Re: Software Makers Fight Spyware Blacklist, Murky Definition

From: Joe Moore (munged_at_bad.example.com)
Date: 03/12/05

  • Next message: Mysteron: "Re: 169.254.0.0 and Zone Alarm"
    Date: Sat, 12 Mar 2005 16:11:57 GMT
    
    

    Martin <martin_nospam@btinternet.com> wrote:

    >MrPepper11 wrote:
    >
    >> In at least two cases AOL removed programs from its spyware list:
    >> SideStep Inc., a closely held online travel service that downloads a
    >> program onto users' computers, and market researcher comScore Networks
    >> Inc., which pays Internet users to place its software on their
    >> computers to track their online behavior.
    >
    >On a similar note, the Microsoft Beta tool highlights Real VNC as medium
    >risk because it can be used to take remote control of a PC. As far as I
    >know there isn't any malware in Real VNC and it's unjustified to
    >highlight it by an anti-spyware product.

    When you say that there isn't any malware in Real VNC, I think you're
    missing the point. Spyware detection should be based on the capability
    and behavior of the program, not the suspected motivation of the
    installer.

    If someone didn't know a program capable of allowing remote control of
    their PC was there, why not tell them? It's their computer. If they
    know the programs capabilities, and still want it there, fine.

    >I'd also suggest that it's up to the user to know what is on his/her PC
    >and remove that shouldn't be there, not to just blindly go and execute
    >every recomended action willy-nilly.

    Using anti-spyware computers is an automated attempt for the user to
    know what's on his computer and remove what shouldn't be there.

    And when the number of actions recommended exceeds a certain
    threshold, they will be executed willy-nilly. That is just human
    nature. People whose computers have become infested with junk due
    to their trusting of untrustworthy folks will decide to trust
    their antispyware program in the hope that they made the right
    decision this time.

    The problem is not one of definition. The problem is one of behavior.
    When good programs start acting like bad ones (auto-updates over the
    net without asking for instance), even with the purest of motivation,
    they have to expect to be classified as bad until proven otherwise.
    And by "proven" I mean a credible explanation of why the behavior is
    _necessary_ not just convenient for the programmers.

    joemooreaterolsdotcom


  • Next message: Mysteron: "Re: 169.254.0.0 and Zone Alarm"