i don't know specifically about the original poster...but Microsoft has
stated publically that their stance on this is that the specifically
"developers" that are blacklisted by everyone but Microsoft have made
amends to their payloads *ehm* applications, and that they no longer fit
Microsoft's definition on spyware, which was changed from GIANT's
spyware definition a few days after they made that statement... there's
been a lot of speculation that Microsoft bought or is planning to buy
the outfit that produces Gator, etc...which is why they were
delisted...google "Microsoft anti-spyware claria" to bring up a plethora
of information about what's going on with MSAS, and how a product that
was starting to really look solid, no longer has legs...
-Austin Murkland
Dan Bartley wrote:
> Correct me if I am wrong, but isn't MS Anti-spyware "beta" software?
> Does it not specifically say it is beta and use for testing only, etc.?
>
> Did the original poster provide the MS team with any info on what they
> felt was missed so the developers can continue to develop the "beta" in
> to a finished and functioning production software?
>
> Best Regards,
>
> Dan Bartley
>
> -----Original Message-----
> From: Drew Hunt [mailto:Drew_Hunt (at) Valleymed (dot) org [email concealed]]
> Sent: Wednesday, October 26, 2005 18:20
> To: Shaffer, Bruce; Quark IT - Hilton Travis;
> focus-virus (at) securityfocus (dot) com [email concealed]
> Subject: RE: Microsoft AntiSpyware falling further behind
>
> I know it is fun and easy to disparage MS products, but is it possible
> that other spyware vendors go overboard? Not all cookies are bad. Is it
> possible that some of this might not be considered spyware.
> You mention Zedo. I bet they don't think their product is spyware. Have
> you been to their website?
> You also mention "Cok.ad.yieldmanager" I didn't know what this was so I
> did a search. According to Counter Spy research database, it says,
> "Threat risk: Low Risk -Low risk threats pose a very low risk or no
> immediate danger to your computer or your privacy,"
> How much better do you feel now that the cookie which exposed you to
> little or no risk is now off your machine?
>
> I know we have Trend in my corporate environment, and now they seems to
> classify, worms, viruses, trojans, useful utilities that I use (like
> superscan), real spyware, ad ware, and seemingly every cookie as a
> virus. We have thousands every day and I don't feel any safer. But we
> can report that Trend blocked X thousands "viruses" last week when
> really it just deleted cookies.
>
> My point is that one man's freedom fighter is another's terrorist.
> Before slinging mud at MS and other vendors for their "effectiveness"
> maybe we should define what we consider "effective" and what is
> considered excessive?
> If you don't want any cookies follow one of the other posters advice and
> selectively accept them.
>
> My 2 cents.
>
> Drew
>
>
> -----Original Message-----
> From: Shaffer, Bruce [mailto:security (at) stsgi (dot) com [email concealed]]
> Sent: Wednesday, October 26, 2005 4:25 AM
> To: 'Quark IT - Hilton Travis'; 'focus-virus (at) securityfocus (dot) com [email concealed]'
> Subject: RE: Microsoft AntiSpyware falling further behind
>
> I read about a year and a half ago that there were over 30 million known
> pieces of spyware of which over 5 million were active executables.
> Given the fact that many of the worms slithering across the net out
> there have "call home, self updating capabilities" there will never be a
> comprehensive signature based antispyware that catches even 10% of the
> threats. We need to get out of reactive mode and go proactive, and
> blah, blah, blah.
>
> It is not at all surprising that MS avoids certain spyware. After all,
> when you install MS operating systems out of the box you get Alexa
> before you connect to any network.
> -B-
>
> -----Original Message-----
> From: Quark IT - Hilton Travis [mailto:Hilton (at) quarkit.com (dot) au [email concealed]]
> Sent: Friday, October 21, 2005 4:51 PM
> To: focus-virus (at) securityfocus (dot) com [email concealed]
> Subject: Microsoft AntiSpyware falling further behind
>
> Hi All,
>
> It seems that not only does Microsoft AntiSpyware recommend that
> Claria's spyware is ignored, but it also misses a significant amount of
> cookies that are placed on a system - I have a VPC environment where I
> browse the Internet so that anywhere I go won't affect my regular
> Windows session/installation. Regularly CounterSpy is detecting cookies
> (such as Cok.ad.yieldmanager, CGI-Bin, Cok.AssassinTrojan2.0 and Zedo
> (from yesterday's browsing)) that Microsoft AntiSpyware simply does not
> know about.
>
> Now, this is not only disappointing, but potentially dangerous. Any
> customer or end user running Microsoft AntiSpyware or CounterSpy is not
> being protected from these cookies, and MSAS doesn't even detect them -
> that's right, neither program's active monitoring is stopping the
> installation of these cookies, but at least CounterSpy is detecting them
> post-installation.
>
> AntiSpyware is far, far from the accuracy of antivirus, especially
> something like NOD32. I wonder how long it will be before a decent
> AntiSpyware application is released that, like NOD32 does with viruses,
> actually stops spyware *before* it is installed?
>
> --
>
> Regards,
>
> Hilton Travis Phone: +61 (0)7 3344 3889
> (Brisbane, Australia) Phone: +61 (0)419 792 394
> Manager, Quark IT http://www.quarkit.com.au
> Quark Group http://quarkgroup.com.au/
>
> Microsoft Small Business Specialists
>
> http://www.threatcode.com/ <-- its now time to shame poor coders into
> writing code that is acceptable for use on today's networks
>
>
> DISCLAIMER:
> This message is confidential, intended only for the named recipient(s)
> and may contain information that is privileged or exempt from disclosure
> under applicable law. If you are not the intended recipient(s), you are
> notified that the dissemination, distribution or copying of this
> information is strictly prohibited. If you received this message in
> error, please notify the sender then delete this message.
>
>
>
>
stated publically that their stance on this is that the specifically
"developers" that are blacklisted by everyone but Microsoft have made
amends to their payloads *ehm* applications, and that they no longer fit
Microsoft's definition on spyware, which was changed from GIANT's
spyware definition a few days after they made that statement... there's
been a lot of speculation that Microsoft bought or is planning to buy
the outfit that produces Gator, etc...which is why they were
delisted...google "Microsoft anti-spyware claria" to bring up a plethora
of information about what's going on with MSAS, and how a product that
was starting to really look solid, no longer has legs...
-Austin Murkland
Dan Bartley wrote:
> Correct me if I am wrong, but isn't MS Anti-spyware "beta" software?
> Does it not specifically say it is beta and use for testing only, etc.?
>
> Did the original poster provide the MS team with any info on what they
> felt was missed so the developers can continue to develop the "beta" in
> to a finished and functioning production software?
>
> Best Regards,
>
> Dan Bartley
>
> -----Original Message-----
> From: Drew Hunt [mailto:Drew_Hunt (at) Valleymed (dot) org [email concealed]]
> Sent: Wednesday, October 26, 2005 18:20
> To: Shaffer, Bruce; Quark IT - Hilton Travis;
> focus-virus (at) securityfocus (dot) com [email concealed]
> Subject: RE: Microsoft AntiSpyware falling further behind
>
> I know it is fun and easy to disparage MS products, but is it possible
> that other spyware vendors go overboard? Not all cookies are bad. Is it
> possible that some of this might not be considered spyware.
> You mention Zedo. I bet they don't think their product is spyware. Have
> you been to their website?
> You also mention "Cok.ad.yieldmanager" I didn't know what this was so I
> did a search. According to Counter Spy research database, it says,
> "Threat risk: Low Risk -Low risk threats pose a very low risk or no
> immediate danger to your computer or your privacy,"
> How much better do you feel now that the cookie which exposed you to
> little or no risk is now off your machine?
>
> I know we have Trend in my corporate environment, and now they seems to
> classify, worms, viruses, trojans, useful utilities that I use (like
> superscan), real spyware, ad ware, and seemingly every cookie as a
> virus. We have thousands every day and I don't feel any safer. But we
> can report that Trend blocked X thousands "viruses" last week when
> really it just deleted cookies.
>
> My point is that one man's freedom fighter is another's terrorist.
> Before slinging mud at MS and other vendors for their "effectiveness"
> maybe we should define what we consider "effective" and what is
> considered excessive?
> If you don't want any cookies follow one of the other posters advice and
> selectively accept them.
>
> My 2 cents.
>
> Drew
>
>
> -----Original Message-----
> From: Shaffer, Bruce [mailto:security (at) stsgi (dot) com [email concealed]]
> Sent: Wednesday, October 26, 2005 4:25 AM
> To: 'Quark IT - Hilton Travis'; 'focus-virus (at) securityfocus (dot) com [email concealed]'
> Subject: RE: Microsoft AntiSpyware falling further behind
>
> I read about a year and a half ago that there were over 30 million known
> pieces of spyware of which over 5 million were active executables.
> Given the fact that many of the worms slithering across the net out
> there have "call home, self updating capabilities" there will never be a
> comprehensive signature based antispyware that catches even 10% of the
> threats. We need to get out of reactive mode and go proactive, and
> blah, blah, blah.
>
> It is not at all surprising that MS avoids certain spyware. After all,
> when you install MS operating systems out of the box you get Alexa
> before you connect to any network.
> -B-
>
> -----Original Message-----
> From: Quark IT - Hilton Travis [mailto:Hilton (at) quarkit.com (dot) au [email concealed]]
> Sent: Friday, October 21, 2005 4:51 PM
> To: focus-virus (at) securityfocus (dot) com [email concealed]
> Subject: Microsoft AntiSpyware falling further behind
>
> Hi All,
>
> It seems that not only does Microsoft AntiSpyware recommend that
> Claria's spyware is ignored, but it also misses a significant amount of
> cookies that are placed on a system - I have a VPC environment where I
> browse the Internet so that anywhere I go won't affect my regular
> Windows session/installation. Regularly CounterSpy is detecting cookies
> (such as Cok.ad.yieldmanager, CGI-Bin, Cok.AssassinTrojan2.0 and Zedo
> (from yesterday's browsing)) that Microsoft AntiSpyware simply does not
> know about.
>
> Now, this is not only disappointing, but potentially dangerous. Any
> customer or end user running Microsoft AntiSpyware or CounterSpy is not
> being protected from these cookies, and MSAS doesn't even detect them -
> that's right, neither program's active monitoring is stopping the
> installation of these cookies, but at least CounterSpy is detecting them
> post-installation.
>
> AntiSpyware is far, far from the accuracy of antivirus, especially
> something like NOD32. I wonder how long it will be before a decent
> AntiSpyware application is released that, like NOD32 does with viruses,
> actually stops spyware *before* it is installed?
>
> --
>
> Regards,
>
> Hilton Travis Phone: +61 (0)7 3344 3889
> (Brisbane, Australia) Phone: +61 (0)419 792 394
> Manager, Quark IT http://www.quarkit.com.au
> Quark Group http://quarkgroup.com.au/
>
> Microsoft Small Business Specialists
>
> http://www.threatcode.com/ <-- its now time to shame poor coders into
> writing code that is acceptable for use on today's networks
>
>
> DISCLAIMER:
> This message is confidential, intended only for the named recipient(s)
> and may contain information that is privileged or exempt from disclosure
> under applicable law. If you are not the intended recipient(s), you are
> notified that the dissemination, distribution or copying of this
> information is strictly prohibited. If you received this message in
> error, please notify the sender then delete this message.
>
>
>
>
[ reply ]