Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Releases AntiSpyware Program

Posted by michael on from the solving-the-problem-it-created,-for-a-price dept.

Nathan Weinberg writes "Microsoft released this morning Microsoft AntiSpyware, the product of last month's acquisition of GIANT. As I write in my report on my site, the program is very powerful, and certainly measures up to and may even beat Spybot and Ad-Aware. However, it's also pretty buggy, and Microsoft might have already sneaked in a pay subscription service."

36 of 580 comments (clear)

  1. Comment removed by account_deleted · · Score: 5, Informative

    Comment removed based on user account deletion

  2. Information and Release by AlexTheBeast · · Score: 5, Insightful

    This is just scary:

    1. Release buggy browser
    2. Sell antispyware software
    3. Profit?

    Direct and indirect download links

    1. Re:Information and Release by mislinux · · Score: 3, Insightful

      I know this is a common theme on slashdot, but it is so true. The best I can think of brings me back to the Firestone tire incident a couple of years ago. Firestone tires were having a problem and blowing out causing SUV's to roll over. Imagine what would have happened if instead of making new tires, Firestone gave everyone a tool that would inflate the tire after it exploded. I know this is not the same thing, but how is it a solution to fix a problem you caused instead of fix the root cause. I have been in development only a short time, but i know...bandaids only slow the bleeding, and this application my friends, is a bandaid.

    2. Re:Information and Release by stupidfoo · · Score: 3, Informative

      It also seems like a way for MS to try and get rid of some worthwhile non-MS software.

      I ran the scan and it told me that WinPcap was spyware. Is MS trying to kill Ethereal?

  3. NAV by mirko · · Score: 3, Interesting

    I just had NAV2005 installed on a friend's infected PC and it did Virus and Spywares at the same time. This and Ad-Aware seems a good solution which I'd trust more than any Microsoft "security" stuff.

    --
    Trolling using another account since 2005.
  4. What - no support for WinME ?!?? by uid100 · · Score: 4, Interesting

    Shocking - they don't seem to support DOS based Windows (9x and ME) even though there are arguably millions of infected consumper PC's. WinME boxes aren't THAT old.

    I do understand not supporting NT4 tho..

    --
    ...yup...
    1. Re:What - no support for WinME ?!?? by wolf31o2 · · Score: 4, Insightful

      I pretty much have to agree with you here. I still beleive that Windows 98 is probably the most used Windows out there. Every time I happen by someone's house that isn't very computer savvy, they're running Windows 98.

      Why?

      Because that is what came with the computer. Remember that to most people, a computer is just an appliance like a TV or a VCR. At the same time, I see the number of Windows 98 machines dwindling simply because for the cost of repairs on one of these machines, you can buy a brand-spankin' new Dell box with Windows XP on it and a printer.

    2. Re:What - no support for WinME ?!?? by gardyloo · · Score: 5, Funny

      Dude, not even WinME supports WinME.

  5. Actually... by rainman_bc · · Score: 3, Insightful

    I'd like to see some better real-time scanning... Adaware's ad-watch isn't very for end users. It monitors for system config changes. Not effective when the user doesn't have a clue.

    Spybot S&D immunizes your browser, but spyware can get in other ways too through adware programs. It helps but isn't perfect.

    If Microsoft can get a good, real-time scanning software package going, then it might just be onto something.

    --
    09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
    1. Re:Actually... by LiquidCoooled · · Score: 3, Insightful

      What I fail to understand is why the hell anti virus companies don't allow adware to be included in the definitions, and treated in exactly the same way a virus or trojan would be.

      Even if it was a known about "yes I want to remove adware from my computer" tickbox for disclaimer purposes.

      There is NO way I am ever going to run 2 completely seperate runtime scanners that effectively do an identical job.

      --
      liqbase :: faster than paper
  6. Doesnt seem to work by Anonymous Coward · · Score: 4, Funny

    Hmmm I ran this, but I still seem to have windows on my computer.

  7. Re:Lots of info left out of the summary... by albn · · Score: 5, Insightful

    Well, let's hope this program will be free for all people who are plagued with IE hijaking programs. With patches so slowly coming, this might be a good PR for Microsoft who is taking some hard hits from critics.

    --
    Some call me Howie Feltersnatch
  8. Vested Interest by wraithgar · · Score: 4, Insightful

    Does nobody see this as a potential problem, as Microsoft will now have a vested interest in NOT fixing their O/S so that spyware can't get in?

  9. Re:Lots of info left out of the summary... by Rolan · · Score: 5, Informative

    And lastly, there doesn't seem to be any evidence that Microsoft is making it a subscription service. I was able to download, install, and run the program all without signing up for a subscription of any sort. Maybe that's because the program is still in beta or maybe it's just anti-MS FUD on the subscriber's part... who knows.

    Reading the review would reveal why the submitter said that. The review says it might have a subscription based on the fact that it had 206 days until it expired. My personal opinion is that the expiration is there because it's Beta, but it may very well lead to a subscription service.

    As far as the summary not saying it's a beta... Well, seemed pretty obvious to me. They just bought the company afterall.

    --
    - AMW
  10. Whats wrong with this picture. by MrRuslan · · Score: 4, Insightful

    Microsoft refuses to patch their browser wich is the cause of most "crapware" at least for all the AOL people and now they relese a sftware product to clean up or try to clean up what is initially their fault. As long as they don't bundle this with the OS it is not anticompetetive. But microsoft itself is. I mean they now bundle a firewall so no one needs to get kerio or zone alarm. If this thing get's bundeled along with the Antivirus the bought someone is gonna sue them again and then the government is going to look the other way because they are gonna say windows can't work with out. I just hope I'm wrong.

  11. Re:Lots of info left out of the summary... by Scrameustache · · Score: 3, Funny

    the release is only a beta version, not a final release. That might explain the bugs.

    It's called Microsoft AntiSpyware. The first half of the name explains the bugs pretty well for me.

    Now, what I wanna know: Is clippy involved? "You are trying to clean your machine. Would you like to give us money?"

    --

    You can't take the sky from me...

  12. Re:Lots of info left out of the summary... by Sentry21 · · Score: 4, Interesting

    And without giving too much away, the GenuineCheck program that it offers for download (if you're not using IE) doesn't really do its job. I mean, I DO have a licensed Windows product key, I just didn't use it for this install. Still, it didn't seem to pick up on that.

    Or maybe the goons are on their way as we speak. Who knows.

  13. I've just been told... by wcitechnologies · · Score: 3, Interesting

    by Microsoft AntiSpyware that I have spyware called RealVNC on my computer! I notice it says NOTHING about spyware called Microsoft Remote Desktop. I know lots of people out here use VNC, for goodness sakes, its SPYWARE now?! wtf

    --
    Electrons are free; it is moving them that becomes expensive.
  14. Re:Lots of info left out of the summary... by Rolan · · Score: 5, Insightful

    Expire? Why should it expire if it is free?

    Because it's a Beta. Most Microsoft Betas expire.

    --
    - AMW
  15. They don't want customers to run beta software... by Futurepower(R) · · Score: 4, Informative


    Microsoft has often done this. They don't want customers to run beta software forever. They want the customer to realize that he or she must get the latest version.

  16. It's Giant, big whoop by Solr_Flare · · Score: 5, Insightful

    It is just Giant rebranded with a few things missing(which I assume is just because it is in beta). Giant was a very good anti-spyware program so I expect the MS rebrand will be just the same.

    The real question will just be how much effort MS puts into keeping the definitions and program updated as new types of spyware come down the pipeline. As effective as the program is right now, it is how effective it will remain in the ever changing world of spyware that is what really matters.

    No beta will answer that question, only the test of time will. But, this is just Giant rebranded and it is a very solid platform, which is why MS bought it in the first place.

    --
    You are who you are, let no one tell you different. But, never close your mind to a new point of view.
    1. Re:It's Giant, big whoop by GreatDrok · · Score: 3, Insightful
      The real question will just be how much effort MS puts into keeping the definitions and program updated as new types of spyware come down the pipeline. As effective as the program is right now, it is how effective it will remain in the ever changing world of spyware that is what really matters.

      I expect they will keep it up to date and bundle it with future versions of Windows until all the competitors apart from a few small die hard open source programs are left at which point they will get bored and let it languish for five years or so all the time telling people that if they wait until the release of Windows MassiveCock 2012 Professional they will get the new version.

      I'm sure there is a precedent to this but for the moment I can't quite remember the details.....

      --
      "I have the attention span of a strobe lit goldfish, please get to the point quickly!"
  17. Just ran it - some first impressions by Zocalo · · Score: 5, Informative
    I've literally just finished running it on a PC that I keep fairly clean through use of Spybot, Ad-Aware and Firefox instead of IE. It's pretty fast, even in its in-depth scan mode, despite some earlier reports that the GIANT version was slow, so I'm guessing this is where any of Microsoft's major code changes might have been. It probably took about three minutes to run on my AMD 3800+/XP box, so not too shabby compared to Ad-Aware and Spybot.

    As to the resutls, it turfed up three bits of possible Spyware which Ad-Aware and Spybot were missing/ignoring. The first was what it thought was Kazaa, but was infact Kazaa Lite (I've never had the original Kazaa installed). Second was some legacy registry keys left behind by WeatherBug which had piggybacked its way onto my PC with some shareware some time ago - fixed and reported to Spybot/Ad-Aware. Finally, it detected something called SearchSquire, but this turned out to be part of the Immunization feature of Spybot.

    So, aside from the conflicts with Spybot's Immunization feature and the false positive on Kazaa Lite's registry keys, both of which can be fixed by setting the detection to "Always Ignore" it's not a bad little tool at all. Expect of course, for the fact that Microsoft is clearly planning of getting people to pay for this tool according to the webpage and EULA. Hmm. Getting people to pay for cleaning up the mess that you helped create in the first place... Unless this product is *vastly* better than Spybot and Ad-Aware on a thoroughly owned PC, I don't think so, and even then I think not...

    --
    UNIX? They're not even circumcised! Savages!
  18. Microsoft AntiSpyware, yeah it's called Firefox by kalislashdot · · Score: 5, Informative

    Funny.... Friends and Family are heavily infested everytime I visit. Install Firefox and Mike's Ad Blocking Host File and guess what, no more spyware. The best solution is prevention.

  19. Re:Lots of info left out of the summary... by karmaflux · · Score: 5, Interesting

    The probably saw this:

    2. TIME-SENSITIVE SOFTWARE. The software will stop running on July 31, 2005. You may not receive any other notice. You will not receive any further updates when the software stops running.

    and figured OMG SUBSCRIPTION!

    Another interesting EULA box is the actual definition of the software's function:

    4. POTENTIALLY UNWANTED SOFTWARE. The software will search your computer for "spyware," "adware" and other potentially unwanted software ("Potentially Unwanted Software"). If it finds Potentially Unwanted Software, the software will ask you if you want to ignore, disable (quarantine) or remove it. The software will only remove or disable Potentially Unwanted Software as you instruct it. Removing or disabling the Potentially Unwanted Software may cause other software on your computer to stop working, and it may cause you to breach a license to use other software on your computer, if the other software installed the Potentially Unwanted Software on your computer as a condition of your use of the other software. You should read the license agreements for other software before authorizing the removal of any Potentially Unwanted Software. By using this software, it is possible that you will also remove or disable software that is not Potentially Unwanted Software. You are solely responsible for selecting which Potentially Unwanted Software the software removes or disables.

    When I worked at Dell, they wouldn't let us dick with spyware stuff because of potential legal problems -- that is, the law might side with the malware.

    --

    REM Old programmers don't die. They just GOSUB without RETURN.

  20. Re:Next Version of Windows.. by Aardpig · · Score: 3, Funny

    Is this true? Can you link to a source?

    Sure, have a look here.

    --
    Tubal-Cain smokes the white owl.
  21. Re:Lots of info left out of the summary... by neuroticia · · Score: 5, Insightful

    With the threat of people jumping ship to another OS, MS may make back their money by just keeping their customers?

  22. Re:WinPCap flagged... by stratjakt · · Score: 3, Insightful

    WinPCap is also automatically set up and installed by tons of worms and trojans. It's pretty much the main building block of the script kiddies backdoor script.

    Unless you're doing something advanced like nmap or ethereal, you have no reason to be running it, and if it's there it's probably there to spy on/exploit your network.

    OpenVPN uses it still, as does CoLinux, but let's face it, few people in this tool's audience use those.

    XBConnect no longer uses it, IIRC, they have their own packet-capturing engine/scheme/whatever now.

    At any rate, if you don't know what WinPCap is - it shouldn't be there, and certainly shouldn't be running.

    Give the anti-MS stupidity a rest, you come off like a moron who knows nothing about computers.

    We should be wondering why AdAware et al don't warn you about things like WinPCap. It exists to capture packets in promiscuous mode, it is by it's very definition spyware. It spies on every packet your PC sees.

    They should also at least warn you about things like VNC, PCAnywhere, and other RDP servers - because plenty of people have RDP services running they don't know about, because they didn't put them there.

    --
    I don't need no instructions to know how to rock!!!!
  23. Re:Lots of info left out of the summary... by jacksonj04 · · Score: 3, Informative

    That is most likely due to beta - alphas and betas of most MS software (and I'm speaking as an MSDN subscriber who can get hold of them) have expiry dates built in - I think the Longhorn tech release I have expires in August or something, and a beta of Windows 2000 expired before W2K was actually released. Can't speak for Office betas, but I feel it would be likely that they too expire.

    --
    How many people can read hex if only you and dead people can read hex?
  24. Re:Lots of info left out of the summary... by neuroticia · · Score: 5, Interesting

    Interesting question. Is a company that releases an inferior product, but that has a monopoly required to force their customers to pay subscription fees for multiple software packages by third parties needed to patch the vulnurability? And if they decide to release their own software to fix the problem, are they partaking in anti-competitive practices by wiping out companies that exist solely to patch the problem? If they charge a competitive fee for the software, is that better or worse than giving it out for free? On one hand they're screwing their customers who live with the bugs, on the other hand they're putting companies out of business.

  25. Re:Lots of info left out of the summary... by Wumpus · · Score: 4, Informative

    But it does run fine under Wine, and produces a validation code. The code isn't recognized as valid by the MS web page, though. Strange.

  26. Re:Lots of info left out of the summary... by krbvroc1 · · Score: 5, Funny

    4. POTENTIALLY UNWANTED SOFTWARE.

    Is Microsoft coining a new term - PUS? My machine is infected with PUS.

    I can see it now...
    The following has been identified as PUS. You may choose to keep it, however Microsoft cannot guarantee stability if you allow it to remain installed. Do you wish to disable the following PUS?:

    Lilo - Identified as PUS

  27. Re:Lots of info left out of the summary... by dirty · · Score: 4, Informative

    Microsoft also bought Internet Explorer, that's given away for free. They really don't need to make the money back with all the cash they have. The positive PR from giving it away for free could easily make up for the cost of the company.

    --

    -matt
  28. Re:Lots of info left out of the summary... by geoffspear · · Score: 3, Insightful
    I don't think there's a strong argument against what they're doing. I mean, if they actually fixed all of the flaws in Windows and IE that lead to spyware infestations (and, in turn, spyware removal companies' success), would that be unfair to the spyware removal companies?

    What about to the companies making the spyware in the first place? Do they have a case against Microsoft if they make changes to their dominant OS that intentionally break spyware?

    I don't think improving security in an OS, even if it harms third parties who make a profit off your bad security, is going to meet the standards for abuse of a monopoly in the same way that tying a new application that adds features instead of fixing problems to the OS would.

    --
    Don't blame me; I'm never given mod points.
  29. Re:i dont know by badriram · · Score: 3, Insightful

    support proper file-locking and implement unix-style permissions

    What are you talking about, windows has a better permission structure with ACLs than any unix system did. Most modren unix systems have been adopting Windows style ACLs lately. File locking also exists in windows, and also part of ntfs. Ofcourse you would not have these features in FAT.

    If anything is the problem is that people are administrators on their computers and this would be solved if they went the apple sudo model, which I prefer the most.

  30. Re:Lots of info left out of the summary... by Thing+1 · · Score: 3, Interesting
    Hmm, you just gave me an idea for the next vector of infection: a virus which changes your Registry's idea of the license number to a known hacked one, thereby preventing future Service Packs from being able to be installed (and also increase a business' chances of an audit by teh SPA).

    Hopefully that can be protected against, too... I'm not sure how it's configured in the Registry, perhaps they already encrypt it, but if XP can decrypt it to verify, then someone can debug while it does so...

    --
    I feel fantastic, and I'm still alive.