- [Results 1–2 of 2]
3/24/2009 7:37:14 PM200.00
Antispam Software, article by Eran Shaham, security expert
To prevent e-mail spam, end users and administrators of e-mail systems use various anti-spam techniques. None of the techniques is a complete solution to the spam problem, and each has tradeoffs between incorrectly rejecting legitimate e-mail vs. not rejecting all spam, and associated costs in time and effort.
Anti-spam techniques can be broken into two broad categories: those that require actions by individuals, and those that can be automated.
How to choose the best antispam program and which email defense techniques to use
- Your antispam application
should be configured for automatic
Many Internet service providers and e-mail clients have automated anti-spam systems installed, or can have optional systems added. Since all anti-spam techniques can cause legitimate e-mail to be incorrectly identified as spam, many anti-spam systems are either not enabled by default or are configured to be very conservative about what will be identified as spam.
- E-mail address harvesting.
Give out your email address with care.
Harvesting describes methods that spammers use to obtain e-mail addresses
of real people. If the spammers can't get your address, the address
is less likely to have spam sent to it.
Most people want new people to be able to contact them via e-mail and many people cannot hide their e-mail addresses. While preventing spammers from obtaining email addresses does not solve the spam problem anymore than avoiding the high crime areas of a city solves crime, individuals need to weigh the risks.
- Address munging.
Using a false email address.
Posting anonymously, or with a fake name and address, is one way to avoid "address harvesting," but users should ensure that the fake address is not valid. Users who want to receive legitimate email regarding their posts or Web sites can alter their addresses so humans can figure them out, but automated spammers cannot. For instance, firstname.lastname@example.org might post as joeNOS@PAM.example.net.invalid, or display his email address as an image instead of text. Address mugging, however, can cause legitimate replies to be lost.
- Use a disposable e-mail
Email users sometimes need to give an address to a site without complete assurance that the site will not send out spam. One way to mitigate the risk is to provide a disposable email address â€” a temporary address which forwards email to a real account, which the user can disable or abandon. A number of services provide disposable address forwarding. Addresses can be manually disabled, can expire after a given time interval, or can expire after a certain number of messages have been forwarded.
- Avoid HTML enabled e-mail.
- Use mail applications which do not automatically download and display HTML, images or attachments.
- Avoid responding to spam.
Spammers may regard responses to their messagesâ€”even responses of "Don't spam me" â€” as confirmation that an email address is valid. Likewise, many spam messages contain Web links or addresses which the user is directed to follow to be removed from the spammer's mailing list â€“ ignore these.
- Reporting spam email
option. Be aware to whom you report.
Tracking down a spammer's ISP and reporting the offense often leads to the spammer's service being terminated. Unfortunately, it can be difficult to track down the spammer â€” and while there are some online tools to assist, they are not always accurate. Occasionally, spammers employ their own netblocks. In this case, the abuse contact for the netblock can be the spammer itself and can confirm your address.
application that automatically blocks spam.
Mail agents discover patterns and automatically block these mails, based on their characteristics. These can be useful.
- Email application that
lets you decide whether to filter.
Statistical filtering, once set up, requires no maintenance. Instead, users mark messages as spam or nonspam and the filtering software learns from these judgments. Thus, a statistical filter does not reflect the software author's or administrator's biases as to content, but it does reflect the user's biases as to content.
- Your antispam application should be configured for automatic functioning.
3/24/2009 7:37:16 PM200.00
Antispy Software, article by Eran Shaham, security expert
Spyware is computer software that collects personal information about users without their informed consent. The term, coined in 1995 but not widely used for another five years, is often used interchangeably with adware and malware (software designed to infiltrate and damage a computer respectively).
Personal information is secretly recorded with a variety of techniques, including logging keystrokes, recording Internet web browsing history, and scanning documents on the computer's hard disk. Purposes range from overtly criminal (theft of passwords and financial details) to the merely annoying (recording Internet search history for targeted advertising, while consuming computer resources). Spyware may collect different types of information. Some variants attempt to track the websites a user visits and then send this information to an advertising agency. More malicious variants attempt to intercept passwords or credit card numbers as a user enters them into a web form or other applications.
The spread of spyware has led to the development of an entire anti-spyware industry. Its products remove or disable existing spyware on the computers they are installed on and prevent its installation. However, a number of companies have incorporated forms of spyware into their products. These programs are not considered malware, but are still spyware as they watch and observe for advertising purposes. It is debatable whether such 'legitimate' uses of adware/spyware are malware since the user often has no knowledge of these 'legitimate' programs being installed on his/her computer and is generally unaware that these programs are infringing on his/her privacy. In any case, these programs still use the resources of the host computer without permission.
How to choose the best antispy program?
- Use it for free as a
windows genuine product customer, as a windows operating system
add-on or a built in component.
Recently Microsoft acquired GIANTâ€™s antispyware software, rebranding it as Windows Antispyware beta and releasing it as a free download for Windows XP and Windows 2003 users. In early spring, 2006, Microsoft renamed the beta software to Windows Defender, and it was released as a free download in October 2006. Microsoft has also announced that the product will ship (for free) with Windows Vista.
Or, Use it as a part of your antivirus program.
Major anti-virus firms such as Symantec, McAfee and Sophos have come later to the table, adding anti-spyware features to their existing anti-virus products. However, recent versions of these major firms' home and business anti-virus products do include anti-spyware functions, albeit treated differently from viruses. Symantec Anti-Virus, for instance, categorizes spyware programs as "extended threats" and now offers real-time protection from them (as it does for viruses).
your antispyware software up-to-date.
Like most anti-virus software, many anti-spyware/adware tools require a frequently-updated database of threats. As new spyware programs are released, anti-spyware developers discover and evaluate them, making "signatures" or "definitions" which allow the software to detect and remove the spyware. As a result, anti-spyware software is of limited usefulness without a regular source of updates. Some vendors provide a subscription-based update service, while others provide updates for free. Updates may be installed automatically on a schedule or before doing a scan, or may be done manually.
- Remember that if you are unsure about the program, don't install it. A free program is sometimes expensive in terms of the spy battle!
- Use it for free as a windows genuine product customer, as a windows operating system add-on or a built in component.
- [Results 1–2 of 2]