Microsoft Denies Claria got Spyware Exception 275
daria42 writes "Microsoft has denied its AntiSpyware application has given adware-maker Claria special treatment. The denial has been issued amid reports MS is looking to buy Claria, and is in response to security researchers' reports stating AntiSpyware had downgraded the threat level posed by Claria's adware products. The downgrade in threat level merely represented an effort to be "fair and consistent with how Windows AntiSpyware (Beta) handles similar software from other vendors," according to a statement published by Microsoft." As reader jfengel writes, though, "they neglected to mention what software that might be, nor did they publish the analysis."
Spy Sweeper too (Score:5, Interesting)
Let's hear it for conspiracies... (Score:2, Interesting)
Please take off your tin foil hats, guys!
One might say that Microsoft is primarily responsible for the entire spyware issue (although I suspect Firefox's track record would be worse, albeit better than IE, if it were as popular). But MS AntiSpyware is a fine piece of software, however. It's easy to use and does its work better than many of its competitors.
Re:More info and analysis (Score:5, Interesting)
Any attempt to incorporate software like Gator into Windows, or an attempt to allow software like Gator greater control...will mean I am no longer a card-carrying member of the fan club.
Seriously, I have spent way too much time cleaning that junk off of my daughter's computer. The MS anti-spyware program works well now, but if they disable it for their 'partners' it will royally suck.
And then I'll have to eat crow for quite a while.
Re:Ad-Aware (Score:4, Interesting)
What really annoys me (Score:5, Interesting)
The small print says they may not be actual spyware, but potentially dangerous items, most unknowledgable people will just remove them anyway, because it's the default option.
Re:Let's hear it for conspiracies... (Score:5, Interesting)
It's not a fine piece of software. It _was_ one and it has been intentionally made otherwise.
I'm keeping my tinfoil hat firmly on. Imagine if Ford bought the company that checks for defects in cars, and the next week all Ford defects were considered as desirable behavior. Imagine if Monsanto bought the company that decides whether Bovine Growth Hormone is bad for you, and the next week it was announced that BGH is just fine... actually, you don't really have to imagine that.
This is a tiny attempt to extend to the software industry what is already standard in the 'traditional' industries; the use of quality and safety regulating entities to discourage competition rather than to protect the consumer.
I _will_ say that I don't expect MS to be as evil about it as Monsanto et al for a good many years yet.
OSS spyware detection (Score:5, Interesting)
I manage a number of windows machines at the office and wit he recent declassification's without good explanation that has occurred in the sector i have lost all faith in most of the products
An OSS solution would be wonderful (hell i would rather switch the machines to linux , but that is not an option right now due to certain programs that are required by the company)
Commercial solutions always to me seem rather susceptible to legal action for the classification and or bribery.
Anyway you get spywares because you decide it (Score:2, Interesting)
Re:More info and analysis (Score:4, Interesting)
On the contrary, we should encourage them to integrate obnoxious adware into every aspect of the browser and OS. If that doesn't persuade the world to switch, nothing will.
Re:Wonderful (Score:5, Interesting)
You, sir, are entirely unfair!
Microsoft clearly said The downgrade in threat level merely represented an effort to be "fair and consistent with how Windows AntiSpyware (Beta) handles similar software from other vendors,"
It's entirely consistent. Microsoft has consistently held their software offerings to, ahem, an improved standard.
I mean, have you ever looked at how Microsoft's C++ compilers, um, pioneered their own standard, entirely different -- and, so long as you don't like correct exception handling, consistent RTTI, or the availability of a Standard library, entirely better -- from the ANSI/ISO standard. Or look at the, um, improvements to JavaScript and the browser DOM.
Or just look at the XML for Word docs. Ok, well absent a non-disclosure agreement you can't actually look at it, but trust Microsoft it's entirely consistently inconsistent with anything else out there.
How anyone can say Microsoft isn't being consistent in its approach I just don't understand at all.
So what they're really saying (Score:5, Interesting)
Re:Spy Sweeper too (Score:5, Interesting)
The needed mechanism is already in windows. All we need to do is find and distribute hashes of known spyware (software permissions policy, or something like that, it works by hash, filename, certificate, and maybe location). Windows will then simply refuse to execute (if it's an executable, or load it if it's a library or control).
Re:Don't let this put you off the product (Score:2, Interesting)
If you've got a spare machine that can handle a 2k/XP install, install either of those OS on the computer. Grab MS Anti-Spyware, Grab Ad-Aware, and Spybot S&D. Install all of them.
Let MS-AS be your default scanner/detector of on the fly spyware threat detection instead of Spybot. Now go find a webpage (or deliberately install thru some other program) the ISTsvc (Internet Search Toolbar) spyware. Now, run either ad-aware, or spybot, and try to remove it. Worked, right? Ooops, notice how MS just trusted a change to your computer? Okay, that's detcting spyware being removed. You should get another notification immediately afterwards showing that another change has been allowed within windows. Go to MS-AS security section, look up all the alerts you've gotten. Scroll down that list. Notice a trusted change by MS-AS allowing ISTsvc to reinstall itself on your computer?
Now, I admit I may not be totally correct. I have yet to do a vice-versa and allow Spybot S&D to be the on the fly detection program. But from what I've noticed, companies providing anti-spyware solutions seem to have incentive to sneakily allow some unwanted stuff on your computer; they eventually want you to pay for their full version of the program, which you'll hope will do the job even more thoroughly. They've set out a mousetrap in order to try to make more money off of you.
Blatant marketing lies and contradictions (Score:0, Interesting)
Good news, this means they will have to drop the Trusting Computing idea altogether... errr if this was truly an "effort to be fair and consistent "
Re:More info and analysis (Score:5, Interesting)
Some of his questions in the Ballmer interview:
* Why does Microsoft care about developers?
* Microsoft is a leader in transparency and blogging. Why did you allow blogging?
* Coming up with tough questions for you is hard. If you were in my position what tough questions would you ask Microsoft's CEO?
I'm sorry. That's a man brown-nosing just as hard as he can.
Chris Mattern
Re:Commercial programs (Score:5, Interesting)
Where is the Open Source anti-adware, anti-spyware stuff? I don't see a spyware removal tool for Linux. Oh
But the point is that all the Open Source software available for Windows is there by accident. It wasn't written for Windows, it just was ported to Windows from some unix variant. Nobody writes GPL software with Windows in mind -- it's just that some Windows user manages, with more or less effort, to persuade it to compile, and is obliged by the licence to make the source available. {If anybody persuaded BSD-licenced code to compile under Windows, they probably would keep it closed-source -- and maybe even disable some options in an effort to extort money out of users}.
My computer is my property, and I have the right to determine what software runs on it. Installing software without my explicit consent is at least trespass {which is a civil offence and grounds to sue} and may constitute criminal damage {which is a crime, so dial 999 and let the police deal with it}. These things were already offences long before computer-specific legislation was passed. The use of confusing language to persuade someone to install software may additionally constitute Burglary Artifice. If it's a Crown Court, then the odds are in your favour -- out of a jury of 12 people, how likely do you think it is that none or only one have experienced PC trouble due to spyware?
You know, I often wonder what would life have been like if, way back in early 1976, some members of the Homebrew Computer Club had dragged Bill Gates {the author of that letter [cryptnet.net]} into the gents' and given him a bloody good hiding. That has to be my second choice for an "if I could alter the course of history" fantasy.
fair about how other companies' software? (Score:3, Interesting)
This denial just proves once again MS' dishonesty towards customers, may they be corporate or individuals.
Why don't people act upon the fact that MS is just lying so blatantly? Oh sure, their lawyers are good, but lawyers can't do anything against massive boycott!
Action, to the streets dammit! Make piles of MS CDs to melt!
How they do that (Score:3, Interesting)
http://www.microsoft.com/athome/security/spyware/
This white paper provides an overview of the approach and criteria categories currently used by the Microsoft research team to analyze and classify software.
Re:A very simple explanation. (Score:3, Interesting)
Dude, I have sources. [gamesindustry.biz] It's not FUD, it's what Microsoft has been announcing all along. There are major architecture changes taking place (Video card and processor for example), and they won't be able to either emulate or embed the original XBOX hardware on the new XBOX.
To quote the article linked above:
On the flip side:
Here's the deal, MS will be recompiling a lot of games to run on the new hardware. Why they expect this to work without any problems I don't know. They're switching processors for crying out loud. How do they plan to get these recompiled games out to customers without charging them for a new copy, they haven't said. They've made a lot of promises about things just "working" but the fact that at the very least a recompile is necessary means at the moment they're spewing a lot of vapor and marketing but not any substance.
Re:Ad-Aware (Score:5, Interesting)
Interesting comment, which reminded me of a story:
I once worked for a bank, where there was a computer that processed all electronic banking files. The majority of the programs on this computer were written by a guy I worked with. This guy considered himself a programming god, while I thought he was below average.
Now, one of the quite critical programs that ran on this computer was in the habit of crashing occasionally. The guy attributed this to an OS fluke, and instead of debugging the program and resolving the error, he wrote a program that simply checked whether the crashing program was running, and if it wasn't, would restart it.
Without our department knowing, the crashes increased in frequency. We didn't know this, because the crashing program was restarted all the time. Unfortunately, at a certain point in time the crashes occurred about every few seconds, and our system basically went down. I was part of the team that analysed and resolved the problem, and, of course, we found that it was a basic DESIGN flaw in the crashing program. I won't go into details, but basically, with some knowledge of file transfer protocols, this flaw would have been avoided.
Now, why is this story on topic? Because Windows is JUST like this crashing program, Microsoft is JUST like the guy who wrote the crashing program, and AntiSpam/AntiVirus/Firewalls are JUST like the program that restarted the crashing program.
What I expect to find, in the not-too-distant future, is that our Windows systems will simply stop running because the patch programs need all computing resources to keep Windows from going down. And the only way to resolve this, is a redesign. Which should be done by people who know how to design a good system, and not by a marketing company.
Re:Don't let this put you off the product (Score:3, Interesting)
I don't dispute that they're letting some things through, and that the decisions they make about what gets through aren't always in the end user's best interest.
I don't have a lot of experience with spyware, because I mostly run linux, and on windows I find that it's not too hard to avoid it in the first place. I'm not an expert. But the other day I had to clean off someone else's machine that was infect with the IBIS toolbar.
I couldn't get rid of it with spybot or ad-aware. They'd find a bunch of junk and clean it off, but you'd reboot and it would come back.
When I ran the MS tool, it found more than 500 files and registry entries for it, and it cleaned them off. When I rebooted, it didn't boot cleanly (missing files were being referenced in the registry), and I thought "oh no, here we go". Then I started to get pop up windows about things trying to make changes. It told me to rerun the scanner. I did, rebooted again, and it was clean.
This is speculative on my part, and I could be wrong -- so people, please don't yell at me too much if I am, I'm aware I'm on shaky ground here -- but I had the impression that the MS tool was tagging things as spyware *because* they were trying to change registry entries and hijack the browser.
In other words, they weren't just using a file name, or a signature of a file to tag something as spyware, they were looking at the behavior of the thing. If a process tries to do something nasty, they follow it back to the source, and nuke it.
If that's what it's doing (and again, I think, but don't know, that it is), it's a big innovation. It's a good way you to fight spyware that generates lots of random files with randomized data and random names to reinstall itself.
MS, for all of their flaws (and they have plenty, I don't want to be an apologist) has vast resources and a lot of smart people. Their tool lets people report back on infestations automatically. They can throw people at the problem and code for new problems almost as soon as they arise.
They understand the OS better than anyone, obviously, and can use that knowledge to track down the source of reinstalls more effectively than comparatively small outsider shops.
That doesn't take away from the negativity of their deals with the devil. That sucks, they shouldn't do it, and they're really shooting themselves in the foot over the long run by making those deals, because no one has a bigger stake in making windows solid and trustworthy than MS, and this crap really undermines that effort.
But if you have IBIS, and you need to get rid of it, their tool is terrific. If you have that problem, don't let the fact that they've decided to be deliberate bad at ISTsvc removal prevent you from using it for IBIS. That's really all that I'm saying.
Don't stop running spybot or ad-aware. But add the MS tool to your arsenal. It does a lot of good stuff.
I will try to run your expiriment so I can learn more about this... thanks for posting about it.
Think about it folks... (Score:3, Interesting)
Let me give you a hint.
NO!
So if they're going to make any statement about it at all, this is the one it will be. Anybody having trouble understanding this?
Re:What really annoys me (Score:3, Interesting)
At least MSNger Plus! doesn't automatically check the "Yes, install this" box for the adware, you'd have to ignore the warnings, then click "YES, INSTALL THIS" to get it. I use MSNger Plus! and don't have any spyware at all.
Re:Spy Sweeper too (Score:4, Interesting)
Well, a few years ago I worked in a lab that was developing video conferencing software. One of the guys had a cool tool that he liked to demo. He's ask you if your machine had a camera, and if so, what's the hostname or IP address. He'd type it into his program's "host" widget, and if it was a Windows machine, a few seconds later the view from the camera would appear on his screen. It didn't matter whether the camera was on or off; his program remotely turned it on. It also turned on the microphone, if there was one.
You can probably imagine the effect this had on a lot of users.
One fun thing was the people who would ask if there's anything that can be done about it. He would basically say "Well, I know how to remotely turn the camera off, if that's what you mean. But that doesn't do you a lot of good, because someone else can come along and just turn it back on, if they know what I know." He'd also say that his code only works with Windows machines; no other system that he knew of had the glaring security holes that allowed such remote access.
All this came out of a few guys' research into what it took to get their conferencing software running on Windows.
Dunno if it still works, though. It's been a few years.