Interhack Home
Navigation

Publications
INFOSEC: Friend or Foe?
Identity Theft: What If We Didn't Dodge a Bullet?
Electronic Evidence in Criminal Defense
Anatomy of Online Fraud
Security: Built-in or Bolt-on?
Spying on Spyware
Introduction to Spyware
How Spyware Works
Why Spyware Works
Mitigating Spyware
Conclusions on Spyware
Cryptography in Practice
HIPAA Security HyperRule
 Publications


Why Spyware Works

Spyware fundamentally requires that a system that the user assumes to be trustworthy is operating under the direction or influence of a third party. We're dealing with the notion of “trusted computing base” here, which essentially means all hardware, software, and procedure used to enforce security policy. One of these components--software--is being subverted to allow the spyware provider to observe the user's behavior surreptitiously.

Note that when we talk about trust in this context, we're not using the same term that is used by some computer manufacturers now, in particular the Trusted Computing Group alliance and related efforts that have been known by such names as NGSCB, Longhorn, and Pallidum. Those systems are designed to make media publishers able to trust your system as a playback device that is under their control; these can actually break your security policy. [1]

Next

 
Contact Privacy Policy (c) 2001-2008 Interhack