MSAS classifies Adware/Spyware. Why ?

Discussion in 'privacy general' started by ErikAlbert, Aug 22, 2005.

Thread Status:
Not open for further replies.
  1. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I have been thinking about the classification of malwares in MSAS and CounterSpy and those classifications are visualized by the "Threat Level Bar" in the window at this link :
    http://sunbeltblog.blogspot.com/2005/07/microsoft-sets-claria-to-ignore.html
    Keep in mind that analyzing and programming, to make that classification of adwares/spywares possible and visuable, must have been enormous work, because the number of adware/spyware is huge.
    CounterSpy isn't really my target, they just use the same engine as MSAS.

    Adware spies on us with commercial intentions. Spyware spies on us with criminal intentions.
    That's the main difference between adware and spyware and adware doesn't have criminal intentions.
    Some users don't make that difference, but I do.
    I assume that each user, does NOT want Adware and Spyware on their computers, because both compromise our PRIVACY.
    In other words we all have a black and white vision on Adware and certainly on Spyware.

    I also have a black and white vision on Adware/Spyware, because I can't afford to have a grey vision and that's why I find the classification of adwares/spywares, going from low-risk upto high-risk, USELESS.
    I'm not interested in those classifications, because I don't want any adware/spyware on my computer, no matter what the risk is : low, moderate or high.
    In other words I don't need that "Threat Level Bar" and I don't even want to see it.

    Is that "Threat Level Bar" some kind of psychological trick to teach us that adware isn't always a serious threat and doesn't need to be removed necessarily ?
    Putting Claria on "Ignore" as a "Recommended Action", combined with the classification "Moderate" in the "Threat Level Bar", like M$ did, is certainly a sneaky way to ignore and keep Claria on your computer.
    Keep in mind that the majority of the users don't know what Claria really is and they don't read security forums like we do.
    I wouldn't even be surprised that ignorant users consider Claria as a possible false positive.
    M$ has IMO a grey vision on adware and that attitude is dangerous, because once you enter that grey area of adware, you have sold your soul to adware already.

    Do I need that "Threat Level Bar" to REMOVE adware/spyware ? NO.
    Will that "Threat Level Bar" influence my decision to remove or to keep adware ? NO.
    Do I need a classification of adware/spyware ? NO, because I do NOT want adware/spyware.
    There is only a difference between bad objects and good objects (black and white) and I don't need to known HOW bad a bad object is, because BAD is BAD.
    Keep it simple, because most complicated things are complicated because they want to HIDE something.
    Only lies need a beautiful story, the truth doesn't need that.

    Some readers might think, why is Erik bothering about an innocent looking "Threat Level Bar".
    Of course it's always looking innocent, but do we need it ? NO. If we don't need it, why is it there ?
    I'm convinced that the business world will find a way to make adware acceptable and MSAS is used to mitigate adware.
    Adware is a brilliant tool to make advertising very personal and the business world will do anything to make adware acceptable for the user and I'm not talking about knowledgeable users (the minority).
    Maybe the ignorant user will love it to be informed by adverts via adware, when he needs something and wants to buy it, which is alot easier than searching on the internet with google.
     
  2. JRCATES

    JRCATES Registered Member

    Joined:
    Apr 7, 2005
    Posts:
    1,203
    Location:
    USA
    Interesting topic, Erik. I wouldn't necessarily give CounterSpy or any others a free pass, though, since many have been "downgrading" and even removing altogether some adware/riskware classifications
    While you and many others might not "need" the classification, Erik, the reason for this is quite simply because companies like Claria have sought legal action and proceeded litigation AGAINST anti-spyware software manufacturers. And since there IS a grey area as far as what is considered "legal activity", the AS companies simply don't want to risk being found liable in a court of law. Therefore, most of them still "recognize" the threat, but treat it in a manner (i.e. - "low threat" classification) as to avoid possible litigation. And from my understanding, these guidelines have been agreed upon by both parties involved (AS manufacturers AND adware groups like Claria). But until this is ruled on by the court and legal system (and this is potentially something that could reach the highest court here in the U.S.), there will likely continue to be this "grey" area of sorts.
     
  3. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    JRCATES,
    My main point was that I consider these classifications as a dangerous development for the USERS, who hate adware and spyware on their computer. That the law is too weak is another problem.
    Adware makers (and the whole business world) are tired of having their adware REMOVED from computers.
    That's why they are angry with anti-spyware companies.

    I'm convinced that AS companies will take a step back and mitigate adware more and more, because adware is too beautiful for business men to put aside.
    M$ mitigates adware already in MSAS and others will do the same.
     
  4. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Money talks....and there is plenty of it being deposited everyday due to Rogue players....but there are still some credible players that will stand there ground and not bend....CounterSpy to name just one.
     
  5. JRCATES

    JRCATES Registered Member

    Joined:
    Apr 7, 2005
    Posts:
    1,203
    Location:
    USA
    Actually, CounterSpy HAS changed some detections, like WhenU for example. Here is a nice little debate on that, courtesy of DSL Broadband Reports forum:

    http://www.dslreports.com/forum/remark,13953597~mode=flat~days=9999
     
  6. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Never said they haven't made changes ;) and I'm very aware of the thread your linikng to also....but in all fairness to Sunbelt a user needs to read their WhenU Software review before labeling them wrongly for making the change.

    Sunbelt's WhenU Whitepaper PDF file
     
  7. Ailric

    Ailric Guest

    Not all adware is spyware. For instance Opera has an adware supported version that reports no information about you or your surfing habits... it is clean.
    Eudora Pro has the same deal.
    Filesclab free has a number of ads in the interface.
    Powerdesk 5 free has an occasional splash when closing.
    These are not spyware.
     
  8. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I never said that all adware is spyware, on the contrary I made a clear distinction between adware and spyware in my original
    post.
    I'm not worried about spyware and businessmen, adware makers, anti-spyware makers, users and even the LAW will do everything to get rid of spyware in the future, because of its criminal nature.

    Adware has NO criminal intentions and is used for COMMERCIAL purposes, but users do NOT want adware either, even the most innocent one. Adverts belong on websites ONLY without dirty tricks.

    But the business world WANT adware, because adware is the first advertising method that makes personal advertising possible,
    which is much better than the general classic advertising on TV, newspapers, etc.
    Adware makers will improve adware programs to make that possible and their only problem is that users don't want it.

    So the users need to be prepared gradually and MSAS is doing this already by putting certain adwares, like Claria
    on IGNORE and tell users via the "Threat Level Bar" that Claria is quite innocent and doesn't need to be removed.
    Other AS companies, like CounterSpy will do the same thing in the future.

    The "Anti Spyware Coalition", full of business men (who want adware), will never allow that the law convicts adware as being spyware and adware is indeed not spyware, it's just an advertising method.
    This is not about MSAS, CounterSpy, ... it's about approving adware on computers, what users don't want to happen.

    But in the end, the users have NOTHING to say like always and the knowledgeable user will always be able to remove adware, but not the majority and when AS scanners don't remove adware anymore, it will be installed on more than 500 million computers world-wide and that's the golden dream of every business man.
    Just think like a business man, not like a user and you will understand what I'm trying to tell.
    Personally I find this discussion more important, than talking about which software is better : MSAS or CounterSpy.
    Or do you want adware on your computer ? I don't.
     
    Last edited: Aug 24, 2005
  9. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    Well, as long as it is "only" downgraded detections & you still have the possibility to change from "Ignore" to "remove" and notthing detectionwise is removed, then i don't see a problem. I'm not saying that the actions of the adwaremakers are ok, but in the legal climate that they are apparantly stuck in, it may be the best option ATM.

    Good to see that Spy Sweeper & CounterSpy wil stilll stand there ground though, at least for now. :)
     
  10. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I hope that security experts like Eric Howes will keep a good eye on these AS companies and report any change in the classification of adware/spyware.
    Downgrading adware is IMO just the first step to make adware acceptable.

    Webroot & Sunbelt just make a good profit of the actual situation.
    As long they don't put adwares on IGNORE, they become more and more popular amongst users, which increases the sale of Spy SWeeper and CounterSpy. After all both are payware.
    In the end both will yield to the pressure of the business world and users will keep on using MSAS, CounterSpy, Spy Sweeper, Ad-Aware and Spybot to remove the REAL SPYWARE from their computers.

    It's just a matter of time and the security industry is only interested in MONEY, not security.
    That's why security is such a BIG MESS and that's why I don't get what I really want and that's why I have MUCH MORE security softwares than application softwares on my computer.
    I'm not a security expert, but that doesn't mean I'm stupid.
    I prefer to watch the wood in stead of the trees, which means I don't study and discuss each existing security software, I'm looking at the total picture.
     
Loading...
Thread Status:
Not open for further replies.