Slashdot Mirror
Microsoft Discusses Anti-Spyware Plans
LaughingCoder writes "Microsoft has announced their plans for the (currently free) AntiSpyware application, which is now in Beta. It is currently slotted to be bundled with Windows Vista. The end-user has the option of switching it out and using a different vendor's spyware protection if they want." From the article: "Microsoft gave an official name to its software for protecting computer users against spyware. The software, which has been known as Windows AntiSpyware Beta 1, will be called Windows Defender when the finished version becomes available next year, a Microsoft spokesperson said Tuesday. A posting on Microsoft's TechNet Web blog announced the change on Friday and also revealed some details about capabilities coming to the software. The current version of Windows AntiSpyware Beta 1 has 18 million users, the spokesperson said. "
Okay, a couple of thoughts:
And I know some claim this isn't Microsoft's fault that spyware happens, but it really mostly is. They designed Windows to be as easy and automatic to use as possible, which really is the gateway for much of the malware wreaking computer havoc.
If I were a anti-spyware vendor, I'd be pissed. (Unless I was the one Microsoft bought out.)
Of course alternatively, you could build the OS so that spyware can't install itself silently and start phoning home. Or would that be an anti-trust issue for Microsoft these days, if it put all the anti-spyware/virus companies out of business???
Drag n' Drop DVD Recommendations
This may come off as a crazy question but why would Vista need anti-spyware?
Aren't they gonna implement a secure user-privilege levels?
Even if someone does mess up their own home directory, they won't be able to touch system files?
So theoretically one could log in as an admin and easily remove the unwanted warez.
Or is Vista going to be more of the same when it comes to file permissions?
If you don't know what AltaVista is (was), get off my lawn.
The end-user has the option of switching it out and using a different vendor's spyware protection if they want.
Kind of like how XP SP2 didn't recognize Norton Anti-Virus as a anti-virus software and warned you that you didn't have any anti-virus software installed? Symantec had a patch that disabled this warning right after XP SP2 came out.
Bradley Holt
Making the engineering change from "Windows AntiSpyware" to "Windows Defender" took a lot of careful coordination across our team to ensure that the strings in the UI got changed, the help files all got updated, registry keys, file names and properties, as well as a couple of images all got changed.
You keep using that word. I do not think it means what you think it means.
I want to drag this out as long as possible. Bring me my protractor.
Somehow I think they will involve a wheelbarrow and a holocaust cloak....
I've become fed up with the anti spyware programs...
...
I've had Adaware detect things Spybot doesn't, Spybot detect things Adaware doesn't detect, MS's program detect things Spybot doesn't detect, etc etc etc...
My usual course of action to thoroughly cleanse a system is to boot to safe mode, run adaware > spybot > MS antispyware > HijackThis
My question is... will there ever be a program that can detect it all? Becuase so far, I haven't found one.
But can you trust Microsoft anymore with stopping spyware from installing on your computer? Have they added protection from Sony's rootkit? What will they do with Claria/Gator/GAIN spyware technology that they now have access to?
Microsoft might remove spyware apps that break Windos, but is their goal to really remove anything that can spy on you, this being the company that's introduced Microsoft Genuine Advantage?
Saskboy's blog is good. 9 out of 10 dentists agree.
don't hook keyboard messages.
It will probably break alot of code, but one kind of spyware instantly disappears.
Also, global CBT hooks are probably a bad idea to have around (who uses them for CBT purposes anyway? THAT concept has long since vanished and the things were hacked into a plethora of other uses).
I am very small, utmostly microscopic.
Back in the day, Ford was willing to sell you a Ford fire extinguisher to go with your Pinto.
No folly is more costly than the folly of intolerant idealism. - Winston Churchill
I thought the software title Defender was already taken.
"Rocky Rococo, at your cervix!"
It is possibly the first anti-spyware program to use a joystick. Malicious executables appear as little moon landers and you have to shoot them before they can abduct your good files. I actually look forward to getting infected with spyware, but my thumbs start to hurt after a time.
The only potential conflict of interest I see is if MS charges for the software. As long as it is free its a GREAT addition to Windows.
However, it would be horable for our economy. As they start to give away anti-virus/spy-ware software, that eliminates a multibillion dollar industry. That is a problem, but not MS's problem. Its a free market issue, and the market will adjust.
As far as it being- an anti-trust issue, I don't believe it is. This is a tool that fixes/protects against exploits in their software. They aren't adding a product from an unrelated market (e.g. web browser or media player). This is a logical step, similar to service packs and updates. The fact is if they didn't offer updates, a company would emerge that patches windows, just like the virus industry emerged.
All in all I tihnk this is a good thing for windows users. I think the anti-ms crowd is going to throw a fit, and wrongfully claim abuse of monopoly, but what can ya do? MS is making the correct decision to include it in Vista. If they charge extra for it, or turn it into a paid subscription service, that is an entirely new issue. That would be a conflict of issue, and morally wrong, maybe not legally, but it would hurt their business.
Security:
Ring 0: kernel level
Ring 1: apps level
Ring 2: user level
There's no excuse for outsiders having install level capabilities on any OS.
Show me where the parent mentioned Linux. Seems like the truth stung a little too much and your knee jerked.
"Gold still represents the ultimate form of payment in the world." - Alan Greenspan, 1999
but couldn't they make money from the companies inserting the spyware? If you pay M$, then Windows Defender will classify your program as non-spyware and allow you to keep collecting information.
/. bug #926803 - Why I can post.
I just tried to update my spyware definitions through Microsoft AntiSpyware. I got an error message: "Could not connect to the internet."
Somehow Slashdot has no problem, however.
But all joking aside there's a problem affecting every security measure Microsoft has established: If there is any hole in this system (by definition there are at least several) it will likely be exploited and since the vast majority of Vista users will rely on this software we'll end up with another massive breakdown. That's just what happens if everyone relies on the same software vendor for the OS, browser, mail-client, anti-spyware...
I don't read replies by ACs.
It seems someone else was using "Windows Defender" until MS sent in their lawyers. Tucked into the agreement was a line making the prior owner give all rights to the "Defender" name to MS. Two weeks later, MS announces the new name.
Two wrongs don't make a right, but three lefts do.
The mere fact that MS feels the need to include anti-spyware software is because they FIXED NOTHING. It's NT 6, XP repackaged with a snazzy GUI. Rather than find some way to prevent worms, virii, and other malware from getting in, they will be providing 'tools' to fix the OS on an ongoing basis? Sounds like MS users will still be spending countless hours scanning, fixing, restarting...
A people that values its privileges above its principles soon loses both. Dwight D. Eisenhower
That tool shoudn't have "bug"'d you anyway. A new version of the "Malicious Software Removal Tool" you speak of is installed and run by Windows Update periodically (monthly?) to simply check once for Blaster and other viruses (not necessarily spyware, and vice versa, I'm sure). That just runs once, and silently, after it's downloaded and installed; it shouldn't bug you.
The article refers to Microsoft Windows AntiSpyware, a different tool (and not among the "Windows Update"s). It usually shows an icon in the taskbar and (when that is clicked or tabbed to+ENTER pressed on) a window from which you can scan the PC, update said AntiSpyware, etc.
The "anti spyware crap of theirs" you mention is not the subject of TFA.
You can hold down the "B" button for continuous firing.
Sigh. Does anyone else see the irony in having the maker of the OS release an anti-malware program that runs in user space?
So you complain that Microsoft is being anti-competitve with their added value programs, and yet you admit that you use a competing operating system? Sounds like the market is working after all...
In my opinion, the main thing following from the words of Microsoft specialists in the blog, is not the change of name but the fact that the software giant, I think, is about to do the same thing it once did in the browser sector.
"The engine is now moved to a system service ..." means that anti-malware (anti-virus) solution will be built-in in the next Windows. Why I call it anti-virus? Because like some time before the word "virus" was used for almost ALL malicious programs, now they are trying to call them "spyware". Anyone can see it in the Anti-Spyware Coalition site's chapter Examples of Spyware and Potentially Unwanted Technologies (http://www.antispywarecoalition.org/documents/def initions.htm).
Here is another quote from the Microsoft Anti-Malware Engineering Team blog: "The detection mechanisms have also been radically improved by applying to spyware threats all the great detection technology we use in our antivirus engine."
There can be no doubt that Windows Vista is going to incorporate the feature we would usually call anti-virus. Is this "system service" going to be charged or free? This is the question I am worried about.
Ships have bilge pumps because there are just so many ways a leak can start. In fact, back in the day of wooden ships it was not unknown for the Dutch to fit old ships with wind powered bilge pumps and just keep them pumping so they could be used beyond the normal lease of life. The analogy is not exact, but it is common for any very complex system to have continuous maintenance needs that in theory could be avoided. I'm not justifying MS, just pointing out that your analogy would lead to MS building in the equivalent of automatic bilge pumps, fire extinguishers and smoke alarms, just like you have to have on a ship. Which seems to be what they are at last doing.
Pining for the fjords
Besides trolling, you don't seem to care anything about the discussion. Yes, the GP poster has a point. But you don't contribute anything to the discussion, you just take parts of the GP argument and turn them into a horrible straw man.
The next time you're sarcastic, please try to make a point of it. I admire the Windows user interface (well, most of it - some things i can't stand, like that stupid online registration), it's just that their security COMPLETELY SUCKS and their closed source + monopoly just makes things worse and very hard to maintain.
It's microsoft's fault their crappy OS is so open to spyware (*cough* IE, ActiveX, poor security scheme, services enabled by default, etc. etc), so, yes, MS should PAY to keep the OS we spent $200 on, clean. IMO Microsoft should pay us so we can purchase *ANY* antispyware, not necessarily theirs.
I went around work installing the program when it first came out, despite setting restrictive rights and other such software on the computers (before I came on, many of the users had admin access when they didn't need it, mainly because some of the software they had purchased was worth shit, and the guy before me didn't want to bother setting things up correctly.)
While Microsoft AntiSpyware wasn't a catch-all (neither were the other two programs I used in conjunction with it,) it worked out well. Whereas Ad-aware would give you a long listing of individual files with sometimes-useful information if you double clicked on an item, MAS would list the various programs (clumping the files together) and give a threat level, the main things they do (both good and bad) and a few other small tidbits. It's enough information that a regular user would be able to figure out what to do without being overwhelmed.
I have it on my own Windows machines (though I almost never have to run it myself.)
However, as has been pointed out, this shouldn't be shipping with Vista. With Linux coming to the forelight, and Macs becoming cheaper, Microsoft should know that they can't do the "There are only 1000 holes instead of 5000, it will be fine" thing they've loved to do in the past. Vista should be secure enough to not need this kind of thing, or it just shows that Microsoft would prefer to pretty up the OS some more and give us the same crap in a different box for another $300 than to actually strive ahead.
Then again, that's nothing new.
why doesn't Microsoft start from scratch and make a secure, stable OS?
They've already done that once when they started the plan to move everyone from '9x to an OS in the NT family. Look how well that worked.
Yes indeed. The brothel should provide condoms, not antibiotics for it's customers.
"...we should just trust our president in every decision that he makes and we should just support that." B.Spears 2003
from today, Linux worm: http://linux.slashdot.org/linux/05/11/08/140203.sh tml?tid=220&tid=106
and of course, rootkits don't exist for Linux, oh no:
http://la-samhna.de/library/rootkits/list.html
MS are trying to do something about security, Vista will not stick you straight in as admin.
Shame you /. types can't see passed the end of your biggoted noses. I love Linux, and I stroke my OpenBSD box goodnight, but come on Bill is not the anti christ, XP/VS/SQL/Exchange are all fine products, not everything MS does sucks or made out of spite, they really are trying to make improvements with each iteration.
Stop the madness pls, it doesn't do "the cause" any good if you all act like spoilt children.
At least Vista will tell you that you have a rootkit installed, will your Linux distribution do this out of the box? Exactly.
We're not speaking about virus but spywares.
...) ...this won't stop all spywares. Only a tiny fraction.
...will hardly help. Educated users may use this to detect and stop spywares. But most joe 6-packer will either start complaining on online supports because they can't connect to WoW any more, or "OK-clic-thru" without thinking everytime a pop-up shows up and grant internet access even to spywares.
...will never work. IE was supposed to work like that, but there are many certificate from thrusted source that have been granted to weird companies (I've read that a malware maker even managed to have a certificate with "Microsoft in it's name"). And on the other hand plenty of legitimate software cannot afford to be signed (mostly open source software).
...won't work. Do you really think you can explain to Joe 6-pack the difference between "www.coolwarez.com" and "sourceforge.net" ?!?!?
...although it exists in some small ways (FireFox and Java uses such sandboxed design to limit access rights to online applications, even if those applet are run from the users account. Passwords wallets like KdeWallet or Palm Keyring ask user permission before transmition passwords, ...) a complete OS redesign is very unlikely. Just look how many times Microsoft has tried to even change the file system (WinFS) or some other component and hasn't fulfilled promise. Do you really think they'll redesign an OS from scratch ?
- Virus are maliciouse software that exploits bugs to enter into your computer (without the user knowing it or even without the user doing whatever), then try to gain full control over the PC (gaining root access. Which is easier in crappy OS that run at administrator privilege), then propagate by sending themself over the network (and abusing further bugs on these computers).
- Spyware are softwares that come *with* some other installer, and being installed following user interaction (he willingly started an installation. He just may not be aware of *all* software he's installing because he didn't read the EULA or the spyware isn't mentionned in the EULA). Then the software starts invading privacy and gathering info (most of which, like browsing history, is naturally accessible by the user-level access with which the user is running his applications - including the spywares he installed). The software calls home (using normal privileges the user has).
Bug fixing is mostly against virus and script kiddies. It'll patch holes that can be abused.
Spyware on the other hand is about the user running trash software.
Maybe there is some spyware which uses bugs or bad designs (admin-level by default) to gatter even more data (using a key logger). But even a bug free system could run spywares as long as the users isn't well educated enough to install them.
You can even design spywares on Linux ! If some moron is dumb enough to install binary software from shady sources (instead of : a. installing binary package that came with his distribution CD like a normal user, b. compiling tarbals from signed and trusted sources like a normal geek), this software could read the user-readable history files and send them over internet.
The only things one can fix an OS against spyware are :
- Fixing bugs to avoid the admin-rights-abusing spywares (keylogger,
- Starting some white-list based scanner/firewall, to limit which software can connect to internet (ZoneAlarm should grant internet access to your favorite MMORPG, not to your "display naked dancer" screen-saver/winamp plugins)
- Trusted computing : only legitimate software should be signed.
In short : permission is likely to be granted to the wrong wares.
- User education.
- Redesign the OS completly from scratch to create a system that enables programms to store sensitive data in a private isolated from other process way (in other words, access to data depends both on running user profile & software profile).
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]