Slashdot Mirror
Microsoft Discusses Anti-Spyware Plans
LaughingCoder writes "Microsoft has announced their plans for the (currently free) AntiSpyware application, which is now in Beta. It is currently slotted to be bundled with Windows Vista. The end-user has the option of switching it out and using a different vendor's spyware protection if they want." From the article: "Microsoft gave an official name to its software for protecting computer users against spyware. The software, which has been known as Windows AntiSpyware Beta 1, will be called Windows Defender when the finished version becomes available next year, a Microsoft spokesperson said Tuesday. A posting on Microsoft's TechNet Web blog announced the change on Friday and also revealed some details about capabilities coming to the software. The current version of Windows AntiSpyware Beta 1 has 18 million users, the spokesperson said. "
The end-user has the option of switching it out and using a different vendor's spyware protection if they want.
Kind of like how XP SP2 didn't recognize Norton Anti-Virus as a anti-virus software and warned you that you didn't have any anti-virus software installed? Symantec had a patch that disabled this warning right after XP SP2 came out.
Bradley Holt
I've become fed up with the anti spyware programs...
...
I've had Adaware detect things Spybot doesn't, Spybot detect things Adaware doesn't detect, MS's program detect things Spybot doesn't detect, etc etc etc...
My usual course of action to thoroughly cleanse a system is to boot to safe mode, run adaware > spybot > MS antispyware > HijackThis
My question is... will there ever be a program that can detect it all? Becuase so far, I haven't found one.
But can you trust Microsoft anymore with stopping spyware from installing on your computer? Have they added protection from Sony's rootkit? What will they do with Claria/Gator/GAIN spyware technology that they now have access to?
Microsoft might remove spyware apps that break Windos, but is their goal to really remove anything that can spy on you, this being the company that's introduced Microsoft Genuine Advantage?
Saskboy's blog is good. 9 out of 10 dentists agree.
Security:
Ring 0: kernel level
Ring 1: apps level
Ring 2: user level
There's no excuse for outsiders having install level capabilities on any OS.
While you’re right that you can’t get software to install silently under OS X, it would be trivial to trojan a download, and even to this day, a great many (most?) Mac users will gleefully enter their root password when prompted by any random installer.
As to the phoning home part, IPFW doesn’t, as configured in OS X, do egress. I run a $25 app to have real time veto power over outgoing packets. So while the malware situation on OS X is currently infinitely better than that of Winders, I wouldn’t be using that ‘c’ word if I were you.
Quantum materiae materietur marmota monax si marmota monax materiam possit materiari?
Even if someone does mess up their own home directory, they won't be able to touch system files?
Spyware doesn't necessarily need to modify system files to spy on users. The information in your home directory is the most valuable.
So theoretically one could log in as an admin and easily remove the unwanted warez.
Sure, but most Windows users don't even know they have spyware. That problem needs to be solved first.
This is a classic Anti-Microsoft post. Let's look at an example with an auto manufacturer such as Ford. You seem to be the type to fault Microsoft no matter what they do. If they are to charge for it, you criticize...they offer it for free and you bitch as well.
Very few people blame Ford when their vehicle gets broken into with a hammer through the glass.
Your First Point - If Ford was to include a free alarm system, people would be happy about it, and wouldn't think twice. Yes, they do sell a car with deficiencies (It could be bullet proof glass), AND they would be offering a free solution to the problem!
Your Second Point - They put it in free and allow you to swap it out. Big deal! You would never fault Ford for putting in a free system. If you are unhappy with the free system, upgrade it. Nobody is forcing you to keep it.
Your Third Point - Simple economics. We don't live in a world where we only want the best for everyone else. If all other competition closes up, it wouldn't make sense for them NOT to increase their prices. Suck it up -- let the market determine the price.
If you were an alarm system installer I'm sure you would be pissed too, but welcome to the real world!
but couldn't they make money from the companies inserting the spyware? If you pay M$, then Windows Defender will classify your program as non-spyware and allow you to keep collecting information.
/. bug #926803 - Why I can post.
My Ubuntu system at home came with thousands of programs, with many thousand more available in their repositories. An Office suite is installed whether you want it or not, unless you choose the minimal install, which few people do. The whole thing leaves very room for commercial competition for what runs on my desktop. Whatever someone wants to sell me, I probably already have some preinstalled equivalent on my Ubuntu system. Maybe this is unfair to others who would like to sell me something, but as a user I really don't mind getting a better system for the same price. Anti-virus vendors have had over 20 years to find other avenues of business, and now they're upset that after all this time Microsoft has decided to compete with them, not to sell as a standalone program, but to improve the security of their desktop operating systems. I'd actually like to see Windows bundled with Office and Visual Studio. Hell, why not throw in the whole enchilada? Because it saves consumers money at the expense of third parties software publishers?
Traditionally, a lot of OEM's have been bundling antivirus/antimalware trialware with systems, which times out after usually 60 days, leaving the system worse off than if it had no antivirus at all, unprotected but with all the slowness and instability that comes with running antivirus software.
Surely defending against spyware and security breaches should be a primary function of the OS, rather than an application that is built to run on the operating system. People who make antispyware software are making up for a deficiency in an operating system that people already havbe paid good money for. They should have no complaints if Microsoft take it upon themselves to actually fix what's wrong with their operating systems. If Microsoft were somehow 100% successful in defending against spyware & malware and suddenly no-one needed any antispyware, that's just tough for antispyware companies, and it's great news for computer users everywhere. Similarly, say windows Vista was (you'll laugh at this) 100% secure against virus attack (as if!) and no-one needed any antivirus, surely that'd be a great thing and we could have a big bonfire with all our copies of Norton.
When the posters fear their moderators, there is tyranny; when the moderators fears the posters, there is liberty.
The mere fact that MS feels the need to include anti-spyware software is because they FIXED NOTHING. It's NT 6, XP repackaged with a snazzy GUI. Rather than find some way to prevent worms, virii, and other malware from getting in, they will be providing 'tools' to fix the OS on an ongoing basis? Sounds like MS users will still be spending countless hours scanning, fixing, restarting...
A people that values its privileges above its principles soon loses both. Dwight D. Eisenhower
Microsoft bundling anti-spyware software with their OS is kind of like a shipbuilder installing an automatic leak plugger in a new ship.
It'd be better to build it so it didn't leak in the first place.
Don't anthropomorphize computers, they don't like it.
So you complain that Microsoft is being anti-competitve with their added value programs, and yet you admit that you use a competing operating system? Sounds like the market is working after all...
In my opinion, the main thing following from the words of Microsoft specialists in the blog, is not the change of name but the fact that the software giant, I think, is about to do the same thing it once did in the browser sector.
"The engine is now moved to a system service ..." means that anti-malware (anti-virus) solution will be built-in in the next Windows. Why I call it anti-virus? Because like some time before the word "virus" was used for almost ALL malicious programs, now they are trying to call them "spyware". Anyone can see it in the Anti-Spyware Coalition site's chapter Examples of Spyware and Potentially Unwanted Technologies (http://www.antispywarecoalition.org/documents/def initions.htm).
Here is another quote from the Microsoft Anti-Malware Engineering Team blog: "The detection mechanisms have also been radically improved by applying to spyware threats all the great detection technology we use in our antivirus engine."
There can be no doubt that Windows Vista is going to incorporate the feature we would usually call anti-virus. Is this "system service" going to be charged or free? This is the question I am worried about.
welcome to the real world!
Really? are you planning on visiting anytime soon?
A busted window, while quite the nice irony, has no bearing here. If Ford released a car that *any* key would open and start then you'd have a comparison.
First Point - now, that 'free' system to stop people from exploiting a basic security flaw would be a realistic comparison. And since they built the flawed system, selling or giving away free something others sell to fix THEIR flawed system is very thin legal ice. Fix the Flaw, fine, but not sell a fix for your lack of quality.
Second Point - every hear of Internet Explorer? They put in free but WON'T LET ME swap it out. And on top of that it's amazingly insecure.
Third Point - this is why I can't shoot people like you, the free market DOES need some controls and safety valves to function properly. Otherwise, there's no reason I can't go blow up my competitors facilities...I mean, it's just extreme economic competition isn't it? Your point is even more ridiculous in that Microsoft only GOT to be so big and powerful by being an illegal monopolist.
Sheesh
People in cars cause accidents....accidents in cars cause people
Spyware basically is malware takes advantage of a poorly architected Windows environment.
That's just plain wrong. I'm a Linux user and I'm no Microsoft fan but to be fair, spyware isn't Microsoft's fault. If a malicious programmer wants to write a program to say, monitor your keystrokes, or send your computer ads, and a user willingly installs it, there's really nothing Microsoft can do to stop it short of prohibiting the user from running any and all programs.
First, Microsoft is announcing this anti-spyware will be free. I'm wondering how could they charge for it? Spyware basically is malware takes advantage of a poorly architected Windows environment, n'est-ce pas? I would think it unseemly to manufacture a product that has deficiencies, then sell a product to protect against those deficiencies. (Oh, you want air in those tires? We have an addon, called valve-stems which, for now, we're offering for free.)
.bashrc? Or your GNOME session?
No, it isn't. While Spyware has used "drive-by-downloads" and other Windows flaws to install itself in the past, today's spyware is almost universally bundled with software that the user downloads and installs. Web toolbars, screensavers, background utilities, file sharing products, and other shareware is frequently loaded with spyware.
Spyware can be written for any platform. What's to stop spware from modifying your
Add to that the fact that most software is installed as root, and there is no limit to the damage that spyware-infected software could do. Even your Kernel and bootloader aren't safe.
Spyware is a problem that can affect any platform. While some spyware is undoubtably based on Windows flaws, spyware bundled with software can affect any platform.
Besides trolling, you don't seem to care anything about the discussion. Yes, the GP poster has a point. But you don't contribute anything to the discussion, you just take parts of the GP argument and turn them into a horrible straw man.
The next time you're sarcastic, please try to make a point of it. I admire the Windows user interface (well, most of it - some things i can't stand, like that stupid online registration), it's just that their security COMPLETELY SUCKS and their closed source + monopoly just makes things worse and very hard to maintain.
It's microsoft's fault their crappy OS is so open to spyware (*cough* IE, ActiveX, poor security scheme, services enabled by default, etc. etc), so, yes, MS should PAY to keep the OS we spent $200 on, clean. IMO Microsoft should pay us so we can purchase *ANY* antispyware, not necessarily theirs.
Of course alternatively, you could build the OS so that spyware can't install itself silently and start phoning home.
Do not make the mistake of believing that your platform is immune.
Spyware works on any platform because users are stupid. Almost any user will gladly reveal their administrator password if promised "free screensavers". At that point, all of the access control in the world won't help you.
No operating system that allows the user to take control of their system is immune from spyware. There are always users who will give spyware whatever permissions it needs to install.
why doesn't Microsoft start from scratch and make a secure, stable OS?
They've already done that once when they started the plan to move everyone from '9x to an OS in the NT family. Look how well that worked.
On the other hand, remember that Apple includes iLife with MacOS. Bit unfair to prevent MS from including *anything* with the OS.
A final point would be that I ran my computer for six months this year with XP SP2 and a permanent internet connection. I had no antispyware software installed. When I finally remembered, both Microsoft AntiSpyware and Ad-Aware came up blank.
'Spose I should point out that I've been using FireFox.
PocketGamer.org - For the gamer on the go!
The presence of those APIs doesn't matter. They'll just write code that sits at a lower layer (ie: a driver) if a higher level API is unavailable.
We're not speaking about virus but spywares.
...) ...this won't stop all spywares. Only a tiny fraction.
...will hardly help. Educated users may use this to detect and stop spywares. But most joe 6-packer will either start complaining on online supports because they can't connect to WoW any more, or "OK-clic-thru" without thinking everytime a pop-up shows up and grant internet access even to spywares.
...will never work. IE was supposed to work like that, but there are many certificate from thrusted source that have been granted to weird companies (I've read that a malware maker even managed to have a certificate with "Microsoft in it's name"). And on the other hand plenty of legitimate software cannot afford to be signed (mostly open source software).
...won't work. Do you really think you can explain to Joe 6-pack the difference between "www.coolwarez.com" and "sourceforge.net" ?!?!?
...although it exists in some small ways (FireFox and Java uses such sandboxed design to limit access rights to online applications, even if those applet are run from the users account. Passwords wallets like KdeWallet or Palm Keyring ask user permission before transmition passwords, ...) a complete OS redesign is very unlikely. Just look how many times Microsoft has tried to even change the file system (WinFS) or some other component and hasn't fulfilled promise. Do you really think they'll redesign an OS from scratch ?
- Virus are maliciouse software that exploits bugs to enter into your computer (without the user knowing it or even without the user doing whatever), then try to gain full control over the PC (gaining root access. Which is easier in crappy OS that run at administrator privilege), then propagate by sending themself over the network (and abusing further bugs on these computers).
- Spyware are softwares that come *with* some other installer, and being installed following user interaction (he willingly started an installation. He just may not be aware of *all* software he's installing because he didn't read the EULA or the spyware isn't mentionned in the EULA). Then the software starts invading privacy and gathering info (most of which, like browsing history, is naturally accessible by the user-level access with which the user is running his applications - including the spywares he installed). The software calls home (using normal privileges the user has).
Bug fixing is mostly against virus and script kiddies. It'll patch holes that can be abused.
Spyware on the other hand is about the user running trash software.
Maybe there is some spyware which uses bugs or bad designs (admin-level by default) to gatter even more data (using a key logger). But even a bug free system could run spywares as long as the users isn't well educated enough to install them.
You can even design spywares on Linux ! If some moron is dumb enough to install binary software from shady sources (instead of : a. installing binary package that came with his distribution CD like a normal user, b. compiling tarbals from signed and trusted sources like a normal geek), this software could read the user-readable history files and send them over internet.
The only things one can fix an OS against spyware are :
- Fixing bugs to avoid the admin-rights-abusing spywares (keylogger,
- Starting some white-list based scanner/firewall, to limit which software can connect to internet (ZoneAlarm should grant internet access to your favorite MMORPG, not to your "display naked dancer" screen-saver/winamp plugins)
- Trusted computing : only legitimate software should be signed.
In short : permission is likely to be granted to the wrong wares.
- User education.
- Redesign the OS completly from scratch to create a system that enables programms to store sensitive data in a private isolated from other process way (in other words, access to data depends both on running user profile & software profile).
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]