]] purposes. However, in early 2000 the founder of [[Zone Labs]], Gregor Freund, used the term in a press release for the [[ZoneAlarm|ZoneAlarm Personal Firewall]].<ref name="wienbar">Wienbar, Sharon. "[http://news.cnet.com/2010-1032-5307831.html The Spyware Inferno] {{Webarchive|url=https://web.archive.org/web/20110510085748/http://news.cnet.com/2010-1032-5307831.html |date=May 10, 2011 }}". ''News.com''. August 13, 2004.</ref> 

In early 2000, [[Steve Gibson (computer programmer)|Steve Gibson]] formulated the first description of [[spyware]] after realizing software that stole his personal information had been installed on his computer.<ref name=":0">{{Citation | last=Gibson | title=GRC OptOut -- Internet Spyware Detection and Removal | publisher=[[Gibson Research Corporation]] | url=http://www.grc.com/optout.htm}}</ref>

{{cquote|Spyware is any software that employs a user’s internet connection in the background or "backchannel" without their knowledge or consent.
{{cn|date=September 2024}}
}}

Later in 2000, a parent using ZoneAlarm was alerted to the fact that ''[[Reader Rabbit]]'', educational software marketed to children by the [[Mattel]] toy company, was surreptitiously sending data back to Mattel.<ref name="Hawkins">Hawkins, Dana; "[https://www.usnews.com/usnews/culture/articles/000703/archive_015408.htm Privacy Worries Arise Over Spyware in Kids' Software]". ''U.S. News & World Report''. June 25, 2000 {{webarchive |url=https://web.archive.org/web/20131103060440/http://www.usnews.com/usnews/culture/articles/000703/archive_015408.htm |date=November 3, 2013 }}</ref> Since then, "spyware" has taken on its present sense.

According to a 2005 study by [[AOL]] and the National Cyber-Security Alliance, 61 percent of surveyed users' computers were infected with some form of spyware. 92 percent of surveyed users with spyware reported that they did not know of its presence, and 91 percent reported that they had not given permission for the installation of the spyware.<ref name="aolstudy">"[http://www.staysafeonline.info/pdf/safety_study_2005.pdf AOL/NCSA Online Safety Study] {{webarchive|url=https://web.archive.org/web/20051213090601/http://www.staysafeonline.info/pdf/safety_study_2005.pdf |date=December 13, 2005 }}". ''America Online'' & ''The National Cyber Security Alliance''. 2005.</ref>
{{as of|2006}}, spyware has become one of the preeminent security threats to computer systems running Microsoft Windows [[operating system]]s. Computers on which [[Internet Explorer]] (IE) was the primary [[web browser|browser]] are particularly vulnerable to such attacks, not only because IE was the most widely used,<ref name="pcworld-ie">Spanbauer, Scott. "[http://www.pcworld.com/article/id,117550-page,1/article.html Is It Time to Ditch IE?] {{Webarchive|url=https://web.archive.org/web/20061216202917/http://www.pcworld.com/article/id,117550-page,1/article.html |date=December 16, 2006 }}". ''Pcworld.com''. September 1, 2004</ref> but also because its tight integration with Windows allows spyware access to crucial parts of the operating system.<ref name="pcworld-ie"/><ref>Keizer, Gregg. "[http://www.techweb.com/wire/software/170100394 Analyzing IE At 10: Integration With OS Smart Or Not?]". ''TechWeb Technology News''. August 25, 2005. {{webarchive |url=https://web.archive.org/web/20070929092100/http://www.techweb.com/wire/software/170100394 |date=September 29, 2007 }}</ref>

Before [[Internet Explorer 6]] SP2 was released as part of [[Windows XP Service Pack 2]], the browser would automatically display an installation window for any [[ActiveX]] component that a website wanted to install. The combination of user ignorance about these changes, and the assumption by [[Internet Explorer]] that all [[ActiveX]] components are benign, helped to spread spyware significantly. Many spyware components would also make use of [[Exploit (computer security)|exploit]]s in [[JavaScript]], Internet Explorer and Windows to install without user knowledge or permission.

The [[Windows Registry]] contains multiple sections where modification of key values allows software to be executed automatically when the operating system boots. Spyware can exploit this design to circumvent attempts at removal. The spyware typically links itself to each location in the [[Windows Registry|registry]] that allows execution. Once running, the spyware will periodically check if any of these links are removed. If so, they will be automatically restored. This ensures that the spyware will execute when the operating system is booted, even if some (or most) of the registry links are removed.

=== Targeted advertisement ===
In the search for more effective advertising strategies, companies soon discovered the potential in ads that were targeted towards user interests. Once [[targeted advertising]] began to appear online, advertisers began to develop software that became known as [[spyware]] that collected users' personal interests through their [[Internet privacy#Browsing profiles|browsing habits]]. Spyware brought along reduced system performance and security. The information gathered by spyware was used for constructing user profiles detailing what users could be persuaded to buy. The introduction of online advertisements opened up a new way of funding software development by having the software display advertisements to its users; software developers could offer their software "free of charge", since they were paid by the advertising agency. However, there is a distinction between "free of charge" and a "free gift", differences arising in the fact that a free gift is given without any expectations of future compensation, while something provided free of charge expects something in return. When downloading software described as "free of charge", users had no reason to suspect that it would report their Internet usage so that presented advertisements could be targeted towards their interests.
 
Problems arose due to users not being informed about neither the occurrence nor the extent of such monitoring, and were not given a chance to decide on whether to participate or not. As advertisements became targeted, the borders between adware and spyware started to dissolve, it started to both monitor users and deliver targeted ads.

=== The arms-race between spyware vendors ===
As the chase for faster financial gains intensified, several competing advertisers turned to more nefarious methods in an attempt to stay ahead of their competitors. As a result, this created a gray area between conventional ads that people chose to see, such as ads from subscription services, ads pushed on users through "pop-ups" and downloaded ads displayed in a program itself.<ref name=AAA>{{cite news|url=http://www.spywareloop.com/news/privacy-invasive-software |title=Privacy Invasive Software in SpyWareLoop.com |author=Vincentas |newspaper=Spyware Loop |date=11 July 2013 |access-date=27 July 2013 |url-status=dead |archive-url=https://web.archive.org/web/20140409013525/http://www.spywareloop.com/news/privacy-invasive-software |archive-date=9 April 2014 }}</ref>
This practice pushed online advertising closer to the dark side of spam and other types of invasive, privacy compromising advertising.<ref>{{Citation | last=Görling | first=S. | title=An Introduction to the Parasite Economy | publisher=In Proceedings of EICAR | place=Luxemburg | year=2004}}</ref> During this development, users experienced infections from unsolicited software that crashed their computers by accident, changed application settings, harvested personal information, and deteriorated their computer experience.<ref>{{Citation|last=Pew |first=Internet |title=The Threat of Unwanted Software Programs is Changing the Way People use the Internet |work=PIP Spyware Report July 05 |publisher=Pew Internet & American Life Project |url=http://www.pewinternet.org/pdfs/PIP_Spyware_Report_July_05.pdf |year=2005 |url-status=dead |archive-url=https://web.archive.org/web/20070713160443/http://www.pewinternet.org/pdfs/PIP_Spyware_Report_July_05.pdf |archive-date=July 13, 2007 }}</ref> Over time, these problems led to the introduction of countermeasures in the form of anti-spyware tools.

Anti-spyware has become a new area of online vending with fierce competition. These tools purported to clean computers from spyware, adware, and any other type of shady software located in that same gray area. This type of software can lead to false positives as some types of legitimate software came to be branded by some users as "Spyware" (i.e. Spybot: Search & Destroy identifies the Scan Spyware program as a Spybot.) These tools were designed similarly to anti-[[malware]] tools, such as [[antivirus software]]. Anti-spyware tools identify programs using signatures (semantics, program code, or other identifying attributes). The process only works on known programs, which can lead to the false positives mentioned earlier and leave previously unknown spyware undetected. To further aggravate the situation, some shady companies distributed fake anti-spyware tools in their search for a larger piece of the online advertising market. These fake tools claimed to remove spyware, but instead installed their own share of adware and spyware on unsuspecting users' computers. Sometimes, this software would also remove adware and spyware from competing vendors. 

New spyware programs are constantly being released in what seems to be a never-ending stream, although the increase has leveled out somewhat over the last few years. According to developers of anti-spyware programs, the fight against spyware is more complicated than the fight against [[computer virus|viruses]], [[trojan horse (computing)|trojan horses]], and [[computer worm|worms]].<ref>{{Citation |last=Webroot |title=Differences between Spyware and Viruses |work=Spysweeper.com |year=2006 |url=http://research.spysweeper.com/differences.html |archive-url=https://web.archive.org/web/20071001180224/http://research.spysweeper.com/differences.html |archive-date=2007-10-01 |url-status=dead |publisher=Webroot Software}}</ref> There is still no consensus on a definition or classification system of spyware, which negatively affects the accuracy of anti-spyware tools resulting in some spyware programs being able to remain undetected on users' computers.<ref>{{Citation | last=Good | first=N. | title=User Choices and Regret: Understanding Users' Decision Process About Consensually Acquired Spyware |url=https://scholarlycommons.law.case.edu/cgi/viewcontent.cgi?referer=&httpsredir=1&article=1620&context=faculty_publications | work=I/S: A Journal of Law and Policy for the Information Society |volume=2 |issue=2 | year=2006 |display-authors=etal}}</ref><ref>{{Citation | last=MTL | title=AntiSpyware Comparison Reports | publisher=Malware-Test Lab | url=http://www.malware-test.com/antispyware.html | year=2006 | access-date=2007-09-29 | archive-date=2007-11-02 | archive-url=https://web.archive.org/web/20071102170303/http://www.malware-test.com/antispyware.html | url-status=dead }}</ref>