We all already got used to computer monitoring both at work and at home. We got used to advertising monitoring software products as tools for parental control and workplace surveillance.
These programs are indeed helpful tools -- to a certain extent. Large and middle-sized companies use legitimate monitoring programs for workplace surveillance -- to ensure information security and local network accountability. At home more and more parents install such software as a "life jacket" for their web-surfing kids. You probably use such a program already, or going to.
But are you aware that these so handy and absolutely legal monitoring programs installed on lots of PCs -- and perhaps on yours, too -- have a very dangerous sibling called keylogging spyware?
Keylogging spyware (such programs are usually called simply "keyloggers")has very much in common with legitimate monitoring software. These programs spy -- they log keystrokes and mouse clicks, make screenshots, compile a neat log-file and send it to the person who installed (as a rule, remotely) this program on your -- or somebody else's -- PC.
The very principle is often the same. Actually, the technology applied in monitoring software is a dual-purpose one. It is neither good nor bad -- numerous things can be used for several purposes, not all of them permissible. A knife is a typical example -- while we are cutting bread with a bread knife, somebody stabs his neighbor to death with a dagger or stiletto.
Identity thieves do know how to use both kinds of this software for their nefarious purpose. I am not going to talk about moral issues, but if there is an opportunity, there always will be one to use it.
If these programs are so closely related, how to tell which is which then? Well, there are two specific program functions that are typical only to programs that spy.
First, it is possible to carry out preliminary configuration of the monitoring module (it is usually called client, agent etc.), getting a compiled executable file as a result. This file, when installed, doesn't display any messages or create windows on the screen. It "hides itself" and "shows no signs of life". It is impossible to notice whether the particular PC is being secretly monitored or not. Of course, the user is not aware of being spied -- until the consequences show up.
Second, spy software always has built-in means of remote installation; as a rule, the pre-configured module (agent) is installed into the target PC remotely. Then the files with obtained information are sent via local network or emailed to the person who installed the spy program.
Remove these functions -- and you will get a monitoring program instead of spyware. If it is impossible to pre-configure the monitoring module and install it remotely, it is not spyware. If you should have administrator privilege to install the program, it is monitoring software. (Person with administrator privilege installs major software products, and in case of a home computer, it is usually the person who owns the PC).
Nevertheless, there are some vendors who advertise monitoring products with "remote deployment", i.e. function of remote installation. In fact, nothing distinguishes these programs from malicious keyloggers. Some of them are actually Trojan Horse programs, which can be sent by email disguised as, say, a greeting card.
Many users feel that it is impossible to install a surveillance program without physical access to their PCs. Unfortunately, they are mistaken. And security experts confirm-- remote deployment of surveillance software is sharply on the rise.
Researchers from Websense Security Labs in their "Security Trends Report" call such programs "commercial keyloggers" and caution users against them: " These commercial keyloggers may be marketed as products that allow you to spy on your spouse or watch your children