epic
User
 Inregistrat: acum 18 ani
Postari: 1896
|
|
ActiveX Control:
See “Browser Plug-in.”
Adware: A type of Advertising Display Software, specifically certain executable applications whose primary purpose is to deliver advertising content in a manner or context that may be unexpected and unwanted by users. Many Adware applications also perform tracking functions, and therefore may also be categorized as Tracking Technologies. Consumers may want to remove Adware if they object to such tracking, do not wish to see the advertising caused by the program, or are frustrated by its effects on system performance. Some users may wish to keep particular Adware programs if their presence subsidizes the cost of a desired product or service or if they provide advertising that is useful or desired.
Alternate Data Stream: An extension to Microsoft's Windows NT File System (NTFS) that provides compatibility with files created using Apple's Hierarchical File System (HFS). Applications must write special code if they want to access and manipulate data stored in an alternate stream. Some anti-virus and backup tools do not process these streams, so they are sometimes used to hide spyware and other potentially unwanted software.
Botnet: A type of Remote Control Software, specifically a collection of software robots, or “bots”, which run autonomously. A botnet's originator can control the group remotely. The botnet is usually a collection of cracked machines running programs (worms, trojans, etc.) under a common command and control infrastructure. Botnets have been used for sending spam remotely, installing more spyware without consent, and other illicit purposes.
Browser Help Object (BHOs): see “Browser Plug-in.”
Browser Plug-in: A software component that interacts with a web browser to provide capabilities or perform functions not otherwise included in the browser. Typical examples are plug-ins to display specific graphic formats, to play multimedia files, or to add toolbars, which can offer searching or anti-phishing services. Plug-ins can also be used to perform potentially unwanted behaviors such as redirecting search results or monitoring user browsing behavior , or installing other unwanted software like nuisance or harmful adware. Types of Browser plug-ins include:
ActiveX controls: A type of Browser Plug-in that is downloaded and executed by the Internet Explorer web browser.
Browser Helper Object (BHOs): A Type of Browser Plug-in that is executed each time the Internet Explorer web browser is launched. Toolbars are a common form of BHO.
Firefox Extensions: A type of Browser Plug-in that is executed each time the Firefox web browser is launched. Extensions can add anything from a toolbar button to a completely new feature.
Bundling: The practice of distributing multiple pieces of software together, so that when the software “bundle” is installed, all components are installed. In many cases, bundling is a convenient way to distribute many related pieces of software together. However, in some cases, unwanted software components can be bundled with programs users download, and can thereby be snuck onto their computers without adequate notice or consent.
Cookie: A piece of data that a web site, through the means of the browser, saves on users’ computers’ hard drives and retrieves when they revisit that Web site or an affiliated site. Some cookies may use a unique identifier that links to information such as login or registration data, online "shopping cart" selections, user preferences, web sites you have visited, etc.
Dialer : A program that utilizes a computer’s modem to make calls or access services. Users may want to remove dialers that can result in unexpected phone numbers being dialed or unexpected telephone charges. Dialer is a colloquial term for Dialing Software.
Distributed Denial-of-Service (DDoS) Attack: A means of burdening or effectively shutting down a remote system by bombarding it with traffic from many other computers. DDoS attacks are typically launched using the compromised systems of Internet users. An attacker will exploit a vulnerability in one computer system and make it the DDoS “master” using Remote Control Software. Later, the intruder will use the master system to identify and communicate with other systems that can perform the attack.
Downloader : A program designed to retrieve and install additional files. Downloaders can be useful tools for consumers to automate upgrades of essential software such as operating systems, browsers, anti-virus applications and anti-spyware tools. Automated upgrades are useful for closing off security vulnerabilities in a timely way. Unauthorized downloaders are used by third parties to download potentially unwanted software without user notification or consent.
Drive-by-Download: Software that is automatically downloaded to a user’s computer when she visits a website or views an html formatted email, without the user’s consent and often without any notice at all. Drive-by-downloads are typically performed by exploiting a security hole or lowered security settings on a user’s computer.
Droneware : Programs used to take remote control of a computer and typically used to send spam remotely or to host offensive web images. See also “Botnet.”
End User License Agreement (EULA): An agreement between a producer and a user of computer software that specifies the parameters of use granted to the user. The software producer specifies these parameters and limitations on use, which can become part of a legally binding contract. Some companies use the EULA as the sole means of disclosure of a program’s behaviors or bundling.
Exploit/Security Exploit: A piece of software that takes advantage of a hole or vulnerability in a user’s system to gain unauthorized access to the system.
Hacker: In computer programming, hacker means a programmer who hacks or reaches a goal by employing a series of modifications to exploit or extend existing code or resources. In computer security, hacker translates to a person able to exploit a system or gain unauthorized access through skill and tactics (Wikipedia). A person who illegally gains access to and sometimes tampers with information in a computer system (Merriam- Webster).
Macromedia Flash: A platform that supports the authoring and display of multimedia content (e.g., graphics, audio, and/or streaming media). Flash content can appear in a web page or be stored in file. Playing Flash content within a browser is typically done through a Browser Plug-in that includes the Flash player. The Flash player is pre-installed in several web browsers and on different operating systems. Flash MX technology includes a mechanism that can be used as alternative to tracking cookies (see PIE).
Password Cracker: Security Analysis Software designed to allow their users to recover or decrypt lost, forgotten or unknown passwords. While a legitimate tool used by security administrators and law enforcement officers, Password Crackers pose a significant security and privacy threat when used illicitly by unauthorized users.
Persistent Identification Element (PIE) : PIE is a Tracking Technology designed to be an alternative to a cookie that uses Macromedia Flash local shared objects to identify visitors.
Port Scanner : Security Analysis Software used to discover what computer network services a remote system provides. Port scanning gives an assailant an idea where to probe for weaknesses.
Privacy Policy: A legally binding notice of how a company deals with a user’s personal information. The privacy policy should contain information about collecting information and the secondary uses of data including how information is shared with third parties.
Remote Access/Administration Tool (RAT): An executable application designed to allow remote access to or control of a system. RATs are a type of Remote Control Software. While there are many legitimate uses of RATs that do not pose security threats, they can be used maliciously by attackers to start or end programs, install and uninstall new software, or perform other potentially unwanted or unauthorized actions.
Rootkit : A set of programs used to hack into a system and gain administrative-level access. Once a program has gained access, it can be used to monitor traffic and keystrokes; create a backdoor into the system for the hacker's use; alter log files; attack other machines on the network; and alter existing system tools to circumvent detection. Rootkits are an extreme form of System Modification Software.
Screen Scrapers: Tracking Software that surreptitiously records images of activity on the screen. Screen Scrapers typically either store the recorded images and video for later retrieval or they transmit them to the remote process or person employing the Screen Scraper.
Snoopware: Sometimes used as a synonym for the narrower definition of Spyware—i.e. Tracking Software deployed without adequate notice, consent, or control for the user.
State Management Tools: Technologies used to store andmake available information about the “state” of a system—i.e. information about current conditions and operations. Cookies are the most common form of State Management Tool. State Management Tools can be used as a Tracking Technology.
Spyware: The term Spyware has been used in two ways.
In its narrow sense, Spyware is a term for Tracking Software deployed without adequate notice, consent, or control for the user.
In its broader sense, Spyware is used as a synonym for what the ASC calls “Spyware and Other Potentially Unwanted Technologies.”
In technical settings, we use the term Spyware only in its narrower sense. However, we understand that it is impossible to avoid the broader connotations of the term in colloquial or popular usage, and we do not attempt to do so. For example, we refer to the group as the Anti-Spyware Coalition and vendors as makers of anti-spyware software, even recognizing that their scope of concern extends beyond tracking software.
Stream Files: See “Alternate Data Stream.”
System Monitor: Tracking Software used to monitor computer activity. System Montiors range in capabilities but may record some or all of the following: keystrokes, e-mails, chat room conversations, instant messages, Web sites visited, programs run, time spent on Web sites or using programs, or usernames and passwords. The information is typically either stored for later retrieval or transmitted to the remote process or person employing the Monitor. Keyloggers and Screen Scrapers are types of System Monitors.
Tracking Cookies: A Tracking Cookie is any cookie used for trackingusers’ surfing habits. Tracking Cookies are a form of Tracking Technology. They are typically used by advertisers wishing to analyze and manage advertising data, but they may be used to profile and track user activity more closely. However, tracking cookies are far more limited in their ability to track users than software that is actually installed on users’ computers. While installed software can potentially record any data or activity on a computer (see System Monitor), cookies can only record visits or activity on a single website or its affiliated sites. Moreover, unlike Tracking Software, cookies entail no substantial effect on computer reliability, security, or speed.
Tricklers : Automatic Download Software designed to covertly install or reinstall software by downloading slowly in the background so the download is less noticeable. Tricklers are typically used to enable a spyware program to install silently or to reinstall after a user has removed components of the program from his or her computer.
Trojan : A non-replicating malicious program designed to appear harmless or even useful to the user, but, when executed, harms the user's system. Some software bundles containing malicious forms of spyware or other potentially unwanted software are considered to be Trojans.
Virus : Self-replicating code that propagates by reproducing and inserting itself into other programs, documents, or email attachments. Some viruses are intentionally destructive (for example, erasing information on users' hard drives). For others, the primary negative effect is their uncontrolled self-reproduction, which can overwhelm system resources.
Worm: A computer worm is a self-replicating computer program, similar to a computer virus. Unlike viruses, however, worms self-propagate and so do not require other programs or documents to spread. Worms typically spread through email or other file transmission capabilities found on networked computers.
Zombie: A system that has been taken over using Remote Control Software. Zombies are often used to send spam or to attack remote servers with an overwhelming amount of traffic (a Distributed Denial of Service Attack).
_______________________________________
:< 4 8 15 16 23 42 *execute*
TOATA LUMEA ESTE INVITATA PE NOUL FORUM!
|
|
