How computer users asked for spyware.

Inside the Internet.
June 23 2004 5:55 PM

Us Like Spies

How computer users ask to be doomed to viruses and spyware.

Illustration by Robert Neubecker

The digital pests never seem to let up. For years we've dealt with worms and viruses, and now we've got spyware and adware invading our computers—hijacking browsers, popping up ads, and harvesting personal information. A recent study found that 90 percent of computers harbor this stuff, and spyware and adware are the No. 1 reason people call Dell tech support. We could be forgiven for wondering whether there's any light at the end of the tunnel. Will we ever halt these digital epidemics?

Here's a dismal answer: No. These afflictions stem from a thorny cultural problem: The entire software industry has been designed around our computer illiteracy. That isn't an easy, or even a possible, thing to change.

More than any other modern tool, computers are a total mystery to their users. Most people never open them up to fix them or to see how they work. Software is shrouded in particularly Delphic obscurity. When we want to install a new program, we just click on the installer, and presto, the elves arrive and magically scatter a zillion files all over our hard drives. Who cares howMicrosoft Word works, as long as it does?

Granted, consumers like it this way. We prefer our software be super-easy to install and use. The computer industry began with home-brew boxes that everyone had to program for themselves, but that was a huge hassle. The computer revolution didn't explode until the first Macintosh arrived, with its point-and-click simplicity. You didn't need to know anything about software or programming to use a Mac. We asked for ignorance, and the industry responded.

And now it's biting us in the rear. Consider: Most spyware arrives on our computers with our permission. We download a free application like KaZaA, or one of the many apps that deliver local weather reports or synchronize your computer's clock (usually from WhenU or Claria). The software asks us to click and approve a ponderously long "end user license agreement." Somewhere inside that license the company explains, sotto voce, that the tool will monitor your surfing, or even control your computer remotely. Any smart computer user would never agree to such a thing.

But of course, nobody reads those agreements. Hell, I write about technology for a living, and I don't read them. Adware makers exploit our laziness. That seems kind of sneaky and underhanded, doesn't it? Except allsoftware makers behave the same way. Above-the-board folks such as Microsoft (which owns Slate), Yahoo, RealNetworks, and Google use equally confusing click-through agreements that you don't read either. And they also sometimes install monitoring applications, again with your supposed approval. Software is now so complex—requiring so many gazillions of tiny files all over your computer—that most consumers don't want to bother to know what's really going on.

The industry's cultivation of ignorance goes beyond the use of indecipherable user agreements. The software industry has lobbied hard for laws that keep you in the dark. If you, or any public-spirited programmer, wanted to figure out what the software on your machine is really doing, tough luck. It's illegal to reverse engineer the source code of commercial software to find out how it works.

Is it fairto expect computer users to be knowledgeable about the innards of software? We use plenty of other complex, dangerous tools—such as cars—without needing to understand the fine points of their internal mechanics. But our computer ignorance is, even by those standards, horrific. When a computer user doesn't know that an ".exe" file is a program (and possibly a virus), it's like not knowing that cars are fueled by gas and that gas is explosive. It's basic stuff.

Instead of learning about computers, we rely on the software industry to save us from ourselves by deploying ever more layers of code: spam filters, virus detectors, spyware removers. Although these tools certainly help, they don't tackle the central problem of computer illiteracy. They actually make things worse. We become the dupes of software companies, who make all manner of outlandish claims about the efficacy of their goods, which consumers have few ways of assessing. I've often called tech support and been told a computer problem was "my fault," only to later discover, doing online research, that it was actually a software bug.

It's possible, though, that our digital plagues could become a wake-up call, a way of finally getting us to pay more attention to our machines. When my computer recently became totally paralyzed with junkware, I ran Ad-aware and Webroot's Spy Sweeper to get rid of much of it. But I also downloaded a diagnostic program called HijackThis, which displays suspicious contents inside your computer, including the Windows registry, a list of the programs that automatically start when you boot up your computer. I spent an hour taking the names of each item—stuff like "atiptaxx.exe" and "sgtray.exe"—and running them through Google to figure out which were adware and which were legitimate. I picked up a few that the other tools hadn't caught. When I was done, it was a nice feeling, rather like pulling back the hood of a car to fix something yourself.

If we can cultivate even a bit more computer intelligence, we could find our digital age filled with fewer errors and pests. But it won't be easy. For example, if you want to fix your computer the way I did, be very careful: Eliminating "good" items from the registry can wreck your operating system. That's the crux of our digital-age dilemma: A little knowledge can be a dangerous thing, but total ignorance is worse.

Clive Thompson is a longtime contributing writer for the New York Times Magazine and a columnist for Wired. He is the author of Smarter Than You Think: How Technology Is Changing Our Minds for the Better.