- Messages
- 78,790
- Reaction score
- 43,736
Can You Trust Your Spyware Protection?
Andrew Brandt Tue May 31, 4:00 AM ET
The next time you run a scan with your anti-spyware tool, it might miss some programs. Several anti-spyware firms, including Aluria, Lavasoft, and PestPatrol, have quietly stopped detecting adware from companies like Claria and WhenU--a process called delisting. Those adware companies have been petitioning anti-spyware firms to delist their software; other companies have resorted to sending cease-and-desist letters that threaten legal action.
In most cases it's difficult for customers to determine whether their anti-spyware tool has delisted anything and, if so, which adware it skips.
"When a spyware program gets delisted, users won't be aware of its presence," says Harvard law student and spyware researcher Ben Edelman. The practice, he says, "offers spyware makers a new lease on life, letting them keep users who otherwise would have removed their software."
Degrees of Spyware
Of course, some spyware apps are worse than others. One spyware program may make severe changes to your computer's settings, while another merely displays ads.
Claria and WhenU are making the case that their adware programs don't resort to illegal tactics, such as exploiting security holes, to install themselves. And though this software can be annoying, adware developers argue that merely being listed in an anti-spyware scanner's database tarnishes a company's reputation by linking its relatively benign adware application with far more harmful and intrusive spyware programs.
According to Avi Naider of WhenU, though some other adware companies will track your Web meanderings and sell that data, WhenU's privacy policy doesn't permit it to track the search queries that users type or the Web pages that they browse.
Each anti-spyware firm uses its own set of criteria to decide whether to remove or detect a file or Registry key related to spyware. Usually even a few bad behaviors suffice to red-tag a file as spyware or adware.
Peter Mackow of PCTools, maker of the Spyware Doctor anti-spyware program, says that his company won't publish the entire list of its criteria for fear that spyware companies will use the information to design a spyware application that skirts every rule. That is a position shared by many others who fight spyware.
"The spyware guys want a really rigid set of rules defining spyware so they can then make an end run around [all of them]," says Eric L. Howes, who tracks the spyware business for Spywarewarrior.com and consults for anti-spyware software companies.
Experts recommend that you employ two--or even three--anti-spyware tools. The more you use, the likelier they are to counter the individual biases of each anti-spyware company.
To Delist or Not
It's unfair to permanently blacklist a company based on its past behavior, so some delisting is inevitable. But delisting an adware application is a dangerous proposition for anti-spyware developers. In the past, some spyware and adware makers have changed their software enough to get delisted only to resume the activity that got them flagged in the first place.
As a result, the anti-spyware industry has developed a thick skin. Delisting is rare because, Edelman says, anti-spyware firms "stand up to strongly worded demand letters."
Adware companies also decry the word spyware itself as inherently negative, so some anti-spyware firms have tried to create terms that mean essentially the same thing, using more-neutral language: grayware, potentially unwanted programs, or potentially unwanted software. But Webroot's CEO David Moll argues that matters could get more confusing if the anti-spyware companies try to refer to spyware by other names, just when many people are beginning to understand what spyware can do.
http://news.yahoo.com/news?tmpl=story&u=/pcworld/20050531/tc_pcworld/120914
Andrew Brandt Tue May 31, 4:00 AM ET
The next time you run a scan with your anti-spyware tool, it might miss some programs. Several anti-spyware firms, including Aluria, Lavasoft, and PestPatrol, have quietly stopped detecting adware from companies like Claria and WhenU--a process called delisting. Those adware companies have been petitioning anti-spyware firms to delist their software; other companies have resorted to sending cease-and-desist letters that threaten legal action.
In most cases it's difficult for customers to determine whether their anti-spyware tool has delisted anything and, if so, which adware it skips.
"When a spyware program gets delisted, users won't be aware of its presence," says Harvard law student and spyware researcher Ben Edelman. The practice, he says, "offers spyware makers a new lease on life, letting them keep users who otherwise would have removed their software."
Degrees of Spyware
Of course, some spyware apps are worse than others. One spyware program may make severe changes to your computer's settings, while another merely displays ads.
Claria and WhenU are making the case that their adware programs don't resort to illegal tactics, such as exploiting security holes, to install themselves. And though this software can be annoying, adware developers argue that merely being listed in an anti-spyware scanner's database tarnishes a company's reputation by linking its relatively benign adware application with far more harmful and intrusive spyware programs.
According to Avi Naider of WhenU, though some other adware companies will track your Web meanderings and sell that data, WhenU's privacy policy doesn't permit it to track the search queries that users type or the Web pages that they browse.
Each anti-spyware firm uses its own set of criteria to decide whether to remove or detect a file or Registry key related to spyware. Usually even a few bad behaviors suffice to red-tag a file as spyware or adware.
Peter Mackow of PCTools, maker of the Spyware Doctor anti-spyware program, says that his company won't publish the entire list of its criteria for fear that spyware companies will use the information to design a spyware application that skirts every rule. That is a position shared by many others who fight spyware.
"The spyware guys want a really rigid set of rules defining spyware so they can then make an end run around [all of them]," says Eric L. Howes, who tracks the spyware business for Spywarewarrior.com and consults for anti-spyware software companies.
Experts recommend that you employ two--or even three--anti-spyware tools. The more you use, the likelier they are to counter the individual biases of each anti-spyware company.
To Delist or Not
It's unfair to permanently blacklist a company based on its past behavior, so some delisting is inevitable. But delisting an adware application is a dangerous proposition for anti-spyware developers. In the past, some spyware and adware makers have changed their software enough to get delisted only to resume the activity that got them flagged in the first place.
As a result, the anti-spyware industry has developed a thick skin. Delisting is rare because, Edelman says, anti-spyware firms "stand up to strongly worded demand letters."
Adware companies also decry the word spyware itself as inherently negative, so some anti-spyware firms have tried to create terms that mean essentially the same thing, using more-neutral language: grayware, potentially unwanted programs, or potentially unwanted software. But Webroot's CEO David Moll argues that matters could get more confusing if the anti-spyware companies try to refer to spyware by other names, just when many people are beginning to understand what spyware can do.
http://news.yahoo.com/news?tmpl=story&u=/pcworld/20050531/tc_pcworld/120914