Microsoft Can't Figure Out How To Stop Spyware Itself, Needs To Buy Help
from the somewhat-telling... dept
Considering that many people blame Microsoft's inability to design their operating system and browser properly for the rise in spyware, it's interesting that Microsoft felt the need to go out and acquire an anti-spyware company. This makes it sound more like they're trying to patch up some holes by applying this spyware technology on top, rather than looking at the underlying code to figure out ways to prevent the type of security breaches that lead to the spyware in the first place.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
Security breach?
The only thing I can think of that would work would be to have some sort of certifying authority that signs software that users can trust - a chain of trust much like what SSL has for the browser.
Have some company set up shop to test and certify software that's "spyware free". Have ISVs like Dell ship their systems configured such that only software that's signed by these guys can be installed. Let the user turn it off, but at the risk of "voiding the warranty".
Dell would have to pay the certifying guys, but I think in the end they'd save the money on support calls.
[ link to this | view in thread ]
Microsoft & GIANT
[ link to this | view in thread ]
Re: Security breach?
I have a relative that works in an elected board position at NSF international (not the national science foundation). If you haven't heard of them, the next time you go to any restaraunt look at any of the machines that provide food/drinks, any of the containers used to store the food or any of the products used to handle the food. You'll see an NSF certified sticker on them. It's not recognized by the consumers, but it is recognized by the food services industry.
Take a look at any consumer electronics product and you're bound to see a UL Listed stamp on it (because many consumer electronics retailers won't bother to stock a product that doesn't meet UL's requirements).
In computers, digital signatures could be easily used to certify something as spyware free. Initially many users would not have a clue and would probably click-through something that wasn't "certified", but as the industry and the users adapt, the problem will go away. And instead of some law that has huge barriers written in 3000 pages of legal-ease and causing programmers to worry about breaking the law in order to produce something of merit...not to mention treaties between countries required to make the law cross borders...a private certification group could adapt quickly to changes in technology and be able to address new threats and eliminate "loopholes" discovered in previous policies quickly.
Some of the biggest problems the software industry faces is existing government regulation (such as the patent and copyright system). It seems obvious to those of us who work within the industry that these "systems" are horribly broken, but getting elected officials to recognize them as broken is a terribly daunting task...and realistically it won't happen until someone abuses the system so badly that 3/4 of the economy is affected.
Having a nimble, private sector group regulate the industry seems a good long-term solution. They're going to go where the profit is...and profit is never going to be buried in idiotic bureaucracy with antequated rules written when the telephone was a new invention.
I'm not saying it doesn't have its weakness... but as long as Moore's law is still a "rule", is it realistic to have government regulation step in and "correct" the problem with a law that can't adapt to an ever changing industry?
[ link to this | view in thread ]