Slashdot Mirror
Spy Sweeper, the Next Netscape?
GenieGenieGenie writes "AP is running a story about Webroot's Spy Sweeper, specifically about the competition it's facing from Vista's bundled anti-spyware. Webroot's CEO David Moll maintains that 'The taking of a second-best product in this space [i.e. Vista's Defender, f.k.a. AntiSpyware] is akin to locking half the doors in your house,' but others seem to think that if Moll doesn't want his company to become a second Netscape, it would 'ultimately [...] need to offer more than just an anti-spyware package.' The interesting issue here is whether this need for broadening the offer would be the case also for other leading companies subject to similar 'bundled-with' competition."
I mean, with the demise of Netscape we got much BETTER browsers, in the way of Mozilla and Firefox and Camino. An MPL'd spyware scanner for windows? I dont think it will have that wide of appeal though...
...And Open-Source the program. Think of the possibilities.
The taking of a second-best product in this space [i.e. Vista's Defender, f.k.a. AntiSpyware]
So, they're the bests and Vista Defender the 2? What about ad-aware, spybots...?
Also, who knew before about this "Spy Sweeper"?
Seriously.
Why can't MS just make an OS which isn't so prone to it?
If they somehow made Vista impervious (without a built in addon or tool) do you think people would be mad at them for killing the competition?
Microsoft steals the lucrative business of fixing Microsofts mistakes. Spyware manufacturers also make money off of Microsofts mistakes.
Just some food for thought.
Netscape was a competitor to a product Microsoft sold. Anti-spyware software is little more than a fix for Microsoft's crappy security model that's included in its OS and default browser. There's a big difference here.
Microsoft bundled IE and bullied PC makers into not putting Netscape on the desktop because it wanted to put Netscape out of business. That's a bad thing. On the other hand, Microsoft is bundling anti-spyware software into its new OS to protect its users from a) their own ineptidude, and b)the afore-mentioned crappy software that Microsoft themselves put in place.
Where Microsoft wanted to get into a new market (the browser application) by crushing Netscape, in this case they're just trying to band-aid their operating system's vulnerabilities to (hopefully) lower the amount of user frustration in the future.
I've been an IT guy for nine years, and I've always thanked Microsoft for releasing bad, buggy code. The anti-spyware folks should do the same, instead of being angry that Microsoft is finally trying to fix the problem.
Why would presence of spyware indicate a defect in the code?
If you don't know where you are going, you will wind up somewhere else.
But if can include both better and different services to appeal to customers, they will have a chance. Having a better product alone will not be enough though. Look how dominate IE still is even though it is pretty well known that Firefox is much better. Users just do not bother to care because they just dont know better.
A chance only though, my money is on Vista to begin with - Who knows what problems Vista will open up for other companies to try to fix.
Invexi - a Phoenix, AZ based web design and web development company.
You can't simply compare the anti-malware market to others.
With browsers, you want to be compatible. You have a self perpetuating cycle where your browser wants to be compatible to the pages where the page creators want to be compatible with your browser. Thus the widest used browser is the most compatible, and thus "the best" if you want to be able to view everything "well".
The same applies to media players, MP3 players and everything else where all sides involved want to be as compatible as possible.
In the anti-malware biz, it's exactly the other way. You do NOT want to be "compatible" with the malware.
Take a look at antivirus soft and the corresponding trojans, viruses etc. There is almost no trojan today that does NOT try to disable Kaspersky, McAffee, NOD etc. Trying to tear down the WinXP firewall is a given.
I bet my computer against an old ice cone that the FIRST thing that happens as soon as the Windows "Anti-Malware" comes out is that every trojan that could be disabled by it comes with some Anti-Anti-MS-Malware functions, just like they do now with Anti-WinXP Firewall functions.
In other words, there will always be a market for "small" Anti-Malware businesses. For the simple reason that, as odd as it may sound, they will have a higher chance to succeed. Simply by being neglected by the trojan writers.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Okay, I haven't been following the spyware world closely lately -- and it changes fast -- but IIRC, when MS bought the rights to this program from Giant, most of the reviews I had read put it as the best antispyware program on the market. Now granted, that is a very disputable claim, and I obviously offer no evidence to support it. Still, it seems like Webroot came the close second here, so they have a little more to worry about than Mr. Moll seems to display.
Genius is the art of making everyone think you know what you're talking about.
Um... if software can invasively monitor the Operating System without the user's knowledge, there's a flaw in the Operating System.
Trust MS for my net security? Not on their track record.
Um... If a user downloads a web browser, and the web browser sends everything he enters onto web pages to some spyware company, how is the operating system supposed to protect agains that? The only way is for it to maintain a list of signatures of previously identified malware and detect it. In other words, an anti-spyware facility.
And yet, Internet Explorer is an integrated and core application for the OS...you can't uninstall IE [on a Windows box]. Note the insane amount of time it takes to upgrade IE.
If history repeats itself, why can't we study the future?
Anti-spyware (and antivirus) software isn't protecting from defects in the code, it's protecting from defects in the user.
Just like it's "easy" to be a heart surgeon but "extremely difficult" to be a brain surgeon...
They weren't clamoring for MS to bundle an anti-spyware app. They were and still are clamoring for them to fix the security holes that allow so much malware in.
So... which OSes are you thinking of that aren't "flawed" ?
Not to mention, how is it a flaw in the first place ? How is the OS supposed to know that the monitoring *isn't* "without the user's knowledge" ?
Not only "wouldn't" I, but I don't.
I do, occasionally (maybe once every 6 months) run the online scanners over my PC. Thus far, no infection has ever been detected.
You would rely solely on your personal computing prowess to prevent and/or remove all infections?
I rely on common sense and the security facilities of my OS to avoid infection in the first place. In particular, I don't execute code I can't verify the source of, I don't run as a high-privilege user for day to day tasks and I filter inbound network connections to my computers.
I will also point out that these are the exact same procedures I follow on *all* the OSes I use.
If you say yes, first I'll call bullshit.
I don't really care what you "call". Ten years of Windows use without a single exploit from malicious code is enough evidence for me that my methods work the majority of the time.
Then I'll ask how you can expect this kind of tech savvy from your average user.
Most malware - or, more accurately, the vector it uses - doesn't require even the slightest level of "tech savviness" to identify. How many people, if someone knocked on their door and said they were from their bank, would hand over a blank cheque and signature specimen for "verification purposes" ? Compare that to how many are happy to hand over their banking usernames and passwords to email and web based banking scams.
One of the fundamental problem, IMHO, is many people are still working under the impression that stuff on the "internet" isn't "real", and that actions online can have genuine consequences out in the real world. My guess is they figure that since Word has an undo button, then everything else they do with the computer can be similarly easily "undone". Malware is going a long way towards rectifying this attitude (one of its few upsides).
Now, with all that said I certainly wouldn't recommend most people go without anti-virus and anti-spyware tools. Particularly since most "normal users", IME, are primarily using the internet for inherently high-risk behaviour (swapping software, documents and other data). However, the simple fact is that neither anti-spyware, nor anti-virus software, is there to protect the user from flaws in the OS (although it may do this as a side effect). It's there to protect the user from flaws in their behaviour. No level of OS security known can protect from the user deliberately executing malicious code.
(I use the word "flaws" here in the context of safe computing practices, not behaviour in general. I don't think for a second people *shouldn't* be doing the things they do with computers that typically lead to malware infection.)
Yes, in theory, a Linux system can be cleaned without reimaging it. Not practically though, and there's always the possibility you missed something. If a box is known to have been compromised, the only reasonable thing to do is reimage it to a known-good state.
Let's not forget programs like Kazaa, if it's even still around, which actually REQUIRE you to not only install, but keep the crapware on your system in order to run it.
Many programs don't alert you of any of the things they're installing. On, say, OS X, you'd get a security prompt if something tried to modify the system without your knowledge.
Defects in the operating system indeed.
Yes, indeed.
Of course, a lot of the nasty crap that gets on your computer without you DOING anything is generally on rathe questionable sites (e.g. Warez sites). This is thanks to lacking security in Internet Explorer, not the OS.
Internet Explorer is bundled with the OS and is tied to it. The lack of functional limited privilege accounts is also an OS flaw. All the little flaws in Windows build up to create a very tasty target for malware authors.
"Sufferin' succotash."
Netscape fell victim if an aging code base and poorly implemented standards support (next to none...).
Instead of making a quick series of patch fixing the standards support, speed and so on, they decided to drop everything and spend few years rewriting everything from scratch. Their first releases (Netscape 6, 6.2x, 7.x) were bloated, slow to start, slow to render, buggy and damn, they were ugly.
The company's been sold, resold, split, merged, reorganised and what not, and after so many years we got Firefox, which was able to compete again with its 1.0 release.
Was the inclusion of IE Windows important in this development of history? Certainly! However the fact IE4 was a significantly better browser than NS4 and all the crap NS did to themselves was what made the crucial difference.
(yes IE4 was better than NS4, it's hard to comprehend it today, when IE6 is the worst browser of the bunch, but back then the situation was pretty different)
No, it's not. The cost is hidden in the price of the OS.
This is what irritates me most about MS's offers (i. e. Windows Media Player and Internet Explorer). They have never been, never are, and will never be free. The cost is just hidden elsewhere. "Free" is just an illusion.
Adventure, Romance, MAD SCIENCE!