Slashdot Mirror
Microsoft Discusses Anti-Spyware Plans
LaughingCoder writes "Microsoft has announced their plans for the (currently free) AntiSpyware application, which is now in Beta. It is currently slotted to be bundled with Windows Vista. The end-user has the option of switching it out and using a different vendor's spyware protection if they want." From the article: "Microsoft gave an official name to its software for protecting computer users against spyware. The software, which has been known as Windows AntiSpyware Beta 1, will be called Windows Defender when the finished version becomes available next year, a Microsoft spokesperson said Tuesday. A posting on Microsoft's TechNet Web blog announced the change on Friday and also revealed some details about capabilities coming to the software. The current version of Windows AntiSpyware Beta 1 has 18 million users, the spokesperson said. "
Okay, a couple of thoughts:
And I know some claim this isn't Microsoft's fault that spyware happens, but it really mostly is. They designed Windows to be as easy and automatic to use as possible, which really is the gateway for much of the malware wreaking computer havoc.
If I were a anti-spyware vendor, I'd be pissed. (Unless I was the one Microsoft bought out.)
Of course alternatively, you could build the OS so that spyware can't install itself silently and start phoning home. Or would that be an anti-trust issue for Microsoft these days, if it put all the anti-spyware/virus companies out of business???
Drag n' Drop DVD Recommendations
This may come off as a crazy question but why would Vista need anti-spyware?
Aren't they gonna implement a secure user-privilege levels?
Even if someone does mess up their own home directory, they won't be able to touch system files?
So theoretically one could log in as an admin and easily remove the unwanted warez.
Or is Vista going to be more of the same when it comes to file permissions?
If you don't know what AltaVista is (was), get off my lawn.
The end-user has the option of switching it out and using a different vendor's spyware protection if they want.
Kind of like how XP SP2 didn't recognize Norton Anti-Virus as a anti-virus software and warned you that you didn't have any anti-virus software installed? Symantec had a patch that disabled this warning right after XP SP2 came out.
Bradley Holt
Making the engineering change from "Windows AntiSpyware" to "Windows Defender" took a lot of careful coordination across our team to ensure that the strings in the UI got changed, the help files all got updated, registry keys, file names and properties, as well as a couple of images all got changed.
You keep using that word. I do not think it means what you think it means.
I want to drag this out as long as possible. Bring me my protractor.
Somehow I think they will involve a wheelbarrow and a holocaust cloak....
I've become fed up with the anti spyware programs...
...
I've had Adaware detect things Spybot doesn't, Spybot detect things Adaware doesn't detect, MS's program detect things Spybot doesn't detect, etc etc etc...
My usual course of action to thoroughly cleanse a system is to boot to safe mode, run adaware > spybot > MS antispyware > HijackThis
My question is... will there ever be a program that can detect it all? Becuase so far, I haven't found one.
It just seems IMHO that the operating system itself shouldn't allow spyware. Will "Defender" also block commercially bundled "spyware?" Will it allow any old "official" spyware free reign on your system? I feel like this is a lose/lose for them.
But can you trust Microsoft anymore with stopping spyware from installing on your computer? Have they added protection from Sony's rootkit? What will they do with Claria/Gator/GAIN spyware technology that they now have access to?
Microsoft might remove spyware apps that break Windos, but is their goal to really remove anything that can spy on you, this being the company that's introduced Microsoft Genuine Advantage?
Saskboy's blog is good. 9 out of 10 dentists agree.
Instead of wasting time (CPU cycles) and bandwith (downloading the newest definitions), why doesn't Microsoft start from scratch and make a secure, stable OS? It is embarassing that the company that makes the OS distributes the cure(?) for the disease instead of preventing it.
don't hook keyboard messages.
It will probably break alot of code, but one kind of spyware instantly disappears.
Also, global CBT hooks are probably a bad idea to have around (who uses them for CBT purposes anyway? THAT concept has long since vanished and the things were hacked into a plethora of other uses).
I am very small, utmostly microscopic.
Back in the day, Ford was willing to sell you a Ford fire extinguisher to go with your Pinto.
No folly is more costly than the folly of intolerant idealism. - Winston Churchill
I thought the software title Defender was already taken.
"Rocky Rococo, at your cervix!"
To bad windows update installed that anti spyware crap of theirs for me. I think it called it the "Malicious Software Removal Tool." Oddly though, it has yet to bug me, but I suppose I should count my blessings. In any case, at best, all this shows is 18 million windows computers that run windows update regularly.
Scott Swezey
And I don't mean the tennis courts either. All products that are not OS related, where the OS doesn't rely on them, should be add-on software. I don't know that MS should be broken up like AT&T was, but allowing them to 'push' their add-on software out with the OS is an unfair practice as regards the rest of the software industry that is trying to make a living with that OS.
Its a bit tricky, because, hell, its MS's OS, why can't they give extra value software? Well, maybe so, but they are so large that such a move is completely bullish on the rest of the industry. This is/was common practice before antitrust laws were enacted, and stopping this is what they are for. The antispyware vendors have to compete with a product that user's don't even have to lift a finger to install... that's not easy.
If all antispyware software (as an example) had to be purchased, then it would still not be fair as the user's get a demo copy of MS software with the OS. I truly wish there were an easy answer to this bullish practice that MS is using... there of course is no easy answer, other than using Linux or Mac (I use *nix) so this is not so bad for me, but MS can then use this same practice to try to bludgeon other businesses into bankruptcy... Even though Google and others are making a very good play against MS, I think they need some help in the form of more court time for MS.
Support NYCountryLawyer RIAA vs People
"Spyware basically is malware takes advantage of a poorly architected Windows environment, n'est-ce pas?"
Yes, Windows was so poorly architectured. I mean, what bafoon decided that a process should ever be able to listen to the keyboard. And who was the moron that thought running more then one process at a time was a good idea. I tell you what, if I couldn't type on my keyboard, then no one would have made a key listener. And if I could only run a single process at a time, then I'd be able to immediately know if something I didn't like was running.
"They designed Windows to be as easy and automatic to use as possible"
What were they thinking!?! We should line the designers up and shoot them, right next to the invetors of the Automatic Transmission, Speed Dial, and Milking machines. Those bastards. Making things easy for consumers to use.
There's only one thing left to do. Just close your eyes and follow Linux. Its okay, there is nothing to fear, just hold on to the coat tails infront of you and keep those eyes closed.
-Rick (Yeah, I'm expecting a Troll rating for this one)
"Most people in the U.S. wouldn't know they live in a tyrannical state if it walked up and grabbed their junk." - MyFirs
"Microsoft Defender" has an almost patriotic ring to it. I think microsoft purposely does this sort of thing to make people think certain things are more important than they really are... It kinda reminds me of a dumb old man. :-P
I have a feeling that they namd Defender as such because they couldnt find anyone to take that job. Who wants to defend Microsoft anyway? :-P
is will this application do a good job?
Microsoft anti spyware bata is really GIANT's anti spyware.
They were gobbled (upcomming holiday pun intended) up and improved upon. Yes, it is really good software, but not a perfect catch all.
Who really cares if they put it into their os though? because you can't use just one of those programs. if you come across a machine that is infected, you have to use 15 differant spyware removing tools anyway because not one of them covers everything from every other program.
Although... this is just my opinion, due to experience working on client machines who didn't know what a fire wall was, but spent money to get cable so they could write e-mail faster.
Spyware is truly evil, and I hope the new POPE does something about it!
It is possibly the first anti-spyware program to use a joystick. Malicious executables appear as little moon landers and you have to shoot them before they can abduct your good files. I actually look forward to getting infected with spyware, but my thumbs start to hurt after a time.
Have you looked at the foxIE suite? The browser plugin is so-so, but the "sweeper" - its spyware seek/destroy widget is pretty impressive
The only potential conflict of interest I see is if MS charges for the software. As long as it is free its a GREAT addition to Windows.
However, it would be horable for our economy. As they start to give away anti-virus/spy-ware software, that eliminates a multibillion dollar industry. That is a problem, but not MS's problem. Its a free market issue, and the market will adjust.
As far as it being- an anti-trust issue, I don't believe it is. This is a tool that fixes/protects against exploits in their software. They aren't adding a product from an unrelated market (e.g. web browser or media player). This is a logical step, similar to service packs and updates. The fact is if they didn't offer updates, a company would emerge that patches windows, just like the virus industry emerged.
All in all I tihnk this is a good thing for windows users. I think the anti-ms crowd is going to throw a fit, and wrongfully claim abuse of monopoly, but what can ya do? MS is making the correct decision to include it in Vista. If they charge extra for it, or turn it into a paid subscription service, that is an entirely new issue. That would be a conflict of issue, and morally wrong, maybe not legally, but it would hurt their business.
Security:
Ring 0: kernel level
Ring 1: apps level
Ring 2: user level
There's no excuse for outsiders having install level capabilities on any OS.
That Microsoft will start charging for Defender (or Defender Plus).
Not to mention most spyware nowadays is sophisticated enough to reinstall itself after you remove it with any of the above mentioned programs.
...is hypocrisy, as the great MS platform 'calls home' every chance it gets!
Crunch!
but couldn't they make money from the companies inserting the spyware? If you pay M$, then Windows Defender will classify your program as non-spyware and allow you to keep collecting information.
/. bug #926803 - Why I can post.
I just tried to update my spyware definitions through Microsoft AntiSpyware. I got an error message: "Could not connect to the internet."
Somehow Slashdot has no problem, however.
Yes there is. Your mother complains that none of her software that worked fine on Windows XP works any more.
Even today, you can demonstrate this by not running as administrator. You would be surprise at how much software on the market breaks because they expect to write to Program Files.
"Windows Defender"... If it isn't a new kind of *nix-based OS; then it a'int defending me against Windows.
Nobody's gay for Mole-Man.
I wonder if Bains Digital has any sort of recourse considering their product is also called Defender...
Maybe a nice fat check to purchase the name?
I have a co-worker that runs windows anti-spyware now, and it pegs his cpu/memory usage through the roof.
Guess that's why I think I'll try windows anti-spyware when the real beta 1 comes out, and that's when vista hits RTM, sadly.
- A donkey, a wrench, and some glue
It seems someone else was using "Windows Defender" until MS sent in their lawyers. Tucked into the agreement was a line making the prior owner give all rights to the "Defender" name to MS. Two weeks later, MS announces the new name.
Two wrongs don't make a right, but three lefts do.
Now, not only can they start charging for a subscription service, once all the other AV companies are out of business, but they will also increase their profit margin by _not_ fixing all the exploitable bugs, quickly enough.
The mere fact that MS feels the need to include anti-spyware software is because they FIXED NOTHING. It's NT 6, XP repackaged with a snazzy GUI. Rather than find some way to prevent worms, virii, and other malware from getting in, they will be providing 'tools' to fix the OS on an ongoing basis? Sounds like MS users will still be spending countless hours scanning, fixing, restarting...
A people that values its privileges above its principles soon loses both. Dwight D. Eisenhower
The serious spyware writers design their programs to try and avoid detection. So, often times things get missed. Bottom line, to keep your computer completely clean either:
A) Never go on the internet, ever.
B) Use an OS other than Windows.
C) Try and get MS to improve Windows so that spyware has limited impact(good luck there)
You are who you are, let no one tell you different. But, never close your mind to a new point of view.
Will it block installation of the Sony DRM rootkit?
That easy, huh? So when my grand-mother wants to install HyperBingo3000, how exactly does that model stop it from spying on everything she does?
People seem to be assuming that spyware is something that magically appears on PCs. That is rarely the case - It is usually bundled with other software.
Sigh. Does anyone else see the irony in having the maker of the OS release an anti-malware program that runs in user space?
Ring 0: kernel level
Ring 1: apps level
Ring 2: user level
Microsoft did something similar to this with NT 3.5/3.51, and these releases were quite robust.
However, for NT 4.0 they moved the display drivers and GUI to ring 0 to increase performance. This created huge stability issues as buggy display drivers (and coincidentally a sub-optimal IP stack) caused NT 4.0 systems to be extremely fragile. The anticipated performance increases were eclipsed by downtime caused by reboots and BSODs. Some of these issues were not patched sufficiently until the release of Service Pack 6/6a. There's an unintentionally funny article here that talks about the changes. I love this particular quote:
"In all my testing with NT 4.0, I haven't encountered a graphic-induced crash. Moving the heap to the kernel makes sense. Upgrade!"
I want to drag this out as long as possible. Bring me my protractor.
Shouldnt discussion take place before promotion? Somewhere between lies design, and inginuity.
In my opinion, the main thing following from the words of Microsoft specialists in the blog, is not the change of name but the fact that the software giant, I think, is about to do the same thing it once did in the browser sector.
"The engine is now moved to a system service ..." means that anti-malware (anti-virus) solution will be built-in in the next Windows. Why I call it anti-virus? Because like some time before the word "virus" was used for almost ALL malicious programs, now they are trying to call them "spyware". Anyone can see it in the Anti-Spyware Coalition site's chapter Examples of Spyware and Potentially Unwanted Technologies (http://www.antispywarecoalition.org/documents/def initions.htm).
Here is another quote from the Microsoft Anti-Malware Engineering Team blog: "The detection mechanisms have also been radically improved by applying to spyware threats all the great detection technology we use in our antivirus engine."
There can be no doubt that Windows Vista is going to incorporate the feature we would usually call anti-virus. Is this "system service" going to be charged or free? This is the question I am worried about.
Ships have bilge pumps because there are just so many ways a leak can start. In fact, back in the day of wooden ships it was not unknown for the Dutch to fit old ships with wind powered bilge pumps and just keep them pumping so they could be used beyond the normal lease of life. The analogy is not exact, but it is common for any very complex system to have continuous maintenance needs that in theory could be avoided. I'm not justifying MS, just pointing out that your analogy would lead to MS building in the equivalent of automatic bilge pumps, fire extinguishers and smoke alarms, just like you have to have on a ship. Which seems to be what they are at last doing.
Pining for the fjords
My wife's PC got infected with some horrible spyware/adware a couple weeks ago. Norton antivirus cleaned up some things (which the virus rootkit(?) promptly reinstalled), so I tried Hijack This, which removed some things which the virus reinstalled, so I tried MS's solution, same outcome, and a couple other worthless POS packages, same outcome. Loads of fun.
Finally reinstalled the OS from the vendor (Sony, damn them all to hell) package... which wiped the C drive and replaced everything with a pristine copy. That worked. Now spending days reinstalling/reconfiguring all our apps again, and being better about making the effing backup DVD.
Also looking around to see if there's any good real estate software available on the Mac for her to use. Unfortunately, Real Estate lost its balls years ago and ran shrieking straight for MS IE only web sites. Bleah.
Besides trolling, you don't seem to care anything about the discussion. Yes, the GP poster has a point. But you don't contribute anything to the discussion, you just take parts of the GP argument and turn them into a horrible straw man.
The next time you're sarcastic, please try to make a point of it. I admire the Windows user interface (well, most of it - some things i can't stand, like that stupid online registration), it's just that their security COMPLETELY SUCKS and their closed source + monopoly just makes things worse and very hard to maintain.
It's microsoft's fault their crappy OS is so open to spyware (*cough* IE, ActiveX, poor security scheme, services enabled by default, etc. etc), so, yes, MS should PAY to keep the OS we spent $200 on, clean. IMO Microsoft should pay us so we can purchase *ANY* antispyware, not necessarily theirs.
I went around work installing the program when it first came out, despite setting restrictive rights and other such software on the computers (before I came on, many of the users had admin access when they didn't need it, mainly because some of the software they had purchased was worth shit, and the guy before me didn't want to bother setting things up correctly.)
While Microsoft AntiSpyware wasn't a catch-all (neither were the other two programs I used in conjunction with it,) it worked out well. Whereas Ad-aware would give you a long listing of individual files with sometimes-useful information if you double clicked on an item, MAS would list the various programs (clumping the files together) and give a threat level, the main things they do (both good and bad) and a few other small tidbits. It's enough information that a regular user would be able to figure out what to do without being overwhelmed.
I have it on my own Windows machines (though I almost never have to run it myself.)
However, as has been pointed out, this shouldn't be shipping with Vista. With Linux coming to the forelight, and Macs becoming cheaper, Microsoft should know that they can't do the "There are only 1000 holes instead of 5000, it will be fine" thing they've loved to do in the past. Vista should be secure enough to not need this kind of thing, or it just shows that Microsoft would prefer to pretty up the OS some more and give us the same crap in a different box for another $300 than to actually strive ahead.
Then again, that's nothing new.
Isn't the term "Web blog" redundant and repetitious.
To get totally off-topic, I think everyone is missing the point. At this point in time, personal computing for the masses is an immature technology and clearly has some way to go. An example of a mature technology would be a fridge. I switch it on and it just works. It's completely intuitive. My two year old son can figure out that we keep food in it to keep it from spoiling and it is virtually (touch wood) impossible for him to either damage or crash it. Apple is currently ahead of the game at the moment, but at one point, it was IBM, and I still have a soft spot for the Amiga OS. All current systems are too complicated to use and I include OS X and Apple in this group. I use both Windows XP, and OS X, am currently writing a database for my law firm, and have dedicated myself to totally understanding the OS X Tiger (No, I have no plans to go to Leopard), and despite sixteen years of IT use (first computer - the Apple II), still find parts of IT tricky and complicated to use. Grandpa and Grandma don't really stand a chance.
OK, yeah. MS hasn't done a good job so far protecting their operating systems from malware. We all know that.
Still, I'm already sick of reading people's comments about how they should just design their OS better. Of course there are things they can (and hopefully will) do to reduce the risk of malware. Ditching default root privelidges comes to mind.
End users are still going to compromise themselves, though, with software installs and stuff. Let's face it, as long as Windows is the big target, it will be the OS that spyware developers go after.
So, they're bundling spyware software, and they're making sure you can exchange it for your favorite, if you like. What's wrong with that? There's no reason not to cover your bases, right?
OK, yeah, Windows sucks, and current versions are just begging for spyware infections. If MS hasn't made some drastic revisions in Vista to handle the problems, they're morons. Still, not having a contingency plan in place for if Malware finds it's way through would be just as stupid, in my oppinion.
Same for AV programs. Not all AV products can find and clean everything. There is NO perfect programs.
Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
In a corporate environment that may ring true. Even then, it breaks down entirely if users are able to execute a file which is located at any arbitary location on disk - who says the spyware needs to go through a formal install procedure?
However, at home (where a lot of these infested boxes are), users need SOME means of installing software.
Those who say Microsoft should make a secure operating system... well you've been living under a rock.
Blame the user, not the software.
from today, Linux worm: http://linux.slashdot.org/linux/05/11/08/140203.sh tml?tid=220&tid=106
and of course, rootkits don't exist for Linux, oh no:
http://la-samhna.de/library/rootkits/list.html
MS are trying to do something about security, Vista will not stick you straight in as admin.
Shame you /. types can't see passed the end of your biggoted noses. I love Linux, and I stroke my OpenBSD box goodnight, but come on Bill is not the anti christ, XP/VS/SQL/Exchange are all fine products, not everything MS does sucks or made out of spite, they really are trying to make improvements with each iteration.
Stop the madness pls, it doesn't do "the cause" any good if you all act like spoilt children.
At least Vista will tell you that you have a rootkit installed, will your Linux distribution do this out of the box? Exactly.
You're absolutely right about this smelling like a browser war, but there is one significant difference. Anti-spyware is (arguably) something that should be built into the system. As is (again arguably) anti-virus. It should be interesting to watch this unfold.
The already well-entrenched antivirus companies would no doubt throw a fit were MS to try and include some kind of AV in their next OS. I daresay that's the reason MS never has mentioned an AV solution being built into windows. I'm wondering how the not-so-entrenched anti-spyware companies will react to this...
MS may not admit it, but we and they both know that everyone's lives (MS and the internet as a whole included) would be better if windows had an antispyware solution built in. Including it would help improve the "overall windows-user experience." Everybody wins (except the anti-spyware companies). But besides that, they may not even legally be allowed to charge for it. I can't pinpoint the law that charging for it would violate, but there seems to be something wrong with that picture.
Then there's the antitrust thing... will it become an issue? Is this a form of reverse discrimination, where a company can no longer improve its product because another company has already built a business model around the first company's lack of needed improvements? What kind of a world is this becoming? The possibilities of this issue are endless.
Should be very interesting indeed...
Also Age of Empires III won't run on anything below XP, but there's no reason I can think of for such a restriction, esp. against Windows 2000, except to push towards the newer platforms.
Sounds like it's just a subset of this.
Endless arguments over trivial contradictions in books written by ignorant savages to explain thunder in the dark.
I disagree on this. The Windows registry (which I am _convinced_ was a deliberate design concept to stop user intervention of their computer) is the most nubilous system ever - no documentation really.
The Sony 'root kit' charade proved a bit of that (plus the old NT4 client-to-server hack) - and that is from a 'kosher' vendor'. God knows whatever else it does.
All the time you have deliberate obsuration of operation, you will have problems, as noone knows what is going on.
While you're right that you can't get software to install silently under OS X, it would be trivial to trojan a download, and even to this day, a great many (most?) Mac users will gleefully enter their root password when prompted by any random installer.
Yes it is trivial, but so is writing your password on sticky notes on your monitor. If you are given the choice of installing the software with a notification of the OS and prompted for a password then it is clearly the fault of the user for typing it in. Hence personal responsibility.
When people visit a website, put in a cd, turn on AIM, or open an email from what appears to be a friend or any other average every day activity and silently get their system rooted, then it is the OS's fault.
One of these we can control through education. The other we have to control through removal programs.
"I am the king of the Romans, and am superior to rules of grammar!"
-Sigismund, Holy Roman Emperor (1368-1437)
Comment removed based on user account deletion
You can do this in Windows XP right now. There are (at least) two classes of users: Administrators and Users (sometimes called "Limited Users.") The Administrator is like a Unix root and has free rein to install anything/wreak any kind of havoc. Users can write only to their home directories and cannot trash other users, change the startup sequence, etc. (This of course assumes that there are no security holes on the system that allow malicious programs to gain Administrator access.)
In theory if most users ran as limited users, there would be a lot less spyware. A limited user can't install software that can insert itself into the startup sequence.
The problem is this: first, most (if not all) Windows systems are not configured to run with Administrator/Limited User bifurcation by default. Most users probably don't even know the difference. Second, a lot of Windows software--even recently written software--only works properly if an Administrator is running it. Limited User accounts break the software. If the user only wants to run MS Office, IE, and Firefox, she will be fine. If she wants to use Winamp, Napster, or The Sims 2, it won't work under a limited account. (No Linux programmer could get away with writing a music player that only works under a root account.)
The third problem, which is likely the biggest of all, is that Windows users are not educated. They often will run the latest downloads on Kazaa only to find out that they have spyware; I think they likely would switch to Administrator to run malware if they were asked nicely. MS does not seem interested in pushing users to run only as Limited Users, likely because it would break so many poorly-written Windows apps.
And a side note: programs that break when run under Limited User accounts often work poorly when used on PCs with multiple users--e.g. different users cannot save their own personal settings. No Linux program could get away with this. One of Linux's biggest advantages is that it was written for multiple users from the start. Multiuser support and security has only recently been grafted into Windows.
My guess is that MS will strive to ensure that Vista does not break old Windows apps. Thus, users will still need to be Administrators to run software. Worms and spyware will wreak havoc. Furthermore, application programmers will continue to be lazy and write software that only works if the user is an Administrator. More antispyware packages will come out, which usually cannot even delete spwyare. The cycle will continue.
Penny - plain text accounting
In theory this is impossible.
If suddenly such an überantispyware appeard, that can detect everything better than anyone else, it'll suddenly become "teh new target" that every spyware-writer will try to circumvent. And with so much effort put on this, of course there will be new spyware that won't be detected by it.
Historically the same has been seen with anti-virus software :
- When Thunder Byte AntiVirus was out, it was THE holy grail of anti virus. It had a heuristic (simulator) engine, whereas other antivirus software were signature-list based. While not all signature-lists were able to detect every last single polymorphic virus, TBAV was able to detect even new unknown virus.
- Quickly it became the software against which all virus creator tested their latest creation, and started to design special virus which were able to detect and cirumvent TBAV's new generation engine.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
In recent tests Webroot Spysweeper apparently removed the most spyware (95% or so). If you want to use only one, this is the go.
Anyone here have both a hotmail account and a gmail account? Any of those who said yes also a user of ebay or amazon?
Then you'll have noticed that hotmail never marks a single amazon or ebay message as spam, whereas gmail does.
So, if amazon wants to put a program on my computer "to better undertand our demographic subspace variant molecularity", how am I to trust Microsoft?
Don't think they won't do it... I had fun playing the flight sim easter egg that was hidden in Excel 97!
Yeah, I'm expecting a Troll rating for this one
Lawl, you as of this post, you got +2 "Insightful." That was some of the best trolling I have EVER seen, though :-D Too bad I don't have any mod points, or I'd give you a cookie or whatever you turn them in for.
DATABASE WOW WOW
1) Do you really want to trust a product that says that GATOR is *not* spyware?
2) We use CounterSpy here, which is the parent product of Microsoft's Beta. The Beta scans come back clean while the CounterSpy scans come back with some 40-50 items on most of the machines we tested.
3) Didn't Microsoft already get nixed over the whole anti-virus thing already? I think I recall reading something about that. If so, how is this any different?
4) Wouldn't the time, effort, energy, etc. be better spent in figuring how to make the OS work properly in the first place?
2 cents,
Queen B
HDGary secures my bank
Doesn't including Anti-spyware with an OS, scream that there is something wrong with the OS. Why doesn't MS address the shortcomings of the OS that allow Spyware.
The new slogan..
"Windows Defender - Millions and Millions of proud customers served."
Isn't it a clue when 18 million + are using a tool to fix your product?
Whats worse is that instead of fixing the problem, they are just gonna bundle the repair tool. If other industries had this kind of support
Just a thought...if microsoft was selling cars...
Customer: "Whats this pouch in the trunk for?"
MSFT: "Its to help you reattach the wheel that will fall off while driving on bumpy roads."
Customer: "Why not strengthen it?"
MSFT: "Its not our fault that there are bumps out there. You should only drive the car where its perfectly safe and smooth. But just in case here is the kit to fix it."
Then you have Sony to sneak in a fuel filter that cannot be removed without damaging the car.
I hope Microsoft has no partnership deal with Sony that might affect the efficacy of their anti-spyware utility.
You make the mistake of thinking you can educate the fundamental stupidity out of people. You can't.
End users are still going to compromise themselves, though, with software installs and stuff.
Currently most infection do not involve user interaction. If the OS was secure enough that they did need user interaction, a lot could be done to stop them via that interaction. Running all new applications in a virtual machine with no internet access, access to to other files, access to the system, etc. without specifically warning the user and asking for that privilege would be a good start. There will always be users that will agree to everything (especially when presented as OK/Cancel that is the dumbest UI convention ever) but that number is very small. Give users the tools, and make those tools actually make a difference and you'll find that education solves 99% of the problem.
So, they're bundling spyware software, and they're making sure you can exchange it for your favorite, if you like. What's wrong with that?
A monopoly bundling a product as a way to dominate a new market is the first example the antitrust statues use when explaining what abuse of a monopoly is.
Still, not having a contingency plan in place for if Malware finds it's way through would be just as stupid, in my oppinion.
I agree, users should have a contingency plan, but it is illegal for MS to provide it on unequal footing. If they want to sell it fine (yeah conflict of interest there too) but bundling is illegal and with good reason.
We're not speaking about virus but spywares.
...) ...this won't stop all spywares. Only a tiny fraction.
...will hardly help. Educated users may use this to detect and stop spywares. But most joe 6-packer will either start complaining on online supports because they can't connect to WoW any more, or "OK-clic-thru" without thinking everytime a pop-up shows up and grant internet access even to spywares.
...will never work. IE was supposed to work like that, but there are many certificate from thrusted source that have been granted to weird companies (I've read that a malware maker even managed to have a certificate with "Microsoft in it's name"). And on the other hand plenty of legitimate software cannot afford to be signed (mostly open source software).
...won't work. Do you really think you can explain to Joe 6-pack the difference between "www.coolwarez.com" and "sourceforge.net" ?!?!?
...although it exists in some small ways (FireFox and Java uses such sandboxed design to limit access rights to online applications, even if those applet are run from the users account. Passwords wallets like KdeWallet or Palm Keyring ask user permission before transmition passwords, ...) a complete OS redesign is very unlikely. Just look how many times Microsoft has tried to even change the file system (WinFS) or some other component and hasn't fulfilled promise. Do you really think they'll redesign an OS from scratch ?
- Virus are maliciouse software that exploits bugs to enter into your computer (without the user knowing it or even without the user doing whatever), then try to gain full control over the PC (gaining root access. Which is easier in crappy OS that run at administrator privilege), then propagate by sending themself over the network (and abusing further bugs on these computers).
- Spyware are softwares that come *with* some other installer, and being installed following user interaction (he willingly started an installation. He just may not be aware of *all* software he's installing because he didn't read the EULA or the spyware isn't mentionned in the EULA). Then the software starts invading privacy and gathering info (most of which, like browsing history, is naturally accessible by the user-level access with which the user is running his applications - including the spywares he installed). The software calls home (using normal privileges the user has).
Bug fixing is mostly against virus and script kiddies. It'll patch holes that can be abused.
Spyware on the other hand is about the user running trash software.
Maybe there is some spyware which uses bugs or bad designs (admin-level by default) to gatter even more data (using a key logger). But even a bug free system could run spywares as long as the users isn't well educated enough to install them.
You can even design spywares on Linux ! If some moron is dumb enough to install binary software from shady sources (instead of : a. installing binary package that came with his distribution CD like a normal user, b. compiling tarbals from signed and trusted sources like a normal geek), this software could read the user-readable history files and send them over internet.
The only things one can fix an OS against spyware are :
- Fixing bugs to avoid the admin-rights-abusing spywares (keylogger,
- Starting some white-list based scanner/firewall, to limit which software can connect to internet (ZoneAlarm should grant internet access to your favorite MMORPG, not to your "display naked dancer" screen-saver/winamp plugins)
- Trusted computing : only legitimate software should be signed.
In short : permission is likely to be granted to the wrong wares.
- User education.
- Redesign the OS completly from scratch to create a system that enables programms to store sensitive data in a private isolated from other process way (in other words, access to data depends both on running user profile & software profile).
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
This is about the one thing microsoft is REALLY good at. Control. Windows pre-packing their OS with thier own brand of anti spyware expediates thier goals, because they will have the power to influence the movement of billions in advertising dollars. The main reason there is spyware these days is to help people sell you $hit thru invasive advertising. Microsoft having control of whos adverts go the what group of users is just another step towards putting thier competitors like google and yahoo who depend on advertising, out of buisness.
a novel idea, huh? Instead of shipping weak code, why don't they put an end to viruses and spyware? It sounds too simple. Think of the lost buisness in the anti-virus anti-spyware market.
You keep using that word. I do not think it means what you think it means.
heh, they use that word a lot, just like the MSCE, eh?
That's not necessarily true. MS got in trouble for bundling IE because they didn't offer a way to uninstall it and replace it, and they made it impossible for anyone to compete.
If you're saying that any form of bundling is illegal, then when you buy an OS, all you should recieve is the kernel. Adding in a window manager is bundling. Adding in a file explorer is bundling. Right?
I got a remote control "bundled" with my DVD player. That doesn't stop me from going out and buying a universal remote, though.
"Bundling" is not inherently anti-competitive, and it is not always illegal. It's all a matter of how you do it, and whether or not the end user has a choice. That's why MS is allowing you to swap out their software, if you want.
Good thing I didn't pay for it, but I'll still bitch about it. I'm sure the parrot on my shoulder will enjoy Vista too!
But isnt it conveinent there are a whole bunch of free OSes out there? The countless linux distros, BSD, OpenSolaris, and some other ones.
Microsoft Anti-Spyware Beta 1 never finds anything on my computer. Lavasoft Ad-Aware does it all.
Is it really defending? Or is it just not finding anything?
"Microsoft Discusses Anti-Spyware Plans"
Of corse, those plans don't include making Windows less prone to spyware to start with.
Yeah, when I hear "Windows Defender," what I really want to hear is "Williams Defender." I love that game! (laser blast) Take THAT, spyware!
Agreed! I am not a MS fan either, but I agree with you. I thought of Windows security issue as buying a car. If I buy a car from Ford, and someone shoot at me with a gun and damages my car, I would never get pissed off at Ford for not building it bullet proof. It is hard to guard malicious intent of people today. The firewall and anti-spyware software are just like the bullet proof after market upgrade for cars. However, MS does have the corporate responsibility to improve the product as the malicious intents (spyware) becomes part of the environment, as they are doing now. In the mean while we will just have to the aftermarket solutions.
The purpose of writing is to inflate weak ideas, obscure poor reasoning, and inhibit clarity....Calvin
Fancier file permissions won't protect users against what proprietary software can do running in that user's name, with that user's privileges.
The real threat of spyware is the threat proprietary programs pose—they are uninspectable, unmodifiable, and undistributable. So even the most skilled can't really tell all of what they do, can't change them in any significant way to do something else, and if they somehow figure out how to change the binary they can't legally distribute the improved version to their community. Free software spyware doesn't suffer these problems because when the spyware is found, the program can be legally modified and shared, and the community can switch to the improved version.
Digital Citizen
However, when my father had his little steel hulled boat in WW2, he had more interesting problems - fire from the Germans and the Japanese, mine detonations and shells at a distance springing the odd rivet, the odd incendiary dropping on the deck. At the moment the Internet is a lot more like WW2 than a nice peaceful river.
Pining for the fjords
That's not necessarily true. MS got in trouble for bundling IE because they didn't offer a way to uninstall it and replace it, and they made it impossible for anyone to compete.
No they got in trouble because they were bundling a product for a new market with one for a market they had monopolized. The ability to uninstall and replace it was not a factor.
If you're saying that any form of bundling is illegal, then when you buy an OS, all you should recieve is the kernel. Adding in a window manager is bundling. Adding in a file explorer is bundling. Right?
No, not at all. Bundling is illegal when you are an already existing monopoly and when you use that bundling to move into a new market. If no one is selling stand-alone window managers or file explorers then you are not moving into a new market.
I got a remote control "bundled" with my DVD player. That doesn't stop me from going out and buying a universal remote, though.
That's not the point. You already had to pay for the first remote, thus the stereo manufacturer got paid for a product you don't want. If your stereo manufacturer was a monopoly it would be illegal to start bundling remotes if they did not already do so. Further, it would be normal practice to legally force the stereo manufacturer to un-bundle them if later cases of other abuse were found.
"Bundling" is not inherently anti-competitive, and it is not always illegal. It's all a matter of how you do it, and whether or not the end user has a choice. That's why MS is allowing you to swap out their software, if you want.
You completely miss the point of why bundling is illegal. It is because it forces consumers to buy things they don't want or need by abusing an existing monopoly. Right now any car company is free to bundle a lifetime supply of cheese with all the cars they sell. Even if they somehow build that cheese into the frame of the car so it cannot be easily removed or replaced it is no problem. If, however, a car company gained a monopoly, it would be illegal for them to give away a lifetime supply of cheese with each car. The reason for this is that they can raise the price of the car to cover the cheese and no one has an alternative. Thus everyone gets cheese whether they want it or not, or whether they prefer the car co's cheese of someone else's. As a result their cheese does not have to compete. Consumers suffer because they pay for products they don't want and they get potentially inferior products. They no longer choose the best cheese. The car company only has to make cheese good enough so that people are not willing to pay for both their cheese and a competitor's cheese in order to get a good product, and even if they do, the car company has already been paid.
Bundling is illegal when it is being applied by a monopoly to a new market (note, market not product). Whether or not you can subsequently buy a second product and use it interchangeably is immaterial.