Signs of Hard Drive Failure

All too often, hard drives fail with no warning whatsoever. One minute the computer is working fine, the next you have a "blue screen of death" and all your data is gone. So, what's the lesson here? Don't rely on warning signs to predict hard drive failure. Assume that your hard drive is going to fail, and back up critical files. If you have a reliable back-up, you'll save yourself many headaches.

Some mechanical components can fail gradually, however, so occasionally you'll know when a drive failure is imminent. These warnings fall into two categories: sounds and performance problems.

If you spend a lot of time sitting near your computer, you're probably familiar with the usual sounds it makes. If you hear the hard drive making any unusual noises, that's probably a clue that something is going wrong. Grinding or screeching noises might mean the bearings or spindle motor are failing. A clicking, clunking or clanging sound could be the read/write arm slamming back and forth. Sometimes these sounds can be subtle and difficult to detect. If you think you're hearing funny noises, open your computer's case and listen with your ear close to the hard drive while someone else uses the computer to save or move some files.

Performance problems include a sudden increase in the frequency of freeze-ups and crashes. Of course, these types of performance problems can be symptomatic of any number of computer maladies, from viruses to memory leaks to non-drive related hardware failures. A more specific tell-tale: saving or moving files suddenly takes a very, very long time. When you run into any of these symptoms, back up anything that isn't already saved and hope the drive lasts long enough to get everything you need copied to another disk.

Why Drives Fail

A hard drive is a mechanical device with several moving parts. Magnetic platters store the data itself, while a motorized spindle spins the platters. A read/write arm moves across the platters, retrieving information or putting down new data. The arm is moved by an actuator, and the read/write heads themselves hover an infinitesimal distance above the platters. The distance is so small that a single piece of dust can get in the way.

If any of the hard drive's mechanical parts fails, the whole drive will fail. The parts operate with incredible precision, so hard drives are rather fragile. Circuit boards, spindle motors, ball bearings -- any of these parts are susceptible to failure. The worst type of failure is known as a head crash. In this case, the read/write head drops down directly onto the platter and scrapes away the magnetic material. The data in that case is totally, permanently lost. Data on unaffected parts of the platters may be recoverable, but usually data are spread around the platters, so a head crash is really bad news.

Other mechanical failures can be both a curse and a blessing. It's a curse because it can be difficult and expensive to get replacement parts and find someone who can make the repair. It's a blessing because, as long as the platters weren't damaged, the data are still there. If you can get the drive running again, the data should be accessible.

The failure might be non-mechanical. Your computer uses a special index and file structure to read all the files stored on the disk. If this index becomes corrupted, the computer won't be able to see or read the data, even though it's still there. In many cases, this can be repaired with the proper software, although it can be tricky.

There's one last area where a drive can fail, and it's particularly insidious because the drive actually didn't fail at all -- the drive's connection to your computer failed. Hard drives connect to your computer's motherboard via a variety of interfaces, IDE, PATA and SATA being the most common. If this connection, or the circuit on the motherboard that controls the disk (called the disk controller) has failed, the symptoms can mimic the symptoms of a hard drive failure.

1. Chicken: The Most Common Meat Product

We're just as surprised as you to list chicken, not beef, as the most popular fast-food meat, and to be honest, this one is tricky. In our analysis of several menus, chicken appeared as the first ingredient more than beef, pork or turkey. But that's a little misleading because many fast-food chains have more chicken-based menu items than beef. For example, McDonald's features chicken sandwiches, chicken nuggets, premium chicken strips, chicken snack wraps and a full line of premium salads topped with, you guessed it, chicken. If you talk consumption, though, you get a slightly different result. McDonald's bought 663 million pounds (301 million kilograms) of chicken in the U.S. in 2007, compared to 795 million pounds (361 million kilograms) of beef [source: Hughlett].

The future, however, is chicken. McDonald's 2007 purchases of chicken were up 59 percent from 2003, while its beef purchases were up just 10 percent over the same period [source: Hughlett]. Numbers from the U.S. Department of Agriculture bear this out: Chicken consumption more than doubled between 1970 and 2004, from 27.4 pounds (12.4 kilograms) per person to 59.2 pounds (26.9 kilograms) [source: Buzby]. Most of this growth can be traced to fast-food chains, where people like us step up to the register and order fried or grilled chicken -- and a hundred other ingredients that transform farm-fresh poultry into the fast-food chicken that we hate to love.

2. Xanthan Gum: The Most Common Stabilizer or Thickener

In the 1950s, a chemist working for the U.S. Department of Agriculture began conducting research on an interesting new molecule. The chemist was Allene Rosaline Jeanes, and the molecule was dextran, a giant molecule made of thousands of sugar building blocks. Jeanes had great difficulty finding large quantities of dextran until a soft drink company came to her with a bottle filled, not with refreshing root beer, but with something slimy and viscous. Jeanes discovered that the bottle had become contaminated with a bacterium that produced dextran as a byproduct of fermentation. She isolated the bacteria cells and suddenly had a mechanism to produce all of the dextran she needed.

Jeanes also discovered another similar molecule that would become known as xanthan gum. Also produced by a bacterium -- Xanthomonas campestris -- xanthan gum is widely used by the food industry as a thickening agent. It's especially useful in salad dressings to help keep components like oil and vinegar from separating. Xanthan gum is not an emulsifier, however. It works by stabilizing emulsions, increasing the viscosity of the mixture so that the oil and vinegar stay together longer and so that spices stay suspended.

Xanthan gum also creates a smooth, pleasant texture in many foods. For this reason, it appears in ice cream, whipped topping, custard and pie filling. And the really good news: It's not associated with any known adverse effects.

Our final ingredient is not as exotic as xanthan gum, but it rules the roost when it comes to fast food.

3. Mono- and Diglycerides: The Most Common Emulsifiers

Cooks and food preparers have been working with emulsions -- two or more liquids that can't normally be mixed together -- for a long time. Fortunately for our taste buds, they've discovered several substances that encourage liquids to overcome their unwillingness to combine. These substances are known as emulsifiers.

Egg is commonly used as an emulsifier, but most food manufacturers today use glycerides obtained from palm oil, soybean oil, sunflower oil or tallow. Vegetable oils and animal fat contain mostly triglycerides, but enzymes can be used to break down triglycerides into mono- and diglycerides. These are the ingredients you see so frequently on fast-food menus.

Mono- and diglycerides allow smooth mixing of ingredients, prevent separation and generally stabilize food. You can find them in ice cream, margarine, baked goods, whipped topping and certain beverages. Luckily, glycerides pose no serious health threats, although they are a source of fat. The U.S. Food and Drug Administration has classified them as a "generally recognized as safe" substance, indicating that experts consider them safe as food additives.
Next up, we have one of the most versatile ingredients in all of fast food.

4. Soybean Oil: The Most Common Oil or Fat

Drive around America long enough, and you're bound to see a soybean farm. According to the U.S. Department of Agriculture, nearly 75 million acres (30 million hectares) of farmland were used in 2008 to grow soybeans, resulting in 2.9 billion bushels of crop [source: U.S. Soybean Industry Statistics].

What happens to all of those soybeans? Many are crushed and mixed with solvents to extract soybean oil -- a fast-food staple used for deep-frying and as a key ingredient in margarine, pastries, cookies, crackers, soups and nondairy creamers. Some ingredient lists describe it as soybean oil, others as vegetable oil.

Soybean oil contains several unsaturated fatty acids, which means their component molecules have fewer hydrogen atoms. Unfortunately, unsaturated fats don't have long shelf lives. Hydrogenation, or forcing hydrogen gas into soybean oil under extremely high pressure, eliminates this undesirable characteristic. But it also leads to the creation of trans fatty acids, which have been linked to heart disease.

Scientists have recently developed varieties of soybeans that produce oils low in unsaturated fats. As a result, this new and improved oil doesn't require hydrogenation. Fast-food restaurants are slowly embracing trans-fat-free soybean oil, although hydrogenated oil is still widely used.

Food processors also use soybean oil as a starting point for other additives, including the two closely related ingredients we're about to cover.

5. Niacin: The Most Common Nutrient

It seems strange that fast-food chains would add nutrients to our extra-value meals. Doesn't food already come with a natural supply of nutrients? Broccoli, for example, contains significant levels of many essential vitamins and minerals, including vitamins C, K and A. Of course, broccoli isn't generally found on a fast-food menu. In the place of fresh fruits and vegetables are scores of highly processed foods. Manufacturing these foods often has the unwanted side effect of eliminating key vitamins and minerals, which then have to be replaced in a process known as enrichment. Fortification is the companion process, which adds nutrients that may be lacking in the diet.

Wheat flour is one of the most common processed items in the world of fast food. It is used to make plain buns, sesame seed buns, corn-dusted buns and specialty buns of all shapes and sizes. The wheat flour found in all of these bread products has been enriched with several vitamins and minerals, including riboflavin, folic acid and iron. But the most commonly added nutrient is niacin, or vitamin B3. Niacin is water-soluble and constantly eliminated from the body through urine. That means you need a continuous supply of the vitamin in your diet. But you don't need to eat bread products to get your recommended daily allowance. Poultry, fish, lean meats, nuts and eggs also contain plenty of niacin.

Up next is another ingredient that enjoys widespread use in fast-food fare.

6. Monosodium Glutamate: The Most Common Flavor Enhancer

Monosodium glutamate, or MSG, earned its reputation in Asian takeout kitchens across America, but almost all fast-food restaurants use the flavor enhancer to some extent. Interestingly, MSG has no distinct taste itself. Instead, it amplifies other flavors, especially in foods with chicken or beef flavoring, through processes that scientists don't fully understand.

MSG is the sodium salt of the amino acid glutamic acid and is just one form of glutamate, a chemical that exists naturally in many living things. In fact, Asians historically used a broth made from seaweed as their source of MSG. Today, the food industry obtains the white powder through a fermenting process involving carbohydrates such as starch, sugar beets, sugarcane or molasses.

The safety of MSG has been in question for many years. In 1959, the U.S. Food and Drug Administration classified MSG as a "generally recognized as safe" substance. Then, in the 1980s, researchers began to wonder whether chemicals in the glutamate family could harm brain tissue based on studies that revealed glutamate's role in the normal functioning of the nervous system. An extensive FDA-sponsored investigation has since determined that MSG is safe when consumed at levels typically used in cooking and food manufacturing, although two groups of people -- those who eat large doses of MSG on an empty stomach and those with severe asthma -- may experience a set of short-term adverse reactions known as MSG Symptom Complex.

7. Salt: The Most Common Flavor or Spice

The New York City health department banned trans fats and started requiring restaurants to include calories on menus. It's setting its sights on salt limits next, according to AP.

In terms of frequency, salt -- or sodium chloride -- appeared more times on the fast-food menus we surveyed than any other ingredient. It's not always first, but it's always there, even in sweet foods (shakes and sundaes, for example) that don't seem salty at all.

Fast-food chains use salt primarily to make their meals more palatable. It's paired with pepper to season hamburgers, and it's a major ingredient in bread, ham, bacon, sausages and cheese. A single slice of American cheese, in fact, contains 250 milligrams of sodium. That makes a double cheeseburger, a popular fast-food item, especially salty. The McDonald's version of this favorite contains 1,150 milligrams (1.15 grams) of sodium [source: McDonald's USA Nutrition Facts].

Most health experts warn against eating too much salt, pointing to studies that show a link between sodium and high blood pressure. The government recommends a maximum of 6 grams of salt per day for adults, 5 grams a day for children between ages 7 and 10, and 3 grams for children between 4 and 6. Compare that recommendation to a typical family meal from KFC, which delivers a whopping 5.2 grams of salt per person [source: BBC News]!

Even if you cut down your salt intake, you have to be on the lookout for other sources of sodium.

8. Caramel Color: The Most Common Color Additive

When it comes to the psychology of eating, food has to look good if it's going to taste good. That's why fast foods contain color additives -- to prevent the loss of a food's inherent color, to enhance color or to add color when it doesn't exist naturally. Hardly a single fast-food menu item doesn't have at least one artificial color buried somewhere in its ingredient list.

Common additives include Yellow No. 5, Yellow No. 6 and Red No. 40. According to one source, Red No. 40, which finds its way into jellies, pastries and those neon-red maraschino cherries perched atop your Chick-fil-A shake, is the most widely used food dye in America. This same source says Yellow Nos. 5 and 6, which provide the golden glow to cheeses, pudding and pie fillings, and soft drinks, are the second and third most common food colorings, respectively [source: Women's Health]. But when we analyzed the ingredients of five popular fast-food menus, we found caramel color to be even more common.

Caramel color is the dark brown material that results from carefully heating food-grade carbohydrates. Just think of the color of sautéed onions (a process known as caramelizing, by the way), and you'll get a good idea of this particular hue, although it can range from reddish-brown to light yellow. Contrary to what you might think, caramel color has no significant effect on the flavor profile of the finished product.

9. High-fructose Corn Syrup: The Most Common Sweetener

Fast-food restaurants have many different ways to sweeten beverages, baked goods and condiments. Sucrose, or sugar, reigned as the traditional sweetener for years until food scientists began to synthesize sugar substitutes. Saccharin arrived first, followed by aspartame and sucralose.

A more significant revolution came in 1957 when two scientists worked out a process to manufacture high-fructose corn syrup (HFCS). Since then, HFCS has evolved into the sweetener of choice, finding its way into a myriad of foods and beverages. In our survey of fast-food menus, the chemical appeared as the first ingredient almost twice as much as sugar.

So what is it and why is it controversial? The process to make HFCS involves changing one simple sugar -- glucose -- in cornstarch to another simple sugar known as fructose. The product, a combination of the two simple sugars, is just as sweet as sucrose, but much cheaper to process. It also acts as a preservative, extending the shelf life of foods. No wonder it's one of the most ubiquitous ingredients in fast food.

Unfortunately, some research has shown a link between HFCS and obesity. At the very least, many beverages and processed foods made with this corn-derived sweetener are high in calories and low in nutritional value.

Color additives, like the one we're about to cover, also have bad reputations.

10. Citric Acid: The Most Common Preservative

Salt has been used for centuries to preserve meats and fish. It works to inhibit the growth of bacteria cells, which lose water and become dehydrated in salty environments. Over the years, food scientists and manufacturers have discovered that other chemicals also can serve as preservatives.

Citric acid, an organic acid found in many fruits, especially limes, lemons and grapefruits, is one of those chemicals. It increases the acidity of a microbe's environment, making it harder for bacteria and mold to survive and reproduce. It can also be used to bind to and neutralize fat-degrading metal ions that get into food via processing machinery.

What's great about citric acid is that it does all of this without harming the organisms that ingest it. It occurs naturally in all living things and is an important intermediate chemical in a metabolic pathway known as the citric acid cycle, or Krebs cycle. As a result, citric acid doesn't cause side effects in 99.9 percent of the population and is approved by the U.S. Food and Drug Administration for use in foods and beverages [source: Driver]. Maybe that's why the chemical appeared 288 times on the fast-food menus we surveyed.

The next item on our list -- high-fructose corn syrup -- doesn't fare as well in the court of public opinion.

1. Andorra: 83.51 Years

Located between France and Spain, Andorra was one of Europe's poorest countries until it became a popular tourist destination after World War II. Its 71,000 inhabitants now enjoy all the benefits of a thriving economy, which include excellent nutrition and public health care facilities.

2. Macau: 82.19 Years

This island in the South China Sea is reaping the rewards of a booming economy. The money has come from visitors, particularly from the Chinese mainland, coming to take advantage of a recently liberalized gaming industry. Gambling profits now provide about 70 percent of the country's income, and the government uses the money to invest heavily in public health care.

3. San Marino: 81.71 Years (tied)

This enclave in central Italy is the third smallest state in Europe (after Vatican City and Monaco), as well as the world's oldest republic. Here, the long life expectancy is due to prosperity and the fact that the majority of the population is involved in office-based work rather than heavy industry and labor, which shorten life spans.

4. Singapore: 81.71 Years (tied)

*Aside from prosperity, one factor in Singapore's long average life expectancy is that in the early 1980s, the government recognized that it had an aging population, with the average age of its citizens increasing steadily. The government planned accordingly, and now Singapore has excellent health care facilities for the elderly.

5. Hong Kong: 81.59 Years

People in Hong Kong generally eat a healthful and balanced diet, based around rice, vegetables and tofu, with only small amounts of meat. This means that obesity rates are low, as are the rates for most dietary-based cancers and heart disease.

6. Japan: 81.25 Years

Japan has one of the lowest adult obesity rates in the industrialized world, at only 3 percent. As in Hong Kong, this is mainly due to a healthful diet based around vegetables, fish, rice and noodles. Many Japanese people also stop eating when they feel about 80 percent full, rather than continuing until they can't manage another mouthful. The Japanese are also much less reliant on cars than people in Western countries, preferring to walk whenever possible, and therefore get plenty of exercise.

7. Sweden: 80.51 Years (tied)

*Although an economic downturn in the late 1990s did some damage to Sweden's world-renowned welfare and public health systems, they are still among the best in the world. Also, Sweden has the lowest rate of smokers in the developed world -- about 17 percent -- so tobacco-related deaths are half the European average.

8. Switzerland: 80.51 (tied)

*Aside from a stable economy with all of the usual factors that increase longevity, such as a healthful diet and high standard of health care, Switzerland's much-vaunted neutrality means that its inhabitants are highly unlikely to die in an armed conflict.

9. Australia: 80.50 Years

*All the usual factors relating to prosperity apply here, but the life expectancy of indigenous Australians is about 20 years less than that of white Aussies, due to higher rates of just about every factor that shortens life, including smoking, obesity and poverty. Incidentally, research suggests that Australia's life expectancy may start falling as obesity reaches epidemic proportions in the land down under.

10. Guernsey: 80.42 Years

The island of Guernsey, located in the English Channel, is a British Crown dependency, but it's not part of the U.K. The reason for its high life expectancy is simple: It's extremely wealthy. Very low taxes make Guernsey a popular destination for tax exiles who can afford the very best in nutrition and medical care. More than half of the island's income comes from financial services -- which means well-paid desk jobs -- with very few people working in heavy industry.

Preventing Zombie Computer Attacks

You don't want your computer to become a zombie, so what do you do to prevent it? The most important thing to remember is that prevention is an ongoing process -- you can't just set everything up and expect to be protected forever. Also, it's important to remember that unless you employ common sense and prudent Internet habits, you're courting disaster.

Spam Statistics
Here are some sobering spam statistics from the 2007 Symantic Internet Security Threat Report:

* Between July 1 and Dec. 31, 2006, 59 percent of all monitored e-mail traffic was spam.
* Spam written in English makes up 65 percent of all spam.
* The United States is the origin of 44 percent of all the world's spam.
* Ten percent of all e-mail zombies are in the United States, making the U.S. the zombie computer capital of the world.
* One out of every 147 blocked spam e-mails contained some kind of malicious code.

Antivirus software is an absolute necessity. Whether you purchase a commercial package like McAfee VirusScan or download a free program like AVG Anti-Virus Free Edition, you need to activate it and make sure your version remains current. Some experts say that to be truly effective, an antivirus package would need to update on an hourly basis. That's not practical, but it does help stress the importance of making sure your software is as up to date as possible. For more information, read our article on How Computer Viruses Work.

Install spyware scanners to search for malicious spyware. Spyware includes programs that monitor your Internet habits. Some go even further, logging your keystrokes and recording everything you do on your computer. Get a good anti-spyware program like Ad-Aware from Lavasoft. Like the antivirus software, make sure the program stays up to date. To learn more, read our article on How Spyware Works.

Install a firewall to protect your home network. Firewalls can be part of a software package or even incorporated into some hardware like routers or modems. To learn more about firewalls, be sure to read our article on How Firewalls Work.

You should also make sure that your passwords are difficult or impossible to guess, and you shouldn't use the same password for multiple applications. This makes remembering all those passwords a pain, but it gives you an added layer of protection.

If your computer has already been infected and turned into a zombie computer, there are only a few options open to you. If you have access to tech support who can work on your computer for you, that would be the best option. If not, you can try to run a virus removal program to kill the connection between your computer and the cracker. Unfortunately, sometimes the only option you have is to erase everything on your computer and reload its operating system, then starting from scratch. You should make backup disks of your hard drive on a regular basis just in case. Remember to scan those files with an antivirus program to make sure none of them are corrupted.

Your computer is a great resource. Sadly, crackers think the same thing -- they want to make your computer their own resource. If you practice careful Internet habits and follow the tips we've described on this page, your chances of your computer remaining secure are very good.

Click Fraud

Some crackers aren't interested in using zombie computers to send spam or cripple a particular target. Many take control of computers as a method of phishing, which is where a cracker tries to uncover secret information, particularly identification information. Crackers might steal your credit card information or search through your files for other sources of profit. The cracker might use a key logging program to track everything you type, then use it to discover your passwords and other confidential information.

Sometimes crackers will use zombie computers in ways that don't directly harm the victim of the initial attack or even the ultimate target, though the end goal is still pretty sneaky and unethical.

You've probably seen or even participated in several Internet-based polls. Perhaps you've even seen one where the results seemed unusual or counter-intuitive, particularly when it comes to a contest. While it's entirely possible the poll wasn't ever attacked, crackers have been known to use zombie computers to commit click fraud. Click fraud refers to the practice of setting up a botnet to repeatedly click on a particular link. Sometimes, crackers will commit click fraud by targeting advertisers on their own Web sites. Since Web advertisers usually pay sites a certain amount of money for the number of clicks an ad gets, the cracker could stand to earn quite a few dollars from fraudulent site visits.

Zombie computers and the crackers responsible for them are pretty scary. You could end up being the victim of identity theft or unknowingly participate in an attack on an important Web site. It's important to learn how to protect yourself from crackers as well as what you should do if you find out your computer has been compromised.

In the next section, we'll look at what security measures you should employ to prevent your computer from becoming a zombie.

Distributed Denial of Service Attacks

Sometimes a cracker uses a network of zombie computers to sabotage a specific Web site or server. The idea is pretty simple -- a cracker tells all the computers on his botnet to contact a specific server or Web site repeatedly. The sudden increase in traffic can cause the site to load very slowly for legitimate users. Sometimes the traffic is enough to shut the site down completely. We call this kind of an attack a Distributed Denial of Service (DDoS) attack.

Some particularly tricky botnets use uncorrupted computers as part of the attack. Here's how it works: the cracker sends the command to initiate the attack to his zombie army. Each computer within the army sends an electronic connection request to an innocent computer called a reflector. When the reflector receives the request, it looks like it originates not from the zombies, but from the ultimate victim of the attack. The reflectors send information to the victim system, and eventually the system's performance suffers or it shuts down completely as it is inundated with multiple unsolicited responses from several computers at once.

From the perspective of the victim, it looks like the reflectors attacked the system. From the perspective of the reflectors, it seems like the victimized system requested the packets. The zombie computers remain hidden, and even more out of sight is the cracker himself.

The list of DDoS attack victims includes some pretty major names. Microsoft suffered an attack from a DDoS called MyDoom. Crackers have targeted other major Internet players like Amazon, CNN, Yahoo and eBay. The DDoS names range from mildly amusing to disturbing:

* Ping of Death - bots create huge electronic packets and sends them on to victims
* Mailbomb - bots send a massive amount of e-mail, crashing e-mail servers
* Smurf Attack - bots send Internet Control Message Protocol (ICMP) messages to reflectors, see above illustration
* Teardrop - bots send pieces of an illegitimate packet; the victim system tries to recombine the pieces into a packet and crashes as a result

Once an army begins a DDoS attack against a victim system, there are few things the system administrator can do to prevent catastrophe. He could choose to limit the amount of traffic allowed on his server, but this restricts legitimate Internet connections and zombies alike. If the administrator can determine the origin of the attacks, he can filter the traffic. Unfortunately, since many zombie computers disguise (or spoof) their addresses, this isn't always easy to do.

In the next section we'll look at some other ways crackers use zombie computers.

Spam Distribution

Spam continues to be a huge problem. It's a frustrating experience to open your e-mail and sort through dozens of examples of junk mail. Where does all that spam come from? According to FBI estimates, a large percentage of it comes from networked zombie computers.

If spam came from one centralized source, it would be relatively easy to track it down and either demand the corresponding ISP shut down that computer's access to the Internet or charge the user for sending out illegal spam. To get around these pitfalls, crackers rely on zombie computers. The zombie computer becomes a proxy, meaning the cracker is one step removed from the origin of spam e-mails. A cracker with a large botnet can send millions of spam messages every day.

Crackers might set up a spam botnet to deliver a computer virus or Trojan program to as many computers as possible. They also can use spam to send phishing messages, which are attempts to trick users into sharing personal information (we'll talk more about phishing later).

When sending out ads in spam mail, the cracker either sets up the botnet specifically for a client or he rents it out on an hourly basis. Clients who wish to advertise their products (and who don't care how intrusive or illegal their advertisements might be) pay the crackers to send out e-mail to thousands of people.

The majority of e-mail recipients usually can't figure out where the spam is coming from. They might block one source only to receive the same spam from a different zombie in the botnet. If the e-mail includes a message that says something like "Click here to be removed from this e-mail list," they might fall prey to exposing their computer to even more spam. Users savvy enough to track the e-mail back may not notice that the sender's computer is part of a larger network of compromised machines. For someone who knows what he's doing, it's not always impossible to figure out if a sender is a single user sending out spam or if a cracker is controlling the computer remotely. It is, however, time consuming.

A zombie-computer owner might realize a cracker is controlling his machine remotely if spam recipients write to complain about the junk mail or if his own e-mail outbox is full of messages he didn't write. Otherwise, the owner is likely to remain blissfully unaware that he's part of a ring of spammers. Some users don't seem to care if their machines are being used to spread spam mail as if it were someone else's problem and many more don't take the necessary precautions to avoid becoming part of a botnet.

In the next section, we'll talk about another vicious use of botnets -- distributed denial of service attacks.

Malware
Programs designed to harm or compromise a computer are called malware (as in malicious software). Malware includes a wide array of nasty batches of code that can wreak havoc to your computer, your network and even the Internet itself. Some common forms of malware that might turn your computer into a zombie include:

* Computer viruses - programs that disable the victim's computer, either by corrupting necessary files or hogging the computer's resources
* Worms - programs that spread from one machine to another, rapidly infecting hundreds of computers in a short time
* Trojan horse - a program that claims to do one thing, but actually either damages the computer or opens a back door to your system
* Rootkits - a collection of programs that permits administrator-level control of a computer; not necessarily malware on its own, crackers use rootkits to control computers and evade detection
* Backdoors - methods of circumventing the normal operating-system procedures, allowing a cracker to access information on another computer
* Key loggers - programs that record keystrokes made by a user, allowing crackers to discover passwords and login codes

Hacking a Computer

Zombie computer code usually is part of a virus, worm or Trojan horse. Zombie computers often incorporate other kinds of malware as part of its processes.

*Crackers transform computers into zombies by using small* programs that exploit weaknesses in a computer's operating system (OS). You might think that these crackers are cutting-edge Internet criminal masterminds, but in truth, many have little to no programming experience or knowledge. (Sometimes people call these crackers "script kiddies" because they are young and show no proficiency in writing script or code.) Investigators who monitor botnets say that the programs these crackers use are primitive and poorly programmed. Despite the ham-handed approach, these programs do what the crackers intended them to do -- convert computers into zombies.

In order to infect a computer, the cracker must first get the installation program to the victim. Crackers can do this through e-mail, peer-to-peer networks or even on a regular Web site. Most of the time, crackers disguise the malicious program with a name and file extension so that the victim thinks he's getting something entirely different. As users become savvier about Internet attacks, crackers find new ways to deliver their programs. Have you ever seen a pop-up ad that included a "No Thanks" button? Hopefully you didn't click on it -- those buttons are often just decoys. Instead of dismissing the annoying pop-up ad, they activate a download of malicious software.

Once the victim receives the program, he has to activate it. In most cases, the user thinks the program is something else. It might appear to be a picture file, an MPEG or some other recognizable file format. When the user chooses to run the program, nothing seems to happen. For some people, this raises alarm bells and they immediately follow up with a flurry of virus and spyware scanner activity. Unfortunately, some users simply think they received a bad file and leave it at that.

Meanwhile, the activated program attaches itself to an element of the user's operating system so that every time the user turns on his computer, the program becomes active. Crackers don't always use the same segment of an operating system's initializing sequence, which makes detection tricky for the average user.

The program either contains specific instructions to carry out a task at a particular time, or it allows the cracker to directly control the user's Internet activity. Many of these programs work over an Internet Relay Chat (IRC), and in fact there are botnet communities on IRC networks where fellow crackers can help one another out -- or attempt to steal another cracker's botnet.

Once a user's computer is compromised, the cracker pretty much has free reign to do whatever he likes. Most crackers try to stay below the radar of users' awareness. If a cracker alerts a user to his presence, the cracker risks losing a bot. For some crackers, this isn't much of a problem since some networks number in the hundreds of thousands of zombies.

The user might find that his Internet Service Provider (ISP) has cancelled his service, or even that he's under investigation for criminal activity. Meanwhile, the cracker shrugs off the loss of one of his zombies because he has more. Sometimes, he has a lot more -- one investigation allegedly discovered that a cracker's single computer controlled a network of more than 1.5 million computers [source: TechWeb].

In this article we'll look at how crackers can commandeer your computer, why they do it and the best way to protect yourself from malicious attacks.

sure