For the Smart Money Cookie

A lot of planning goes into making a great vacation. If you’re planning a vacation, be sure to consider the safety of your home while you’re away and create an action plan to keep your home and belongings safe.

Some people prey on homes when they know the owners are out of town or on vacation. There are certain steps you need to take before leaving to make the house look like someone is there at all times. Like the old saying goes, “If there is bait, the fish will grab.” You can relate this saying to the way burglars think. Don’t leave out any bait that would tempt a burglar.

What is the bait that burglars look for? There are several things the burglars pay close attention to at your home. Daily newspapers piling up in the driveway, a continuous dark house, and no cars in the driveway are just a few things that they look for. Your job is to make sure you put a plan of action into place before leaving your house.

Here are five tips to make sure your house is safe.

1) Temporarily cancel newspaper subscription - Most newspapers let you contact them and put a hold on your subscription until you get back. This allows for credits for the days you are gone and the newspapers are not just piling up and going to waste. Another idea is letting your neighbor or someone in neighborhood to get your daily newspapers.

2) Daily Mail - Make sure someone is checking your mail each day in case you have some important documents coming and also the mail is not increasing in your mail box. If someone sees the mail is overloading, they will automatically know you are not at the house.

3) Cars in the Driveway - Never have all vehicles completely gone out of the driveway. Leave your spouse’s car or borrow another family member’s car to leave in the driveway and arrange for the vehicle to moved and repositioned while you’re away. This way the driveway is not a complete ghost town.

4) Lights on in the house - Set up specific lights in the house on a daily timer to come on each evening. You do not want to leave your house continuously dark the entire time you’re out of town. This is a number one giveaway to potential home break-ins.

5) Have someone check daily - Request that a close friend or neighbor checks on your house daily. They can go through the house and check around to make sure there is no harm done to the house. Also if you have any pets, they will be able to feed and water the pets while they are checking on the house.

Safeguarding your home and belongings should be high on your priority list at all times, but even more so when you’re going to be away for any length of time.
Implementing these strategies doesn’t guarantee your home won’t be broken into while you’re away, but it does greatly reduce your chances of a break-in. If you’re going away on a vacation or out of town for an extended period of time, the extra peace of mind knowing that your home is being taken care of is well worth the time put into initiating this type of plan.

Liane Wood is a chartered insurance professional and registered insurance broker specializing in personal and small business insurance. Visit her website at: http://www.insurance-rates.ca

1. Geek Superhero
http://www.deprice.com/geeksuperhero.htm

Geek Superhero watches your computer for changes, immediately notifying you when a change is made to confirm you want to keep or reject the change. This saves you from lots of headaches. (A “Computer Setting Firewall” is an excellent description.)

2. CleverCrypt Enhanced
http://www.deprice.com/clevercryptenhanced.htm

Using the latest developments in information security, CleverCrypt has been designed to use the best encryption technology legally available. The product uses 4 encryption layers to protect your data. Using just one of CleverCrypt’s encryption layers it has been mathematically calculated that the famous “DES Cracker” machine, if sped up several thousand times, would still take over 149 trillion years to crack a CleverCrypt secure drive. And that’s if your using just one of CleverCrypt’s four layers.

3. Clean Disk Security
http://www.deprice.com/cleandisksecurity.htm

Clean Disk Security gives you secure file deletion, making sure that deleted files cannot be undeleted again. Deleting a file normally just removes the file’s directory entry, but the data itself remains on the disk. This program completely eliminates the contents of deleted files. The highly acclaimed Gutmann disk cleaning method is now available as an option. This program can also clean the Window’s swap file, and can optionally clean unneeded temporary files from your hard disk, such as your Internet browser cache, files in your system’s Recycle Bin, and can clear the “recent files” list.

4. Cryptainer PE
http://www.deprice.com/cryptainerpe.htm

Phenomenally easy to use, Cryptainer PE’s encryption works on all versions of Microsoft Windows and works with all known file types. You can protect your files and folders and ensure total privacy with Cryptainer PE. Simply drag and drop the files and folders you want to hide and voila! your files are hidden. With Cryptainer PE you can hide the very existence of your confidential files and folders. Additionally, Cryptainer PE allows you to send encrypted email files. The recipient need not have a copy of Cryptainer PE installed to decrypt the files.

5. Desktop Armor
http://www.deprice.com/desktoparmor.htm

Desktop Armor watches dozens and dozens of important settings on your computer and warns you if any program has changed them. This catches many of the changes a virus, worm, or trojan program will make to your computer and lets you immediately fix them back! Plus Desktop Armor includes a lot of other useful features like a Popup blocker, checks to help you avoid Phishing scams and much more.

David D. Deprice reviews top encryption and security solutions at
http://www.deprice.com

The modern homeowner has been aided considerably by advancing technology and nowhere is that more evident than in the field of home security. The tools that are now in the hands of the average homeowner were considered practical for only the wealthiest of people and large corporations only just a few years ago.

For instance, consider the subject of video surveillance. In times past the only solution offered was an analog closed circuit television system which was expensive and had serious drawbacks, including the fact that it was not possible to actually monitor events around your home from long distance as they happened. They had to be saved to some type of recording device, most often video tape, and then viewed later at once to provide any useful information.

But with the advent of the computer age, networking, and the internet, great improvements have been made to the advantage of the average homeowner. Chief among these is the rise of digital recording devices instead of analog equipment. By capturing the video in digital format, it could then be broadcast to another distant location and even viewed live as it happens. It also improved the captured images considerably, and made for much better image quality.

Because of the internet, we now have the ability to log onto the web and view video feeds from cameras at our home live as they are recording. By combining this technology with the right software product we can even view more than one camera’s output at the same time. So if you have for instance 5 cameras around your home, you can watch them on your monitor screen whenever you wish to keep an eye on what is happening even though you are many miles away.

Having such a digital home security camera system is not all that expensive either, and with the rising number of people becoming familiar with setting up their own wireless computer systems, it is also becoming a home security measure that many can install themselves.

So if you have the need to keep up with what is happening at home when you are away for any reason, why not consider getting a digital camera system for your own peace of mind?

Jim Johnson is a successful author and publisher on consumer related matters. You can find out more about a home security camera system and home security surveillance by visiting our Home Security website.

In recent weeks, attacks on prominent sites such as Yahoo and Ebay have brought home a very pressing point - site security. Anywhere you have a dynamically-generated page, you could be open to attacks where malicious HTML is embedded into your pages. Your pages could be rewritten to substitute your customers’ names with “Dummy.” Or, credit card information could be intercepted and sent to a secret depository for later use. What can we do about this?

There are many methods by which a hacker may attack or take control of a site. I am focusing this discussion on attacks that come via form input. That is, anywhere you have input coming in from your web user, e.g. a registration form, user login or even a search on your site. Scripts could be sent to your server by entering < script> some malicious code < /script> in your input fields. The following are steps you can take to minimise the risk of this happening. These measures will not make your site hacker-proof (no site can be if a hacker really has it in for you), but it can make it less of an easy target. Step 1: Place character limits on your inputs You do this by adding the “maxlength” attribute into your text input tags

e.g. < input type="text" name="firstname" maxlength="15">

The example above restricts the user to a 15 character input for that field. The “< script>” and “< /script>” tags alone will take 17 characters so the smaller you limit your “maxlength” attribute to, the harder it will be to include rogue codes in your inputs. Of course, you must ensure that you impose a suitable limit so that actual input from your valid users will not be excluded. Step 2: Filtering your data All data received from your site should be filtered, you can either filter your data when it comes into your server as user input, or when it goes out as results for your user’s browser. Whether you should filter input or output, depends on your site and its requirements, there is a good discussion on this at http://www.cert.org ech_tips/malicious_code_mitigation.html/ . Filters can be written in any language, here is an example in Perl :

# This function checks the input, $firstname, for the following symbols ;<>?*/’&$!#()[]{}:”‘ # and tells the user to re-enter his/her firstname if any of the symbols is found if($firstname =~ /([;<>?*/’&$!#()[]{}:’”])/) { print p(’Invalid input found, please use only alphanumerical input. Please re-enter your FIRSTNAME’); } You can see this script at work on our site : http://www.payingads.com/freesignup.html . Step 3: Setting the character encoding

Some HTML editors already set this while it creates a page, but those of you who have older HTML editors or like me, like to code the page from scratch will need to include the following line in our HTML pages: < META http-equiv="Content-Type" content="text/html; charset=IS0-8859-1"> It should go as high as possible on your webpage, I normally place it just after the < /head> tag, before the < title> tag. This META tag tells the browser to use the “ISO-8859-1″ character set, which is suitable for most Western European languages, rather than let the browser choose it’s own character encoding, which may or may not be ISO-8859-1.

Why is it important to explicitly set it? The character encoding basically tells browsers how to display a particular character. For example, in the ISO-8859-1character set, “A″ represents the letter “A” while “©″ represents the copyright symbol “©” (You can try this out by typing < p>A< /p> or < p>©< /p> in a html file then call it up on a browser). Some character sets, have more than one representation for special characters such as “<" or ">“, so your filter program may not toss out all the representations of the character you have asked it to exclude. So when it serves a new page back to the browser, the browser, because it has not been told what encoding to use, can still read the malicious script intact.

So there you have it, 3 steps that should be incorporated into every website. Use them as a base to further build on. Because every site is different, you (or the security consultant you hire) will need to assess your site’s own vulnerabilities and implement appropriate security measures. To do this you need to take into account your site’s risk factor, your budget and your available resources.

On a final note, I’d like to stress the importance of keeping up with the latest threats and developments in site security. A good site for checking out security alerts is the CERT Coordination Center http://www.cert.org/nav/index.html or better yet sign up for their Security Advisory that is sent via email.

The following is a simple how-to guide for installing,
configuring, and running your first vulnerability scan using the
NessusWX Windows client. The instructions do not include in
depth explanations as it is assumed that you are familiar with
benefits of using Nessus and have a general working knowledge of
Windows.

As with any software installation, your results may vary
depending on the machine operating system and patch levels being
used. The installation steps were conducted using of NessusWX
1.4.4 on several Windows operating systems and patch levels
including XP, 2000, and 2003 Server to insure accuracy. It is
recommended that the installation be conducted using the “admin”
account or equivalent to avoid rights issues.

Install NessusWX

• Download and save
  the self-extracting version of NessusWX for Intel platforms from
  http://nessuswx.nessus.org/ to a temp directory on your hard
  drive. (nessuswx-1.4.4-install.exe, 1413KB in size); type='disc'>Double-click NessusWX-1.4.4-install.Exe to start the
  installation process;
• If using XP SP2 you may be
  prompted with a warning message that the publisher could not be
  verified, click
• At the “Welcome to the
  Installation Wizard” screen click
• At the
  “License Agreement” screen read the license terms, check “Yes, I
  agree with all the terms of this license agreement”, click
  ;
• At the “Destination Folder” screen enter
  the desired location for NessusWX, or accept the default of
  C:Program FilesNessusWX, click ;
• At the
  “Setup Type” screen select “Binaries Only”, or if you wish the
  source files included select “Binaries & Source”, click ;

• At the “Program Group” screen select the desired
  program group, or leave at the default of NessusWX, click
  ;
• At the “Ready to Install the Program”
  screen click ;
• At the “Installation
  Complete” screen click .

If the installation process
completed successfully, you now have a NessusWX desktop icon and
Start/Programs/NessusWX menu listing.

Configuration of NessusWX

Before configuring the NessusWX client, you need some
information concerning the Nessus server you will be using.
Please contact you Nessus server administrator for assistance if
needed.

Nessus server IP: _______________________

Nessus port number: _____________________ (default is 1241)

Max simultaneous hosts: __________________ (default is 16)

Max security checks per host: ______________ (default is 10)

Your Nessus login name: __________________

Your Nessus login password: _______________

Maximum simultaneous hosts, and maximum security checks per
host, refers to the number simultaneous scans that will be
performed. It is possible to optimize a Nessus server to support
more then the default settings and to use a different port. If
in this information is not available or unknown use the default
values.

Your Nessus Server administrator has the ability to limit what
IP range(s) you can scan based on your login name. Speak with
your Nessus server administrator and determine what limits, if
any, have been established.

• Upon executing NessusWX you will be
  prompted with the “Settings” screen, “General” tab,requesting
  database directory information. By default NessusWX uses
  C:NessusDB to storescan result. The database location can be a
  network drive if you wish to store results on a network drive
  for security purposes. Select the defaults value or change to
  the desired directory, click
• If the
  directory you selected does not exist, you will be prompted with
  a creation message, click
• Select
  “Communications/Connect” menu option
  type='circle'>Change the default Server “Name”, from the default
  127.0.0.1, to the desired Nessus server; type='circle'>Change the default Server “Port Number”, from
  1241, to the desired Nessus server port if needed; type='circle'>By default, NessusWX selects TLSv1 as encryption
  option;
  • Select “Authentication by Password”
    radio button;
  • Check save password checkbox;

  • Change the default Authentication “Login”
    value to your Nessus login name;
  • Enter your
    Nessus login name password, click type='circle'>You will be prompted with New Server Certificate
    window displaying the Nessus server certificate information,
    click

If the userid/password information you entered is correct, you
will receive a brief message that NessusWX is downloading plugin
information. Upon download completion, something similar to the
following will be displayed at the bottom of the NessusWX screen:

Using

Connection with the server [xxx.xxx.xxx.xxx] established

xxxx plugins loaded

xxxx preferences received

xxxx rules received

You now have a fully functioning copy of NessusWX installed,
have connected to a Nessus Server, and are ready to being
performing vulnerability scans.

Before You Scan

Before performing vulnerability scanning, a few cautions and
recommendations should be considered:

• Make sure you are acting within your
  authority. Most companies have strict policies about who can
  perform vulnerability scanning and on what equipment. Acting
  outside your authority with a vulnerability scanner could lead
  to your dismissal;
• Absent Nessus server based
  rules that limit what IP ranges you can test, obtain written
  permission on what you are and are not permitted to perform
  vulnerability test on;
• Vulnerability scanning
  can leave equipment in an unstable state. This is practically
  true if performing Denial of Service tests and/or testing
  systems are very poorly configured. Nessus vulnerability
  scanning is normally not destructive and rebooting the affected
  equipment will return it to the correct operational state; type='disc'>NessusWX has a selection for “Safe checks” that
  disables the most dangerous scripts from executing and instead
  relies on banners information to determine vulnerability rather
  than exploiting the real flaw. However, it is still possible to
  leave equipment in an unstable state;
• If your
  company uses an intrusion detection system, performing
  vulnerability scanning on the network will most likely trigger
  intrusion alerts. Vulnerability scanning is very “noisy” and
  easily detected by most intrusion detection systems; type='disc'>If you are performing vulnerability scans across the
  internet verify your ISP will not object, that your scanning
  will not trigger their intrusion detection system, and request
  documentation concerning scanning polices and rules that you
  must follow;
• Exercise common sense when
  performing vulnerability scans. For example, it’s most likely
  not a good idea to run a Denial of Services test on your core
  router during normal business hours;
• NEVER SCAN
  EQUIPMENT THAT YOU ARE NOT EXPRESSLY AUTHORIZED TO SCAN. Doing
  so could result in lawsuits, bad press, jail, ISP termination,
  and unemployment just to name a few. Running a Denial of
  Services test against your competitor’s web site for example,
  will most likely result in several unwanted events occurring
  once you and your company are identified as the cause.

Performing Your First Scan

To perform your first vulnerability scan, you must create a
Session (job) outlining the targets and scanning options desired.

• Click menu selection Session/New; type='disc'>You will be prompted to enter a session name or
  accept the default of “Session1″. Enter “First Scan”, leave
  “Define additional properties” checked, click ; type='disc'>At the “Session Properties - Test Scan”, click the
  “Targets” tab, then click ;
• At the “Add
  Target” screen you have the option of entering a single host, a
  subnet, or IP range depending on scanning needs. For our test
  session, select a single IP address and enter the IP or Host
  name of your workstation, click ;
• Click
  .
• Click the “Options” tab:
  type='circle'>Change “Maximum simultaneous” default value if
  needed;
  • Change “Security checks per host”
    default value if needed;
  • “General scan
    options/Enable plugin dependencies”. Nessus uses many plugins
    (tests) that require the use of other plugins to operate
    correctly. Checking this box permits Nessus to automatically
    enable dependencies as needed. For our test scan, “Enable plugin
    dependencies” should be checked;
  • “General scan
    options/Do reverse DNS lookups” simply performs a DNS lookup on
    the target to determine the host name. For our test scan, check
    “Do reverse DNS lookups”;
  • “General scan
    options/Safe checks”. As stated previously, Safe Checks disables
    the most dangerous scripts from executing and instead relies on
    banner information to determine vulnerability rather than
    exploiting the real flaw. For our test scan, leave “Safe checks”
    checked;
  • “General scan options/Optimize the
    test” lets Nessus avoid all apparently irreverent tests. For
    example, tests will not be conducted for web site unless a web
    site is detected. For our test scan, leave “Optimize the test”
    checked;
  • “General scan options/Resolve unknown
    services” will permit Nessus to resolve any unknown services
    that may be operating on the system. For our test scan, leave
    “Resolve unknown services” checked;
  • “Path to
    CGI’s”. Nessus has the ability to check for generic CGI
    vulnerabilities that may be present. For our test scan, leave
    “Path to CGI’s” at the default of “/cgi-bin”; type='circle'>“Interface options” permits you to limit the
    results that are displayed on the screen while scanning is
    occurring. For our test scan, leave both items unchecked to
    display the maximum amount of information; type='circle'>Click .
• Click the
  “Port scan” tab:
  • “Port range to scan”
    permits you to enter the ports Nessus will scan. For our test
    scan, we will use the default of “Privileged ports (1-1024)”;

  • “Port scanners” permits the use of a wide
    range of port scanners depending on your needs. For our test
    scan, leave the default of “Ping the report host” and “tcp
    connect scan” checked.
  • Click .
• Click the “Connection” tab will permit you to
  enter and store specifics about the Nessus server to be used for
  the session. Since we are currently connected to a specific
  Nessus server, no need exists to enter this information for our
  test scan;
• Click the “Plugins” tab:
  type='circle'>To test for system vulnerability we must enable
  plugins. Check the “Use session-specific plugin” checkbox. You
  will notice that currently “0 plugins currently are selected for
  execution”;
  • Click the “Select plugins” button
    to display the “Plugin List” screen. For our test scan, click
    the “Enable All” button, click , when prompted with “Do you
    wish to enable all port scanners as well”, click . You
    will notice that 2400 or so plugins are now selected for
    execution;
  • Click .
  type='disc'>Click the “Comments” tab and input any remarks you
  have concerning this session or its settings, then click to
  save your Session;

To execute the Session, right-click on the icon and then select
. When prompted at the “Execute Session” screen simply
click Execute and vulnerability scanning will commence.

Closing

Take some time, experiment, and learn what NessusWX and Nessus
have to offer. Patch systems and rescan to verify vulnerability
have been closed. Using NessusWX and Nessus will permit you to
find system vulnerabilities before hackers and virus/worm
writers have opportunity to do it for you.

1. The Security Consultant’s Perspective…

Workplace violence is a reality whether it happens at the warehouse, plant, parking lot, hospital or treatment center, and office or while sitting in your car taking notes. It should not be swept under the carpet. The average out of court civil suit settlement is in the range of $300,000 to $500,000; jury rendered verdicts awarding $1 Million dollars plus. A clear reporting system should be implemented and all employees should be trained and encouraged to report all incident

Training and Security Awareness makes good sense. While all supervisors and managers should receive some form of orientation on Threat Assessment and Risk Management all employees should receive training also. Key to the fair and equitable determination of an incident is total analysis of available information about the participants, the incident and the environment. Knowledge of how to conduct a fact-finding investigation should be part of the Threat Assessment Training for supervisors in determination of the type of disciplinary action or deciding criminal prosecution. Companies wishing to gain a perspective of their workplace violence potential risks should begin with a security survey of all employees and environment. Training to assist employees in identifying warning signs of workplace violence and what steps to take to de-escalate incidents before eruption is next. Essential to a good workplace violence prevention program is the policy and the plan to deal with incidents. Unfortunately, some companies have paid little to no attention to the implementation of asecurity policy and plans because, “We don’t have a security problem here”.

2. Are we really safe…

Linda Lockwood, PhD, Metropolitan State College of Denver says that workplace violence is obviously a serious problem that must be better understood in order to prevent its occurrence. Its cost to our society is measured in terms of dollars and human life. For instance, it’s the second greatest cause of death in the workplace for men and the first greatest cause of death for women (E. Gonzalez, Confronting workplace violence psychologist traces everyday causes, Rocky Mountain News, October, 1999). Recent headlines underscore the reality that workplace violence is a phenomenon, which affects every institution and workplace, and that the perpetrator is a microcosum of our society.

Nevertheless, we must guard against potential acts of violence by doing something; being aware, holding the participants accountable and providing support services. Employee security checklist and opinion surveys are essential tools available to the security consultant to assist in the assessment and evaluation process. They will tell you that lights in the parking lot are not working, that they feel insecure visiting clients or patients alone or that a reduced hospital staff on weekends leaves the hospital security short of staff. Preparation will help to minimize injury and the risk of fatalities.

3. What studies show…

In addition to the disgruntled employee which, is the greatest security threat to the workplace or the mentally ill worker, business practices also are potential contributors to a hostile workplace. A supervisor aware of a disgruntled employee can’t afford to discipline him or her because, the loss might have an adverse affect on efficiency and performance. Environmental changes to improve security measures are too costly and the changes are not needed. While employees are often victims of their jobs, positions and contact with the public, job stress and personal distresses are real factors that increase the likelihood of workplace violence. A theory of the workplace violence and aggression is that an “individual’s cognitive appraisal” of a situation can create more severe affective reactions and potentially aggressive behaviors in situations that may not call for heightened responses”. In other words, some people may create a “mountain out of a mole hole”, because of the way they unrealistically interpret their situation.

4. Stress is a real factor…

Profiles of perpetrators suggest that high stress levels are commonly experienced just prior to an act of violence says Worthington J. Hurrell, in 1999 in an article entitled: “Job stress, gender, and workplace violence Analysis of assault experiences of state employees”. Dr. Frank Ghinassi, PhD, and assistant professor of psychiatry at the University of Pittsburgh School of Medicine, said that the start of war can bring on feelings of anxiety over personal safety, financial security and the safety of loved ones in military service. He stressed that it was possible that many would experience feelings of increased stress and anxiety. I believe aggressive intervention and security awareness are essential to the interdiction of the potentially explosive situation.

5. The President comes to the rescue…

Challenging the effectiveness of an aggressive Workplace Violence Interdiction Program was the 1999 Federal Trade Commission Fair Credit Reporting opinion that prohibited employers’ use of outside professional investigators in cases of suspected employee misconduct unless the same requirements used in credit investigations were satisfied. This meant that the worker suspected of misconduct had to be notified before any investigation. In addition, the FTC required that the employer provide a complete copy of the investigation’s results to the suspect employee, including the names and comments of witnesses.

Thanks to the yeoman efforts of ASIS (Association of Security Industrial Society), the U. S. Chamber of Commerce, SHRM (Society for Human Resource Management) and the National Council of Investigation and Security Services, President Bush signed a bill into law Dec. 4, 2003 re-authorizing the Fair Credit Reporting Act, which includes a provision that removes workplace misconduct investigations from the notice and disclosure requirements of the FCRA. This re-authorization aids workplace security intervention. ASIS officials said these barriers were overlooked by Congress until Rep. Pete Sessions (R-TX) perceived the possible threat posed to the security and safety of employees and consumers by the FTC opinion. Sarah Pierce, SHRM manager of employment policy, said, “the FTC’s 1999 interpretation was problematic because it contradicted numerous other laws that were specifically tailored to apply to the workplace.” “Because of the changes, employers can now hire outside experts to investigate incidents of workplace misconduct without fear of liability”, said Josh Ulman, Director, Labor Law Policy for the U.S. Chamber of Commerce. The re-authorization restores the employer’s right to maintain a safe and secure workplace and insures a suspect’s right to a professional, thorough and impartial investigation.

6. Corporate America takes responsibility and accountability…

Employers who take responsibility and accountability for the hostile conduct of its employees are employers who follow their Security Policy, Plans and Programs. Merely disciplining the perpetrator without a thorough knowledge of the facts and circumstances does not do justice to the adverse potential to morale, performance, production, future compensation claims and security. It fails to identify the root cause or the contributing behavior of the participants. Remember, every catastrophe has a precursor event before the triggering action. Knowing the Risk Indicators warns all of the suspicious intentions. When there are clear reporting requirements all involved will benefit from the early warning and collaboration. Corporate America can again regain the lost turf. Being able to conduct a proper investigation, take corrective measures will assist with the rehabilitation process.

When you’re learning about something new, it’s easy to feel overwhelmed by the sheer amount of relevant information available. This informative adware and spyware article should help you focus on the central points.

Adware is any software application software which makes banners appear the whole time it is in function. Also, the adware program can install components that will transmit information about the user and its behavior and this work on his PC. Unlike spyware programs, the user is asked when the program is being installed. Actually, an adware application is the application that, along with its basic functionality, has a different one, the one that makes it show commercials once in a while, downloaded periodically from certain internet servers.

Spyware is a program, usually downloaded from the internet, which sends information about the user without him knowing it, every time he connects to the internet. Usually, the packages sent contain marketing information and not confidential information, although some programs can do that too.

Even if some applications are both adware and spyware, this is not a generally true situation. Most of the times spyware applications have installed themselves and they are working without the user knowing it, opposing the adware applications that cannot be installed without the consent of the user.

For a long time quality and free software was installed and used for free but once the complexity of the programs became greater their costs have risen till the point the developers just had to find out methods to diminuate them. One of the easiest ways was delivering along with their programs application like adware and spyware. On the other hand, many commercial programs became usable freely and legally by passing the line to the adware category.

Hopefully the information presented so far has been applicable. You might also want to consider the following:

>From the harmless intention of showing some commercials and till elements of analyzing and stocking information about the user and his software or hardware configuration the developers had to install on the target computer supplementary modules. If at the beginning it was only an engine that downloaded commercials and showed them in pre-calculated windows, the adware industry has evolved and grew a great bit since then. Now they use different instruments, from altering your browser and its settings and till launching background applications that monitor your PC activity.

Among the effects that follow installing spyware and adware are the next ones:

- Adding links to various magazines - Adding new commercials on the web pages, sometimes replacing the existent ones - Monitoring browser behavior in commercial purposes. - Gaining access to passwords and credit cards. - Slowing down the computer. - In some cases they can call telephone numbers with high costs. - Changing the browser’s homepage in commercial purposes. - Strange icons and new software might appear on the desktop.

You can enter their online sites and try the services for free, then decide what to use.

Hopefully the sections above have contributed to your understanding of adware and spyware. Share your new understanding about adware and spyware with others. They’ll thank you for it.