WASHINGTON--Four groups have sprung up to fight the insidious software that pops up ads on screens or spies on PC users. Is that too much of a good thing?
Last month, the number of efforts to fight adware and spyware doubled with the announcement of two new initiatives: Spywaretesting.org, a consortium of antivirus companies, and StopBadware.org, an initiative led by two universities. These join the Trusted Download Program and the Anti-Spyware Coalition, both formed last year.
The new initiatives were the hot hallway topic outside an event hosted by the Anti-Spyware Coalition here Thursday. People there disagreed on whether more is merrier. Some predict the efforts will collide, as each group is dedicated to helping consumers deal with the insidious software. Others say the peer pressure will keep each organization on its toes, helping the cause.
News.context
What's new:
Launch of two new anti-spyware groups mean there are now four industry initiatives to fight software that pops up ads on screens or spies on PC users.
Bottom line: Industry members are divided on whether the presence of several efforts will backfire on consumers. Some say the initiatives will collide, others that they will end up collaborating.
"To many of us, it is completely baffling why there are so many different groups out there," said Alex Eckelberry, president of Sunbelt Software, a maker of anti-spyware tools. Sunbelt has not joined any of the efforts in order to maintain its independence, he said.
According to a Pew Internet & American Life Project study published last year, roughly 59 million American adults have spyware or adware on their computers. Other experts have said as many as 80 percent of consumers' PCs are infected with the annoying software.
Eric Allred, who works at Anti-Spyware Coalition member Microsoft as an anti-spyware response coordinator, said the existence of several bodies could make the work of each group less effective. That could hurt their overall goal of protecting consumers, he said.
But more voices can only help, said David Fewer, a staff counsel at the Canadian Internet Policy and Public Interest Clinic, a consumer advocacy group in Ottawa associated with the Anti-Spyware Coalition. "More consumer education is a good thing, especially if these groups have consistent messaging, which I think they do," he said.
Each of the four groups appears to be dedicated to a distinct purpose, said Tori Case, director of security management at Computer Associates International. Though the goals of each group sometimes overlap, that spread should help stop them stepping on each other's toes.
"That provides focus," she said. "You risk losing focus and (having) conflict of interest in a large organization."
Who's doing what
The Anti-Spyware Coalition only got going in June last year, but is still the oldest group dealing with adware and spyware. It is focusing on coming up with a definition of spyware, to help draw a line between legitimate adware and intrusive downloads. In January, it published guidelines for identifying and combating spyware. It also issued tips for makers of anti-spyware tools to help them deal with companies that complain their software has been inappropriately flagged.
Picking a fight
The four industry groups working to combat spyware and adware are taking different tacks, though their efforts do sometimes overlap.
Anti-Spyware Coalition Set up in mid-2005. The group is working on a definition of spyware, a common lexicon and an appeals process for those who contest that their software is not adware or spyware. Members include Microsoft, Symantec, Computer Associates, McAfee, AOL and Yahoo. CNET Download.com, a sister site of News.com, is also signed up.
Trusted Download Program Launched in November, the program promises to use certification to guarantee an application does only what it says. It's backed by America Online, Yahoo, CNET Networks, Verizon and Computer Associates.
StopBadware.org A more community-focused effort that aims to publish a blacklist of companies and software judged to be the worst offenders. Solicits stories and reports of offending downloads from Net users.
Has support from Google, PC maker Lenovo and Sun Microsystems.
Spywaretesting.org An initiative launched last month by a consortium of antivirus companies. It plans to draft standards for spyware samples and testing, help consumers determine the risks posed by new software and the effectiveness of anti-spyware products. The members are McAfee, Symantec, Trend Micro, ICSA Labs and Thompson Cyber Security Labs.
In November, the Trusted Download Program made its debut. The stated aim of the organization is to certify software downloads that are friendly and noninvasive. The program is run by privacy watchdog Truste and backed by America Online, Yahoo, CNET Networks, Verizon and Computer Associates. (CNET Networks is the parent of CNET News.com.)
The Trusted Download Program is creating a list of approved applications, which may in fact still display advertising. To be certified, makers of the software have to clearly communicate what their product does. The consumer has to consent to a software download before it begins, and then click again before the installation starts.
Critics have expressed doubts about the Trusted Download Program, saying that it may legitimize adware. They contend that some makers of disputed software may be able to gain certification and use that to expand their distribution.
StopBadware.org is taking the opposite approach. It plans to publish a blacklist of offending software and publicly shame the companies that create such applications. The initiative is run by Harvard University and Oxford University with backing from Google, Sun Microsystems and Lenovo.
On the StopBadware.org Web site, Internet users will be able to check if a piece of software is invasive and alert others to annoying programs they have encountered. The group is trying to tap into the experience of ordinary Internet users, and encourages people to share horror stories and technical reports. It plans to craft its own definitions for this kind of malicious software--a goal that overlaps somewhat with that of the Anti-Spyware Coalition.
"What is spyware? It is not a settled question," said Luis Villa, senior technologist at the Berkman Center for Internet & Society at Harvard Law School. Villa works on the StopBadware.org site. "It is not entirely clear that all the options out there are providing clear standards," he added.
Another area of development is spyware testing guidelines--both StopBadware and the Spywaretesting.org have pledged to come up with these. Spywaretesting.org is an initiative launched last month by antivirus companies McAfee, Symantec and Trend Micro, along with ICSA Labs and Thompson Cyber Security Labs. It plans to draft standards for spyware samples in addition to testing. All the companies involved, except for Thompson, are also members of the Anti-Spyware Coalition.
Though now separate, the groups may one day come together. Villa of StopBadware pointed out that any competition between the groups is friendly, and others noted that the efforts are still in an early, pioneering phase. Truste, which runs the Trusted Download Program, also appears to expect consolidation.
"I think they could all be complementary and get together over time," said Fran Maier, executive director of Truste.
There were some talk of this at the Washington event. Some attendees speculated that the Spywaretesting.org group might become part of the Anti-Spyware Coalition. In addition, a scheduled Friday meeting to discuss Spywaretesting.org's work spurred others into predicting that the organization might pick up more allies.
"Spywaretesting.org has been predominantly driven out of the antivirus industry," Eschelbeck said. "They probably have a need to involve the anti-spyware vendors as well. We're ready."
See <a class="jive-link-external" href="http://www.foxnews.com/story/0,2933,181602,00.html" target="_newWindow">http://www.foxnews.com/story/0,2933,181602,00.html</a>
Just get a MAC? How long do you think that it is going to take before programmers realize that if they write adware to implant in MAC OS programs they can have a monopoly on MAC user's personal data? How often do you check who wrote the code for the free widget you just downloaded?
How Long? Will it happen "soon".... fact is.. it has not happened. Does not mean it will not... but right now I CAN gloat and confidently say it is not a threat. What is untrue about that? Are there OS X viruses? NO... are there malware problems with OS X... NO>. there is not. Those are facts.. not suppositions.
There is one thing that you don't realize.. or underestimate about the Mac "community"... if there was a widespread problem... there would be a fix for it in a matter of hours.. not necessarily by Apple... but by one of us "Mac fans"... We are different.. not lemmings who except abuse.. we expect more. We like it that our OS doesn't let programs install with full admin privileges without our knowledge.... we like knowing that when we install a program..it asks our permission... and doesn't install itself within the far corners of our machine.
Using a Windows computer on the internet is like sleeping with a hooker without a condom. You can't deny it. Windows is swiss cheese. Microsoft even wants you to pay for security software.. when it is there OS that is faulty! Give me a break! Your all delusional!
Personally I don't need Steve (and his glued together OS) to hold my hand while I use my computers. I have no security problems with Windows at all. People who do are just careless.
Besides, you can set up Windows to do just the same, but few do. I have on a few computers, but only those where my kids have access. If you think MacOS X is good because Steve has taken the best parts of BSD and slapped a price tag on them maybe you should think again who is the lemming.
Google creates an animated doodle that features a boy, a girl, Google's search engine, and a jump rope. But might there be darker, more analytical, more troubling interpretations to this tale?
The Silicon Valley online payments startup grew by 1,000 percent last year and is hopeful it can repeat that level of growth this year. To do that, it's had to move away from its early friends-and-family roots and embrace small businesses.
Chamtech's spray-on antenna uses a nano material to provide a low-power boost to antenna range. The wireless-in-a-can product may some day bring an end to unsightly cell towers.
EnerG2 opens a plant to make an engineered carbon that will improve performance of energy storage devices and make storage for start-stop hybrid cars less expensive.
Industry members are divided on whether the presence of several efforts will backfire on consumers. Some say the initiatives will collide, others that they will end up collaborating.
Does not mean it will not... but right now I CAN gloat and
confidently say it is not a threat.
What is untrue about that? Are there OS X viruses? NO... are
there malware problems with OS X... NO>. there is not. Those
are facts.. not suppositions.
There is one thing that you don't realize.. or underestimate
about the Mac "community"... if there was a widespread
problem... there would be a fix for it in a matter of hours.. not
necessarily by Apple... but by one of us "Mac fans"...
We are different.. not lemmings who except abuse.. we expect
more.
We like it that our OS doesn't let programs install with full admin
privileges without our knowledge.... we like knowing that when
we install a program..it asks our permission... and doesn't install
itself within the far corners of our machine.
Using a Windows computer on the internet is like sleeping with a
hooker without a condom. You can't deny it. Windows is swiss
cheese. Microsoft even wants you to pay for security software..
when it is there OS that is faulty! Give me a break! Your all
delusional!
Besides, you can set up Windows to do just the same, but few do. I have on a few computers, but only those where my kids have access. If you think MacOS X is good because Steve has taken the best parts of BSD and slapped a price tag on them maybe you should think again who is the lemming.