|Coalition Plan to Weed Out Spyware |
| 8:27 pm on Nov 16, 2005 (gmt 0)|
|A coalition of major Internet companies today will announce a plan to weed out advertisers who infect computers with unwanted code that spies on users' activities or generates nuisance advertising. |
Web Firms Take Stand Against Spyware [washingtonpost.com]
| 9:35 pm on Nov 16, 2005 (gmt 0)|
It seems that what they'll be doing is creating a white list of clean companies/apps that don't come bundled without disclosure, but what is that supposed to do about all those that don't make the white list and couldn't care less whether they do or not?
|Under the plan, which will undergo a test phase until next spring, providers of downloadable programs would have to ensure that there is prominent notification that spyware or adware is included and explain what the code does. There must be easy means of deleting the spyware or adware, and the origin of the advertising must be clearly displayed. |
Downloadable applications that meet the criteria would then be placed on a "white list" of certified programs that are safe to download. The participating Internet companies will not distribute, or advertise on, programs not on the list.
Ensure to whom? And by whom is it enforceable? Also, it only pertains to "participating" companies, not the ones that bundle trojan-like apps and have mechanisms to over-write affiliate cookies with their own. Those won't participate, who's gonna make them?
Google's right, it needs more teeth to it. How about some education exposing the tactics used, including publicizing names of applications and the companies paying out big advertising dollars to get visitors through BHOs?
I think we'd be hard put to find very many big ecom outfits out there that aren't directly or indirectly, with or without knowledge, actively supporting the continuance of those rogue apps with their ad dollars.
| 10:24 pm on Nov 16, 2005 (gmt 0)|
This sure isn't perfect, but it's a good first step. At least someone is publicly trying to do something about this problem.
| 10:35 pm on Nov 16, 2005 (gmt 0)|
"...providers of downloadable programs would have to ensure that there is prominent notification that spyware or adware is included and explain what the code does."
I don't see any first step here.
So, someone who installs spyware and tells it somewhere in their TOS, automatically gets white hat.
| 4:17 am on Nov 17, 2005 (gmt 0)|
The first thing they could do is clean up the serps for anti-spyware. Type in the name of a trojan and you'll find a bizzare range of offerings, most of which have no credibility at all.
A good example is a search that I did today to try and find out what applications contain the winfixer app. Bizzare machine generated text and nonsense can be found on a lot of related searches.
monitor which Web sites people view or even capture personal data
Next, how about some full disclosure on what their toolbars do. None of that "This is not your usual ya da ya" crap.. tell users very specifically, what their data is used for, and when the purpose of the data changes, the users need to re-opt in again.
The cynic in me says that most of this is being done to protect their own PPC revenues to begin with.
Often, there is no easy way to remove it.
I'll continue using the destroy bot.
| 1:01 pm on Nov 17, 2005 (gmt 0)|
Nowhere do I see how much it costs to get on the whitelist.
| 6:04 pm on Nov 17, 2005 (gmt 0)|
This is a terrible thing, if it will go as I think it will.
AOL, Y!, CNet, Verizon and CA all have a stake in the software industry in one way or an other. I would not be surprised if there are other non-listed financial backers to this "positive movement".
As one of you has said it before, the question who decides what gets listed, and if there is a financial and other costs to getting listed are extremely important.
Suppose I am a small software developer, say... Open Source SQL DB... What is my cost, hard and soft, to get my software listed? Will my competitor, who already sits on the deciding board, make the decision to include me in an approved list?
I am skeptical, at best...
| 5:24 am on Nov 18, 2005 (gmt 0)|
My tech guy just spent an hour weeding out dll's and errant files left behind from the anti-spyware software which was slowing my computer down much worse than any spyware I've ever had.
| 9:31 pm on Nov 18, 2005 (gmt 0)|
I think anything like this would be a small step in the right direction.
But Joe Newbie will STILL download the screensaver/file share program he wants.
I do this cleaning/removal for people, and I keep doing the same people over and over again because they and/or their children REFUSE to listen.
Oh well, more $$$ for me...
| 1:48 am on Nov 19, 2005 (gmt 0)|
These moves are coming from the wrong direction. They're just going to eliminate one of the several vectors that spyware actually gets onto sytstems.
As much as I like Spybot and Ad-Aware, their existence, I belive, has a negative effect on the end user. Many of the major anti-virus companies sell an anti-spyware add-on component to compete with the Ad-Awares and Spybots of the world. The anti-virus industry's refusal to put spyware protections into their already sophisticated anti-virus engines allows for the anti-spyware market.
A glance at this page [spywarewarrior.com] shows that, users are looking to anyone who claims to be anti-spyware to get protections, and this trust is being abused (often, no protections are offered at all, and spyware is installed instead). This is all due to the lack of a pro-user stance from the AV industry; instead, they chose to first ignore the existence of spyware, and later on, take advantage of the situation by selling a product that people won't want to pay for since they can't differentiate between the good scanners and the bad. Users just know that they probably don't want to pay for it.
I think that what's needed most is for the anti-virus industry to stop tip-toeing around the issues that surround spyware, bite the bullet, and do the job that we all pay them for: to keep stuff we don't want off our computers. People know that they need to have anti-virus software on their computers; they're basically given it when they buy the computer. If the big dogs (symantic/norton, mcafee, etc) start protecting against spyware with their anti-virus engines, all the other anti-virus vendors will follow suit, and the spyware industry will finally begin to crumble.
| 11:08 pm on Nov 20, 2005 (gmt 0)|
Then there's how this issue looks to the affiliate marketing community, which is an entirely different perspective in an industry that's taken a good, hard look at spyware/adware and been very vocal about it, particularly on the issue of commission theft.
Is an application/software company considered to be "honest" and white-listed just because their policy and uninstall info are clear, even though they continue to hijack customers and over-write affiliate cookies even though they had nothing whatsoever to do with sending the customers to the merchant site, but can over-write cookies and get paid for sales they had nothing to do with simply because they CAN, being installed on the unaware customer's machine?
A company that hijacks customers from merchant sites, over-writes cookies and usurps (aka steals) commissions from the people who earned it is *honest* just because they give instructions for uninstalling?
| 5:42 pm on Nov 23, 2005 (gmt 0)|
|If the big dogs (symantic/norton, mcafee, etc) start protecting against spyware with their anti-virus engines, all the other anti-virus vendors will follow suit, and the spyware industry will finally begin to crumble. |
Yeah, just like the virus industry did! ;-)
Most of the anti-virus vendors are in the business of making money. Why would they offer it for free when they can pass it off as an added service which they can charge for?