Spyware: Difference between revisions
init |
removed invalid link at the start of the article (Mentioned invalid link was "malware") |
||
| (28 intermediate revisions by 8 users not shown) | |||
| Line 1: | Line 1: | ||
[https://en.wikipedia.org/wiki/Spyware Spyware] is a form of '''malware''' designed to gather information from the infected device. Spyware comes in many different shapes and forms and may be installed intentionally or unintentionally.<ref name=":1" /> | |||
There is considerable debate over the scope of the term malware; while some people and groups qualify certain non-malware software as spyware, such as [[Microsoft]], [[Meta]], and [[Google]]<ref name=":0">{{Cite web |last=Petrino |first=Gene |title=The Data Big Tech Companies Have On You |url=https://www.security.org/resources/data-tech-companies-have/ |archive-url=http://web.archive.org/web/20260111171613/https://www.security.org/resources/data-tech-companies-have/ |archive-date=11 Jan 2026|access-date=21 August 2025 |website=security.org |type=Uses text to communicate information(with some additional imagery)}}</ref> owned software due to the large quantity of data these corporations collect from its users, others disagree with that qualification, due to the user having technically consented to the data collection. | |||
==How it works== | |||
Spyware comes in many different forms. It may present itself as an actual software, while secretly spying on your device in the background. | |||
Malware with deeper level access to your device has more potential for harm, which is a reason some are cautious of [[Kernel level driver|Kernel Level Drivers]] and [[Kernel level anti-cheats]]. | |||
Some "free" services, such as [[Google]] services(check here for more info: [[List of Google products]]), often come at the cost of user data being collected to be sold for profit and/or to be used as [[Artificial_intelligence/training|training data]] for [[artificial intelligence]].<ref>{{Cite web |date=16 Feb 2022 |title=What Does Big Tech Actually Do With Your Data? |url=https://www.forbes.com/councils/forbestechcouncil/2022/02/16/what-does-big-tech-actually-do-with-your-data/ |archive-url=https://web.archive.org/web/20241206070801/https://www.forbes.com/councils/forbestechcouncil/2022/02/16/what-does-big-tech-actually-do-with-your-data/ |archive-date=6 Dec 2024 |access-date=31 Jan 2026 |website=forbes.com}}</ref> | |||
The legally collected data may also just be diagnostic data or just a way to make things "more convenient"(like with [[Web cookie|cookies]]). | |||
== | ===Data that tends to get collected:=== | ||
*Username | |||
*Passwords | |||
*Email addresses | |||
*Diagnostic data(how you use their platform, errors & crash reports, logs, etc) | |||
*Phone Numbers | |||
*Payment Information | |||
*Stored videos & photos | |||
*Metadata of photos & files | |||
*Stored documents | |||
*Contact info from other devices. | |||
*Internet-protocol(IP) addresses | |||
*Browser Type | |||
*Device Type<ref name=":0" /> | |||
==Why it is a problem== | ==Why it is a problem== | ||
Spyware, as the name | Spyware, as the name suggests, spies on the device, which contains the user's data. Spyware is inherently negative for users' privacy. As companies like [[Microsoft]], [[Meta]] and [[Google]] are collecting more information on consumers(either by legal or illegal means), they make users less secure & more susceptible to data breaches/leaks.<ref>{{Cite web |date=2 Jan 2026 |title=Data Breaches 2025: Biggest Cybersecurity Incidents So Far |url=https://www.pkware.com/blog/recent-data-breaches |archive-url=http://web.archive.org/web/20260116190555/https://www.pkware.com/blog/recent-data-breaches |archive-date=16 Jan 2026|access-date=31 Jan 2026 |website=pkware.com}}</ref> | ||
===Spyware & data collection from a consumer rights perspective:=== | |||
====Lack of transparency from companies:==== | |||
A lack of transparency on a consumers ability to opt-out of data collection if even possible is quite common among popular services. | |||
For example, a usage of [[Deceptive language frequently used against consumers]] or simply hiding things in the terms of service may be enough trick a consumer into thinking there is nothing wrong with the service or may be enough to prevent/discourage a consumer from learning what a company does with their data & what data they collect.<ref>{{Cite web |last=Libbey |first=Madeline |last2=Micek |first2=Peter |last3=Cheng |first3=Sage |date= |title=Going dark: companies today release fewer transparency reports, less data |url=https://www.accessnow.org/going-dark-companies-today-release-fewer-transparency-reports-less-data/ |archive-url=https://web.archive.org/web/20191021184245/https://www.accessnow.org/going-dark-companies-today-release-fewer-transparency-reports-less-data/ |archive-date=21 Oct 2019 |access-date=2026-02-01 |website=accessnow.org}}</ref> | |||
====Lack of a consumers control:==== | |||
Many corporations use [[Forced arbitration]] or [[Consent-or-pay]] in order to gain access to user data, with the main incentive/goal of doing this being a desire to make profit(which is why many companies are okay with users opting out of data collection as long as the users still pay for the service as found in [[Consent-or-pay]]).<ref>{{Cite web |date=28 Oct 2024 |title=Forced Arbitration Clauses: What’s at Stake and Why it Matters |url=https://blog.helmerfriedman.com/forced-arbitration-clauses-whats-at-stake-and-why-it-matters/ |archive-url=https://web.archive.org/web/20241114115649/https://blog.helmerfriedman.com/forced-arbitration-clauses-whats-at-stake-and-why-it-matters/ |archive-date=14 Nov 2024 |access-date=31 Jan 2026 |website=}}</ref><ref>{{Cite web |date=21 Aug 2025 |title=Consent or Pay Models: Are Paywall Cookie Consent Legal For Site? |url=https://wplegalpages.com/blog/consent-or-pay-models/ |archive-url=https://web.archive.org/web/20250907105448/https://wplegalpages.com/blog/consent-or-pay-models/ |archive-date=7 Sep 2025 |access-date=31 Jan 2026}}</ref> | |||
====The need for consumer control and proper disclosure:==== | |||
Reasons/arguments include: | |||
*Improved user satisfaction | |||
*The ability to opt-out allows users to prevent their sensitive data from being leaked in the event of a data breach | |||
*The option for consumers to properly see the data being collected allows them to more easily infer what data tends to be collected without dealing with intentionally deceptive language<ref>{{Cite web |last=Podolsky |first=Michael |date=31 May 2024 |title=Why Prioritizing Consumer Rights Matters For Businesses |url=https://www.forbes.com/councils/forbesbusinesscouncil/2024/05/31/why-prioritizing-consumer-rights-matters-for-businesses/ |archive-url=https://web.archive.org/web/20251027154921/https://www.forbes.com/councils/forbesbusinesscouncil/2024/05/31/why-prioritizing-consumer-rights-matters-for-businesses/ |archive-date=27 Oct 2025 |website=forbes.com}}</ref> | |||
==Types(illegal/malware)== | |||
#[[wikipedia:Adware|Adware]]: This type of spyware monitors user activity to then sell that data to malicious advertisers. | |||
#Info-stealer: This type of spyware takes data from the device, such as recent actions, applications, etc. | |||
#[[wikipedia:Keystroke_logging|Key-loggers]]: Key-loggers are a type of Info-stealer that gains access to data by observing keystrokes done by a user on an infected machine(This data is then saved onto an encrypted log file). | |||
#[[wikipedia:Rootkit|Rootkits]]: Rootkits allow infiltrators extreme levels of access to a device(around administrator level).<ref name=":1">{{Cite web |title=What Is Spyware? Definition, Types, And Protection |url=https://www.fortinet.com/resources/cyberglossary/spyware |archive-url=https://web.archive.org/web/20251213081639/https://www.fortinet.com/resources/cyberglossary/spyware |archive-date=13 Dec 2025 |access-date=19 Jan 2026 |website=Fortinet.com |type=Uses text to communicate information(with some additional imagery)}}</ref> | |||
==Methods used by companies (legal)== | |||
#[[Web_cookie|Cookies]]: Small pieces of data stored in files on your device(s). This type of data may include, but is not limited to: Preferences on websites, login information, & your browser history. | |||
#Tracking Pixels: Tracking pixels are incredibly small images that are embedded into websites or emails. This method allows companies to see how users interact with their content on the web. | |||
#Accounts & Online Forms: Websites typically have users sign up with an account so they can tie data to it. Both account setup and forms similar to it tend to require data such as: Email addresses, phone numbers, Names, & sometimes data that should be optional(like your location). | |||
#Device & location tracking: Some websites will request access to your geographical position(which can be declined), but what tends to be collected more often are IP addresses(usually outside of your control).<ref>{{Cite web |last=Davis |first=Lakisha |date=11 Apr 2025 |title=Data Harvesting 101: What Companies Know About You (And How They Use It) |url=https://metapress.com/data-harvesting-101-what-companies-know-about-you-and-how-they-use-it/ |archive-url=https://web.archive.org/web/20250419141741/https://metapress.com/data-harvesting-101-what-companies-know-about-you-and-how-they-use-it/ |archive-date=19 Apr 2025 |access-date=20 Jan 2025 |website=metapress.com}}</ref> | |||
==See also== | |||
*[[Anti-privacy legislation]](Extremely undeveloped article, but still on the topic of privacy) | |||
*[[Backdoor]] | |||
*[[Data brokers]] | |||
*[[Device fingerprint]] | |||
*[[De-anonymization]] | |||
*[[Forced identification]] | |||
==References== | ==References== | ||
{{reflist}} | {{reflist}} | ||
[[Category:Common terms]] [[Category:Spyware]] | [[Category:Common terms]] | ||
[[Category:Spyware]] | |||