Eugene Kaspersky argues that spyware does not exist. He makes a rather nuanced semantic point that spyware is no different from other software - while I have the good sense not to debate semantics with someone named "Eugene," I believe he is both right and wrong. Specifically, spyware isn't any different from any other software; it's just that the activities of the software in question are likely to be undesirable from the end user's point of view. Microsoft has put a great deal of thought into deciding which software is undesirable and why, and I find their system to be most reliable. To demonstrate, let's look at the system in pracitce:
As an example of how useful the Microsoft approach is, let's take a piece of anonymous software and see how it fares on the MS criteria. For example, I have a particularly nasty piece of software on my machine that fits into almost every category on the Microsoft checklist. For example, it 1) occasionally attempts to dial out using the modem, 2) consumes extensive system resources, 3) loads itself on system startup, 4) was bundled with another application that I was primarily interested in, 5) changes operating system settings, and 6) integrates itself with my web browser. This is spyware for sure, right? Of course it is! It matches the MS criteria point for point. Just for the record, the software in question is "Excel." I always knew it was malware, but I need MS to prove it to me.
In other news, why bother validating that applications still work before installing patches? The "Chief Security Strategist" from Shavlik points out why this approach is so "10 minutes ago."
Posted by Ed at March 18, 2005 10:57 AM