|
|
Microsoft's New Dangerous GameJust when you thought it might be safe to plug in your network cableagain, the news of the day brings you right back down to earth. Yesterday, Microsoft was forced to deny (http://www.zdnet.com.au/news/software/0,2000061733,39201837,00.htm) that it is giving special treatment to a company that appealed its product's designation as quarantine-worthy spyware by the software giant's AntiSpyware system. That Microsoft is reported to be mulling the purchase of Claria (formerly Gator), the spyware company in question, forces us to reconsider our recommendation of the MS AntiSpyware infrastructure. Pardon Our Compliments Here at Cafe ID (http://www.cafeid.com), we've gone out of our way to applaud what we saw as new efforts toward consumer-friendliness and fair, open business dealings underway at Microsoft. We cheered Microsoft's decision to purchase and distribute free of charge Giant's excellent anti-spyware software and the steps MS has taken to lock down Windows. Almost every article of praise, however, has had to be tempered with some sobering look at evidence that makes us feel silly for suggesting that there may be fundamental changes for the better afoot in Redmond. Whether it's a tired campaign of FUD (fear, uncertainty and doubt) against its Open Source competition, its refusal to release the forthcoming IE7 with its security enhancements for Windows 2000 or its apparent shift toward a subscription model for all its system software, Microsoft has taken two steps backward for every step it has taken in the direction of competing fairly on the merits of its products and having a basic respect for the security and privacy of its vast and essentially captive customer base. This newest episode is the second time we've had to revisit our stance on what we had originally seen as one of the more positive developments at Microsoft. The Giant anti-spyware tool was one of the best on the market, justifying its price by often finding and removing things that the most popular free tools left behind; and the engineers did a great job of rebranding the product and integrating it into Windows' nice notification and auto-update systems. Now, with one simple, fundamental change, Microsoft has cast a shadow of doubt over the whole anti-spyware project, and Microsoft casts a long shadow indeed. Ignore, Quarantine or Remove? Here's the story, in a nutshell: Researchers discovered that an updated MS Anti-Spyware utility's recommended course of action for dealing with Claria's malware is to ignore it as if it were benign where, formerly, it recommended quarantining what it found. People tend to trust and follow the recommendations of the anti-spyware utility, and recommending the disabling of Claria's product put a major dent in that company's efforts to track the behavior and preferences of and target with pop-up ads the estimated 40 million people who have, whether they knew it or not, installed the software onto their computers. All companies are afforded the opportunity to appeal the status of their products with Microsoft, and on its Security website (http://www.microsoft.com/athome/security/spyware/software/claria_letter.mspx), Microsoft states that it handles "all vendor requests in the same manner" and that it reviews all software "under the same objective criteria, detection policies, and analysis process." In its denial, Microsoft stated that no exceptions to its policies were made for Claria and points out that customers are still notified of the presence of Claria software and given the opportunity to remove it. To be fair, according to Alex Eckelberry at the Sunbelt Blog (http://sunbeltblog.blogspot.com/2005/07/update-on-clariamicrosoft.html), which is run by a company that sells a version of the same Giant software, a number of other notorious spyware programs, including WhenU, WebHancer and Ezula TopText, have also been downgraded to "ignore" status. Eckelberry states that "the Claria downgrade is quite likely part of a bigger picture regarding Microsoft's listing criteria for adware." If this is supposed to be comforting, however, it isn't; and anyone who has ever spent time fighting to clean up a computer that has been infected with those all-too-familiar malware products is going to be nauseated that the recommended action for those is, according to the soon-to-be universal anti-malware utility, to ignore them. The problem with Microsoft's approach, as usual, is its efforts at obfuscation. The company hasn't published either Claria's appeal or its own response to Claria, and while it claims to adhere to "objective criteria" and detection policies, it's not clear that a strict set of rules for compliance exists. Microsoft's own explanation (http://www.microsoft.com/athome/security/spyware/software/isv/analysis.mspx) leaves plenty of room for subjectivity, using language like "The criteria categories include, but are not limited or restricted to..." and "The context, intent, and source of the program are taken into consideration..." Malware purveyors have made threats and initiated lawsuits (http://www.benedelman.org/spyware/threats/), and it's important to know why Microsoft would make a change to an existing policy with regard to a particular piece of malware. Its customers deserve to know why it's now okay to ignore a piece of malware that was recommended for quarantining only days before. We suspect (and suspicion seems to be the best policy with regard to Microsoft) that this particular change has little to do with changes to Claria's malware, but rather that there is something larger at play. If You Can't Beat 'Em... The New York Times, on June 30, reported that Microsoft "has been in talks to buy [Claria]" for $500 million in an effort to catch up with Google, an advertising, as well as search, behemoth. Both companies refuse to comment, and the possibility that the story is totally false or is a leak designed to either discredit Microsoft or a potential deal with Claria cannot be dismissed. The Times reports that there is a bitter debate within Microsoft between those concerned about the company's already-refined Big Brother image and those concerned with profiting from the "anticipated increase in personalized advertising." The article suggests that both CEO Steve Ballmer and Chairman Gates have been involved in the debate, though it only says that Ballmer has been pushing to close the gap with Google. It has even been speculated that the anti-Claria faction within Microsoft leaked the story to the Times and to the Wall Street Journal to fan flames of public outcry against the purchase. For its part, Claria has moved beyond its origins as the straight-up malware menace named Gator, which came famously bundled with the wildly popular peer-to-peer file sharing utility Kazaa, and is now moving toward a broader vision of personalized web services that take advantage of Claria's ability to track and analyze the behavior of millions of people who, for whatever reason, have the software installed. Microsoft is presumably interested in the Claria product Gain and a database (reportedly some 120 terabytes in size) chock-full of ill-gotten consumer data, which could give them a leg up in personalization of MSN Search similar to Google's hugely-successful Adwords program. Google's efforts to personalize and target its advertising, however, don't render people's computers unusable and it works without the kind of monitoring and intrusion for which Claria is infamous. And one wonders why Microsoft, with ready access to practically every PC desktop on the planet, can't personalize its software without buying a malware company for half a billion dollars. Aren't there better uses for that kind of money? There may well be nothing to the rumor or to the downgrading of the threat posed by Claria's software by Microsoft's nascent AntiSpyware infrastructure. But there's lots of smoke here, and consumers accustomed to being burned are right to be looking for the fire. Two Microsoft personalities, one transparent and cooperative, the other secretive and combative, seem to be engaged in an epic internal battle at the same time the company is being attacked like never before by actual competition. How it all plays out will be interesting to watch; but more importantly, it will define, for better or worse, the status quo of personal and business IT for years to come. Your voice is important in this battle, and now would be a very good time to make your desire for computing privacy and security that doesn't take a back seat to targeted marketing known. In the meantime, we still recommend using MS AntiSpyware with the following caveat: You can no longer rely on Microsoft's recommended course of action for malware MSAS detects.
|
|
