Slashdot Mirror
Sneak Peek At Microsoft Anti-Spyware
Ant writes "Broadband Reports mentions Neowin's sneak peek of Microsoft's upcoming anti-spyware software recently acquired community favorite Giant spyware; Microsoft has code-named their re-hashed version of that software 'Atlanta.' It is currently in an internal beta test. There are screenshots of the application in action."
Warning: Firefox detected! - Internet Hijacker - Automatically deleted for your protection.
At the risk of sounding trollish... I think it's more than a bit ironic that MS is now going to bundle spyware when a good chunk of spyware is installed thanks to bugs within the present code. Why not deal with existing issues first?
Oh wait, new bells and whistles are good PR and prompt upgrades.
Trolling is a art,
Microsoft Anti-Spyware. Isn't that like Sasser Anti-Virus?
...but there's already plenty of free alternatives out there. Also, just stop using Internet Explorer. That move right there will cut down at least 90% of all spyware/adware.
What? Microsoft's anti-spyware software acquired a company? I wasn't aware software could own something, although you can certainly use software to own something - usually windows.
Editors, is it too much to ask that you edit?
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
As a resident of Atlanta, I resent and am offended by this nomenclature. Where do I file my complaint?
And some malicious website will have an exploit which turns this anti-spyware into a remote code execution tool.
fast as fast can be. you'll never catch me.
If it works, is free and can be deployed and controlled via Active Directory GPOs I am going to be a happy man for the enterprise.
Anyone know if it IS going to be free?
"They won't be spying, because we will.
They didn't just change the name, I'm sure that somewhere in there is additional code that has a crippling security hole just waiting to be discovered and exploited.
Seriously, back when Microsoft first got their grubby mitts on Virtual PC, the first thing they did was release an updater for it. If that updater did anything at all other than just replace "Connectix" with "Microsoft" everywhere in the program, I couldn't tell you what it was to save my life.
Posted AC of course:
c kered/atlanta/install1.PNG c kered/atlanta/setup1.PNG c kered/atlanta/main.PNG c kered/atlanta/scan.PNG c kered/atlanta/realtime.PNG c kered/atlanta/advanced.PNG c kered/atlanta/settings.PNG c kered/atlanta/popup.PNG c kered/atlanta/systemsummary.PNG c kered/atlanta/messengerplus.PNG
http://www.neowin.net.nyud.net:8090/staff/creamha
http://www.neowin.net.nyud.net:8090/staff/creamha
http://www.neowin.net.nyud.net:8090/staff/creamha
http://www.neowin.net.nyud.net:8090/staff/creamha
http://www.neowin.net.nyud.net:8090/staff/creamha
http://www.neowin.net.nyud.net:8090/staff/creamha
http://www.neowin.net.nyud.net:8090/staff/creamha
http://www.neowin.net.nyud.net:8090/staff/creamha
http://www.neowin.net.nyud.net:8090/staff/creamha
http://www.neowin.net.nyud.net:8090/staff/creamha
Oxymoron (n) A rhetorical figure in which incongruous or contradictory terms are combined, as in Microsoft Anti-Spyware.
Surely this will be available though Windows Update? If not ... Microsoft fix your damn code first instead of making us pay for your mistakes.
*groan*
Anyone notice in this pic how it mentions SpyNet? :)
Sounds a little too much like SkyNet to me
Homonyms are fun!
You're driving your car, but they're riding their bikes there.
I find this interesting because traditionally Microsoft has always had an open door policy about which software can be installed on Windows. There are many pieces of software that legitimate companies install which users and many anti-spyware companies consider spyware and thus remove. Microsoft up until this point has had no public policy on semi-legit software which users have unwittingly been installing. So now here we have MS now denying them the ability to install their semi-legit software. Will they now be able to sue MS for keeping them off of the Windows platform? Did ms tweak the rules so that companies like Claria can continue to push Gator?
Think about that for a moment. There is plenty of malicious software out there but there is also plenty of "grey" software which drives users nuts but is in reality legal. Is it ok for software to change a user's homepage and install fake ad killers? Can companies no longer sell software which preys on users who are used to quickly hitting the OK button? I'd be interested to know what ISV's Microsoft is now for the first time denying access to Windows even though they develop semi-legit software. Are big legal battles about the start up?
If you wanna get rich, you know that payback is a bitch
If Microsoft adds an anti-spyware tool free to Windows, how long until Mario Monte declares MS's move as an illegal monopolistic practice?
500GB of disk, 5TB of transfer, $5.95/mo
i think the worst part about microsoft of all people releasing antispyware software, is that they are admitting their OS is easily hijacked. spyware is a worse problem than viruses now a days (since every machine i've cleaned up for friends has 200+ pieces of spyware littered around their machine), and for the most part it is easier to prevent! stop using IE, and stop installing random software off the web.
- tristan
.. thousands of mallicious coders are linning up to grab a copy of their newest target.
They bought RAV (Romanian Anti-Virus), which according some have created the best anti-virus engine last year.
At least this is a product that supports other distributions than Windows XP, it also supports 9x, NT, and 2000. You can't get IE6 SP2 on anything other than Windows XP, so this is a welcome break to users of other Windows versions who unfortunately don't have the benefit of Microsoft's full support.
Since they are intending to sell this product for.. profit.. does this mean they will have as many security holes as possible in Windoze?
Online backup with Mozy, sounds like Ozzie, but more!
They wrote the operating system. They already know about the next security flaw....they already know about the next big worm. They just won't act upon it until someone on the outside discovers it and/or exploits it. This opens the door to preemptive protection against the spyware that exploits the security flaws.
Besides, the problem with the hijack stuff is that it's increasingly complicated to figure it out inside of MS's nonsense. Who better to offer protection than the people who invented the complexity?
No need to get disappointed. That's the concept of OEM. They always just slap a new label on it. Do you think Dell does anything beside slapping their name on the product!? M$ would be stupid to fiddle with any code.
I know how MS is going to eliminate ALL malware. I figure that they plan to raise attention to the serious issues with just anybody being able to write software, so then they can try and make a licensing program where companies can pay to have their software certified as legit, and the binaries signed (creating a new revenue stream for MS), then once some big companies start following along, keep applying pressure to the ones that don't go along (like them showing up as 'spyware' in their anti-spyware software), then as slowly keep tightening to noose, and eventually require ALL software to be signed by MS.
... I need to get myself a tinfoil hat! *goes off and buys one*
Ok well this won't actually affect malware, spyware, and adware and viruses, trojans, and worms.
Did it ever occur to you that they might have modified code other than the UI? Maybe there are non-visible changes to the scanning engine or something, perhaps to enhance the integration with the Windows OS?
Imagine for a moment that the computer is doing more than painting pretty pictures on your monitor (that's the TV-thing on top). Could we agree that a program intended to detect spyware could be substantially modified without altering the appearance to the user?
How did this get modded as "informative"?
Oh, that's right--he bashed MS. Sorry.
Messenger Plus is labelled 'adware', and yet MSN Messenger itself has adware? (bottom of the contact list). Messenger Plus has some neat features to remove the bloat (ads, annoying image links that take up a quarter of) the Contact List as it is.
When installing Messenger Plus, you can agree or disagree to supporting them by having adware thrown all over your PC. I disliked seeing this addition, but just simply disagreed to it to avoid it. Perhaps the person submitting the screens didn't?
(Yes, I'm aware of Gaim, Miranda, yada yada, but to be quite frank Messenger Plus adds a lot of functionality still missing from other chat programs. One of the Messenger Plus features I do like is the ability to "lock" MSN, hiding away all the chat windows and requiring a password to open MSN up again. Handy for those who need to let others on their pc.)
Well at first glance it seems somewhat silly- as if they are treating the symptoms instead of the problem. Everyone can pretty much agree switching to another browser can alleviate a lot of the problems, or even just mutilating IE so that it becomes a pain in the ass to use (i.e. prompting for confirmation before allowing activex/etc), and thats what happens in 2003 by default (IE becomes a pain the ass to use), but agreed- that doesnt cure all of the problems. For instance, I know I've seen some spyware piggyback in on files played by media player or winamp, or p2p programs (contrary to popular belief kazaa lite appears to be spyware as well, fire up a sniffer and watch the local network). But when you really look at it, solving the problem hardly seems to be the point. Contrary to what a lot of us would like to think, microsoft isn't full of idiots- and a lot could be learned from the 'failure' that is most anti-virus software, namely that signature based detection is not the best way to detect malware. So then you have to sit back and ask yourself why a corporation would follow such tactics if the elimination of spyware/adware was their goal? Money, just like it always is- You don't want to cure the problem because then you start pinching your paycheck. Plus you have the advantage of testing/(further) conditioning the public to subscription based payment methods, and they will thank you for it because you are 'helping' them. IMHO, it just seems like another wolf in sheeps clothing, but thats just my take on it.
"well MS created the market in the first place, so they should at least be allowed to profit from it :)"
Heh. Yep, just like Honda should profit from the car theft market.
"Derp de derp."
Exactly: the reason they bought Connectix, not VMWare, was that Microsoft and Connectix are both nine letter: they wouldn't need to deal with any pesky offset differences when they did a global search and replace...
Call me old fashioned, but I like a dump to be as memorable as it is devastating - Bender
The solution to the spyware/malware problem is simple, as demonstrated by Firefox-
Disable ActiveX controls.
Is there any legitimate reason for a non-intranet website to use them? Whenever a site requires ActiveX controls to work, I think "Boy, they hired an bunch of idiots to design their site."
They should just modify IE so that ActiveX flat-out doesn't work on any site that isn't explicitly and MANUALLY allowed to by the user or network admin.
"Just what exactly are they beta testing? I didn't expect them to have to really change much, but I guess I just expected them to change SOMETHING more than the name."
;)
They had to stop it from removing IE and Windows Media Player
I looked at the virus definition database for Norton one time, and 'vmlinuz' was listed. If I actually read the report the shit my school makes us use creates, it pops open the java CLASSPATH file and says a bunch of that stuff is trojan horses.
It seems pretty obvious to me that the best way for Microsoft to eliminate spyware would be to take Firefox, rename it Internet Explorer, and be done with it.
Seriously, I have not experienced a single instance of spyware in four years of Linux usage. I understand that Macintosh users also do not suffer from this issue. It makes me wonder why one would go to such trouble to remove ridiculous trojan programs when it's so much easier to just use a system which does not suffer from the problem?
why would I trust them for Anti-spyware?
Just off the top of my head, I can see their version of "anti-spyware" software telling me that the following are spyware:
Firefox
Google Tool Bar
AIM
Spybot Search and Destroy
Ad-Aware
Sun Java Counsole
Adobe Acrobat
iTunes
Then, after clicking on an option NOT to remove these items, it does it anyway OR makes the MS verions the default on the system.
They are the giant, yes, but some company needs to take back marketshare to prevent MS from doing what they want, when they want, to the "dumb" user's machine... Some company needs to step up and provide a user friendly, wide-distro OS. (All Mac OS not apply - I love them, but they already made their niche)
None other than Microsoft plus./ messengerplus.PNG
http://www.neowin.net/staff/creamhackered/atlanta
When Microsoft purchased VirtualPC for Mac, they released a 'major' update that did nothing more than rebrand the product to Microsoft. No improvements, no fixes, just the window dressing. So while these people are certainly bashing Microsoft, there is a kernel of truth in their sarcasm.
Together, we will drive the rats from the tundra.
I thought Windows XP was spyware?
on a clean SP2 build (that is the MSDN WinXP+SP2 all in one install), Prompted ActiveX download is still enabled for the internet zone.
If you turn that off, windows update stops working, as http[s]:*.microsoft.com is in that zone.
I dont call that locking down the browser, To secure IE (even if you only use it for windows update)
1. disable AX download in internet zone
2, edit trusted zone site security to medium. Like you ever need a 'run anything, unprompted' zone.
3. add https:*.microsoft.com and http:*.microsoft.com to the trust zone
4. uncheck the 'require https in trusted zone' switch
the aim is to redefine "trusted" from "total access" to "prompted download active X controls", which is a serious enough undertaking that I dont want to enable it broadly. Only MS sites and spyware vendors seem to use it, after all.
Well if Microsoft is doing anything to help against spyware it has got to be of some use.
There is a new extreme piece of spyware which seems to have surfaced in the last month.
http://forum.iamnotageek.com/t-78554-1.html
is the start of a very interesting thread concerning what seems to be the latest generation of spyware.
some of the things that it does include generating randomly named dll's
restarting processes that have been killed, runs IE even in safe mode, drags in a whole raft of other spyware to confuse things and leaves the PC it infects after unsuccessful removal unable to connect to the internet.
This thing is really nasty.
I am pretty sure I was dealing with a case of this yesterday. When adaware was installed and ran on a pc with XP service pack2 It triggered a Reboot due to a failure in dcom with a 1 minute countdown. The worst part was after cleaning with adaware the Pc was unable to connect to the internet unable to get an address from the router.
Manually configuring a network address and setting 192.168.2.1 as the gateway got the network working to the lan pc's.
The router could be pinged successfully but it wasn't possible to reach 192.168.2.1 through firefox netscape or IE to check the router status.
and after several hours of trying this pc refused to connect to the internet.
After banging my head against this brickwall over a period of about 12 hours the only solution was to reinstall XP.
This is the worst spyware I have ever seen, according to the thread the initial attack seems to have occured after a search for the song "over and over" by nelly although a precise location of the source of this infection isn't known.
If you have to deal with spyware on a regular basis check this thread out because you are not going to solve this one just by running adaware and spybot S&D.
http://forum.iamnotageek.com/t-78554-3.html
This latest spyware really should be submitted as a story on slashdot it is very new, very nasty and it is going to infect a lot of Pc's.
Please mod this up or investigate this yourself and Post about it.
because this is going to be a major disruption to Pc users everywhere, especially with it's defence of blocking the Pc's internet connection when you attempt to remove it.
Blarney Quality Restaurant, Plants
Comment removed based on user account deletion
Leaving aside the questionable irony of this software, I do wonder how well it will work in the long term. One of the problems I've already experienced when removing spyware is programs that hijack the anti-spyware software itself, usually by sabotaging the spyware definition files as soon as they are downloaded.
If Microsoft starts distributing this as standard software, should we expect to see more spyware that avoids removal in this way? Will users have to reinstall the software, or run it from a boot disk, every time they want to clean their system?
Will it remove Windows(tm) from my system?
"Doing what i can, with what i have." ~ Burt Gummer