ad info  technology > computing
    Editions | myCNN | Video | Audio | Headline News Brief | Feedback  




Consumer group: Online privacy protections fall short

Guide to a wired Super Bowl

Debate opens on making e-commerce law consistent



More than 11,000 killed in India quake

Mideast negotiators want to continue talks after Israeli elections


4:30pm ET, 4/16










CNN Websites
Networks image

Analysis: Protect online privacy with these tools


(IDG) -- With spyware lurking all about, what can you do to protect yourself? Easy: Get some counterspyware. And, InfoWorld readers say, some very effective tools are available free or nearly so.

In this column, we've discussed many examples of intrusive software that readers have discovered on their systems, often by using some of these counterspyware programs. When asked, of course, vendors invariably claim that spyware is only there with the very best of intentions, and any information collected without the user's knowledge certainly wasn't abused. Trust us, they say, it's nothing to worry about.

  InfoWorld home page
  ZoneAlarm guards against spyware
  Top 5 intrusion-detection downloads
  Warding off PC spies
  Reviews & in-depth info at
  Questions about computers? Let's editors help you
  Subscribe to's free daily newsletter for IT leaders
  Search in 12 languages
  News Radio
  * Fusion audio primers
  * Computerworld Minute

Not only should you not trust the vendors to refrain from abusing your privacy, but don't expect the government to do anything serious to help soon. In fact, the legal trend is the opposite.

With the Digital Millennium Copyright Act already law and the Uniform Computer Information Transactions Act (UCITA) being enacted in a few states, software developers have been gaining lots of legislative cover for slipping spyware onto your system to protect their intellectual property rights. And the FTC's recent endorsement in its report to Congress of vendor "self-regulation" for online profiling doesn't bode well, because it appears to take an opt-out approach where customers must read all the privacy legalese on sites. (For an example of how effective industry self-regulation of privacy is, just recall last year when Microsoft and RealNetworks were both caught red-handed in undisclosed collection of information from users and didn't even lose their privacy certification from Truste, an industry-sponsored organization of which both companies were supporting members.)

Clearly it's time for users to employ self-regulation, at least when it comes to regulating their own systems' communications. There are many tools to choose from, and you may already have everything you need. For many businesses, it's just a matter of ensuring that their firewalls, network management tools, and the like are configured to check what's going out and what's coming in.

For those who don't have such tools or lack the technical know-how to use them, my readers have widely praised ZoneAlarm from ZoneLabs (link below). "A great privacy tool I found out about is [ZoneAlarm], a free personal firewall product that can help block outgoing as well as incoming traffic on a per-application basis," one reader enthused. "It is easy to use and lets the user decide which applications can reach the Internet and which cannot."

ZoneAlarm 2.1 is free for personal and nonprofit use and costs $19.95 annually for business use. It's a firewall specifically designed to work both ways, and it's been responsible for catching many software intruders discussed in previous columns. It's so simple that even an InfoWorld columnist can use it.

Readers also pointed out another great resource for tools and information to fight spyware. "Check out Steve Gibson's OptOut program," wrote another reader. "It's lightweight (small), no dependencies (Steve's assembly language code), and lightning fast, even on huge drives."

Gibson, president of Gibson Research (link below) and a trusted, authoritative voice in these pages for many years, has gone after spyware in a big way. His OptOut program, currently offered as freeware, was designed to detect even spyware that takes advantage of browsers to get around firewalls. Also available at Gibson's site is Shields Up, a port scanning service that probes your computer and alerts you to security hazards. And perhaps even more valuable than the tools is the information Gibson provides on known spyware. If you visit, don't miss his blow-by-blow description of his travails tracking down the truth about RealNetworks, Netscape/AOL, and NetZip's download utilities and user-monitoring capabilities.

Along with endorsing ZoneAlarm, Gibson is also now recommending another freeware spyware detector. "It's called Ad-aware from the Lavasoft organization (link below), and it's more comprehensive than OptOut," Gibson says. "It's my intention to 'retarget' OptOut in the very near future at the continuing problem of Web-based privacy abuse. I'm going to completely end the problem of cookie misuse and third-party cross-domain information leakage. Thus OptOut will become a tool for allowing people to instantly 'disappear' from radar screens of those who would track them ... while allowing safe and untrackable cookie use."

Gibson makes no promises on when he can deliver this next version of OptOut, so I'm sure he'd agree with me in advising that you not wait for it. There are plenty of good tools out there to choose from, including many I haven't mentioned. And the price is right, particularly when you consider the possible price of leaving yourself open to the next software intruder that comes along.

U.S. senators propose Web privacy legislation
July 28, 2000
Privacy group launches consumer education campaign
July 26, 2000
McCain introduces bill requiring Web sites to disclose privacy policies
July 26, 2000
Critics bash U.S. plan for surveillance standards
July 21, 2000
New media firm questioned on privacy concerns
July 18, 2000

Carmen Sandiego is spying on your network
Uninvited software making itself at home on your PC
Avoid getting burned in the age of UCITA
ZoneAlarm guards against spyware
(PC World Online)
Warding off PC spies
More managers monitor e-mail
Top 5 intrusion-detection downloads
(Network World Fusion)
Massachusetts to monitor state employees' Web use

Gibson Research

Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.


Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.