There are a number of problems to look out for on the web:
There's some overlap between these definitions. A worm may not have been designed to do harm but, owing to the number of instances on your computer, it could clog up your file system or damage your email files, which might classify it as a virus. Is a program that releases a worm but that doesn't cause damage to your system a worm or a trojan horse? While the distinctions are sometimes blurry, all of these are Bad Things from Bad People. You don't want them on your computer. Using a good anti-virus program (with up-to-date virus definitions) is essential. The biggest vector for viruses is any email program that automatically loads and runs scripts. Thunderbird, described later in this book, is much safer because, among other things, it doesn't load and run scripts unless you actively tell it to.
One of the most recent computer plagues is spyware. Spyware is programs or scripts that are installed without your explicit permission that sit quietly in the background and do things to your system that you don't want to be done. What kinds of things? Here are some of the basic types of spyware:
Popups and how to suppress them are discussed in Chapter 3, aptly titled "Ridding Yourself of the Annoyances of the Web."
There are a few other classes of spywaredialers that look for a phone line via a modem and then dial long distance 900 numbers to rack up bills on your account, for instance, or programs that look for Quicken on your computer and then have Quicken transfer money to someone else's bank account (as demonstrated by Germany's Computer Chaos Club in 1997)but the bottom line is that spyware and the people who create or use it have no reason for continued existence on any planet that's discovered penicillin.
Fortunately, you can do a number of things to detect and remove spyware and to avoid it in the future. Some of the best detection tools for Windows are free: Ad-Aware SE Personal Edition from Lavasoft (www.lavasoftusa.com) and Spybot Search & Destroy (http://www.safer-networking.org) are my personal favorites. I use both of them, because each tends to catch some things that the other doesn't. I also use ZoneAlarm (www.zonealarm.com) as a software firewall so that I can see if something on my computer is trying to send information elsewhere. It's also free and cheap at twice the price.
Spyware is primarily a problem for Windows computers, but Mac users may want to try a product like MacScan (http://macscan.securemac.com). You might also want to look at general Mac security sites, such as MacSecurity.org (http://www.macsecurity.org) and SecureMac (http://www.securemac.com), for information on how best to protect your Mac. Linux users have nothing to fear: spyware is not an issue for Linux computers at this time.
Some spyware detection and removal programs actually don't do much of anything. Some of them are even loaded with spyware themselves. Before you install just any old spyware checker on your system, look around and see what people are saying about its effectiveness.
To avoid getting spyware in the future, first use Firefox (you knew that was coming, didn't you?). Here's why: Microsoft's approach to designing Internet Explorer was an optimistic view of security. Internet Explorer provided the maxiumum amount of capability with the hope of providing mechanisms that could and would be used to avoid risks. Unfortunately, it didn't quite work that way: ActiveX lets people silently access the operating system, the browser itself, and applications, and the Security Zone Model can allow the silent downloading, installation, and execution of programs without your knowledge. Powerful stuff that you can use to do great things? Sure! But sadly, it doesn't have enough safeguards, and as a result, ActiveX and the Security Zone model are used together as the primary mechanism to deploy spyware.
To be fair, Microsoft has recently addressed some of the issues in SP2 for Windows XP, but only a couple years after the dangers of Internet Explorer and its architecture were discussed in an article entitled "The Most Dangerous Software Ever Written" (www.networkmagazine.com/article/NMG20020701S0007). Worse, because Microsoft is focusing on Windows XP, over 200 million users of Windows 95, Windows 98, and Windows 2000 are being left out in the cold.
In contrast, Firefox takes a pessimistic, Murphyistic view of vulnerability: "Anything that can go wrong, will go wrong." Firefox attempts to create a firewall around the browser and remote content and other applications that might be available on the PC. In every case where potentially dangerous actions can happen, Firefox attempts to warn users about the risk. Furthermore, because Firefox doesn't support ActiveX and the security zone architecture, Firefox doesn't allow websites to install software automatically. Without the ability for websites to silently download and install spyware, Firefox has some immediate security advantages over Internet Explorer.
For further safety, don't put yourself in harm's way. Avoid software and websites that are likely to be infested with spyware. As you might expect, websites focusing on warez, porn, illicit mp3s, and file sharing are all likely to have spyware (you all look like nice people and would never go to places like these, but you need to know). Unfortunately, lots of sites that even a nice person like you might go to that also have spyware: online games, dating sites, contests, free software, and even some major companies' websites can all try to download spyware on your computer. The trick is to be cautious, use Firefox to filter out a lot of the spyware, use Ad-Aware and Spybot to check for spyware regularly (daily's not too often to check if you surf a lot), and use ZoneAlarm to watch what's trying to talk from your computer to elsewhere without your knowledge.