Microsoft Can't Figure Out How To Stop Spyware Itself, Needs To Buy Help

from the somewhat-telling... dept

Considering that many people blame Microsoft's inability to design their operating system and browser properly for the rise in spyware, it's interesting that Microsoft felt the need to go out and acquire an anti-spyware company. This makes it sound more like they're trying to patch up some holes by applying this spyware technology on top, rather than looking at the underlying code to figure out ways to prevent the type of security breaches that lead to the spyware in the first place.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Steve Tibbett, 16 Dec 2004 @ 10:16am

    Security breach?

    The security breach is giving users the power to do anything on their own computers. The spyware guys ASK if it's ok to install their software, and even say what the software is going to do, and the users just click past it to get to their shiny new 'free' game.

    The only thing I can think of that would work would be to have some sort of certifying authority that signs software that users can trust - a chain of trust much like what SSL has for the browser.

    Have some company set up shop to test and certify software that's "spyware free". Have ISVs like Dell ship their systems configured such that only software that's signed by these guys can be installed. Let the user turn it off, but at the risk of "voiding the warranty".

    Dell would have to pay the certifying guys, but I think in the end they'd save the money on support calls.

    link to this | view in chronology ]

    • identicon
      acousticiris, 16 Dec 2004 @ 10:34pm

      Re: Security breach?

      That's not all that bad of an idea. Many people would like to see Government step in and regulate this mess, but if you look at successful regulation, it is often done by private industry.
      I have a relative that works in an elected board position at NSF international (not the national science foundation). If you haven't heard of them, the next time you go to any restaraunt look at any of the machines that provide food/drinks, any of the containers used to store the food or any of the products used to handle the food. You'll see an NSF certified sticker on them. It's not recognized by the consumers, but it is recognized by the food services industry.
      Take a look at any consumer electronics product and you're bound to see a UL Listed stamp on it (because many consumer electronics retailers won't bother to stock a product that doesn't meet UL's requirements).
      In computers, digital signatures could be easily used to certify something as spyware free. Initially many users would not have a clue and would probably click-through something that wasn't "certified", but as the industry and the users adapt, the problem will go away. And instead of some law that has huge barriers written in 3000 pages of legal-ease and causing programmers to worry about breaking the law in order to produce something of merit...not to mention treaties between countries required to make the law cross borders...a private certification group could adapt quickly to changes in technology and be able to address new threats and eliminate "loopholes" discovered in previous policies quickly.
      Some of the biggest problems the software industry faces is existing government regulation (such as the patent and copyright system). It seems obvious to those of us who work within the industry that these "systems" are horribly broken, but getting elected officials to recognize them as broken is a terribly daunting task...and realistically it won't happen until someone abuses the system so badly that 3/4 of the economy is affected.
      Having a nimble, private sector group regulate the industry seems a good long-term solution. They're going to go where the profit is...and profit is never going to be buried in idiotic bureaucracy with antequated rules written when the telephone was a new invention.
      I'm not saying it doesn't have its weakness... but as long as Moore's law is still a "rule", is it realistic to have government regulation step in and "correct" the problem with a law that can't adapt to an ever changing industry?

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Dec 2004 @ 11:37am

    Microsoft & GIANT

    This is security theatre. As with their purchase of an AV company last year, they didn't go after a brand or thought leader, they bought a no-name non-player in the space as a feint towards a better OS (but without the work required for an overhaul).

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.