Microsoft Denies Claria got Spyware Exception

daria42 writes "Microsoft has denied its AntiSpyware application has given adware-maker Claria special treatment. The denial has been issued amid reports MS is looking to buy Claria, and is in response to security researchers' reports stating AntiSpyware had downgraded the threat level posed by Claria's adware products. The downgrade in threat level merely represented an effort to be "fair and consistent with how Windows AntiSpyware (Beta) handles similar software from other vendors," according to a statement published by Microsoft." As reader jfengel writes, though, "they neglected to mention what software that might be, nor did they publish the analysis."

Spy Sweeper too

[professorhojo]

I don't know if you guys know this, but Webroot's Spy Sweeper is also delisting obvious spyware. Microsoft is not alone in this! I personally think this is going to become a real problem with most spyware scanners unless laws are brought on to fight spyware more aggressively and some kind of standard list is defined like there is for viruses.

Re:Spy Sweeper too

[GlassUser]

For me, I am interested in open source spyware removal. I would like a product designed by people with a mindset like mine (anti all spyware). One of the issues is that anti-spyware/virus companies are getting sued by adware companies for slander etc. for calling the adware, well, adware.

The needed mechanism is already in windows. All we need to do is find and distribute hashes of known spyware (software permissions policy, or something like that, it works by hash, filename, certificate, and maybe location). Windows will then simply refuse to execute (if it's an executable, or load it if it's a library or control).

Re:More info and analysis

[bigman2003]

As a relatively big fan of many Microsoft products...(hey, it's how I make a living!)

Any attempt to incorporate software like Gator into Windows, or an attempt to allow software like Gator greater control...will mean I am no longer a card-carrying member of the fan club.

Seriously, I have spent way too much time cleaning that junk off of my daughter's computer. The MS anti-spyware program works well now, but if they disable it for their 'partners' it will royally suck.

And then I'll have to eat crow for quite a while.

Re:Ad-Aware

[Mad-Mage1]

Excpet for the fact that Ad-Aware already had A HUGE problem recently w/ delisting of products, specifically When-U. I know many who no longer use it as the first tool against spyware, merely for thoroughness.

What really annoys me

[binkzz]

is that they're also using AntiSpyware for motivating people to remove competing products. For instance, MSN Plus and RealVNC will come up in a search, and although I don't particularly like MSN Plus myself, I don't think it's really fair.

The small print says they may not be actual spyware, but potentially dangerous items, most unknowledgable people will just remove them anyway, because it's the default option.

Re:Let's hear it for conspiracies...

[kahei]

It's not a fine piece of software. It _was_ one and it has been intentionally made otherwise.

I'm keeping my tinfoil hat firmly on. Imagine if Ford bought the company that checks for defects in cars, and the next week all Ford defects were considered as desirable behavior. Imagine if Monsanto bought the company that decides whether Bovine Growth Hormone is bad for you, and the next week it was announced that BGH is just fine... actually, you don't really have to imagine that.

This is a tiny attempt to extend to the software industry what is already standard in the 'traditional' industries; the use of quality and safety regulating entities to discourage competition rather than to protect the consumer.

I _will_ say that I don't expect MS to be as evil about it as Monsanto et al for a good many years yet.

OSS spyware detection

[FidelCatsro]

Does anyone know of any OSS that is dedicated to the removal of ad-ware and spyware.
I manage a number of windows machines at the office and wit he recent declassification's without good explanation that has occurred in the sector i have lost all faith in most of the products .
An OSS solution would be wonderful (hell i would rather switch the machines to linux , but that is not an option right now due to certain programs that are required by the company) .
Commercial solutions always to me seem rather susceptible to legal action for the classification and or bribery.

Re:Wonderful

[orthogonal]

So MS denies something they clearly did wrong, what's new?

You, sir, are entirely unfair!

Microsoft clearly said The downgrade in threat level merely represented an effort to be "fair and consistent with how Windows AntiSpyware (Beta) handles similar software from other vendors,"

It's entirely consistent. Microsoft has consistently held their software offerings to, ahem, an improved standard.

I mean, have you ever looked at how Microsoft's C++ compilers, um, pioneered their own standard, entirely different -- and, so long as you don't like correct exception handling, consistent RTTI, or the availability of a Standard library, entirely better -- from the ANSI/ISO standard. Or look at the, um, improvements to JavaScript and the browser DOM.

Or just look at the XML for Word docs. Ok, well absent a non-disclosure agreement you can't actually look at it, but trust Microsoft it's entirely consistently inconsistent with anything else out there.

How anyone can say Microsoft isn't being consistent in its approach I just don't understand at all.

So what they're really saying

[dtfinch]

Is that Claria isn't the only malware to get this exception?

Re:More info and analysis

[Chris+Mattern]

cygnusx wrote:

But stop calling [Scoble] a brown-noser when we know nothing about you or your biases.

Some of his questions in the Ballmer interview:

* Why does Microsoft care about developers?

* Microsoft is a leader in transparency and blogging. Why did you allow blogging?

* Coming up with tough questions for you is hard. If you were in my position what tough questions would you ask Microsoft's CEO?

I'm sorry. That's a man brown-nosing just as hard as he can.

Chris Mattern

Re:Commercial programs

[ajs318]

Amen to that.

Where is the Open Source anti-adware, anti-spyware stuff? I don't see a spyware removal tool for Linux. Oh ..... there wouldn't need to be one, would there? We could just comment out the spyware-ish bits before compiling, and distribute the resulting patchfile. On Gentoo, that would probably be part of the ebuild scripts. OK then, what about Open Source spyware removal for Windows?

But the point is that all the Open Source software available for Windows is there by accident. It wasn't written for Windows, it just was ported to Windows from some unix variant. Nobody writes GPL software with Windows in mind -- it's just that some Windows user manages, with more or less effort, to persuade it to compile, and is obliged by the licence to make the source available. {If anybody persuaded BSD-licenced code to compile under Windows, they probably would keep it closed-source -- and maybe even disable some options in an effort to extort money out of users}.

My computer is my property, and I have the right to determine what software runs on it. Installing software without my explicit consent is at least trespass {which is a civil offence and grounds to sue} and may constitute criminal damage {which is a crime, so dial 999 and let the police deal with it}. These things were already offences long before computer-specific legislation was passed. The use of confusing language to persuade someone to install software may additionally constitute Burglary Artifice. If it's a Crown Court, then the odds are in your favour -- out of a jury of 12 people, how likely do you think it is that none or only one have experienced PC trouble due to spyware?

You know, I often wonder what would life have been like if, way back in early 1976, some members of the Homebrew Computer Club had dragged Bill Gates {the author of that letter} into the gents' and given him a bloody good hiding. That has to be my second choice for an "if I could alter the course of history" fantasy.

Re:Ad-Aware

[Flyboy+Connor]

Seriously folks, when will the madness stop? You can't patch a broken design combined with user unawareness by semi-working cannot be trusted commercial programs!

Interesting comment, which reminded me of a story:

I once worked for a bank, where there was a computer that processed all electronic banking files. The majority of the programs on this computer were written by a guy I worked with. This guy considered himself a programming god, while I thought he was below average.

Now, one of the quite critical programs that ran on this computer was in the habit of crashing occasionally. The guy attributed this to an OS fluke, and instead of debugging the program and resolving the error, he wrote a program that simply checked whether the crashing program was running, and if it wasn't, would restart it.

Without our department knowing, the crashes increased in frequency. We didn't know this, because the crashing program was restarted all the time. Unfortunately, at a certain point in time the crashes occurred about every few seconds, and our system basically went down. I was part of the team that analysed and resolved the problem, and, of course, we found that it was a basic DESIGN flaw in the crashing program. I won't go into details, but basically, with some knowledge of file transfer protocols, this flaw would have been avoided.

Now, why is this story on topic? Because Windows is JUST like this crashing program, Microsoft is JUST like the guy who wrote the crashing program, and AntiSpam/AntiVirus/Firewalls are JUST like the program that restarted the crashing program.

What I expect to find, in the not-too-distant future, is that our Windows systems will simply stop running because the patch programs need all computing resources to keep Windows from going down. And the only way to resolve this, is a redesign. Which should be done by people who know how to design a good system, and not by a marketing company.