Eyes on the Spies

Here's how to stop the three most common methods snoops use to monitor you on the Internet.

Andrew Brandt

Cookies

The most familiar and most widely adopted Web monitoring tool is the cookie, which is actually a small data file that your Web browser stores on your hard drive. When you request a page or item from a site, the server at the site assigns a unique identification number to that request.

The ID is contained in the cookie stored on your hard drive. When you revisit the site, the server connects your new request to your previous ID number, giving the company an ongoing record of what you view on its site.

Some Web sites use the cookies to keep track of an online "shopping cart"; others want to record every click you make at a site. Cookies aren't necessarily malicious, but they do let sites or advertisers make a click-by-click record of your surfing habits. Cookies from ubiquitous ad servers like DoubleClick can track you on every site for which they serve ads.

How to Defeat Cookies

Sites use cookies for various reasons. If you completely disable them, many Web sites won't work the way you want them to. But you can limit the number of cookies your browser consumes.

Use cookie blockers: The free Cookiewall from AnalogX and the Guidescope software and service, for example, let you set cookie rules for each site you visit.

Periodically clear your cookie file: If you use Netscape, search for a file named cookies.txt and delete it. If you use Internet Explorer, navigate to c:\windows\Temporary Internet Files and C:\Windows\Cookies and delete the entire contents of both folders.

Web Bugs

Insidious and more difficult to fight than cookies, Web bugs are minute, invisible graphics that load with a Web page. Because Web bugs behave just like banner ads, they provide your computer's unique IP address and the location of the page you're looking at to the server that sends the bugs--but because you don't see them, you never know they're there.

Web bugs can also identify you by setting cookies and, if you return to the same page later, retrieving them.

How to Defeat Web Bugs

Web bugs are basically graphics files. If you disable image loading in your browser, you won't be bugged, but you won't see any other graphics, either--and that's a trade-off most people aren't willing to make. But these tricky files can be fooled.

Stop cookies first: Before you try to block the Web bug itself from loading, you have to disable cookies. You can use the methods mentioned on the previous page. If you use Internet Explorer 5.5, you can use a beta tool that lets you block or allow cookies on a page-by-page basis.

Use privacy-protecting Web proxy software: Freedom from Zero-Knowledge, Internet Junkbuster from Junkbusters, and Guidescope are all forms of proxy software. They block your real IP address by loading the Web page first to their servers and then to your computer. The drawback: Using Web proxies can slow your surfing.

Trojan Horses

These tricky beasts present themselves as something worth possessing, such as a small game or an image file, to mask their true mission: to sneak into a PC and surreptitiously monitor, control, damage, or steal data. They arrive most often by way of e-mail as an attachment.

Trojan horses themselves may not cause damage, but they let hackers or spies sift through your PC's files, disable virus-checking software, or even use your PC to mount a distributed denial-of-service attack against another PC on the Internet. Legitimate sites typically do not use Trojan horses.

How to Defeat Trojan Horses

Use antivirus software: Most tools can detect nearly all Trojan horses. To protect against emerging new ones, keep your virus definition files updated.

Use a Trojan horse remover: Some antivirus tools detect but can't remove Trojan horses. Simply Super Software's Trojan Remover is designed to rid your PC of sneak attackers.

Maintain a personal firewall: A firewall can protect you even if a Trojan horse gets in. Software like ZoneAlarm, free from Zone Labs, can tell you if a program surreptitiously lets someone else view or control your PC's data.

Don't open attachments: Victims must allow the Trojan horse into their PC and activate it. Since most Trojan horses arrive as e-mail attachments, never open an.exe file until you know exactly what it does. Then scan the file with antivirus software anyway, before you run it.