Slashdot Mirror

← Back to Stories (view on slashdot.org)

Two Reviews of Microsoft AntiSpyware

Posted by michael on from the unsolved-problem dept.

jasondubya writes "PC Magazine released their review of Microsoft's Anti-Spyware Beta 1. While they agree with most that it has great potential, it has yet to take over their top spot. In an informal test, it removed about two-thirds of the spyware detected and blocked about fifty percent of the threats they attempted to install. After removal, they ran Webroot's Spy Sweeper 3.0. It was able to detect '900 traces of 48 distinct threats still present, including two keyloggers and three Trojans.' With that, it looks like Microsoft still has work to do before they are on top of the market." Several other readers sent in link to Mossberg's review in the WSJ.

22 of 203 comments (clear)

  1. Typical.... by SpyHunter99 · · Score: 3, Insightful

    Anything good about this program is attributed to Giant and anything bad is attributed to Microsoft.

    1. Re:Typical.... by TedTschopp · · Score: 2, Insightful

      Now what is typical, Microsoft acting this way, or someone on Slashdot basing Microsoft?

      --
      Fantasy remains a human right; we make in our measure and in our derivative mode... -- JRR Tolkien
    2. Re:Typical.... by winkydink · · Score: 2, Insightful

      I don't know that they've had it long enough to contribute much good or bad, unless you have something against the way it's branded, I guess. At this point, it's pretty much a rebranded Giant product. It will be interesting to see how it evolves in beta.

      --

      "I'd rather be a lightning rod than a seismometer." -Ken Kesey

  2. Re:My experiences in brief... by papadiablo · · Score: 4, Insightful

    It also complains loudly about a number of things I use on a regular basis - FTP server, VNC, even a copy of SoftICE (which, yes, I use legitimately to debug device drivers).

    Yes, but you can tell it to ignore them every time, meaning it won't bug you about them.

    I agree it's extremely fast. It is also free and in beta mode so I wouldn't expect it to be as good as commercially released subscription based software. It would be nice if it continues to be free and I expect it to only get better over time.

  3. Re:My experiences in brief... by Anonymous Coward · · Score: 2, Insightful

    It's not /supposed/ to bother you with ad cookies. These aren't really 'spyware'; listing every cookie is just a cheap way to inflate the number of things caught, making the anti-spyware software seem more valuable than it really is.

    OMFG, that SuperSpywareRemover found 781 peices of spyware on my computer! Wow, the net's so dangerous, I need to pay for SuperSpywareRemover and run it every day! OMFGoneoneone!

  4. Re:My experiences in brief... by RonnyJ · · Score: 4, Insightful
    It also complains loudly about a number of things I use on a regular basis - FTP server, VNC

    It *should* pick up on these two - if you're advanced enough to have a use for them on your system, you're quite capable of telling the program to always ignore them.

    If, on the other hand, a typical home user finds a FTP server or VNC on their system, who has no idea what it is, or why it's there, it's likely it's not been put on there for their use.

  5. Why Microsoft's product will not dominate by fleener · · Score: 2, Insightful

    Their anti-spyware software doesn't work on older versions of Windows. Poor ol' me with WinME will continue to use measures that work on older versions of Windows.

  6. The WSJ article is very biased. by sllim · · Score: 4, Insightful

    Problems with these reviews:

    1. It really isn't fair to issue a review of a product in its beta form. Yes it can be argued that Microsoft throwing out this software in the public domain pretty much gives people the write to issue opinions on it, but it seems to me that in a respected news source like the WSJ should take there ability to influence people to heart and wait for a final version before issuing reviews.

    2. The reviewer faulted this tool for not finding cookies. Big whoop. Seriously, cookies are highly overrated. Ad-Aware is a pretty good tool, but its insistance in clearing out all my cookies causes me to have to redo passwords and such for websites that I would have rather left alone. This utility ignoring the cookies is a good thing.

    3. Resets hijacked home pages to MSN. Buyer beware? Oh thats right this software is free. The problem with hijacked home pages is that there is a script that keeps resetting them to the hijacked page, you can't get rid of it. I haven't tested this, but I imagine that the Microsoft tool simply resets your home page to MSN. You are free to change it back to whatever you want. I imagine it would be a simple enough thing for Microsoft to reset it back to what it was originally, but that requires that your home page wasn't hijacked when the tool was installed. All in all if Microsoft want's to make MSN the default home page with this tool, and the tool is free, I say we got what we paid for. Let them have it.

    4. Doesn't support Firefox. Let me get this straight. Microsoft offers a product for free that a good many of us would be willing to pay for and they don't offer support for there competing web browser? Say it aint so!
    Let me be the first to say that if you wan't Firefox support then maybe you should look at an open source solution or possibly a pay client that supports Firefox. As long as Microsoft is giving this thing away faulting them for this is bias pure and simple.

    1. Re:The WSJ article is very biased. by bogie · · Score: 3, Insightful

      A few counterpoints

      1. Its not a Beta. Its a Final finished product that Giant has been shipping for some time. If someone bought Photoshop CS from Adobe and then called it "My Photo Editor Beta" would you really consider it a Beta product? I agree that some consideration should be given to the fact that MS may actually do some work on this before they call it final, but this really isn't a Beta in the true sense and should be able to stand up to some scrutany.

      2. Well cookies were really the first form of spyware. Not finding them is a flaw. I like you think ignoring them might be a good idea, but the option should be there and its a mark against MS's product that it can't do whats expected from a modern spyware product these days.

      3. Good that it can find hijacked homepages, bad that they don't give you the option to set your own homepage if the program really does think your page was hijacked. That's a no-brainer and something MS should have fixed already. Saying "well its Free isn't it?" is a total copout.

      4. I agree asking MS to support a competitor let alone an OSS one is too much to hope for. But if Firefox becomes a popular browser for many Windows users then they need to keep an open mind.

      --
      If you wanna get rich, you know that payback is a bitch
  7. Re:Heh by NetNifty · · Score: 2, Insightful

    Yeah, like this story here that doesn't exist, for instance... oh wait.

    --
    Linux Wireless Hardware in the UK
  8. Can't they just buy Gator? by BestNicksRTaken · · Score: 2, Insightful

    MS have the money, instead of wasting it trying to do what Spybot S&D and Adaware haven't managed to do in years, why don't they just buy up and close down some spyware companies - that's what they usually do to threats.....

    Personally I hope this product doesn't work, as Spyware/viruses are currently the main reason people I know are moving from Windows to Linux.

    --
    #include <sig.h>
  9. The other way round.. by shird · · Score: 3, Insightful

    Running spy sweeper afterwards and detecting traces of spyware still on the machine does not mean that you should assume that spy sweeper can detect all the stuff that MS anti-spyware has already detected and removed.

    Youd be better off running the two products on identically infected machines and see which detects and removes the most etc. If you were to run spy sweeper first and then MS anti-spyware, youd probably see similar results. (ie, MS anti-spyware detecting stuff that spy sweeper missed).

    --
    I.O.U One Sig.
  10. Re:My experiences in brief... by gad_zuki! · · Score: 2, Insightful

    No, it shouldn't. First off VNC and FTP are not spyware. Period.

    Secondly, look outside your slashdot bubble and you'll see people who share computers. Not everyone has three or four boxes laying about. One person (or the admin) may put a VNC server on there and then another person may remove it because they trust the MS app and don't know any better.

    Stick to spyware. Seriously. On one machine I tested it, it couldnt remove a common spyware browser helper object. MS cant remove stuff from their own browser? Yep.

  11. nothing to see here by Anonymous Coward · · Score: 1, Insightful

    I tried it on my WinXP box and was not impressed. I have a fully patched SP2 install, use IE for few websites (the ones that don't work with Mozilla), and Mozilla for the majority of my surfing. I have a Mcafee firewall and antivirus, and sweep every week or so with Ad-Aware and Spybot. The ONLY thing MS found was part of Spybot (or Ad-Aware, I forget which), I disabled the auto-run stuff and MS still set it to autorun, and when I unistalled it, it left its garbage behind for me to manually clean up.

    Nope, nothing to see here!

  12. Fallacy by fm6 · · Score: 3, Insightful
    After removal, they ran Webroot's Spy Sweeper 3.0. It was able to detect '900 traces of 48 distinct threats still present, including two keyloggers and three Trojans.
    Means nothing, unless you're sure that Spy Sweeper doesn't do false positive. And it fact, that product seems to do a lot of them. Right now, it's insisting that I have the 2nd-thought and Slackbot trojans. But those guys are pretty well documented, and I can't find the slightest trace of either.
  13. Re:For the pirates... by the+angry+liberal · · Score: 2, Insightful

    Why do you care about using IE to connect to M$? I just let it connect and check for, download, but not install updates. Then, I flip through them to make sure they are applicable to my system before installing.

    Are you really that frightened they will PWN you? Please visit my ebay store. The special this week: Tin-foil hats, half price!

  14. Too soon to tell... by writermike · · Score: 3, Insightful

    Largely, this beta is little more than a rebranded GIANT Antispyware, which was already pretty good to being with. (Yeah, it doesn't support 95/98/ME any longer, but GIANT's software was a little flaky there.)

    (It would be interesting if one could go back in time, send the same software to the reviewer with the GIANT brand and see if the name, "Microsoft," somehow changed the review, but I digress.)

    I am less concerned with Microsoft's changing the underlying structure of the product than I am with their ability to keep up with the threat. Malware demands that an anti product get updated very, very often, sometimes daily. Microsoft, to date, has never demonstrated that they can keep up with the threat. How are they going to go from releasing one to two security updates every couple of weeks to keeping up with a threat that can change hourly.

    Sure, it'll piss us all off if Microsoft -- who presumably has more knowledge of and access to Windows' under-pinnings -- doesn't live up to this challenge, but the worst that will happen to it is this nice product they bought will quickly become irrelevant. And the community (or communisits, I'm not sure which) will, again, rise up to fill the vacuum.

    m

    --
    If Nalgene water bottles are outlawed, only outlaws will have Nalgene water bottles.
  15. Re:Heh by jasondubya · · Score: 2, Insightful

    I would have to say that the review was quite favorable. If anything, it put them one away from the top and pointed out that the program is still in Beta. With that in mind, the review was very favorable.

  16. Re:My experiences in brief... by LO0G · · Score: 2, Insightful

    First off, it's only been a MS product for a month - hard to rewrite it in that time.

    Also, that article seems to indicate that the undocumented APIs are somehow "faster" than their documented equivilants, but it doesn't cite any evidence of that...

  17. Re:My experiences in brief... by ImpTech · · Score: 2, Insightful

    Gotta disagree. Case in point, I've got VNC installed on some of my relatives' PCs so I can help them when they have problems. Now, these are willfully computer-ignorant people who forget what they're supposed to click so I can access their computer (the "VNC server" icon I put on their desktop). Chances are if Microsoft's program found the VNC executable and brought up a warning, they'd follow whatever action it said without thinking. And next time they have a problem, we spend hours trying to figure out what happened to VNC.

    Oh, and I'll bet AntiSpyware doesn't even peep if you have XP's remote desktop "feature" enabled...

  18. Re:My experiences in brief... by _Sprocket_ · · Score: 2, Insightful

    IE can be used to spy on a computer too (cookies, installing software, etc). A fileshare could be used. And, assuming you have the right version of Windows, so could Remote Desktop. Are these being flagged too?

    I doubt it. Not because of a nefarious Microsoft plot - but simply because it's NOT spyware. Neither is FTP nor VNC.

    I understand the concept of why one would choose to flag VNC, an FTP daemon, etc. But when it comes down to it, that's a rather agressive and more than likely incorrect interpretation. This isn't a vulnerability scanner. It's an anti-spyware app.

    On a somewhat related note, I still don't understand why "spyware" isn't included within the normal run of malware definitions for common antivirus while "elf bowling" is.

  19. Microsoft's had anti-spyware software forever. by Mostly+Harmless · · Score: 2, Insightful

    format c:

    --
    "`Ford, you're turning into a penguin. Stop it.'" -Douglas Adams, THHGTTG