Spyware: it’s just *everywhere*
Following on from my latest piece in The Independent, a few links to show that this is a really complex area.
First: some in-depth testing by Windows Secrets, which shows that Ad-Aware and SpyBot don’t get rid of everything. Far from it. Read about it here. And just consider, for a moment, its conclusions:
- Spyware and adware can prove quite difficult to remove, even for dedicated anti-spyware scanners. In the second and third group of tests, for example, one of the installed programs prevented the anti-spyware scanners from running on reboot, a common method used by anti-spyware scanners to remove stubborn spyware and adware that is currently in memory on a PC. As a result, some spyware and adware was not removed by the anti-spyware scanners during reboot that otherwise might have.
- No single anti-spyware scanner removes everything. Even the best-performing anti-spyware scanner in these tests missed fully one quarter of the “critical” files and Registry entries.
- It is better to use two or more anti-spyware scanners in combination, as one will often detect and remove things that others do not.
Wow, this is the sort of thing that I thought they made Wash’n'Go for. Take two anti-spyware applications onto the Net? I’ll just… hmm. Of course this test doesn’t include Microsoft’s anti-spyware beta, which you can download here.
Consider too Robert X Cringely’s gloomy prediction that Microsoft entering the anti-spyware market will cause plagues of boils and locusts, or similar. Here’s the key quote:
[For Microsoft] To sell an anti-virus (and/or anti-spyware) product, those pesky customers will probably have some expectation the products will work, will continue to work, and will be supported. When something bad happens, the customers will expect a quick and decisive response. Culturally, none of this is something Microsoft has done well. Historically, Microsoft has followed a “what you see is what you get” model, which in the world of data security, with 24/7 command centers and wall-sized video screens, won’t fly.
Although of course Microsoft isn’t presently going to sell its product - it’s going to give it away, but only for users of Windows XP SP2, which RXC deals with in a later column:
On further deliberation, I have to say that Microsoft’s entry into these businesses is far, far worse than anything I predicted. It is a disaster both for users and for the software industry.
(The Prozac definitely doesn’t work for Bob.)
Next, the full details of how Ed Bott really, really doesn’t like iDownload (and I suspect they don’t like him much). His posts are entitled iDownload: a case history in unethical marketing and iDownload: follow the money. Both very good, in-depth pieces showing how just one company acts in this field.
But the scary thing is that when it comes to spyware, there are dozens, perhaps hundreds of companies out there, writing it. And they’re trying their hardest to spread it around: see this post from the Sans Internet Storm Center, which notes that developers of above-board software are getting approaches to include spyware in their distributions. Egged on, of course, by some folding stuff, or royalties. (If you’re a developer and that’s happened to you, contact me.)
And just in case anyone doubts that spyware/adware is remarkably profitable, read this post by Sunbelt Software - which points out that Claria (formerly Gator) in 2003 had $90m in sales, of which $26m was operating income. That’s 28 per cent of sales - which is hefty. Normal businesses are happy with something around 10 per cent.
Where general security, like viruses, were last year’s big topic, spyware is definitely the one of the year so far; but it’s been getting really bad for about a year already. I doubt that’s going to change, because Microsoft is far more interested in selling more copies of XP SP2, and - it looks to me - increasingly uninterested in Longhorn.
- These posts might be related (the database thinks..):
- Hurricanes vs spam, spyware, and dark matter (22 September 2004; score: 38.26%)
- How Wi-Fi phones threaten 3G investment, the evil of the Coolwebsearch spyware, and the Moon mystery (17 November 2004; score: 34.68%)
- How does BT decide which order to upgrade its exchanges to broadband? (7 November 2004; score: 34.61%)
![[Valid RSS]](wp-includes/images/valid-rss.png "Validate my RSS feed"){kind=small}
March 2nd, 2005 at 12:17 pm
The key thing for me is this: the spyware industry is about preying on the innocent. Not everyone is clever enough (or even aware) to keep spyware off their PCs. It’s all going to get much, much worse.
March 2nd, 2005 at 12:26 pm
I had a nasty dose of the Spyware after hunting for guitar tablature. My experience is that once the registry gets infected it’s impossible to remove all of the infection using software, SpyBot was useless.
It took me the best part of a week to search through the registry removing hundreds of entries that were constantly downloading pop-ups, exe files, keystroke loggers etc.
In my mind ‘free’ anti-spyware and anti-adware software provides a false sense of security and actually does more harm than good. The golden rule is, the second you think you’re infected unplug the modem. Then use a registry analysis tool such as Hijack This to highlight ’suspect’ entries. Use another person’s machine to reference these entries in Google to see if they should be deleted and then very carefully set about cleaning up your PC.
March 2nd, 2005 at 2:20 pm
And here we are, Charlie boy, sitting pretty on Apple Macs! Makes you want to laugh, don’t it? How the hell do Window’s users manage to boot up without involuntarily vomiting?
March 2nd, 2005 at 5:30 pm
I’m just sitting here Mac-happy…
March 2nd, 2005 at 7:04 pm
But, is it coming for Mac OS X?
March 2nd, 2005 at 8:46 pm
Number 5. If the spyware companies think they can make a buck they will try on OS X too. But they have a huge problem. It is very hard to hide software on OS X. For Windows, it is trivially easy to put software in a location that no one will ever see.
On OS X, you can put software in only a few spots to run automatically. These locations are well known and most require a password for the install. So, spyware is definitely possible on OS X, but will the a**holes make money from it? It seems unlikely because of the nature of OS X security. You won’t even need a tool to remove it, just a simple description of where to look and how to delete it. If the spyware authors also make the same assessment, then you will see very little spyware on the Mac.
March 2nd, 2005 at 8:49 pm
Is it coming? NO! Keep in mind that nothing can install itself on the mac without the user being asked for their password. And since root user is by default turned off, and it takes quite a lot of effort to turn it on, I don’t forsee sypware hitting the mac anytime soon.
March 2nd, 2005 at 11:18 pm
MS Anti-Spyware was tested. Microsoft bought GIANT and have merely relabelled it.
March 2nd, 2005 at 11:49 pm
Number 7, unfortunately that isn’t strictly true. Most users run as “administrator”. This means that anything running from the users account can do things like install software into the /Applications directory without generating a password dialog. Also, there is nothing stopping any software running from any user’s local home directory. There are other places in the OS where the administrator has write access that does not require a password. I wish Apple would clean those up more but they have to make tradeoffs of usability vs. security. As far as I know, you can’t install something to run automatically without typing an administrator’s password though.
March 3rd, 2005 at 1:03 am
Just get a Mac, for chrissakes already……..
March 3rd, 2005 at 6:07 am
It’s quite the bit of Mac hubris to think that spyware or adware can’t find it’s way onto a Mac. How many of us just unthinkingly put in our adminstrator password for some cool little app? The programs asking for those passwords could easily install spyware or adware.
The one thing that seems hopeful is that OS X’s security architecture is fundamentally different from XP, so that should make the problem easier to deal with when it finally comes to OS X.
March 3rd, 2005 at 9:59 am
We’re going to see the whole email spam mess played out again. arms race, tech feuds, and all.
wg
January 29th, 2008 at 1:52 am
Mac. It works. It really does.
Once you’ve had Mac, you will never go back.