Microsoft Denies Claria got Spyware Exception

daria42 writes "Microsoft has denied its AntiSpyware application has given adware-maker Claria special treatment. The denial has been issued amid reports MS is looking to buy Claria, and is in response to security researchers' reports stating AntiSpyware had downgraded the threat level posed by Claria's adware products. The downgrade in threat level merely represented an effort to be "fair and consistent with how Windows AntiSpyware (Beta) handles similar software from other vendors," according to a statement published by Microsoft." As reader jfengel writes, though, "they neglected to mention what software that might be, nor did they publish the analysis."

More info and analysis

There's some really excellent analysis on this by Ed Bott.

Compare and contrast to the lies and misdirection spread (as is normal), by Microsoft's resident spin doctor Robert Scoble. See his Ballmer interview, aka, The Idiots Guide to Brownnosing, to see his true colors.

Lots of Gator-bashing is rightly occurring all over the MSDNosphere, see here for a funny example. Remember, even Microsoft employees (commenting anonymously, of course) hate this idea.

I'm guessing that Microsoft will somehow integrate Claria's obnoxious 'personal marketing' tactics into Internet Explorer 7 or the new RSS functions to get a chunk of the targeted intarweb ad market which Adsense has completely sewn up for normal web pages. We should go and tell them what we think about Claria and Gator, not to mention their general business ethics. Don't let Scoble's lies deceive you, and don't hold back.

Re:More info and analysis

[bigman2003]

As a relatively big fan of many Microsoft products...(hey, it's how I make a living!)

Any attempt to incorporate software like Gator into Windows, or an attempt to allow software like Gator greater control...will mean I am no longer a card-carrying member of the fan club.

Seriously, I have spent way too much time cleaning that junk off of my daughter's computer. The MS anti-spyware program works well now, but if they disable it for their 'partners' it will royally suck.

And then I'll have to eat crow for quite a while.

Re:More info and analysis

[cygnusx]

Scoble did link to Ed Bott's take. If you think the Scobleizer is an echo chamber you've a lot to learn.

And oh, it's really funny to see an anonymous coward carp at Scoble, who consistently has shown that his opinions are his own, whether it be about MSN/China or Microsoft/Gay Rights. Yes he works for Microsoft. Yes he blogs. If you can't deal with that, don't read him. But stop calling _him_ a brown-noser when we know nothing about you or your biases.

Re:More info and analysis

[Hortensia+Patel]

We should go and tell them what we think about Claria and Gator, not to mention their general business ethics.

On the contrary, we should encourage them to integrate obnoxious adware into every aspect of the browser and OS. If that doesn't persuade the world to switch, nothing will.

Re:More info and analysis

[jurt1235]

Let them integrate it please! That is the best thing that has happened to MS windows in years, companies will love them for this innovative way of delivering adds to keep the internet "free".
It will be a bad day though if the browser check tells you that your browser is not adware compatible (-:

(And even more people will use firefox & probably an other OS)

Re:More info and analysis

[bill_mcgonigle]

And then I'll have to eat crow for quite a while.

Admitting you have a problem is the first step. Welcome.

Re:More info and analysis

[overshoot]

Seriously, I have spent way too much time cleaning that junk off of my daughter's computer.

They're solving that. Once MS buys Gator, they'll fix the bugs that make it removable.

"Integrated into the operating system," like IE, Media, etc. The script should be familiar by now.

Re:More info and analysis

OK, you're just a go along get along kind of guy, a little bit thoughtful, but more interested in leading a full life than fighting the good fight, that's all fine, I don't want to change your way or your choices.

But please, don't fall into the fallacy that if Microsoft didn't exist, that you would have no way of earning a living, or any of the other variations along the continuum.

The Microsoft monopoly hurt the computer industry including everybody in it from consumer to worker to investor to competitor. Monopolies charge prices that are too high and that depresses economic activity and that hurts people. It's that simple. That is the beef, and you are free to hold all the other opinions you have.

Re:More info and analysis

[radarsat1]

And then I'll have to eat crow for quite a while.

Isn't corporate vendor lock-in great!??

Re:More info and analysis

[Chris+Mattern]

cygnusx wrote:

But stop calling [Scoble] a brown-noser when we know nothing about you or your biases.

Some of his questions in the Ballmer interview:

* Why does Microsoft care about developers?

* Microsoft is a leader in transparency and blogging. Why did you allow blogging?

* Coming up with tough questions for you is hard. If you were in my position what tough questions would you ask Microsoft's CEO?

I'm sorry. That's a man brown-nosing just as hard as he can.

Chris Mattern

Re:More info and analysis

[delus10n0]

Yeah, ok. If you were working at Microsoft, what sort of questions would you be asking Steve (without brown-nosing?)

Pfft.

Re:More info and analysis

[man_of_mr_e]

While I 100% encourage people to make their opinion on this known, I think there really isn't enough information on just what MS plans to do with claria.

There are any number of scenario's, some good, some bad, as to what MS will do. They could be buying them to shut them down (and don't want to tip their cards before the purchase, thus we have their silence on the matter). Or they could be buying them for some other technology they hold, and don't plan to continue their business (or sell it off without said technology to someone else).

I think it's a bit premature to be claiming the sky is falling, especially in light of the fact that other spyware vendors seem to reclassify vendors all the time:

http://www.benedelman.org/spyware/threats/

Re:More info and analysis

[going_the_2Rpi_way]

How about

"If you want to be taken seriously, shouldn't you give interviews to people you don't have the ability to fire?"

Re:More info and analysis

[Xtifr]

I'm not sure - it depends on the corporate culture at MS, and how much I thought asking hard questions might be a threat to my job. Since I don't work at MS (and am unlikely to ever do so, given what I've heard of their ageist policies WRT technical staff), I don't know a lot about their corporate culture.

But ultimately, you ask an irrelevent question. Either he's brown-nosing out of fear, or he's doing so because he's a natural brown-noser. But whatever his reasons, he's still clearly brown-nosing.

And yes, I have worked at places where I probably would have ended up brown-nosing myself, out of fear for my job, if I were in a similar position. Can't say I look back on those jobs with great fondness, though.

Re:More info and analysis

[greenhybrid]

Microsoft maximizes profit. It's that simple. If there's a threatening company with a great product, Microsoft will drop prices on competing products and put them out of businesss. If there's no competitor, it'll crank up the prices and rake in the cash. Legal or otherwise, Microsoft does whatever it can to maximize profits because even lawsuits cannot stop it. It will cease development on certain projects (ie. Internet Explorer) if market share is already monopolistic. Microsoft is horrible for the computer industry. Awful. Terrible. Bad!!! Because of Microsoft, the Internet is years behind its technological potential. Because of Microsoft, thousands of companies have spent millions (billions?) of dollars recouping from virus attacks. The industry is overall less productive because of software at lower standards than possible, and monopolistic tactics hinder (and kill) opposition.

Re:More info and analysis

[laffer1]

If only that would work... i have to fight with users to remove spyware and adware at work. Why? Because they think the crap gives added value. I've been half tempted to write an open source weather checker / sticky note / calendar / whatever for windows just to give them something free thats not spyware ridden!

People don't care if others know their credit card, email address, what websites they go to. Its sad.

Re:More info and analysis

[SeventyBang]

One of the things tucked away in Gator's legal past is the fact they won a case when challenged over the right to strategically pop "their" ads over already visible ads. I don't remember all of they whys and wherefores.

One of the contentions raised on many blogs has been how people can claim it's patently obvious Microsoft will be charging for Microsoft Windows AV, which is what I think they will be calling it. In all honesty, it can be said they haven't announced it will be commercial although if it will be a free product, I don't think they would have any qualms about making such an announcement. There is, however, a suicide gene: death on December 31.

My prediction is there will be three flavors: Home, Professional, and Corporate|Enterprise. The Home, likely to be $29.99, $39.99, or $49.99, will be a plug-in for Outhouse^wOutlook and Outlook Express, although the demise of OE is waaaaaaay overdue, so it wouldn't be a surprise to see OE on the clash list. I'd say $39.99 is possible and $49.99 is the likely candidate.

Professional would likely cover Home + SMTP-based software, POP, and browser-based email such as HotMail, Gmail, Yahoo! mail. Perhaps NNTP? Or is that even an issue? It would make one tempted to say less because it's be kind to Microsoft week because they haven't declared it'll be commercial but I'll go out on a limb and say and say $79.99-$99.99.

Corporate|Enterprise is obvious - residing on exposed gateway servers. Price proportional to the number of protected seats.

That's my story and I'm sticking to it.

Spy Sweeper too

[professorhojo]

I don't know if you guys know this, but Webroot's Spy Sweeper is also delisting obvious spyware. Microsoft is not alone in this! I personally think this is going to become a real problem with most spyware scanners unless laws are brought on to fight spyware more aggressively and some kind of standard list is defined like there is for viruses.

Re:Spy Sweeper too

Evidence please. We use their corporate product and would be very irritated were this true.

Re:Spy Sweeper too

[Alex+P+Keaton+in+da]

For me, I am interested in open source spyware removal. I would like a product designed by people with a mindset like mine (anti all spyware). One of the issues is that anti-spyware/virus companies are getting sued by adware companies for slander etc. for calling the adware, well, adware.
That is part of why a program that installs itself, logs your keystokes, saves your credit card info, and turns on your webcam while you are in the shower is a "petentially unwanted program" As long as anti-adware companies are suable entities, we are going to have these issues in addition to absolutely egregious issues like MS buying a spyware company.
Next thing you know Cancer will have to be called "potentially unwated cells."
And let us not be of the mindset, if people can't figure out how to keep spyware off their computer, they deserve it. A lot of those people are our parents and grandparents.
Can you imagine spyware clippy- It looks like you are writing a letter to a bankruptcy attorney. Would you like me to set you up with my rich exiled Nigerian uncle?

Re:Spy Sweeper too

[OglinTatas]

anti-spy software ignoring certain results will only be a problem if they also intentionally (or "unintentionally," or "incidentally" or whatever they call it when they are discovered) disable competitors' anti-spy software. I run lavasoft and spybot regularly, I have reasonable confidence in the integrity of both programs' developers. I run both because some find spyware that the others don't. If a company intentionally missed spyware, it would be underhanded, but the effect would be no different than if a company just didn't update its definition file yet. That's why you run 2 or more scanners.

Now antivirus software, that is dangerous, because in some cases they really do interfere with each other, and therefore you have to rely on a single product to catch everything.

Re:Spy Sweeper too

[garcia]

I don't know if you guys know this, but Webroot's Spy Sweeper is also delisting obvious spyware.

This is why people should not be supporting commercial entities that are selling spyware detection/removal software.

This should all be free, open source, software that includes a community updated database of spyware junk. That way money and corruption stay out of the mix.

Re:Spy Sweeper too

[GlassUser]

For me, I am interested in open source spyware removal. I would like a product designed by people with a mindset like mine (anti all spyware). One of the issues is that anti-spyware/virus companies are getting sued by adware companies for slander etc. for calling the adware, well, adware.

The needed mechanism is already in windows. All we need to do is find and distribute hashes of known spyware (software permissions policy, or something like that, it works by hash, filename, certificate, and maybe location). Windows will then simply refuse to execute (if it's an executable, or load it if it's a library or control).

Re:Spy Sweeper too

[Pollardito]

That is part of why a program that installs itself, logs your keystokes, saves your credit card info, and turns on your webcam while you are in the shower is a "petentially unwanted program"

where exactly do you keep your computer?

Re:Spy Sweeper too

[1800maxim]

If there is such a problem with lawsuits over labels, simply change the labelling system. INstead of calling it "adware" or "spyware", use description off the vendor's site. For example, Gator says

The GAIN Network has a unique permission-based relationship with tens of millions of users. The GAIN Network enables consumers to download and use some of the Web's most popular software applications -- for free. In return, consumers agree to receive targeted promotions/ads from GAIN Network advertisers

Instead of ad-ware removal tool, call it permissions-based Universal Uninstaller of Various Advertisment Delivery Applications.

Re:Spy Sweeper too

[shaitand]

Personally I think we should be honest about the whole thing and refer to spyware removal tools as shitscoopers from now on.

Re:Spy Sweeper too

[Kojiro+Ganryu+Sasaki]

That question is not as relevant as the question of WHY the webcam can be turned on by unknown entities in the first place.

Re:Spy Sweeper too

[KylePflug]

Or why it's left pointing at the shower in the first place.

Re:Spy Sweeper too

[Master+of+Transhuman]

Well, it's better than bending over and taking it in the ass without lubricant like the MS shills like you like to do.

You're right, though - we need to start dismissing EVERY remark out of Redmond as a LIE from the git-go. Just as the former Minister of Information in Iraq was dismissed, we need to dismiss anything coming out of the mouths of Bill, Steve, or anybody else working for MS as a LIE - nothing more. And EVERY action of theirs as a pickpocket attempt - nothing more.

And those of use who are consultants need to make every single client aware that Microsoft is a company of liars that makes crap which is negatively affecting the clients business and should be boycotted from any purchasing decision.

Re:Spy Sweeper too

[Master+of+Transhuman]

I think everyone is aware of your points - everyone except the casual end user, that is.

That's what the problem is about. Microsoft should not be using the word "Ignore" in its default action listing.

End users knowledgeable enough to run multiple scanner are probably knowledgeable enough to know that adware is adware and to get rid of it no matter what MS or any other software says about it. The problem is most end users aren't that knowledgeable - even if they're smart enough to run an antispyware scanner at all. Certainly that seems to be MS's attitude by doing what it did - to take advantage of the end user's lack of knowledge in favor of its own spyware.

And a really knowledgeable end user WILL use more than one AV - one for on-access scanning and one on-demand to doublecheck the findings of the first one if necessary.

Re:Spy Sweeper too

[Charles+W+Griswold]

The funniest thing is these people purport to "hate" MS, yet every time an MS employee flushes a toilet, one of these guys is there watching and ready to comment.

I can see it now: "Jane McIntosh of Microsoft Flushes Toilet. Film at 11:00".

___________

"Well, I for one thought that is was a masterful flush, accomplished with a quick flick of the wrist and followed by a smooth heel-turn. Thumbs up!"

"Yes, but did you see the slight stumble on the dismount? She covered up by removing a piece of toilet paper from her heel, but I found the cover-up to be unconvincing. Thumbs down."

Stay tuned, folks, for further commentary from our panel of toilet-flushing experts.

Re:Spy Sweeper too

[tolkienfan]

Personally, I think that the law should stay firmly out of this arena - it's just too hard to draw a distinction that won't harm us or the technology at some point.

About the only law I imagine I could stomach would be along the lines of full disclosure. In other words, whether the software did something out of the users control and without his/her consent.
Unfortunately, you'd have to do some work around what is always allowed and/or implied. If you download a browser, are you implicitly allowing access to websites? What about sending info back to websites you didn't explicitly select? For instance when images are loaded from another site, with cookies and/or query data (doubleclick, anyone?)
Would that be the fault of the browser?

Such things are extremely hard to define for the general case.

Seriously, the law needs to stay out until a clearly defined problem has enough impact that legislation is appropriate.

Otherwise, we'd be hampered more than helped...

Re:Spy Sweeper too

[krowten21]

Cut the BS. Do you work for a Webroot competitor? Webroot does not delist adware or spyware companies regardless of their requests. If they serve ads they are adware. If they log keystrokes they are a system monitor. Period, end of story. I *do* work for Webroot Software. blog: www.threatchaos.com

Re:Spy Sweeper too

[jc42]

That question is not as relevant as the question of WHY the webcam can be turned on by unknown entities in the first place.

Well, a few years ago I worked in a lab that was developing video conferencing software. One of the guys had a cool tool that he liked to demo. He's ask you if your machine had a camera, and if so, what's the hostname or IP address. He'd type it into his program's "host" widget, and if it was a Windows machine, a few seconds later the view from the camera would appear on his screen. It didn't matter whether the camera was on or off; his program remotely turned it on. It also turned on the microphone, if there was one.

You can probably imagine the effect this had on a lot of users.

One fun thing was the people who would ask if there's anything that can be done about it. He would basically say "Well, I know how to remotely turn the camera off, if that's what you mean. But that doesn't do you a lot of good, because someone else can come along and just turn it back on, if they know what I know." He'd also say that his code only works with Windows machines; no other system that he knew of had the glaring security holes that allowed such remote access.

All this came out of a few guys' research into what it took to get their conferencing software running on Windows.

Dunno if it still works, though. It's been a few years.

Re:Spy Sweeper too

[jp10558]

First I do think it's important to keep the definitions clear. What you describe is spyware - it tracks users without their permission, and steals information.

AdWare is very different IMHO - it displays ads in the program in lieu of you paying for it.

Now, I think adware can work as a business model - it works for most websites for instance, no reason it can't work for some software - like Opera for instance.

Spyware should be flat out illegial - anything that installs as part of another program, or like GAIN pops up windows to display ads is just wrong. It's one thing to have an ad that is clearly part of the program chrome, and you know what program it's associated with as well as presumebly why it's there and another to cause more pop-ups on the web.

Re:Spy Sweeper too

[GlassUser]

Slow down there buddy. Thats one step away from trusted computing you speak of there (if not all the way there). I'll take fighting off spyware personaly to that.

Well first, it's already there. Pretty hard to get away from it. And second, you retain complete control of it. I don't see much wrong with that.

A question of trust

[TripMaster+Monkey]

From TFA:

"Windows AntiSpyware (Beta) continues to notify our users when Claria software is found on a computer, and it offers our users the option to remove the software if they desire."

The issue here is not whether or not Windows Antispyware still detects Claria products...the issue is Microsoft's recommendation on said products. While it is true that users still have the option to remove Claria products if they so choose, the fact is that users had the option to keep Claria products on their system back when Microsoft was recommending removal. The insinuation that this change offers users more choice than previously available is tacitly false.

The real issue here is Microsoft abusing their position of trust within the general computer user community. No, I'm not talking about people like us here...I'm talking about Ma and Pa Computer User...the ones who see a virus or spyware warning and panic. Many of these people rely upon the recommendations offered by the spyware detection/removal applications to decide on how best to manage their systems. By artificially upgrading Claria products from 'remove' to 'ignore', Microsoft is taking unfair advantage of these users' trust.

Also from TFA:

"All software is reviewed under the same objective criteria, detection policies, and analysis process," Microsoft claimed. "Absolutely no exceptions were made for Claria."

As far as I'm aware, no other spyware removal application has promoted Claria products in this fashion. Until Microsoft publishes these 'objective criteria', and shows how Claria products managed to get upgraded from 'remove' to 'ignore' under them, we will have no choice but to assume more ulterior motives.

Re:A question of trust

[Maxiosu]

As far as I'm aware, no other spyware removal application has promoted Claria products in this fashion.

what like adaware and pestpatrol did with WhenU? ;)

Re:A question of trust

From TFA, the criteria are posted:

http://www.microsoft.com/athome/security/spyware/s oftware/isv/analysis.mspx

Re:A question of trust

[keraneuology]

The issue here is not whether or not Windows Antispyware still detects Claria products...the issue is Microsoft's recommendation on said products. While it is true that users still have the option to remove Claria products if they so choose, the fact is that users had the option to keep Claria products on their system back when Microsoft was recommending removal. The insinuation that this change offers users more choice than previously available is tacitly false. The real issue here is Microsoft abusing their position of trust within the general computer user community. No, I'm not talking about people like us here...I'm talking about Ma and Pa Computer User...the ones who see a virus or spyware warning and panic. Many of these people rely upon the recommendations offered by the spyware detection/removal applications to decide on how best to manage their systems. By artificially upgrading Claria products from 'remove' to 'ignore', Microsoft is taking unfair advantage of these users' trust.

The real issue is "where does Microsoft want to go tomorrow"? Today they downgrade the recommendation on what to do with Claria. Microsoft revolves around the long-term strategy and to believe that this is one of the few times when one of their decisions isn't a stepping stone towards something else is to take the bet on the horse with the longest odds on the field.

Re:A question of trust

[Master+of+Transhuman]

Uhm, not exactly.

The criteria CATEGORIES are posted. We want to see the actual criteria and rankings used per spyware product.

Especially for Claria.

Re:A question of trust

[colinrichardday]

One of the criteria involved the software not showing an End User License Agreement in the user's normal computer experience. What is the software doesn't doesn't have an End User License Agreement?

Re:A question of trust

[snotty]

Microsoft's Anti-spyware criteria is listed here.

Funny qote from TFA

[Underholdning]

"We firmly believe that people should have complete control over what runs on their computers," Microsoft added."

Well, 10 million compromised windowsboxes seems to contradict that belief.

Re:Funny qote from TFA

[TripMaster+Monkey]

Not at all...they firmly believe that everyone should have complete control over what runs on your computer... ^_^

Re:Funny qote from TFA

[Bert64]

Then why don't microsoft believe that OEM's should give their customers the opportunity to dual-boot? surely it's their choice..
Also, why won't ms let me run a windows machine without IE, or outlook express? I don't have complete control if theres software there that i can't remove.

Re:Funny qote from TFA

[tolkienfan]

"

"We firmly believe that people should have complete control over what runs on their computers," Microsoft added.

"

This is actually true - when you realise that "people" = "Microsoft" and "their computers" = "everyone else's computers"

Microsoft was always a kidder

[oddheart]

From the bottom of that ZDNet article:
"'We firmly believe that people should have complete control over what runs on their computers,' Microsoft added."
Anyone else find that funny?

Let's hear it for conspiracies...

[Da+Fokka]

Please take off your tin foil hats, guys!

One might say that Microsoft is primarily responsible for the entire spyware issue (although I suspect Firefox's track record would be worse, albeit better than IE, if it were as popular). But MS AntiSpyware is a fine piece of software, however. It's easy to use and does its work better than many of its competitors.

Re:Let's hear it for conspiracies...

[TripMaster+Monkey]

It's a bird...it's a plane...it's AstroTurfMan!

Microsoft's AntiSpyware worked well because Microsoft didn't write it...Giant did. Back before Microsoft got their hooks into it, it was a fine piece of sofware...past tense.

Re:Let's hear it for conspiracies...

[kahei]

It's not a fine piece of software. It _was_ one and it has been intentionally made otherwise.

I'm keeping my tinfoil hat firmly on. Imagine if Ford bought the company that checks for defects in cars, and the next week all Ford defects were considered as desirable behavior. Imagine if Monsanto bought the company that decides whether Bovine Growth Hormone is bad for you, and the next week it was announced that BGH is just fine... actually, you don't really have to imagine that.

This is a tiny attempt to extend to the software industry what is already standard in the 'traditional' industries; the use of quality and safety regulating entities to discourage competition rather than to protect the consumer.

I _will_ say that I don't expect MS to be as evil about it as Monsanto et al for a good many years yet.

Re:Let's hear it for conspiracies...

[Alien+Being]

"Please take off your tin foil hats, guys!

Please take your head out of the sand.

"One might say that Microsoft is primarily responsible for the entire spyware issue..."

No, thousands of knowledgeable people *do* say it.

"I suspect Firefox's track record would be worse, albeit better than IE, if it were as popular"

That's a moot point.

"MS AntiSpyware is a fine piece of software..."

Penicillin is a fine medicine, but its makers don't go around spreading syphilis.

Re:Let's hear it for conspiracies...

[lbmouse]

It's not a "conspiracy" theory... it's a "fox guarding the hen house" analogy.

Re:Let's hear it for conspiracies...

[Da+Fokka]

Penicillin is a fine medicine, but its makers don't go around spreading syphilis

That's not a valid comparison. It's more like the makers of penicillin supplying leaky condoms.

Re:Let's hear it for conspiracies...

[shotfeel]

Sadly, it would be more like an OB-Gyn supplying leaky condoms.

Re:Let's hear it for conspiracies...

[Politburo]

Imagine if Ford bought the company that checks for defects in cars, and the next week all Ford defects were considered as desirable behavior. Imagine if Monsanto...

The problem with your shitty analogy (and let's face it, all analogies are shitty) is that there isn't any one authority for spyware detection, vehicle defect detection, whatever. If MS has truly crippled this piece of software, use something else.

Re:Let's hear it for conspiracies...

[Blakey+Rat]

Because you don't agree with him, suddenly he's AstroTurfMan? Come on, how about at least trying to see things from his point of view?

For instance, what anti-spyware program out there for Windows is better than MS AntiSpyware? Spybot's certainly passable, but it misses more than MS' does and it definately isn't easy-to-use. Ad-Aware is easy-to-use, but it misses more than both MS' and Spybot. All the other ones (that aren't scams from spyware companies) are costly...

Sorry, that leaves MS AntiSpyware as the best option right now. AstroTurf or not, the original poster was telling the truth, and I agree with him completely.

Re:Let's hear it for conspiracies...

[E8086]

From the screen shots and what I've read it looks like the recommended action was lowered from quarantine to ignore. But at least it displays it as a "possible" threat and anyone who gives it the slightest bit of attention will chage the action to remove. But as we all know more than enough people will just continue to click "Next" or "Yes" and the Gatorware will remain. Wait! Now isn't that how they initally got the spyware?(probably) If I remember correctly Spybot S&D's default option is to let the user check off which items to remove, it's been a while since it detected anything so I don't remember if the items were all selected by default. With all the spy/adware removal apps there have to be some that are even less good with their default options.

Re:Let's hear it for conspiracies...

[Blakey+Rat]

So are you answering my question by saying that Giant Antispyware is a better option than MS AntiSpyware? Because I was under the impression that Giant AntiSpyware no longer exists.

Or were you just utterly ignoring my question and my point to make some anti-Microsoft statement? That seems more likely.

Re:Ad-Aware

[Mad-Mage1]

Excpet for the fact that Ad-Aware already had A HUGE problem recently w/ delisting of products, specifically When-U. I know many who no longer use it as the first tool against spyware, merely for thoroughness.

bah

[Janek+Kozicki]

I have 2modpoints left, and I'm in bad mood. So I wanted to mod insightful a comment like: "microsoft sucks!" but there was no comment like that. What's up with you guys?

Re:bah

[Da+Fokka]

I have 2modpoints left, and I'm in bad mood. So I wanted to mod insightful a comment like: "microsoft sucks!" but there was no comment like that. What's up with you guys?

Simple. There is one thing slashdotters hate even more than Microsoft, and that's karma whoring.

Re:Bah

Wrong, Wrong, Wrong. Antispyware isn't even on update; you have to actively search for it. It does not come up on Windows Update; its still in beta!

Re:Bah

[kinzillah]

Yes, and firefox has bundled thunderbird with firefox because there is a link to it on their website.

Re:Bah

[djmurdoch]

The anti-spyware tool is different from the malicious software removal tool. The latter is run on every windows update. It targets viruses, worms, etc. rather than adware.

Re:bah

[MrCopilot]

Ah the conundrum, MS releases Anti-Spyware tool.

Does IT suck? No, but MS BOUGHT it and didn't WRITE it.

Give them a few more months to "enhance" it then we can all say it sucks. Rather good start with this news, I'd say.

Oh yeah, Microsoft Sucks!

Re:bah

[joe83]

Microsoft sucks huge green donkey boners, Bill Gates is an asshole, anyone who uses windows is an imbecile How's that? :P

I guess tha Microsoft denies

[Exitar]

BSOD existence too...

YRO?

[Tim+C]

MS's anti-spyware tool isn't the only one available, it isn't bundled with the OS, it doesn't attempt to prevent the user from installing other anti-spyware tools - in short, it is one option of many and you are free to install others as well or instead of MS's one.

Why is this in YRO? What right is being infringed or threatened? If you don't like MS's anti-spyware tool, don't use it!

Re:YRO?

[rpozz]

What right is being infringed or threatened?

The right to privacy. This is a tool created by the same people who make Windows, and shows that Microsoft may well start favouring certain spyware companies.

Re:YRO?

[ScentCone]

The right to privacy

And, how is your right to privacy infringed or threatened when you simply choose not to use this free product? As the GP said, there are plenty of others to pick from. Who cares if MS is less stringent on some ad companies? There's nothing stopping AdAware, or SpyBot or any of the others from doing exactly the same. Nothing, that is, except people just walking away from them and using something else. "Rights" are not involved when you're simply picking among a range of free tools and deciding which one you want to use.

Re:YRO?

[shotfeel]

That may be so.

However it is still within my rights to point out my opinion on the state of MS's software. The fact there are other offerings in no way changes the fact that MS's offering has taken a disconcerting turn, especially for those who did use it and may be unaware of the change.

Re:YRO?

[ScentCone]

However it is still within my rights to point out my opinion on the state of MS's software. The fact there are other offerings in no way changes the fact that MS's offering has taken a disconcerting turn, especially for those who did use it and may be unaware of the change.

Well, of course. We're not talking about your rights to free speech. You can say whatever you want, or write whatever software you want, and even distribute it for free (like MS's anti-spyware package is free). My comment was in response to your suggestion that somehow someone's actual rights were being violated by MS, and that's just factually incorrect. It's FUD like that that makes people draw the wrong conclusions about all sorts of stuff, and I think it's important to not toss around the word "rights" when we're talking about much less important things (like your choice of free stuff).

Re:YRO?

[Pitawg]

"Your Rights Online" to me, includes the change in definitions that MS is giving common terms which effect my rights online. By changing the terms spyware and adware, and their associated types of programs/software, weakening views by the public of their level of invasion into MY business/life, my rights are affected. Especially with society accepting a shrinking list of things associated with these terms, it IS a rights issue. These are the accepted definitions used in my fights throughout the rest of my life online to protect MY possessions and lifestyle.

This may not be a free speech issue, but it is a Rights Issue. With these and many other marketing PR stunts, one cannot even look at the word "FREE" anymore and still believe it means "without cost". Why? Because the Microsofts of all the other industries have succeeded in passing on their changes to this and many other words to protect themselves and confuse the public.

FREE does not mean FREE, and now they are trying to make Adware not mean Adware, and Spyware not mean Spyware.

You say "Use some other tool". I say "Tell the world to switch from gasoline engines". That would be just as easy, since this country is full of corner Hydrogen pumps, and Radio Shack Fuel Cell stands. Yeah, right... (or has MS bought auto factories and started the "Pollution is good for you" campaign? or the "If there is 2% gasoline in the liquid, it really is GAS and will not hurt the hardware" campaign?)

By changing their "recommendation" to "Ignore" from "Remove", they are stating from what MUST be a knowlegible view that Gator does not take anything away from the computing environment or power. This is not accurate for the majority of instances that CAN occur, and they do not clarify what the specifics are in the one case it might be accurate. Telling me to Ignore the Gator spyware is an attempt to place the one person out of 1000 (a generous stat off the top of my head) that wants the software, and labelling them as the majority of those choosing. That is not logically accurate, anymore than the "Free Rent" signs on apartment complexes.

By trying to define for the rest of us what the term "Your Rights Online" means with your specific view of this topic, you are no better than the PR you comment on. (Not any worse either.)

just my views.. DO NOT STOP MAKING YOUR VIEWS!

The timing is just too good

If Microsoft wants to pull these conspiracies off properly, they need to manage the timing of their rumors and actions. If Karl Rove has to resign over this journalist stuff, I'd say he should go work for Microsoft's marketing department. He'd fit right in.

"Microsoft has denied"

[cablepokerface]

*chuckles*

this is /. NOone believes it. doesn't matter what it's about.

[evil demonic laugh]MWHAHAHAHA ![/evil demonic laugh]

What else did they change?

[farker+haiku]

fair and consistent with how Windows AntiSpyware (Beta) handles similar software from other vendors,"

So, um, what other program has had it's threat level changed?

Re:What else did they change?

[tolkienfan]

Microsoft is rumored to be in negotiations

What really annoys me

[binkzz]

is that they're also using AntiSpyware for motivating people to remove competing products. For instance, MSN Plus and RealVNC will come up in a search, and although I don't particularly like MSN Plus myself, I don't think it's really fair.

The small print says they may not be actual spyware, but potentially dangerous items, most unknowledgable people will just remove them anyway, because it's the default option.

Re:What really annoys me

[chrisnewbie]

Well you can add dameware and pc anywhere to your list because they are distant remote control software and some spyware will threat them as dangerous.
Why doesnt remote desktop show as a possible threat?
It's easier to connect to a remote host with that software!
OH yeah right,,,it's a ms product!

Re:What really annoys me

[digidave]

Ok, show me once instance of spyware installing VNC. If you can't do it, then it shouldn't be listed.

How about showing me where MS Antispyware lists Remote Desktop as a potentially dangerous application. Can't do it? That's what I thought.

Don't be a dumbass.

Re:What really annoys me

[shaitand]

If someone has VNC on their computer they probably know it. There are better programs for remote control for malicious purposes.

The problem is not detecting it (thus making those who do not know aware of it) the problem is removing it by default.

Re:What really annoys me

[Tezkah]

MSNger Plus! is a great program, but it asks you to install an adware IE toolbar when you install it. The last time I ran MS Antispyware it recommended that you keep it.

At least MSNger Plus! doesn't automatically check the "Yes, install this" box for the adware, you'd have to ignore the warnings, then click "YES, INSTALL THIS" to get it. I use MSNger Plus! and don't have any spyware at all.

Re:What really annoys me

[Blakey+Rat]

Because it can't be used to SPY on a user, duh. It removes *spy*ware.

Microsoft's Remote Desktop logs out the original user before allowing the remote user to connect. While the remote user could potentially look in the original user's files (assuming they had the correct password and all that), it would be pretty obvious that they'd been in there rummaging around.

RealVNC, on the other hand, lets somebody connect at any arbitrary time with no visual indication that they're connected. The remote user can then look at your actions *as* you're using your computer, and you'd be none the wiser.

Of course you blindly hate Microsoft, but Microsoft Anti-Spyware makes the right call here.

Re:What really annoys me

[chrisnewbie]

hahahha blindly hate microsoft. now where do you get this idea. i was just stating the obvious!

And nowhere in my comment did i say I HATE Microsoft.

The fact remains that by default remote desktop is enabled on the computer and the firewall of xp let's anyone connect to the p.c. Even though the connecting user must have a valid password and username. Any remote software is a hasard, some morre than others.
And the article doesnt say ms anti-spyware is not good, it only says that it is now buying one company that is considered by many as a spyware and that the famous ms anti-spyware doesnt give you the option of removing it but simply ignore or disable.
The real conflict is when Anti-spyware companies accept money to change their software to accept known spyware.
Microsoft, by buying this company, is making people uneasy about how reliable is their commitment to provide objective protection concerning spyware.

Re:What really annoys me

[Blakey+Rat]

The fact remains that by default remote desktop is enabled on the computer and the firewall of xp let's anyone connect to the p.c.

Wrong.

Since your very first point is wrong, I don't think I'll bother reading the rest of what you typed.

Re:What really annoys me

[westlake]

MSN Plus...will come up in a search

The default for MSN Plus! is to "Ignore' and the-not-so-fine-print explanation is that the MSN add-on is flagged only because of the optional casino software you are encouraged to install. I think that's fair enough.

Re:What really annoys me

[binkzz]

I don't normally reply to AC. Your reply was reasonable; why post as AC?

You say that most unknowledgeable people wouldn't install VNC. Most of my family members are unknowledgeable people, and they all call me for help with their computers. I've installed VNC on most of their computers (properly secured) so I can easily fix problems if I need to.

It would be reasonable if MSASW would warn on VNC being set to run at startup.

It's also a lot harder to set up VNC insecurely now; you're forced to pick and set a password if you want to run it at all.

Master Plan

[Freaky+Spook]

1. Microsoft Buys anti-spyware, 2. Microsoft buys up all spyware company's 3. Microsft delcares the war on spyware is won & emails 7 billion email addresses announcing that the WinXp SP 15 will be "Spyware Free"

Re:Master Plan

[malikvlc]

Nah, they'd just use the spyware/adware to send out 7 billion *pop-ups* declaring adware is dead.

Multiple programs....

[wpiman]

This simply reaffirms my belief in the running of multiple anti-spyware programs. If MS won't remove a certain piece of Spyware because of business/political reasons- adaware will get it- or Spybot will.

PS. M$ sucks.

Re:Multiple programs....

[VagaStorm]

How much preformance loss would having multiple in-memory agents create?

Less than GATOR......

Re:Multiple programs....

[erroneus]

I get something completely different. I just run Linux for my day-to-day stuff. And I'm not "anti-Microsoft." I own an XBox... that's what I use to play games. For everything else, there's Linux. I can do anything else I need and I feel safe and uncorrupted while doing it.

(I acknowledge the other reasons, of course... Linux is cool, I get to hack my way through things to make them work sometimes... the regular upkeep keeps me busy, up2date and new kernels and all that... it's fun in its own way.)

Re:Multiple programs....

[Avohir]

sadly thats not true, or rather is becoming less true. If you follow anti-spyware drama, it was a pretty big deal a number of months back when Ad-Aware stopped detecting WhenU, and instead simply offered an "uninstaller" on their website for it. This behavior is becoming more and more prevalent as malware companies try to find legal footing, and bully out opponents who are less affluent, and less able to fight the good fight.

The frightening thing is that this is happening more and more over time. Recently, IDownload (you may remember them from the WMP trojan download exploit, thats how most people got their software) sent out a slew of cease and desist letters to a number of visible anti-spyware sites claiming they were unfairly rated as spyware. The claims held absolutely no water since a number of people had very convincing screenshots of the software being downloaded with no consent whatsoever, but the trend remains the same. The spyware companies are increasingly wealthy, powerful, and unafraid to try to throw their weight around. Unfortunately, this means that rather than doing the right thing and fighting for the correct ratings, anti-spyware vendors will capitulate and downgrade the software rather than engage in time consuming and expensive litigation. take a look: http://www.benedelman.org/spyware/threats/

Re:Multiple programs....

[vorm]

This simply reaffirms my belief in the running of multiple anti-spyware programs. If MS won't remove a certain piece of Spyware because of business/political reasons- adaware will get it- or Spybot will.

What's sad is that one must do this in order to avoid spyware/adware that might be paying off the very people that are supposed to be protecting us from it.

Re:Ad-Aware

[postgrep]

Or to use OpenBSD.

OSS spyware detection

[FidelCatsro]

Does anyone know of any OSS that is dedicated to the removal of ad-ware and spyware.
I manage a number of windows machines at the office and wit he recent declassification's without good explanation that has occurred in the sector i have lost all faith in most of the products .
An OSS solution would be wonderful (hell i would rather switch the machines to linux , but that is not an option right now due to certain programs that are required by the company) .
Commercial solutions always to me seem rather susceptible to legal action for the classification and or bribery.

Re:OSS spyware detection

[slavemowgli]

It's not FOSS, but as far as I'm aware of (which admittedly isn't that far), there is no big company behind SpyBot S&D, at least. It also offers an option to immunise IE by blocking known bad webpages, which I think is an important option even when you don't run IE as your default browser - there are many apps that embed it. Generally, the problem of unjustified whitelisting of spyware can be solved by running more than one tool. It's a crutch, of course, but it works; what one vendor was bribed to gloss over, another vendor will pick up.

Re:OSS spyware detection

[SightlessMind]

As much as I hate to say it, I think most of the open-source community would rather let Microsoft hang itself on the spyware thing. It's not that it's impossible to admin a windows network in such a way as to limit spyware, it's that it's so easy to let things go bad with Windows. In particular, I've had problems with (older) Windows programs that want the user to an administrator before they'll run at all, so now I've got half the network with full administrative (spyware-installing) rights to their machines. I'm sure there was a "right" way to handle the problem, but it wasn't my decision anyway.

Re:OSS spyware detection

[FidelCatsro]

My machines are generally clean , but it takes just one person to ignore protocol before you have a problem on your hands .
Its a last line of defence ,but its a good one to have in case , i would just rather have the defensive line on my workstation /server (solaris or debian) rather than running on an infected machine.
So long as your network is as safe as you can make it from intrusion , and you make sure people abide by your protocols you should be safe.
My main problem is How can i be totally safe if i cant trust the provider of the defensive software.
Having half of your network with Admin privileges is daunting and i do not envy you , i had the same problem at one point with an insurance program , Thankfully there was an update which didn't require that level of access so i got out of that loop rather quickly . Whilst i was stuck with it i had to basically limit net usage , which did not make me very popular , but it was better than the possibility of having to fix all the machines

Re:OSS spyware detection

[Bimo_Dude]

And if you don't mind using hostfiles (I know, I know - bad word), then you can download some fairly updated ones that direct a lot of Adware related hosts to 127.0.0.1 or 0.0.0.0 from here.

Re:OSS spyware detection

[stevey]

I've written about this before. Writing an anti-spyware program which scans the process list, the registry, etc is trivial.

The hard part is vetting the datafile(s) and keeping things up to date.

Whilst it could be done, as the AV program clamav manages it with only volunteers. I can't see the market for it.

The people that would be attracted to working on a program would probably prefer to support Linux platforms instead.

Even if they did start working on it, it would be hard to gain marketshare until it worked very well - so it needs a lot of effort initially from a few users to get the datafiles covering most of the common and difficult to remove parasites.

And companies with large, vulnerable, desktop installations presumably have the budget to either purchase a commerical spyware scanner, or the knowhow to use Spybot S&D.

Re:OSS spyware detection

[FidelCatsro]

I much prefer to support linux myself , however as of this moment i still require to operate several windows workstations .
If an open DB could be created and a server side POSIX program it could serve to support linux in the server market .I personally do use Spybot right now but would much rather have the program server side.
Spyware as now is only a major windows problem , but in the future i can see it attempting to nudge into the Unix based OSs as market share increases so it may be an investment for the future .
Linux on the desktop needs every push we can give it , but we should not forget about the server side .
Clam-av is a great example of a program that Spyware definitions could be added too , personally i don't have the knowledge of windows to really do anything about this but im sure there are still a lot of people who have to use windows (and have the know how) for various reasons that may want to contribute to it.
PS:Much respect , i do enjoy reading your site.

Re:OSS spyware detection

[Nemi]

I use Spybot for Malware infections, but SpywareBlaster does a much better job of immunizing IE against getting malware ActiveX infections and blocking bad cookies in IE/Firefox.

Re:OSS spyware detection

[Nazadus]

I've been intersted in writting the code. Orginally I was wanting to do it from Knoppix or some CD based distro, but it seems very annoying to write to an NTFS system, especially post-SP2. If there was someone willing to get me the ability to hack the Windows registry from Linux, I would gradly help with my time. I may just write it in C#.. I dunno. Feeel free to email me.

Re:OSS spyware detection

[slavemowgli]

I use both. :) Hey, are you a fan of Nemi, or is the name just coincidence? :)

Re:OSS spyware detection

[Nemi]

Just a coincidence. Mine is a nickname that friends used to call me when I played TFC (Team Fortress Classic) and Counter Strike. My name in the game was Nemesis and people called me Nemi for short. :)

Re:OSS spyware detection

[slavemowgli]

Oh, OK. :) Just curious.

Re:OSS spyware detection

[Captain+DaFt]

well Startup guard http://www.acelogix.com/freeware.html isn't OSS but it is freeware.

Technically, it isn't anti-spyware, but it does monitor your system and alert you if anything is trying to add itself to the registry, startup folder or any .ini files to autorun on bootup. (And let's you deny them access.)

I use it as a failsafe to catch anything that might slip through.

Re:OSS spyware detection

[stevey]

I think running on the server side would be a strange way to implement this.

Whilst it's certainly possible to open registries, and process lists, remotely if you have "Domain Administrator" privileges it seems much simpler to look at things locally.

The network overhead of scanning a filesystem across a network, and then pulling down the registry hives to scan through those would be crippling with multiple workstations to be scanned.

Pulling definitions from the network server, and having forced scanning on demand from a central location would be useful. but I'm not sure that implies the whole system should be run centrally; just some kind of admin console.

.. and thanks for the site recognition, it seems to be growing nicely :)

Re:Ad-Aware

[Sique]

I prefer to use three products in combination. Microsoft Antispyware on a daily basis, and periodical runs of AdAware and SpyBot S&D seem to do the trick for now.

Anyway you get spywares because you decide it

[Arthur+B.]

MS antispyware should rather show the threat level the user represents to the computer by analyzing the number of unused files squirreled on the desktop, viruses & spywares on the system, time spent on configuration panel, number of time a double click is performed when a single click is expected etc.

OSS Spyware removal is a bad idea

[doublem]

The LAST thing I need to happen to my kid sister's computer is for the anti-spyware tool to install Debian in place of Windows. Most users can't handle that kind of sudden change.

I get it!

[roman_mir]

MS is going to buy off all businesses that have anything to do with delivering any kind of unwanted software to users' computers. This maybe part of their plan for security on MS platform :)

Re:I get it!

[bhima]

Why... So they can make it part of the default, windows *can't* run without it, install?

Re:I get it!

[malikvlc]

Scarier thought: How long have people tried to make a sure-fire money-generating internet ad system? Once MS buys up all the adware and spyware code, they will have instant access to the Windows desktops. Streaming ads 24x7, a new "feature", without which XP won't install.

And no, I don't think the Antispyware Formerly Known as GIANT will object to MS adware - do you?

Re:Wonderful

[orthogonal]

So MS denies something they clearly did wrong, what's new?

You, sir, are entirely unfair!

Microsoft clearly said The downgrade in threat level merely represented an effort to be "fair and consistent with how Windows AntiSpyware (Beta) handles similar software from other vendors,"

It's entirely consistent. Microsoft has consistently held their software offerings to, ahem, an improved standard.

I mean, have you ever looked at how Microsoft's C++ compilers, um, pioneered their own standard, entirely different -- and, so long as you don't like correct exception handling, consistent RTTI, or the availability of a Standard library, entirely better -- from the ANSI/ISO standard. Or look at the, um, improvements to JavaScript and the browser DOM.

Or just look at the XML for Word docs. Ok, well absent a non-disclosure agreement you can't actually look at it, but trust Microsoft it's entirely consistently inconsistent with anything else out there.

How anyone can say Microsoft isn't being consistent in its approach I just don't understand at all.

Suuuuuuure, Bill

[CaptainZapp]

"fair and consistent with how Windows AntiSpyware (Beta) handles similar software from other vendors,"

Hmm, I'm sure they wouldn't lie and I shall read the statement as soon my flying pig is back.

It's on a mission, surveying the earth in order to prove that it's flat.

Re:Suuuuuuure, Bill

[strider44]

no you see it's totally consistant with how all software from other vendors that Microsoft have financial interests in are handled by Windows Antispyware.

Re:Suuuuuuure, Bill

[CaptainZapp]

Aha... It's instructed to turn around once it reached the edge, right ?

And how, sir, woukd you know that? Did you dare to install spyware on my 'puter while I was visiting barelylegalteensinsailersuitsdoingsummersaults.com ?

So what they're really saying

[dtfinch]

Is that Claria isn't the only malware to get this exception?

Not bundled yet...

[Name+Anonymous]

MS's anti-spyware tool isn't the only one available, it isn't bundled with the OS, ...

You mean it isn't bundled yet. Wait for the next SP. As it is, a lot of people will install it since it's being pushed with Windows Updates, so it may as well be bundled.

A very simple explanation.

[doublem]

This all makes sense when you realize one key, critical piece of information.

First, a quote:

Has Microsoft given in to vendors' threats? Or forgotten how badly "adware" damages the Windows experience (ultimately encouraging users to switch to other platforms)?

Now, the key, critical piece of information.

Microsoft's anti-spy ware devision is headed by a MAC user! You see, MAC zealots have infiltrated the Microsoft hierarchy, and are plotting it's downfall from within.

As a matter of fact, this is a pervasive presence, weaving into all levels of the company.

Think about it. Doesn't Clippy make much more sense as MAC sabotage than as an actual feature? No doubt someone floated a mock up with the note, "Looks just like something I saw at the last MAC expo."

Architecture changes that mean the XBOX II won't be able to run XBOX games, the endless delays in Longhorn, the XP default theme, the differences between XP Home and XP Pro, these are all contributed by MAC users who are gradually whittling away Microsoft from within.

And because Microsoft has been shamelessly copying the MAC for so long, all they have to do is float the rumor that MAC is going to do something, and Microsoft programmers and management throw themselves into trying to replicate it, or at least toss together a half asses rip-off of the feature / technology.

Re:A very simple explanation.

[doublem]

FUD???

Dude, I have sources. It's not FUD, it's what Microsoft has been announcing all along. There are major architecture changes taking place (Video card and processor for example), and they won't be able to either emulate or embed the original XBOX hardware on the new XBOX.

To quote the article linked above:

The problem, it says, is down to hardware incompatibility - since the current Xbox uses an Intel processor, but the 360 will use IBM's PowerPC architecture, while NVIDIA's graphics solution is being replaced with an ATI one.

On the flip side:

Sony and Nintendo have already confirmed that their next-gen consoles - the PS3 and Revolution - will play all the games in their respective back catalogues, offering consumers a huge choice of titles at launch.

Here's the deal, MS will be recompiling a lot of games to run on the new hardware. Why they expect this to work without any problems I don't know. They're switching processors for crying out loud. How do they plan to get these recompiled games out to customers without charging them for a new copy, they haven't said. They've made a lot of promises about things just "working" but the fact that at the very least a recompile is necessary means at the moment they're spewing a lot of vapor and marketing but not any substance.

Re:A very simple explanation.

[Blakey+Rat]

How do they plan to get these recompiled games out to customers without charging them for a new copy, they haven't said.

The most popular games will have re-compiled binaries available on the HD. (After all, the executable is only a very small fraction of the space taken up by the game... a 40GB HD can probably easily hold the recombiled binaries for a hundred games or more.)

The less popular games will be patchable via Xbox Live. (So you don't waste HD space on games only a "few" people, relatively speaking, own.)

I'm sorry, your question has a "duh" answer. The HD is required for backwards compatibility; where the hell do you *think* they'll be stored? Duh!

Re:A very simple explanation.

[doublem]

That seems like a nice, sensible answer, at least for the popular games that came form a publisher that's still around and has the appropriate deals with Microsoft to distribute the patches. It also assumes the code will run with a recompile and some testing, something we all know just ain't so in the real world.

Re:A very simple explanation.

[Blakey+Rat]

That seems like a nice, sensible answer, at least for the popular games that came form a publisher that's still around and has the appropriate deals with Microsoft to distribute the patches. It also assumes the code will run with a recompile and some testing, something we all know just ain't so in the real world.

Microsoft has stated many times that it's not going to be 100% compatible with ALL games and that, at first, it will only be select popular titles. So not only is it a sensible answer, but it also means that Microsoft is fulfilling every promise they've made about backwards compatibility.

Re:A very simple explanation.

[doublem]

Personally, I'm a fan of the nearly 100% backward compatibility offered by Playstation and Gameboy. Partial compatibility isn't of much use to me if I still have to keep the old system lying around for two or three obscure games I happen to love.

Re:A very simple explanation.

[jp10558]

Doesn't that still put them at a disadvantage? I mean, maybe not - but from what I've heard the Xbox 360 is not supposed to come with a HD by default. That means for backwards compatability you have to buy an add on that is likely not cheap - I'm guessing at least $100 given average HD prices and the markup usually used in consoles for accessories.

Wheras the competition comes - by default - compatible.

Now, I don't know the market perfectly, but I do know that there is a not unsubstantial demographic who wants to know that if they buy the console, everything works. They *DO NOT* want to hear the "well, buy the console, and the extender 2 or the bundle 3 but not 2 and it all will work". The simpler the better.

I mean, if they wanted to pay attention to what bundle or specs of the game system, they'd likely be buying a PC! (this is sarcasm, but note - it's one of the main cons of PC gaming).

Re:Ad-Aware

[jasonmicron]

They'll do the trick until you get a really nasty piece of spyware like zestyfind or a bad variant of coolwebsearch and your TCP/IP stack becomes corrupted.

But I digress... This news really isn't anything major. It is just a standard business practice. Though posting up something like that on a site like this will almost always generate anti-M$ flamewars.

Anti-spyware does the trick for me every time, but then again the only thing it ever detects are a few cookies.

confusing the user

[nealfunkbass]

It is good that the Claria stuff is still being detected, and maybe it is not necessarily bad that the default recommendation has changed, if one were to assume that all similar products were treated in the same way.

However, with some programs having the "ignore" recommendation, and others having "quarantine", it will probably give users the impression that Claria is at least somewhat ok, or something like that, which it is not (at least in my opinion).

Actually, what kind of impression does that give someone who doesn't know any better?

Something is detected by the spyware scanner, but the default recommendation is to leave it there.

"Hey, this one is ok because it only spies me or invades my privacy a little bit."

Not funny, really.

[lheal]

That's actually the principle cause of all their problems. They don't have an adequate trust model for modern computing, being stuck in the single-user era.

Re:Not funny, really.

[Nintendork]

"They don't have an adequate trust model for modern computing, being stuck in the single-user era."

Dude, they've had a model like this since Windows NT4 released. The problem which prevents its widespread use is a catch-22. Many programs are written by programmers that are stuck in a single-user era. The only way to force them to fix their software is for Microsoft to make Windows, by default run users as normal users instead of local administrators. Due to the prevelant use of Windows in the business environment though, they can't do that without pissing off a LOT of companies that use these root/admin dependant programs. Any application that writes outside of the logged in user profile or home directory in a networked environment is a good example.

-Lucas

Re:Not funny, really.

[I'm+Don+Giovanni]

"The only way to force them to fix their software is for Microsoft to make Windows, by default run users as normal users instead of local administrators."

Supposedly this will be the case with Longhorn.

"Many programs are written by programmers that are stuck in a single-user era."

Indeed. The reason is that for 6 years Microsoft sold both Win9x and WinNT, with 9x being the most used version. Many devs targetted Win9x and therefore assumed a single-user environment; it's these apps that don't work on non-admin accounts on NT and its decendents.

Re:Not funny, really.

[Blakey+Rat]

Single-user era? What the hell? Windows has had good multi-user support since Windows NT 4. Their previous generation of "pro" OS, Windows 2000, had support, and their current "home" and "pro" OS, Windows XP, has even better support.

I guess it's ok to spread FUD on Slashdot.org if it's against Microsoft.

WhenU

[Gandoron]

The software the MS is refering to is the Save/SaveNow software from WhenU. MS is attempting to be consistent, however there are significant differences between GAIN and Save.

Yeah...

[Svartalf]

When Spybot Search and Destroy did a much more thorough job on the machines I've worked on cleaning up (I don't generally use Windows, so I don't typically need S-A-D...)- I kinda quit using AdAware altogether. It just doesn't do the job the same way as other solutions.

Don't let this put you off the product

[astrashe]

I'll probably burn some karma here, but I'm a big fan of the MS anti-spyware product.

There are really two issues. The first is the catalogue of what's spyware and what isn't. I don't know if MS's program is good at that, and the stories we're reading are sort of disturbing. I buy all of that.

But the second issue concerns the product's ability to remove nasty stuff on your machine. And their anti-spyware app is very good at that.

It's much better than spybot or ad-aware, in fact -- especially with the stuff that scatters hundreds of files and registry entries around your system and reinstalls itself after you try to clean it with another program.

There's nothing that will prevent you from running another program to clear off the stuff that MS's product doesn't get rid of. So don't let this situation prevent you from running this software to get rid of other stuff. It's good at it, and it's free.

Re:Don't let this put you off the product

[Khyber]

Let me give you something to test, you'll most likely enjoy this.

If you've got a spare machine that can handle a 2k/XP install, install either of those OS on the computer. Grab MS Anti-Spyware, Grab Ad-Aware, and Spybot S&D. Install all of them.

Let MS-AS be your default scanner/detector of on the fly spyware threat detection instead of Spybot. Now go find a webpage (or deliberately install thru some other program) the ISTsvc (Internet Search Toolbar) spyware. Now, run either ad-aware, or spybot, and try to remove it. Worked, right? Ooops, notice how MS just trusted a change to your computer? Okay, that's detcting spyware being removed. You should get another notification immediately afterwards showing that another change has been allowed within windows. Go to MS-AS security section, look up all the alerts you've gotten. Scroll down that list. Notice a trusted change by MS-AS allowing ISTsvc to reinstall itself on your computer?

Now, I admit I may not be totally correct. I have yet to do a vice-versa and allow Spybot S&D to be the on the fly detection program. But from what I've noticed, companies providing anti-spyware solutions seem to have incentive to sneakily allow some unwanted stuff on your computer; they eventually want you to pay for their full version of the program, which you'll hope will do the job even more thoroughly. They've set out a mousetrap in order to try to make more money off of you.

Re:Don't let this put you off the product

[fermion]

It is like any product or service. Let's take, for example, a restaurant. I live in an area where there is pretty much a restaurant for every resident. The service varies. Some place acknowledge you are the customer, while other feel the need to pretend that the staff is doing you a favor. Some customers like the service, others like to be abused. For a business situation, service is usually preferable, while if one it out with friends perhaps the abuse can be entertaining.

As you mention, there are two issues. In food there are really three. Service, food, and ambiance. With great food and ambiance, bad service is more tolerable. Likewise, good service does not always make for tolerable food and bad ambience, though that is the model of fast food.

Now, what does this have to do with MS. MS has a reasonable product and reasonable service. However it has consistently shown that it will screw over most of it's customers if necessary to maintain a monopoly. So, while that may be fun and all for the casual users, it is certainly not acceptable for a user who is serious. And given that spyware on a corporate computer can cost money, and presumable there are spyware detection tools of equal quality(the parent simply listed the free or cheap ones), one wonders why serious users simply don't just go to another restaurant. I mean most of us don't go to the free sandwich line simply because it is free.

Re:Don't let this put you off the product

[astrashe]

I'd like to try that because it would be interesting, but I'm sure that what you say is correct.

I don't dispute that they're letting some things through, and that the decisions they make about what gets through aren't always in the end user's best interest.

I don't have a lot of experience with spyware, because I mostly run linux, and on windows I find that it's not too hard to avoid it in the first place. I'm not an expert. But the other day I had to clean off someone else's machine that was infect with the IBIS toolbar.

I couldn't get rid of it with spybot or ad-aware. They'd find a bunch of junk and clean it off, but you'd reboot and it would come back.

When I ran the MS tool, it found more than 500 files and registry entries for it, and it cleaned them off. When I rebooted, it didn't boot cleanly (missing files were being referenced in the registry), and I thought "oh no, here we go". Then I started to get pop up windows about things trying to make changes. It told me to rerun the scanner. I did, rebooted again, and it was clean.

This is speculative on my part, and I could be wrong -- so people, please don't yell at me too much if I am, I'm aware I'm on shaky ground here -- but I had the impression that the MS tool was tagging things as spyware *because* they were trying to change registry entries and hijack the browser.

In other words, they weren't just using a file name, or a signature of a file to tag something as spyware, they were looking at the behavior of the thing. If a process tries to do something nasty, they follow it back to the source, and nuke it.

If that's what it's doing (and again, I think, but don't know, that it is), it's a big innovation. It's a good way you to fight spyware that generates lots of random files with randomized data and random names to reinstall itself.

MS, for all of their flaws (and they have plenty, I don't want to be an apologist) has vast resources and a lot of smart people. Their tool lets people report back on infestations automatically. They can throw people at the problem and code for new problems almost as soon as they arise.

They understand the OS better than anyone, obviously, and can use that knowledge to track down the source of reinstalls more effectively than comparatively small outsider shops.

That doesn't take away from the negativity of their deals with the devil. That sucks, they shouldn't do it, and they're really shooting themselves in the foot over the long run by making those deals, because no one has a bigger stake in making windows solid and trustworthy than MS, and this crap really undermines that effort.

But if you have IBIS, and you need to get rid of it, their tool is terrific. If you have that problem, don't let the fact that they've decided to be deliberate bad at ISTsvc removal prevent you from using it for IBIS. That's really all that I'm saying.

Don't stop running spybot or ad-aware. But add the MS tool to your arsenal. It does a lot of good stuff.

I will try to run your expiriment so I can learn more about this... thanks for posting about it.

Re:Don't let this put you off the product

[astrashe]

I think that's because changing the home page is something a hijacker does fairly often.

That's probably a real problem, though. I wouldn't be surprised if installing things like java are a pain as well.

I had done my tweaking before I installed the tool, so I didn't see that stuff.

Re:Don't let this put you off the product

[Master+of+Transhuman]

"It's much better than spybot or ad-aware, in fact"

Not from what I've read from numerous people who have tried it, here and on Usenet.

It finds some stuff the others miss, it protects against some stuff the others miss - but so do they in relation to it.

Adding the MS product to your bag of tricks is reasonable, but dumping any other antispyware product would be a mistake, as you said.

But saying it's MUCH better than Ad-Aware or Spybot I think is incorrect.

And finally, the point of the article is: you can't trust it anymore. That simple.

Re:Don't let this put you off the product

[Khyber]

It's too bad there's no way you can browse thru other's rejected submissions to /. as I've got some pictures linked in my submission about the ISTSVC... Ah well, perhaps something for /. mods to add to their "To Do" list?

In related news, Microsoft makes bicycle advances:

[J+Barnes]

In related news:

Microsoft has made a stunning leap forward in the field of bicycle locomotion technology, developing a system of operation that allows for the appearance of forward progress whilst routinely backpedaling.

another brilliant marketing strategy?

[Scorpius-nl]

Microsoft is only a Marketing Company, I hear that alot, and it makes sense.

When microsoft bought Giant their antispyware program was one of the best. When microsoft re-launched it under Microsoft AntiSpyware (and marketed as a new product), it got raving reviews.

The effects are that people will start to trust MS antispyware, and will be starting to ditch their other antispyware programs. As soon as the majority of the people are used to the program, microsoft can dictate their own terms to what is spyware and what is not. Ofcourse microsoft will never go too far, but the changes will be "subtle", not enough to get angry about and still have solid bunch of supporters defending the program for microsoft.

Re:another brilliant marketing strategy?

[Master+of+Transhuman]

Probably true.

However, I think we need to re-lable Microsoft from "Marketing Company" to "Lying Company" - since the two are usually synonymous and especially so in MS's case.

Claria = Windows Installer Service version 4?

[JasonBee]

I think this is going to MS's way of getting "patch management" into the mainstream.

Think about it...delivering A/V and system updates via clickable Ads - brilliant!

Oooohhhh...and so so profitable.

JB

As long as it's MS DRM approved

[msobkow]

Given Microsoft's upcoming DRM support, that line should have read "... control over the MS-approved software that runs on their computers."

Re:Ad-Aware

[Sique]

Even Windows has something like a crontab.
And sometimes I start the spy ware tools to keep my hands occupied while I am waiting for the inspiration.

Re:Ad-Aware

[A+beautiful+mind]

Honestly, how long will this continue?

Before around '98 you needed only 'antivirus' software mainly. Then with the broadband spreading came the 'personal firewall'. In the last few years came Ad-Aware which is 'needed' if you want to get rid of spyware. In the last year and a half i was starting to see reports about needing both Ad-Aware and S&D, and now people are starting to suggest that someone needs 3 independent spyware/adware removal tools to clean up!!! Not to prevent infection, but to clean up!

Seriously folks, when will the madness stop? You can't patch a broken design combined with user unawareness by semi-working cannot be trusted commercial programs!

Personally i stopped using windows around the time XP arrived in 2001. I just had enough. I don't need no antivirus software, firewall software, ad and spyware removal and detection software and to fight an uphill battle trying to contain IE with an alternative browser. It is absolutely ridicoulus what someone needs to put up with.

Yes, that's what they're saying

[jfengel]

That is what they're saying, though they don't say which other malware they're comparing it to.

If you read their whitepaper, they probably consider the thing to be relatively low on the damage scale, which is kinda true: it doesn't wipe your disk or log your keystrokes. It is sending out personal info, but it's not sending out your credit card numbers. It's just tracking your browsing habits.

I'm not saying that's good, especially since it's potentially worse than the declared intent if there are any bugs or undeclared "features". But the declared intent is comparatively benign. The tin-foil-hatters will tell you that any privacy breach is major, and they're not wrong, but it's not the reason I'm ticked off.

The real evil with Gator is how hard it is to remove. That's what makes the thing truly malicious malware. The "ignore" setting should only be applied to software that can believably be removed by uninstalling it. That's not Gator, at least not last I heard. (I'm sure not gonna install the thing to find out.)

If you install it and you like the popups and don't mind people tracking your browsing, well, bully for you. But if you don't like it and you can't get rid of it, that makes it an even better candidate for the "quarantine and remove" setting even than a keylogger that can at least be deleted easily.

Re:Commercial programs

[ajs318]

Amen to that.

Where is the Open Source anti-adware, anti-spyware stuff? I don't see a spyware removal tool for Linux. Oh ..... there wouldn't need to be one, would there? We could just comment out the spyware-ish bits before compiling, and distribute the resulting patchfile. On Gentoo, that would probably be part of the ebuild scripts. OK then, what about Open Source spyware removal for Windows?

But the point is that all the Open Source software available for Windows is there by accident. It wasn't written for Windows, it just was ported to Windows from some unix variant. Nobody writes GPL software with Windows in mind -- it's just that some Windows user manages, with more or less effort, to persuade it to compile, and is obliged by the licence to make the source available. {If anybody persuaded BSD-licenced code to compile under Windows, they probably would keep it closed-source -- and maybe even disable some options in an effort to extort money out of users}.

My computer is my property, and I have the right to determine what software runs on it. Installing software without my explicit consent is at least trespass {which is a civil offence and grounds to sue} and may constitute criminal damage {which is a crime, so dial 999 and let the police deal with it}. These things were already offences long before computer-specific legislation was passed. The use of confusing language to persuade someone to install software may additionally constitute Burglary Artifice. If it's a Crown Court, then the odds are in your favour -- out of a jury of 12 people, how likely do you think it is that none or only one have experienced PC trouble due to spyware?

You know, I often wonder what would life have been like if, way back in early 1976, some members of the Homebrew Computer Club had dragged Bill Gates {the author of that letter} into the gents' and given him a bloody good hiding. That has to be my second choice for an "if I could alter the course of history" fantasy.

fair about how other companies' software?

[Goeland86]

Well MS is badly placed for any kind of critics towards other companies. Didn't MS themselves put spyware onto people's computers before they got nailed for it?

This denial just proves once again MS' dishonesty towards customers, may they be corporate or individuals.

Why don't people act upon the fact that MS is just lying so blatantly? Oh sure, their lawyers are good, but lawyers can't do anything against massive boycott!

Action, to the streets dammit! Make piles of MS CDs to melt!

Re:fair about how other companies' software?

[shaitand]

What do you call media player?

Re:fair about how other companies' software?

[Blakey+Rat]

How is Media Player spyware?

Let's see... Spybot doesn't report it as spyware. Ad-Aware doesn't report it as spyware. Symantec doesn't report it as spyware, McAfee doesn't report it as spyware.

Maybe in some weird parallel universe you inhabit, Media Player is spyware, but it isn't here on our Earth.

Re:fair about how other companies' software?

[Darby]

Do a fresh install of XP Home.
Run your spyware finders.
Claria is already installed out of the box.

So, yes they did and still do.

Re:fair about how other companies' software?

[shaitand]

Maybe in some parallel universe spyware is defined by removal tools.

In my universe spyware is software that is installed through deception or duress. Media player is preinstalled with the OS, check. The second criteria is that the software monitors your activity and phones home with the information. Media player does this, check.

Hence Windows Media Player is spyware.

Re:fair about how other companies' software?

[Blakey+Rat]

The second criteria is that the software monitors your activity and phones home with the information. Media player does this, check.

Prove it. My copy has never phoned home.

Re:fair about how other companies' software?

[shaitand]

Really? Never needed a codec you did not have then? Really guys, this is no secret. Microsoft fully admits that media player communicates information to Microsoft.

How they do that

[jamesl]

Windows AntiSpyware (Beta): Analysis approach and categories

http://www.microsoft.com/athome/security/spyware/s oftware/isv/analysis.mspx/

This white paper provides an overview of the approach and criteria categories currently used by the Microsoft research team to analyze and classify software.

hijackthis

[keepright]

No one mentioned hijackthis yet! http://www.spywareinfo.com/~merijn/ It might be harder to use but it is damn effective. Especaily when used with the others.

let the users decide

[m2bord]

can't someone create a program to tell a user every program/service that is running on his/her pc (including those that like to remain hidden) and let the user decide if they want that piece of software in the first place?

[Theory] backwards-compatible AdSense competition

[mr_luc]

I think that the original poster has a point about MS competing with AdSense, but as many people will bring out, WinXP will be a gigantic installed base for the next 5 to 10 years at least.

MS is likely hoping to counter Google by integrating an AdSense competitor directly into the browser, in a manner similar to Claria, but shipped with the next OS. However, the huge install base of previous versions of windows is likely to be dominant for the next 5 years at least.

This is their way of ensuring that their AdSense competitor is available for previous versions of their OS -- allow their own viral marketing products to slip by.

Frankly, it would be an intelligent tactic, and not necessarily a bad way of accomplishing their ends.

The less scrupulous way would be to force people to upgrade to the newer OS, but they are rightly wary of losing trust, particularly with corp. clients.

Disclaimer: hey, I'm a .NET developer ... using Pythonnet, or RDNZL. ;) Figure out for yourself where my loyalties lie.

Re:Ad-Aware

[Flyboy+Connor]

Seriously folks, when will the madness stop? You can't patch a broken design combined with user unawareness by semi-working cannot be trusted commercial programs!

Interesting comment, which reminded me of a story:

I once worked for a bank, where there was a computer that processed all electronic banking files. The majority of the programs on this computer were written by a guy I worked with. This guy considered himself a programming god, while I thought he was below average.

Now, one of the quite critical programs that ran on this computer was in the habit of crashing occasionally. The guy attributed this to an OS fluke, and instead of debugging the program and resolving the error, he wrote a program that simply checked whether the crashing program was running, and if it wasn't, would restart it.

Without our department knowing, the crashes increased in frequency. We didn't know this, because the crashing program was restarted all the time. Unfortunately, at a certain point in time the crashes occurred about every few seconds, and our system basically went down. I was part of the team that analysed and resolved the problem, and, of course, we found that it was a basic DESIGN flaw in the crashing program. I won't go into details, but basically, with some knowledge of file transfer protocols, this flaw would have been avoided.

Now, why is this story on topic? Because Windows is JUST like this crashing program, Microsoft is JUST like the guy who wrote the crashing program, and AntiSpam/AntiVirus/Firewalls are JUST like the program that restarted the crashing program.

What I expect to find, in the not-too-distant future, is that our Windows systems will simply stop running because the patch programs need all computing resources to keep Windows from going down. And the only way to resolve this, is a redesign. Which should be done by people who know how to design a good system, and not by a marketing company.

Linux Gets the BSOD

[Nf1nk]

I Just installed Ubuntu And got the BSOD,followed by the frowny face mac, followed by a the screen caused by a crashed C64, Ahh such a great screen-saver.

Re:Ad-Aware

[hairyfeet]

Maybe that's why scan spyware 3.7 always seems to catch stuff the adaware doesn't.I've never had a problem with the junk until my too young nephews starting coming over for visits while their mom is in the hospital.After the youngest picked a "free" screensaver at a game site(IMO,Worse than pr0n sites when it comes to spyware)i spent about three hours trying different products trying to remove the junk so i wouldn't have to dig out my disk images and reload my recent apps.Scanspyware 3.7 was the ONLY one that got rid of the junk that adaware and spybot missed.BTW,Not connected to the company except as a happy user.Great product if you get something that the other two miss! BTW,I'd be happy to switch to Linux if i could find a way to use it with my isp(direcway) without a $300 upgrade.Does anyone know where to get a Linux driver for a Direcway 4000?I really like the look of Damn Small Linux but without a usb driver for the dway it wouldn't be worth the switch.Please god may cable come here soon!

What?

[Exitar]

No Guru Meditation?

Re:What?

[Xtifr]

Oh, the Guru Meditation is definitely in there. In fact, I just ran /usr/lib/xscreensaver/bsod, and it was the first one to appear, followed by a Solaris kernel panic, an HPUX kernel panic and a Linux crash and failed fsck. It's a nicely even-handed program. :)

Ooh, OpenVMS! There's something you don't see every day! :)

Re:Wonderful

[gregorio]

I mean, have you ever looked at how Microsoft's C++ compilers, um, pioneered their own standard, entirely different

Hummm, like GCC is not doing the same since... the beginning? Even worse: MSC++ exclusive features are only slightly different from the ANSI standard, while GCC ones are so absurdly different that you need to learn a whole new way of thinking just to understand the bizarro-world sintax/flags/workarounds that some crazy people embedded into GCC.

What other programs? see below...

[kryptx]

Following the link to the original story on the status change leads to this page detailing the list of software that has been downgraded. Screenshots included for the doubtful.

...including certain WhenU adware programs, WebHancer and Ezula Toptext. So the Claria downgrade is quite likely part of a bigger picture regarding Microsoft's listing criteria for adware.

Bonzai Clippy, The Purple Paper Clip

I see you have just typed your social security number into a web page. Would you like me to transfer this to all websites ending with .cn and .ru?

(big innocent-eyed smile from the purple paper clip)

Re:Wonderful

[orthogonal]

MSC++ exclusive features are only slightly different from the ANSI standard, while GCC ones are so absurdly different that you need to learn a whole new way of thinking

You make a good point, and what GCCs does is actually a good thing: something slightly different is like The Crying Game -- hey, she looked like a chick until I'd invested in weeks of dating, and when after all that effort I got into her pants, out popped a pee-pee!

Same with Microsoft extension -- you gets lots of people who don't notice the slight difference -- the Adam's Apple, if you will -- and think that C++ is what Microsoft calls C++. Then they get a real girl, and don't know what to do with her, because they've been dating Microsoft "almost girls" all their lives.

GCC's extensions, on the other hand, are like a big, hairy, honest gay guy buying you a drink in gay bar: you see the bulge in the pants, it's totally different, and hey, if you want to try that lifestyle, it's gay, but, as Seinfeld says, "not that there's anything wrong with that". But it's different enough that you know it's different, and you know if you go back to girls, you'll need an entirely different technique to get anywhere.

No offense to anyone intended by the analogy: the point is that obvious differences are honest -- they don't fool you into thinking you're not using an extension. Slight differences are pernicious, not because they're necessarily bad, but because it makes it hard to recognize when an extension is being used.

A similar concern is why C++'s casting is so ugly compared to C's: a C style cast (MemPtr *a = (MemPtr) 0xb800 ;) looks too much like a function call or an expression to be easily grepped for. A C++ cast (MemPtr* a = reinterpret_cast 0xb800 ;) looks like a cast and nothing else. And it's ugly to boot, to remind you that casting should be done only when absolutely necessary.

can we really

[suezz]

believe any of Microsoft's marketing spin anymore - aren't we all just getting a little tired of hearing how they see the world and telling us what to do with our technology.

Re:can we really

[Master+of+Transhuman]

Got that right - except it's no longer "marketing spin", it's outright LIES. We need to re-lable Microsoft from "Marketing Company" to "Lying Company" - and then just ignore anything they say, while telling end users to do the same.

Lack of a better section

[phorm]

They haven't created a "Incredible technical Idiocy" section yet, nor a "shooting-yourself-in-the-foot" department...

Think about it folks...

[Nom+du+Keyboard]

Think about it folks. Would Microsoft EVER admit they had done this? Screw over the users for crass commercial gain.

Let me give you a hint.

NO!

So if they're going to make any statement about it at all, this is the one it will be. Anybody having trouble understanding this?

Re:Think about it folks...

[chawly]

Yes, I think I am - Nom d'une Pipe

Microsoft Lies Again

[Master+of+Transhuman]

Duh!

Is anybody else getting tired of reading about Microsoft lies? Should we start calling "dupe" whenever Microsoft issues a "new" lie to be reported on the /. front page? Is there such a thing as a "new" lie from Microsoft - or is the same old one with a new face?

How many times do I have to say it: NOTHING coming out of the mouth of a Microsoft employee (at least one who is either being paid to speak to the public or whose job depends on following the party line) should be taken as anything but a deliberate cynical lie.

And EVERY action taken by Microsoft is an attempt to take your last dime out of your pocket and give it to Bill Gates. (And that dime is NOT going to go to charity from his "Foundation".)

Listing them is a boring and pointless effort - on a par with listing the lies of George Bush or Bill Clinton or the former Iraqi Minister of Information or anybody else in the lies game.

From now on, when somebody mentions Microsoft, just say, "That bunch of liars, thieves and incompetents? Who cares?"

Let's move on to more interesting things - like how we can make Linux and OSS so much more impressive than anything Microshit makes that Microshit will no longer be an issue to anyone except the owners of their stock - as they go to the poor house.

Also, every consultant who has to deal with clients afflicted by the crapware made by this company should be resolute in telling each and every client on every support visit that they would be MUCH better off with Linux (or the Mac or BSD or whatever) and OSS software in general.

Let's make the fact that MS is now going to install spyware in their OS (yeah, right, they haven't admitted that either - yet - is there any rational doubt they will?) an issue in our service advertising. According to a recent article, spyware is starting to seriously affect end user behavior and is the one thing about computers they seem to "get" - that "spyware is bad".

Let's put Microsoft as the source of spyware (both as incompetent OS developer and shortly as ACTUAL source) in the end users crosshairs.

Re:Commercial programs

[emurphy42]

all the Open Source software available for Windows is there by accident. It wasn't written for Windows, it just was ported to Windows from some unix variant. Nobody writes GPL software with Windows in mind

I believe Firefox is an exception to the former, if not the latter.

Re:[Theory] backwards-compatible AdSense competiti

[Charles+W+Griswold]

MS is likely hoping to counter Google by integrating an AdSense competitor directly into the browser, in a manner similar to Claria, but shipped with the next OS.

IMHO, turning IE into a piece of adware would be a really stupid move on Microsoft's part. Doing that would guarantee Firefox a dominating market share (adblock is a wonderful thing).

If they actually went so far as to embed ads into the desktop, that would cement my defection to Linux.

Re:Difference between Opera and Gator?

[makomk]

Okay, I'm not sure if this is a troll, but...

Gator is often installed automatically by other software/websites. The only way to get Opera is to install it yourself, implying that you actually want it.
With Opera, the ads are obviously linked to a piece of software (the browser) and only appear in that software, in a well-defined area. With Gator, ads appear whenever you surf the Web with no immediately obvious link to any piece of software.

Adware is the worst

[mabu]

Maybe I'm the last to realize this because I practice safe computing, but last week a friend brought over a laptop that he said "wasn't working right" for me to "fix."

McAffee reported 337 trojans/worms/viruses on the system.

I cleaned the system, rebooted, ran McAffee again (which takes something like 3-4 hours on a 20G hard drive!) and once again, 200+ infections.

I killed all non-critical processes. Loaded two different startup program removal and monitoring systems, disabled system restore and a bunch of other steps, and still couldn't get the system clean. McAffee seemed to be as much a part of the problem as the worms/viruses themselves.

This new breed of adware is insideous. These programs attach themselves to the OS as extensions to explorer and are thus protected from removal by many of the antivirus programs; they create system restore data that brings them back to life later, and employ many other tricks. And all of them seem to have back doors where their authors (or the black hat hacker public) can use to install additional invasive software.

After messing with this infected machine for a few days, I realized the best approach would have been to re-format and re-install everything, but I was determined to clean the system and finally did, and in the process I was able to test the usefulness of a number of new utilities. I haven't been a fan of Symantec/Norton, but I have to say McAffee is even worse. There were many infections that McAffee, with the most recent virus definitions, didn't recognize, that AVG, with an outdated def file was able to remove. I would recommend AVG over both Symantec and McAffee, and people are right, McAffee is the slowest software I've ever seen. Spybot proved to be useless; Ad-Aware wasn't terribly helpful either. These new breeds of adware are very tough to remove. I ended up getting the best results by using some freeware programs like Startup Monitor and Killbox.

Re:Adware is the worst

[Master+of+Transhuman]

"McAffee reported 337 trojans/worms/viruses on the system."

That all?

I had a client a few weeks ago that I reported about here on /. She had something like 900 pieces of spyware - AFTER a roommate had cleaned off "thousands", he told me - plus 109 trojans. Her other roommate had left the machine on a porn site for two weeks while she was on vacation - plus she had no firewall, no AV, no antispyware, nothing.

I had another client a couple weeks before for whom I had cleaned spyware a few months earlier. She hadn't run the Ad-Aware I installed on her machine, so she ended up with another 900 pieces of spyware plus 127 trojans from her kids visiting sports sites and sports shoe sites. This time I installed SpyBot and SpywareBlaster as well which ought to block at least some of the stuff.

There are starting to be a lot of useful tools coming out for killing spyware that can't be removed by the usual tools. I found a site that has some VB scripts that supposedly do a good job (I haven't tried them yet.) And I found a tool called PowerPrompt that starts up a command shell with Windows System privilege so you can delete stuff and kill running processes that even Administrator privilege won't be allowed to delete.

What I need to do now is build a bootable OS CD or an external hard drive that contains a clean Windows OS (probably 98 since some clients have older machines that won't run Bart's PE bootable XP) with everything needed to get rid of ANY virus, trojan, or spyware.

That should work - at least until Longhorn comes embedded with kernel-level spyware hooks.

Re:Adware is the worst

[mabu]

Ultimately, I'd say there were more than 1200 infections on this machine.

I used two different boot CDs to gain access to the system to try to remove some of them manually, but both sets of utilities, including the Ultimate Boot CD didn't work. This was a Compaq laptop and it wouldn't run some of the NTFS browsing utilities for some reason. Plus, the trojans were embedded in protected areas like "System Volume Information" that were very hard to get to, even using a separate OS to browse the hard drive.

In the case of my friend, he had McAffee fully installed and patched and was still infected hundreds of times. One of the worst programs was what appears to be a new hybrid of this Look2Me adware.

Re:Adware is the worst

[initialE]

I'll make a prediction here. Things are going to start working funny on that computer - not broken, just not the way they ought to run. And somehow it's going to be your fault. And when the computer goes down again you're still going to have that nagging feeling in your mind that it's something that wasn't cleaned out the last time, regardless of whether or not you really did clean it. The moral of the story is, you shoulda reinstalled after all...

Re:Adware is the worst

[mstromb]

Sounds like you weren't in safe mode... That's absolutely crucial for cleaning off a hosed windows box.

Honestly, I've never seen a computer that has had more than 1 or 2 files that were hard to get rid of once the computer was booted into safe mode with system restore turned off.

Where I work *cough* it goes something like boot into normal mode and install MAS, boot into safe mode, turn off sys restore, clean temp files, run MAS, run Spybot, run Ad-Aware, run SpySweeper, TrojanHunter, HijackThis, and a special version of McAfee corporate. Lather, rinse, repeat. That completely takes care of a good 90% of infections we see. Another maybe 7% or so require a bit of manual cleaning, and the other 3% require some hard manual scrubbing. Rarely do we see anything we can't fix without a format restore, given enough time.

Pure Greed

[BCW2]

It really shouldn't be a surprise to anyone, Gates has no morals! Anyone willing to dive this deep into a cesspool for a nickle has no redeeming qualities or scruples left. He is just too greedy to miss any money he can grub anywhere.

Re:Commercial programs

[makomk]

Actually, there is some open-source software that is Windows-only (for example, 7-Zip, which I actually run under Wine sometimes when I have some obscure archive format I need to open). It's rare, but it does happen.

Unfortunately, open-source spayware removal software is unlikely because (a) it's difficult to figure out how to remove spyware and (b) there are probably few people willing to write it and risk being sued, especially as they won't make any money from it.

Anatomy of a Slashdot Post...

[TheNucleon]

Wonder if anyone really checked out Microsoft's side of this story? :-)

Wonder if anyone would accept it if Microsoft cured a major disease or effected World Peace :-)

Wonder if anyone spouting their venomous comments has actually used the MS Anti-Spyware product :-)

Wonder how many nasty comments were posted by someone from IE/Windows :-)

I have programmed the following template to create surprisingly realistic Slashdot posts. Quasi-original words are substituted for "blah" with a RegEx processor.

TEMPLATE

Blah blah Microsoft is horrible blah I am so happy I'm using Linux now blah blah Microsoft is evil and they are lying to you blah Linux is the greatest thing since the discovery of fire blah blah Bill Gates is a terrible horrible person who stinks blah Linux is innovative blah blah Microsoft is not innovative they just steal all their ides blah blah Anything bad said about Microsoft is true blah Anything good said about Microsoft is by a fanboy blah blah PR spin lies horrible Microsoft Great innovative wonderful Linux and oh by the way BSD is cool blah so is the Mac it rulez blah blah

/TEMPLATE

I _know_ I will lose some Karma on this one. But I am so fatigued with the anti-MS bent here. Come on folks, you are intelligent and thoughtful. Let's have some real dialogue here, and keep it credible.

The opinions expressed in this post are my own, and do not represent the views of my employer, my family, my friends, or my cats.

Re:Anatomy of a Slashdot Post...

[TheNucleon]

"Well, go back to Microsoft's internal Web site where your fellow Microsoft employees can feed you an unending stream of happy-talk."

Well, so much for the credible dialogue. But, since I've probably worked in tech longer than you've been alive, I will forgive your juvenile comments.

I should have pointed out that I've never worked for Microsoft or any company associated with them in any way.

Guess I'll need to add some lines in my template, I forgot about inappropriate profanity and accusing people of working for Microsoft. Thanks man.

Re:Anatomy of a Slashdot Post...

[Master+of+Transhuman]

I doubt you've worked in tech more than 56 years, but if so, you're senile to boot.

So you don't work FOR Microsoft, eh? Good, because I've been told it's illegal for companies to masquerade advertising as personal commentary. I'm just waiting to catch a Microsoft employee spreading FUD on orders.

You're just a voluneer shill, I guess.

So I guess your livelihood just depends on Microsoft. Nothing else explains your comments.

Re:Anatomy of a Slashdot Post...

[TheNucleon]

Wow, if you're 56, you are using language and making comments that are way beneath your age and wisdom. That is seriously too bad.

My comments here can be simply explained - I want to see some real dialogue, not more useless (and often unsubstantiated) babble about how bad Microsoft is. I don't depend on them for my living. Perhaps you depend on them losing ground for your living? Do you work for Sun, or RealNetworks? Come on, fess up :-)

The fact that you're looking for them to do something bad/illegal, etc. in order to "catch them in the act", shows just how out of whack you are. Get some help, Dude. Really.

And by the way, what did I advertise? I don't remember mentioning a specific product, endorsing a course of action, or making a purchasing suggestion. Guess your silly web forum enforcement hobby wouldn't have worked out even if you were right about my employment.

Take care, and do try to release some of that stress more constructively.

Re:Anatomy of a Slashdot Post...

[Master+of+Transhuman]

No, you don't want to see "real dialogue" - you simply want everybody to cut Microsoft some slack.

Which happens to be exactly what Billy Boy wants so he can continue to pick everybody's pockets.

Sorry, I'm not so obliging.

Bill and his minions are LIARS and I don't cut slack for LIARS.

Or the fools who believe the liars, like you.

Re:Anatomy of a Slashdot Post...

[Master+of+Transhuman]

By the way, if you'd ever noticed my comments on SUN or Real here, you wouldn't suggest I work for either of them. As it happens, I work for myself. In fact, about the only company I think I'd ever consider working for in the industry today might be SpikeSource - mostly because I like Kim Polese and open source (not necessarily in that order.)

Re:Anatomy of a Slashdot Post...

[chawly]

I'm with you. What's wrong with Microsoft anyhow ? As far as I'm concerned, if they're not good for a laugh, they're at least good for a smile. And Bill Gates, what a marketeer ! But wait, I've friends who use Microsoft - and, please, they have rights too. Microsoft makes some of my friends happy. Can this be bad ? If I was into zealotry, I'd be a priest. Come on guys, lighten up. I'm sure that you too have friends - and that some of them liked Micosoft.

Re:Ad-Aware

[springbox]

I only have an AV program running. I think it's sad to see so many slashdot users posting that they're using up to three different tools for this junk. I don't have spyware on my computer, and it's very easy to avoid. The first big step you can take is throw away IE or figure out how to make it stop auto installing applications.

Re:Commercial programs

[scribblej]

While I don't disagree with your point, I think you sell short the enormous amount of effort put forth by certain Open Source developers to support Windows. Examples include Firefox, Postgresql, and Apache.

Wait just a Sec...

[Cranst0n]

Ok, we all know Microshit will be screwing everyone on this, But what ahppen to all the flack the OTHER antispyware companies were supposed to get when THEY DESCLASSIFIED SPYWARE a few months ago?

It'll be in the EULA soon enough

[bingbong]

It's a matter of time before the EULA has something along the lines of:

"By using this software, the User agrees to have all his/her traffic monitored, logged for the purposes of marketing you stuff we believe you can't live without.

Any effort to remove the Claria software from your system will result in a personal visit from some Really Big Guys who will have a Quiet Talk With You Out Back"

Microsoft FUD and negativity

[highmaster]

I guess I am a rarity of sorts on slashdot. I am a fence rider when it comes to OS software, Browsers, processors, and video cards. What does that mean? That means I use Windows and Linux, even though I only dabble in linux. I use IE, Firefox, and Mozilla. I also run AMD processors, as well as Intel. And of course I use Nvidia and Ati. My point? Simple enough, I know it is wishful thinking but can you folks just get over yourselves and your blind brand/product loyalty and actually try before bashing? Thanks now, end of line.

Re:Microsoft FUD and negativity

[chawly]

It's not bashing - just having a quiet giggle. The zealot approach is only for people have no real idea. I'm with you - if it does the job and you get it for a decent price and delivery delay, then why worry. Brand loyalty is for grandmothers at the supermarket. If my neighbour likes irradiated potatoes he can get them at the supermarket - my preference is for potatoes which are just a little more normal; but that's only my preference. I've heard that it we all live in democracies - its a free country.

What, disowning Palladium?

[Urusai]

I guess they really want to replace computers with internet devices, and make computers marginal, about like gaming consoles are doing with PC games. That way, you Linux communists can play with your uncompromised PCs while Ma and Pa Kettle are using their Microsoft Officebox plugged into the TV.

Color me prejudiced, but

[KwKSilver]

I can't put "trust" and "Microsoft" together:
If Microsoft = true, then trust = false.

Re:[Theory] backwards-compatible AdSense competiti

[LoraxLorax]

That could be the solution to their piracy/security updates problem. No "Genuine Microsoft Software"? You get a special update that embeds an ad on the desktop, and a scrolling marquee ad in the toolbar.

Link to Microsoft's Response and Spyware Criteria

[snotty]

I'm reading a lot of presumptions about the Claria response letter, but failed to see a link to the article. I recommended everyone first read the response and judge for themselves as well as take a look at our publicly posted spyware criteria.

Disclaimer: Yes I work for MS =)

Re:Commercial programs

[ajs318]

On what the hell grounds can you possibly be sued, for writing a program which helps other people exercise their right to control what software is installed on their computers?

Re:Commercial programs

[makomk]

I'm not sure on what grounds you could be sued, but I *am* sure that any laywer worth his salt could make something up. Note that it wouldn't have to be something that you could be successfully sued over; the point of the excercise is to cause as much hassle and legal expenses for the victim as possible.

Re:Commercial programs

[ajs318]

As far as I can see, all it would be likely to cost you is a second class stamp -- to send back any solicitor's letter with "ha ha" scrawled across it in red marker pen, while you got on with your business. The biggest expense you might incur would be in actually turning up to court and politely but firmly asking the judge to dismiss the case as it is without merit. That would take a morning at most. You also can't be sued for money you haven't got, so being a skint open source developer could well stand in your favour.

Re:Commercial programs

[ajs318]

OK, I'll give you those. OpenOffice.org, too. But it seems to me that generally, more OSS is ported to Windows from Unix/Linux/BSD/MacOSX, than from Windows to Unix/Linux/BSD/MacOSX. It also seems to me that most Windows software is closed-source, even if it is given away gratis; and the practice of disabling features in order to extort money from users for "enhanced versions" is common.

Re:Commercial programs

[WhiskerTheMad]

Installing software without my explicit consent is at least trespass {which is a civil offence and grounds to sue}

Hell, where I come from trespassing will get you shot.

Wasn't Gator in Win98SE ?

[Mr+Europe]

I think that Gator is installed with the Win98SE!

I have reinstalled my WIN98SE many, MANY times and the AdAware finds Gator every time. I' pretty sure that the Gator in on the Win98SE installation CD. And, thanks for asking, it is original.

Can anyone verify/deny this ? I guess You, bigman, have to start looking also for other OS's...

Re:Wasn't Gator in Win98SE ?

[mink]

I deny it. I have 2 win98SE pc systems at home (My wife wont let me upgrade her machine) and a machine for running legacy stuff that wont run well under 2K or XP. Both have adaware, spybot, and AVG loaded since install. Never have these machines indicated Gator infections.
Do you load adaware imediately after os install or do you load up on 3rd party aps first?

Re:Difference between Opera and Gator?

[SirPavlova]

Also, you can remove Opera, unlike Gator; Opera is useful, unlike Gator; you can avoid the ads easily, unlike Gator (serials take the form w-* for Windows, u-* for *nix, & I've seen m-*, so they're prob'ly for OS X).

There's no comparison. The only similarity is the presence of ads, & the ones in Opera are pretty inoffensive. Honestly, if you're that peeved, learn to use Google. Most of the Opera's userbase probably uses the same 10 serial numbers.

Disclaimer: I'm using Opera to post this.

Re:Wonderful

[gregorio]

No offense to anyone intended by the analogy: the point is that obvious differences are honest -- they don't fool you into thinking you're not using an extension. Slight differences are pernicious, not because they're necessarily bad, but because it makes it hard to recognize when an extension is being used.

While your analogy it's pretty funny, I don't think you can extend the discussion to the grounds of such thing as "honesty". I don't believe that there is any intention to fool the user by adding extensions that follow the same machanisms (way of thinking) that ANSI wrote on paper. While I agree that it makes things hard for people who want to know what is an extension and what is not, I must say that MSC++ is also a heavy user of the "__name" extension style, except that the extension behaves in the same manner as a "native" feature. Also, it is much better to learn a single syntax and behavior style than learning weird-bizarro-world stuff along with the common language constructs.

While GCC extensions are "flashy", meaning that you can easily spot them, they make use of some really messed up and inconsistent constructs. Add that with the usual "you need to work around this bug to make things happen", and you've got your gcc nightmare.