Slashdot Mirror
Anti-Spyware Guidelines Get Final Version
Ant wrote to mention a C|Net article reporting an agreement by The Anti-Spyware Coalition on some standard methods for identifying and combating spyware. From the article: "The Anti-Spyware Coalition, whose members include Microsoft, Symantec, Computer Associates, McAfee, AOL and Yahoo, said on Thursday that it has finalized its spyware detection guidelines. The final version takes into account public comments on a proposed version introduced in October ... The Anti-Spyware Coalition's guidelines, or risk model description, aim to provide a common way to classify spyware, based on risks a piece of software poses to consumers. They also suggest ways to handle software, based on those risk levels."
I would say it is a hidden program that transmits your personal data that you neither want or need, yet the company who makes it wants it to secretly further their own interests and profit.
'Don't be evil' would apply here.
He who knows best knows how little he knows. - Thomas Jefferson
The very fact that Symantec is in the group means they are just a sham. Symantec's Norton Antivirus classifies Spybot S&D as a virus (HUH?). Then, when they were forced to admit it wasn't, the excuse becamse "Norton Ghost won't work if Spybot S&D is installed" (HUH?). Just the usual tactic to push competitors (especially free competitors) out of the market.
Is spyware still a 'big issue' these days?
I bought a shiney new laptop in September last year. Yesterday I finally downloaded MS AntiSpyware and ran it *for the first time*.
For the last 4 months or so, I've been casually browsing the internet, downloading at a whim etc, and all I've had between me and 'the bad guys' is:
- Service Pack 2 which came pre-installed,
- Symantec AntiVirus,
- D-Link router.
In these 4 months I've had
- no viruses *successfully* installed,
- no spyware installed,
- no browser hijacking/adware/whatever.
I'm using the computer with an Administrator account, and all the update/security settings are what XP recommended the first time I turned it on.
So I'm out and about browsing all over the web for the last 4 months and nothing's "got me". Who is still being "got" by spyware? The ones with bootleg XP's that can't install SP2?
In a literal arms-race, you are correct. The wealthier, more committed side will usually win, but things are slightly different if you consider the virus-immune system combat. The viruses can't win, because that would kill off their prey, but the prey can't defeat the viruses because ... well, because they can't. Evolution provides viruses with such a comprehensive ability to search vulnerability space that they can't be defeated without removing all vulnerabilities, and no organism has been able to do that. One could argue that the larger organisms are wealthier (they control more calories and more minerals), but they still can't eliminate all vulnerabilities.
Virus authors may need to turn to evolutionary algorithms to create new versions...but there's nothing inherently difficult, or even implausible, about that. It's not something that you'd do in your spare time, but it's not breaking new ground, either. Alternatively, they could start allowing the viruses that they create to have a mutation rate (and simultaneously be more prolific). This could be quite dangerous, but people searching for economic advantage aren't know for being wise and weighing the delayed costs of their actions.
I think we've pushed this "anyone can grow up to be president" thing too far.
I came to the conclusion that this organisation is nothing more than a marketing arm of the corporations involved when I read their list of recommendations. If this body had any conscience whatsoever, the first item on the list would be:
Afterward, if the member corporations feel that they can make the case for their safety, more power to them. But to ignore this fundamental step is disingenuous and arguably deceptive.
Crumb's Corollary: Never bring a knife to a bun fight.