When Roxie Shaw from MOREnet--the state network that services every school district in Missouri--first warned colleagues about "spyware" that gets installed on computers as users travel the Internet, she appended a list of confirmed sources including sites used commonly in schools. Countless privacy-invading programs are downloaded without user knowledge or approval, and most educators have no idea that their own computers are watching them.
Spyware, also dubbed adware and stealthware, tracks user surfing habits, scours systems to grab information--that can include names, addresses and passwords--and secretly relays the content back to the originating sites. The technology usually compiles usage data for advertisers, and delivers targeted pop-up ads that may be offensive and even pornographic. It can also insert unwanted bookmarks and hijack users to other sites. In addition, the data may be sold to third-party groups with a stake in matching users to their content interests. Spyware wastes bandwidth, slows computers, conflicts with other software and leads to system instability, especially those that report back continuously. The proliferation of spyware is a significant and growing problem for schools.
Shaw says preventive education is crucial for every district, and she has developed a program to inform educators about spyware and help them avoid being victimized. "Cute animations and ads for products that save time and money are usually fraught with spyware, and are the first things that attract people's attention," she says. In addition to suspicious ads that trigger downloads, she also cited spyware that can be contracted through malicious Web sites and chat rooms, reading infected Web-based e-mail, downloading certain freeware or shareware, installing particular online plug-ins and toolbars, and from selected viruses. However, since most spyware is not virus-borne, conventional antivirus software offers little protection.
GOODBYE TO SPYWARE
Spyware already infects millions of computers, so it is likely that examples have surreptitiously been installed on your school networks. This can be confirmed by searching for files containing product and company names on spyware lists from directories including Spyware-Guide.com.
While a few sites reveal their information-gathering practices in user agreements, these are seldom read and easy to miss, such as the policy for the Alexa search tool that stretches across 12 pages. When I checked my machine for identified words including bonzi, gator, kazaa and webshots, I found scores of suspect files. While it shouldn't be done capriciously, spyware can sometimes be deleted through ordinary file management procedures, but others require the use of special cleaning software.
An online search will identify numerous products that detect and remove spyware applications, including the free tools Ad-Aware from Lavasoft, and Spybot Search and Destroy from PepiMK Software. Some products can also function as guard dogs to prevent additional spyware from being installed. But since spyware is relatively new and unregulated, and developers continue to experiment, keeping staff up-to-date is essential. See, for example, the troubleshooting site at California's Buckingham School.
Some defend the use of spyware, saying that it typically collects valuable usage statistics rather than sensitive information, offers additional content that enhances user interests, and helps pay bills that enable free Web sites to continue. Nevertheless, the violations of trust, privacy and informed consent are major concerns. Districts are advised to check spyware lists before installing freeware or shareware, run anti-spyware programs weekly, read the fine print in user agreements, and limit system installation access to selected staff members.
Odvard Egil Dyrli, email@example.com, is senior editor and emeritus professor of education at the University of Connecticut.
PepiMK Software security.kolla.de
Buckingham School internal.vusd.solanocoe.k12.ca.us