Real life: My battle with spyware

25.08.2006
This is not your typical article on spyware. Instead, it's a modern-day parable of my own recent experience with a crippling spyware infestation, with some important lessons for systems administrators to learn as a result of my somewhat embarrassing mistakes.

How it happened

First of all, let me provide a little bit of background information. I have been a network administrator and IT consultant for several years, and I have experience in a variety of areas, from help desk to server administration to security. As I'm sure is the case for many of you, I am the guy that my family, friends and neighbors call when something goes wrong with their computers. As such, I am no stranger to systems that have been infected with viruses, spyware and the like.

In my spare time, in addition to more "socially acceptable" hobbies such as reading and hiking, I am a pretty avid computer gamer. I have been playing computer games in one form or another since the early days of my childhood, and I guess I just never grew out of it.

Since I am on the road a fair bit for my consulting practice, I like to play an occasional game on my laptop, whether on a plane or in a hotel room. As many of you are no doubt aware, most modern games require the game disc to be in the drive in order to play the game. Often, the game doesn't require access to any resources on the disc; this is simply implemented as a copy protection measure.

Because of the battery drain caused by spinning the CD/DVD drive, and because lugging around a stack of game discs in my briefcase is not very appealing for several reasons, I often go out on the Web and download "cracks" for my games to bypass the CD checks. I should note right now that every game I play is legally purchased and owned by me, and is installed only on my computer. I only bypass the CD to save battery life and to avoid having to take my discs everywhere.