Apr 27, 2005 (02:04 PM EDT)
Security Heavyweights Join Spyware Fight

Read the Original Article at InformationWeek

1   2  
You already know that spyware is getting worse. A lot worse. Spyware writers, spurred on by financial gain, are working in a frenzy to make your life miserable.

And while there have been many antispyware improvements lately, the old approach of scan-and-pray just isn't enough any more. Instead, you need new capabilities, new strategies, and most of all, you need more help.

Now that a few really heavy hitters are entering the anti-spyware field, you might actually get it.


Previously By Wayne Rash
VoIP 911 Problems Could Kill You

Stupid Security Tricks

Securing Your Starbucks Experience

Recommended PC Anti-Spyware Products

Some Simple Things You Can Do To Protect Against Disasters

Choosing The Right Personal Firewall


Both Symantec and Microsoft now have free betas of their antispyware applications. Symantec released beta of its first antispyware product last week. Microsoft introduced its Antispyware software in January and updated Microsoft Antispyware in February. McAfee brought out the enterprise version of its anti-spyware package in January; the consumer version came out a year ago.

Microsoft, Symantec, Sunbelt Software and others are creating global spyware reporting networks. When a user's computer encounters a new type of spyware, it can (with permission) upload the details to company researchers, who then analyze the spyware and create a means of dealing with it, which is then distributed in a subsequent update. Computer Associates is working on this capability, but doesn't have it yet. While a few companies have been doing something like that for some time, both Microsoft and Symantec have huge user bases, and that means the vendors will get better information sooner. It also means that there are new, big teams of programmers finding solutions, which, with the changing nature of spyware, can be important, since smaller teams may become overwhelmed by the sheer enormity of the task.

For example, one new technique reported by McAfee is a type of spyware that sets up concurrent processes that monitor each other. When one is found and deleted, one of the other processes will restore it. Fighting this type of threat is a lot harder than just scanning for a signature and deleting.

In addition, companies are banding together to create a common database of spyware, to create a naming convention, and to develop ways of sharing the information, while not letting out the proprietary details of what they do to kill spyware when they find it. Microsoft, Symantec and Computer Associates are all part of industry alliances that are working on open standards for this sharing, in much the same manner in which anti-virus vendors share their virus identifications. Unfortunately, some antispyware vendors aren't joining the alliance.

The battle is also becoming much more serious. One researcher told me that one reason spyware is getting better so quickly is because there's money involved. Virus and worm writers were mostly just hobbyists. But spyware distribution exists to retrieve specific information, and that information is used to make money, whether it's credit card numbers or where you surf on the Web. As the battle gets more serious, it's important to pay close attention to what you choose for an anti-spyware package. Here are some ideas: