Spyware Removal is Big Business

prostoalex writes "Just when you thought all the software niches were taken, IDC comes out with the report saying $12 million was spent on spyware removal tools in 2003, and $305 million will be spent in 2008. IDC also estimates two-thirds of PC users out there are infected. Large PC vendors are waking up to the spyware threat, having their call centers overwhelmed with spyware-related calls."

Wonder how long...

[Gordonjcp]

... before the anti-spyware vendors start bundling spyware?

Re:Wonder how long...

[HanClinto]

This isn't the problem in question so much as anti-spyware vendors marking certain spyware companies as "harmless" and ignoring them for pay.

comparison

[Claire-plus-plus]

WOuld we pay for a car if every billboard we passed was capable of taking control of the vehicle and making it drive to other billboards? I don't think so. Why then will we pay for windows.

Re:comparison

[oexeo]

WOuld we pay for a car if every billboard we passed was capable of taking control of the vehicle and making it drive to other billboards? I don't think so. Why then will we pay for windows.

Why does every /. analogy involve a car?

One of the fallacies in this analogy is that car hijacking billboards will probably kill you, where as spyware probably won't.

Thank you Microsoft

[finkployd]

Microsoft is really helping the computer industry lately. First their initial decision to make outlook express execute any script embedded in email by default kick started the mostly dead antivirus industry into the powerhouse it is today. Now their forward looking decisions regarding the security of ActiveX and Internet explorer has created a whole new industry of spyware detection and removal.

Think of the revenue and jobs created by these decisions.

And Unix (Linux, OS X too), with your anti-economy designs like user accounts that cannot write to system areas, web browsers that do not support a web site's ability to covertly install software behind the scenes, and email clients that do not interpret VPscript, you should be ashamed of yourselves. If popularity of these OSes rises too high, it could seriously damage the antivirus and antispyware industries, causeing a loss of revenue and jobs. Congress should really do something about this.

Finkployd

Re:Thank you Microsoft

[finkployd]

It is no different than the typical thinking of lawmakers today. The DMCA, Verizon's recent bill in PA, these types of laws are written for the expressed purpose of making sure those pesky citizens do not do anything that could threaten the revenue stream of big companies. We need those big companies to provide us jobs and keep the economy going, and any new disruptive technology threatens that.

This should be no surprise, the decisions voters make are based mostly unimportant (in the grand scheme of things) knee jerk issues or worse, the just vote party lines. The elected officials are not beholden to them, they know they will get voted in as long as they have enough money to put out the critical mass of ads (and dig up dirt for attack ads), which is where corporations with campaign finance come in. The REAL constituants. Senator Fritz Hollings was completely owned by Disney to the point where they should have been listing him as a company asset in their tax filings. He fought for laws to help them, laws that in no remote way helped the voters in his district. Ed Rendell voted against the interest of Pennsylvanians because it was in the best interest of Verizon, who is one of Ed's best contributers.

This is how governemnt works today, all it takes for my earlier post to go from +5 (funny) to -1 (already happening) is for the IT industry to get some friends in congress start talking about how things like "open source" and "gpl" hurt existing industry and should be outlawed.

They are already trying in the courts (what do you think SCO is really about?), if that fails, I'm sure congress will be next on their radar.

windows is partially at fault

[jonwil]

If microsoft made some changes to windows, this crap would have a harder time getting installed (or at least getting installed unnoticed)

Basicly, anything that wants to change certain things should trigger a "are you sure you want to do this" warning of some kind (with ways to change that warning into a requirement for a password or a total block of the activity). If the activity is blocked, the app requesting it gets an appropriate error (e.g. "you cant open that file" if access to a file is blocked)

The items that should be locked include:
Writing to the "startup" group & other locations where you can have a program start at startup
Writing to
Changing critical windows sockets settings
Changing the HOSTS file
And there may be other things

The idea is that spyware/viruses/trojans/etc that come in totally unannounced would now not be able to do that.
And spyware and such that rides alongside application programs would be easier to spot (so you can choose to use a non-spyware alternative)

Yes the cluless will just click "yes" but at least those who care wont be hit as much.

Anti-virus vendors should start detecting spyware (particularly the kind that installs itself jsut by visiting a webpage or reading an email as opposed to the kind that installs alongside programs like kazza) just like they detect viruses.
After all, spyware shares a fair few characteristics with viruses, worms and trojans.

The big PC OEMs should be doing more to combat spyware.

Myself, I use Mozilla (and keep it up to date with the latest release builds) and I use Norton
Antivirus to keep my system virus free.
I also run Spybot and Ad-Aware regularly.
And I dont install spyware-laden programs like Kazza, Real etc.

Re:And it's too bad...

[rm007]

The "average" computer user is a lazy, uninformed moron

With repect - and a great deal of sympathy (if not outright agreement, at least when I am trying fix something on a friend/relative's computer) I think that we should get away from this kind of mindset with respect to the "average" computer user. The average computer user is not interested in how things work, only that things should work and that they can use what ever piece of technology for the purpose they need it for. This extends beyond IT, to everything from plumbing, electricity, cars, furnaces, etc. Anything beyond basic operating and maintenance procedures gets in the way of use and should ordinarily be outside the domain of the "average" user. The problem lies with technologies and products (e.g. IE) that are poorly designed and therefore require more expertise from the average user than is appropriate.

Sure it's easy to get frustrated with "average" users, but they should not have to be interested in how things work. Don't be so gloomy, there are worse things than being in a position to help a fellow human being with a problem.

mmm ....

[tomstdenis]

Windows:
Have to pay for anti-virus, have to pay for firewall, have to pay for spyware removal, have to pay for a copy of windows and then you have to pay someone to set it up.

*BSD/Linuxes:
Have to pay for someone to set it up.

Hmm... and the TOC of Linux is higher because...?

Tom

Somebody Please

[einer]

Someone please make a live cd that destroys spyware. Even if it just starts a wine session and runs adaware or spybot or whatever.

McAfee and Norton

[SammysIsland]

What I can't seem to figure out is why Norton and McAfee didn't include spyware detection and removal in their virus detection software from the beginning. I remember specifically reading something on Symantec's site that said something to the effect of "we are not targeting any 'spyware'".

Wouldn't this have saved a lot of problems? How is spyware not considered malicious?

Over and over again, I have to sit at friends' computers and rescue them from the evil clutches of the browser hijackers and such. I think Symantec and McAfee dropped the ball on this one.