Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Adware Tries to Climb Out of the Muck

    By
    Larry Seltzer
    -
    July 25, 2005
    Share
    Facebook
    Twitter
    Linkedin

      I was a little surprised when Microsoft started reclassifying adware programs in its anti-spyware software to less severe levels. But I was downright curious when Sunbelt Software started to do the same.

      A controversy erupted over the weekend when Sunbelt reclassified some programs from notorious adware vendor WhenU to a less severe rating of “low” and a default recommendation of “ignore” (as opposed to “remove”).

      This was the same move that Microsoft made with several adware vendors and was done for what is claimed to be the same reason. Microsoft said it re-examined the software it reclassified, most prominently GAIN from Gator Software, and changed it to “ignore” in order to make it more consistent with Microsofts standards and how it classifies other programs.

      /zimages/1/28571.gifRead more here about Microsoft reclassifying adware programs.

      They did not go into detail about how GAIN or any other reclassified programs related to their standards, and the only document Im aware of that discusses their standards doesnt go into detail on how a program merits one level or another.

      Sunbelt generally isnt as well-known as Microsoft, although it is very well-known in anti-spyware circles, partly because it went to the trouble some time ago of attempting to define what spyware and adware are, and to some degree what the company would do when it encountered them. Microsoft and others have stuck their toes in these same waters.

      All of the documents Ive seen have been heavy on the definition of spyware and light on the standards for classification. Sunbelts document makes reference to classification, but not in a systematic way. When Symantecs attempt at classification came out, I criticized it for being designed to formulate a score, thinking this was an overly simplistic approach.

      But maybe Symantec has it right, since an obvious application of a score is to tie certain program actions to specific scores (for example, delete if the score is eight or higher, recommend removal if between four and seven, recommend ignoring if less than four).

      But in any event, standards such as this can put you in a tough spot, and there Sunbelt found itself last week when it became clear that WhenU had reworked some of its programs so that under Sunbelts criteria and standard practices, they would no longer merit a default action of “remove,” but rather of “ignore.” This Sunbelt did.

      The company explained the examination and decision process in great detail in a document it published (PDF form). This alone puts Sunbelt way ahead of Microsoft, with its response to its GAIN controversy.

      Its also worth noting that Sunbelt reclassified some but not all of WhenUs programs, and it did not reclassify the main problem application, Save! (aka SaveNow),which delivers targeted pop-up ads to users based on their browsing habits.

      What I think is most interesting about Sunbelts action is that it also showed that the companys standard treatment for “adware bundlers” is a classification of “low” and a recommendation of “ignore.”

      Adware bundlers dont necessarily, on their own, perform adware functions, but they may install actual adware, with or without permission from the user. WhenUs ClockSync program, one of those reclassified, is an example of this in that it doesnt display ads, but it may install Save!/SaveNow.

      Eric Howes of the Web site SpywareWarrior, who is also a consultant to Sunbelt, says it would be an overreaction to treat an otherwise innocuous program with the same degree of severity as one that it subsequently installs. But he said he sees the problems with the situation.

      If we assume that the user who sees the ClockSync classification is running Sunbelt Softwares CounterSpy or some other program of the companys, surely they also would see the more serious classification if it installed Save!/SaveNow. This would argue for the approach Sunbelt has taken, since the user will see the right classification when it needs to be seen.

      Howes does say, and I agree, that perhaps in the end, the whole category of adware bundlers needs to be reclassified up. Perhaps theres an intermediary level between “ignore” and “remove” that could bridge the gap.

      Neither Sunbelt nor Microsoft compromised themselves to the degree that Aluria did when it certified WhenU as “spyware-safe.” That went completely over the top, although Aluria claims to have its own standards.

      But I dont want to spend too much time trying to accommodate companies that have historically abused their customers computers even if they are trying to conform with the letter of the rules they should be following.

      Were still in the early stages of setting these standards, and we cant let mistakes bind us to bad practices. I think most of us can think of adware the way Potter Stewart thought of pornography: We know it when we see it.

      Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983. He can be reached at [email protected]

      /zimages/1/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

      More from Larry Seltzer

      Avatar
      Larry Seltzer
      Larry Seltzer has been writing software for and English about computers ever since—,much to his own amazement—,he graduated from the University of Pennsylvania in 1983.He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find absolutely no hits on any of these +products on Google.) His work at Desktop Software included programming the UCSD p-System, a virtual machine-based operating system with portable binaries that pre-dated Java by more than 10 years.For several years, he wrote corporate software for Mathematica Policy Research (they're still in business!) and Chase Econometrics (not so lucky) before being forcibly thrown into the consulting market. He bummed around the Philadelphia consulting and contract-programming scenes for a year or two before taking a job at NSTL (National Software Testing Labs) developing product tests and managing contract testing for the computer industry, governments and publication.In 1991 Larry moved to Massachusetts to become Technical Director of PC Week Labs (now eWeek Labs). He moved within Ziff Davis to New York in 1994 to run testing at Windows Sources. In 1995, he became Technical Director for Internet product testing at PC Magazine and stayed there till 1998.Since then, he has been writing for numerous other publications, including Fortune Small Business, Windows 2000 Magazine (now Windows and .NET Magazine), ZDNet and Sam Whitmore's Media Survey.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Information

      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×