Microsoft Irks Watchdogs with Claria Downgrade Explanation

 
 
By Ryan Naraine  |  Posted 2005-07-11
 
 
 

Microsoft Irks Watchdogs with Claria Downgrade Explanation


Microsoft has broken its silence over the decision to downgrade the default recommendations in its Windows AntiSpyware product, insisting that "absolutely no exceptions" were made for Claria Corp.

Facing heavy criticisms for recommending that users "ignore" the existence of Clarias adware products, Microsoft Corp. issued a public statement to explain that the change stemmed from a review that was based on a single set of objective criteria.

"[We] decided that adjustments should be made to the classification of Claria software in order to be fair and consistent with how Windows AntiSpyware handles similar software from other vendors," Microsoft said.

Anti-spyware advocates first discovered the Claria default changes immediately after rumors swirled that Microsoft was in acquisition talks with the Redwood City, Calif.-based distributor of the controversial Gator ad-serving software, but although Redmond wont confirm or deny the rumors, the statement made it clear the Claria downgrade occurred more than three months ago.

"All software is reviewed under the same objective criteria, detection policies and analysis process. Absolutely no exceptions were made for Claria. Windows AntiSpyware continues to notify our users when Claria software is found on a computer, and it offers our users the option to remove the software if they desire," the company added.

In an interview, corporate vice president at Microsofts Security Business and Technology Unit Mike Nash said the downgrading of the Claria rating had nothing to do with any kind of rumored acquisition.

While he said he could not comment on acquisition rumors in any way, Nash said his team is "hard-core religious about the definitions [of spyware], independent of anything else going on."

Click here to read more about Microsoft downgrading Claria adware detections.

"They are pure. They will not be messed with," Nash said. "Weve had some interesting learning on the anti-spyware product front. We took our time to define our parameters on what is spyware vs. software. We published a white paper on this a couple months ago."

He also noted that Microsoft doesnt always downgrade ratings. "Sometimes we bump up from moderate to high."

Next Page: Legacies affecting downgrades.

Legacies Affecting Downgrades


Nash attributed the current Windows AntiSpyware rating system to its "legacy with Giant Software," whose product Microsoft purchased late last year and upon which Windows AntiSpyware is based.

Even as Microsoft was explaining the decision, anti-spyware watchdogs noticed that Redmond downgraded the setting for several other high-profile adware applications.

Eric Howes, a spyware researcher who works as a consultant for Sunbelt Software, said recent tests with the Windows AntiSpyware utility showed that adware programs distributed by WhenU, Wehhances, eZula.TopText and New.net were also downgraded.

"Strangely, they still recommend Remove for a number of other eZula apps, including DashMemoryCleaner, a harmless freebie program being used as bait," Howes said.

In an interview with Ziff Davis Internet News, Howes said he believes Microsoft has having problems applying its adware/spyware classification criteria.

"I think the criteria they published in that white paper are pretty good. But it looks like a problem in analyzing the adware properly and translating the analysis into the recommended actions presented to users."

"Theyre simply coming to erroneous conclusions," Howes said, arguing that Microsoft has a responsibility to be a "standards-setter" in the anti-spyware industry.

"He said all the adware applications that have been downgraded could very well have been installed in circumstances where poor or misleading notice and disclosure was provided to help users understand the true nature and functionality of the software.

Some of the adware programs have even been known to be installed through security exploits while others display advertising on users desktops or hijack browser home pages without the users knowledge.

Click here to read more about the chaotic world of defining spyware.

"Given these kinds of problems with these applications, is it really appropriate that Microsoft recommend that less-knowledgeable users Ignore these programs and leave them installed? I think not, especially given that its quite likely that few users explicitly requested the install of these applications," he argued.

Ed Bott, a best-selling author who has written extensively on the Windows platform, said Microsofts published explanation fails the smell test and argued that the goodwill generated from the Windows AntiSpyware release is "vanishing at an alarming rate."

"Why not publish Clarias request and Microsofts response so that customers can understand what changes were made and why? And why claim that there is a strict set of rules, when theres no such thing?" Bott wrote in a blog entry.

Bott stressed that Microsofts published white paper on the way spyware is defined takes into consideration the "context, intent, and source of the program" along with the "behaviors of programs installed not only by the software vendor but also by its third-party affiliates."

He chided Microsoft for withholding details about the reasons for its decisions. "[T]hats the problem: No transparency. Microsoft doesnt give customers any reason for them to trust Windows AntiSpyware to classify potentially unwanted software accurately and recommend actions that are in its customers best interests," Bott argued.

"If you follow the Microsoft links, all you know is that Claria complained, Microsoft reviewed its classification, and a change appeared in the list. Microsoft knows why. Claria knows why. Microsoft customers know nothing. Was the original classification wrong? Did Claria change its behavior in some significant way that caused Microsoft to re-evaluate its classification? Was there another reason for the change?" Bott asked.

Bott called on the software giant to publish the Windows AntiSpyware database on the Web and make it searchable to ensure total transparency.

He also recommended that Microsoft release control of the detection database to a truly neutral third party.

Ben Edelman, a Harvard researcher who is one of the most vocal critics of spyware purveyors, said the odd downgrade recommendations demonstrate the "misguidedness" of Microsofts "ignore" classification.

In a research note, Edelman said that if Microsoft boss Bill Gates tried to clean up a friends PC, "I bet hed want all these programs gone."

"Has Microsoft given in to vendors threats? Or forgotten how badly "adware" damages the Windows experience (ultimately encouraging users to switch to other platforms)? Ive previously been impressed with Microsofts AntiSpyware offering; Ive often used it and often recommended it to others. But screw-ups like this call Microsofts judgment into question," Edelman added.

"During this sensitive period, with Microsoft unwilling to deny the continued Claria acquisition rumors, Microsoft should be especially careful to put users interests first. Instead, Microsofts recommendations cater to the interests of the advertising industry. Im not impressed," he said.

"[If] Microsofts criteria say to ignore a program known to be installed through fake-user interface ads on kids sites, showing a EULA [End User License Agreement] only after installation, with a broken uninstaller, then Microsofts criteria leave a lot to be desired," Edelman declared.

In its statement, Microsoft acknowledged that anti-spyware vendors use different approaches, definitions and types of criteria for identifying and categorizing spyware and other potentially unwanted software.

"This has limited the industrys ability to have a broad, coordinated impact in addressing the problem," the company said.

On July 12, Microsoft plans to announce it is a founding member of the Anti-Spyware Coalition, a group of technology companies and anti-spyware companies working alongside public interest groups to address key spyware issues.

Microsofts Nash said he expects coalitions definitions to be "very dynamic."

The Anti-Spyware Coalitions plans to launch with the released of the first draft of a consensus document titled "Spyware Definitions and Supporting Documents" for a 30-day public comment period.

Microsoft Watchs Mary Jo Foley contributed to this report.

Check out eWEEK.coms for Microsoft and Windows news, views and analysis.

Rocket Fuel