In today’s Seattle Times, Paul Andrews writes Tired of spyware? Try another browser. The trouble is, he appears to know just enough to spread misinformation.
During a recent six-week period, I conducted a small spyware experiment on my Windows computer.
I kept track of days I opened Microsoft Internet Explorer. At the close of each day, I ran Spybot, a detection and prevention program.
Here’s what happened: On nearly every day I used Internet Explorer, I was infected with a new batch of malware — spyware or adware. On days I used Mozilla Firefox for browsing and avoided IE, without exception I remained uninfected.
Oh really? I wonder what sorts of programs were getting installed on Paul’s computer, if any. Because on any computer running Windows XP, there are only two ways a program can be installed:
- You install it yourself. This can be accomplished by clicking OK to a dialog box or by downloading a setup file and running it.
- It installs itself, without your approval. This happens ONLY on a computer that does not have the latest security patches installed. The only way a program can be planted on your computer without your permission is to take advantage of a known security flaw.
Look, I take care of a dozen computers for friends, family, and neighbors. On not one of those computers would the situation that Paul describes be accurate. None of these people are experts, none of them scan their computers for spyware daily. So what’s the difference?
This quote from later in Paul’s story provides a clue:
What drove me to my experiment was sheer desperation at a constant, growing barrage of attacks on my Windows PC. Not only was the computer slowed to a crawl, it was almost impossible to perform any function without being assaulted by pop-ups.
Aha! It sounds like some particularly nasty piece of malware had infected the computer some time ago – the sort that Spybot S&D couldn’t remove. Every day, it was reinstalling itself or some variant of itself. At least that’s my guess.
Paul’s mistake is to assume that this is the normal course of events. It’s not normal, not by a long shot. And to write a story that implies that this is the normal state of affairs that anyone should expect when using Internet Explorer is misleading and inaccurate.
Paul, call someone for help. Once you get that piece of junk off your computer, you’ll find that the experience is completely different.
Update: Reading through the article again, I found another inaccuracy. Paul says that installing another browser (Firefox) is the only cure for spyware and adds: “You need to configure it to block cookies from third-party sites. That means the occasional inconvenience of having to re-enter logins and passwords on certain Web pages.” No, no, and no! First, you don’t need to block third-party cookies, although it can’t hurt and I think it’s a reasonable security precaution. Second, you can easily block third-party cookies with IE as well. The impact on spyware in either case will be nonexistent. Finally, blocking third-party cookies has ZERO effect on login prompts.
This article is horribly, horribly wrong.
Ed Bott 
Depends what he defines as “spyware”. Many of these spyware removers, including the “big two” – Ad-Aware and Spybot S&D – highlight cookies left by sites such as doubleclick.net as spyware. Sure, they can be used as a method of building up a profile of what sites you visit based on your IP address but they don’t know your name, email address, age, household income, social security number etc. Even Mike Healan is on quote for saying that tracking cookies are “nothing serious”.
I realise this is already a long comment so I’ll try to get to the point – these scanners don’t scan individual cookies in Firefox (as far as I can tell anyway). Therefore, less ‘spyware’ will be showing up simply because it is ignoring these cookies.
While I am a major advocate of Firefox, having used it since its very early days and converted many of my friends to it, articles like this do dismay me. If the author really is getting this much spyware then there’s evidently something wrong with his setup, not with IE as a whole.
“….is to take advantage of a known security flaw.”
Why not an “unknown” flaw?
Maybe he is not running XP. Older machines are harder to update.
Why not an “unknown” security flaw? Because security exploits are, by definition, aimed at known security flaws. Although it is theoretically possible for a “zero day” exploit to occur, this has never happened. And the stuff that is being installed on Paul’s computer is, by definition, out there in the known world. We’re not talking theory here.
And if he’s not running Windows XP, his whole column is meaningless.