In the midst of working on an important assignment for class, junior Ben Alexander left the room to get some food and returned, minutes later, to find that his computer screen was completely covered with porn adware.
"My computer was overwhelmed by pop-ups while I was working on this paper," he said. "I couldn't even type because the ads were popping up so quickly. It was terrible."
These days, spyware infestations have generated increased attention: students on the Tufts campus and across the country have frequently found themselves struggling against adware programs and pop-ups rather than focusing on their work.
"Whenever I opened Internet Explorer, advertisements would pop up like crazy, and the disc drive would pop open ... I had to have someone fix that," junior Sarah Goldman said.
Senior Chris Erwin had a similar experience with online ad programs. "They're no longer on my computer, as I have eight firewalls, four anti-virus programs, adware block, spyware blockers - a small army," he said. "But every now and then one pops up. You can't get them all."
"Adware can do a number of things, from profiling your online surfing and spending habits, to popping up annoying ad windows as you surf," Tufts OnLine Supervisor Judi Rennie said.
According to Rennie, in some instances, adware has been bundled with other software with or without the user's knowledge - or slipped into the fine print of a End User License Agreement (EULA). As a result, users are often unaware that they have installed the adware.
"It is important that the users read the EULA before installing downloaded software - it would be their chance to decline this 'extra treat' the software folks have included," Rennie said. "Not all adware is bad, but often users are annoyed by its intrusive behavior."
Rennie warned students to keep in mind that removing adware may cause the program it came bundled with to stop working.
Spyware poses a potentially larger threat than adware because it can record keystrokes, passwords, credit card numbers, surfing habits, and chat logs. It may even take random screenshots of user activity.
"Basically, whatever you do on the computer is completely viewable by the spy," Rennie said. "You don't have to be connected to the Internet to be spied upon."
The latest forms of spyware include the use of routines to mail out user activity via e-mail or post information to the web, where the spy can view it at their leisure. Many spyware vendors also use "stealth routines" and "polymorphic" techniques to avoid detection and removal by popular anti-spy software.
According to Rennie, Tufts has experienced a surge in the amount of spyware and adware trouble calls during the 2004-2005 academic year. "In September, we had nearly 600 students ask for help with this type of problem," she said. "In an average [non-startup] month, we get 150 to 200 machines with these problems."
Although these problems are widespread, many users are unaware of their presence. A study conducted last fall by America Online and the National Cyber Security Alliance revealed that approximately 80 percent of all users had some form of spyware or adware on their machines, but only 11 percent of respondents whose computers had tested positive were aware that their systems contained any spyware.
According to Rennie, most malicious programs infiltrate computers when users install "freeware" found on the internet. Others can be installed through websites that take advantage of the relaxed security that comes with Internet Explorer or through P2P (peer-to-peer) file-sharing programs.
Junior Rebecca Firesheets was bombarded with advertisements on her Internet Explorer browser after downloading Kazaa, a music sharing program. "It was really frustrating," she said. "My computer became very slow."
Rennie said that users should be cautious about sharing files or clicking on advertisements. "Students need to realize that 'Click here' is not an imperative," she said. "You have the option to close the window without seeing what's behind that message, or to not download the software that the window is urging you to take."
When a computer at Tufts is infected with spyware, the user must call or make the trek to the basement of Ballou Hall, which houses the Tufts OnLine [TOL] office, to have the problem cleaned up. There, Residential Computer Consultants will make sure the user's machine is up-to-date with operating system patches and install programs like SpyBot and AdAware to help the student user prevent future mishaps. They will also install and configure Command Anti-Virus for any student that does not have virus protection.
Erwin feels that Macintosh computers are much better-equipped to fight spyware than their PC counterparts. There is some evidence to support this claim.
"There are reports of trojans, malware, and spyware on Macs, but in the TOL office we don't see all that many cases," Rennie said. "Mac users on the whole seem to have fewer problems."
"If the student user doesn't keep the definition files for these programs up to date, they'll find themselves in exactly the same situation down the line," Rennie said. "Having a computer is just like owning a car - upkeep is imperative. You wouldn't go a year without an oil change or rotating the tires. Likewise, you shouldn't go a year without updating your virus definitions."
To prevent spyware infections, Rennie recommended that students keep definition files updated, refrain from clicking on suspicious windows, and only accept file transfers or downloads from known sources. "In general, if you're not sure, don't do it!" she said.
Although Tufts does provide basic technical support services to students, some complain that these resources are inadequate or ineffective. More often than not, students seek help from computer-savvy friends before going to Ballou Hall.
"Tufts computer help is for the most part useless," senior Chris Erwin said. "They do some good things, but compared to other schools, they are far from being truly helpful."
Junior Ricardo Sneller agreed with Erwin. "In order to fix my adware problems, I downloaded AdAware from the internet," he said. "The stuff Tufts had given me was ineffective, to say the least. It did not get rid of the spyware."
Rennie indicated that TOL has been looking for new ways to educate the Tufts community about spyware problems in the future. "Tufts OnLine is working with some of the RA staff to put out a pilot class in the residential halls to help students better understand these topics and more," she said.
TOL can be reached at x7-4TOL. The office, located in the basement of Ballou Hall, is staffed Monday through Friday from 9 a.m. until 5 p.m.
