MSAS Permits TRACKING COOKIES

[Spyware Beta User]

According to a Wall Street Journal article today,
Microsoft Anti Spyware purposely permits tracking
cookies!?!

It is reported that Microsoft turned off their software's
ability to detect and remove tracking cookies, after
purchasing the technology (software) to be repackaged
under the Microsoft name.

Who's side is Microsoft on?

 

[Bill Sanderson]

Spyware: Definition of spyware (quoted from
spywareinfo.com): "Spyware is software or hardware
installed on a computer without the user's knowledge
which gathers information about that user for later
retrieval by whomever controls the spyware." Generally,
much so-called "adware" can be considered a form of
spyware (however it typically monitors you for only one
purpose: delivering targeted ads). Tracking Cookies are
spyware.

So if Microsoft's Anti-spyware "does no selective
scanning or removal of cookies," why would I want to rely
on Microsoft's Anti-spyware?

If you need to remove or interdict certain kinds of cookies, Microsoft
Antispyware doesn't do that job in the builds distributed thus far.
Microsoft's stated position, reiterated just yesterday, for example, in the
monthly internet chat with Mike Nash, is that they are learning from the
course of the public beta--so keep the feedback up, and watch to see whether
this functionality may appear later in the beta.

 

[PhilGreg]

[snip]

If you need to remove or interdict certain kinds of cookies, Microsoft
Antispyware doesn't do that job in the builds distributed thus far.
Microsoft's stated position, reiterated just yesterday, for example, in
the monthly internet chat with Mike Nash, is that they are learning from
the course of the public beta--so keep the feedback up, and watch to see
whether this functionality may appear later in the beta.

==> Bill, partially TIC, I have Giant on my 2K system and MSAS on one of my
XP systems. I know Giant and MSAS is no Giant.<GBG>. MS should never have
eliminated the cookie eating function, at least as an option. The internet
community is split right down the middle inre: tracking cookies. MS should
have known that. Comments about MSAS being a learning process may be true
but taking apart a known and effective security program is either senseless
or arrogant. It was bad enough when MS killed functioning for 9X. It was
worse when they downgraded to 'Ignore' as a primary option several well
known and malicious pieces of crapware. Killing the ability to eat cookies
is even worse because it only add ammo to the argument the MS wants to
become Big Brother. Even though the downgrading to 'Ignore' didn't become
publicly known for a few months, it's knowledge became public while MS was
negotiating w/Claria. Talk about bad timing.

That stinks and to even posit that it'll be included in a later version
carries absolutely no weight. The only way MS can carry this off
sucessfully is to allow choice by the user and not the programmer. IOW,
it's my computer and I decide what goes on it regardless of what anyone
else thinks! Until MS learns this lesson they will have to continue to
suffer from a lack of trust by the user.

 

[Bill Sanderson]

I hear you. 'catch is, to allow choice by the user, they've got to classify
the buggers in some agreed upon formal way. I suspect myself that in
addition to waiting upon the beta, they are also waiting upon the
antispyware coalition, and perhaps one or more other industry groups to come
to grips with this issue. We've continually seen hints that this issue is
alive and well within Microsoft, such as the quiz question relating to
cookies in the end-user level quiz at the antispyware site. I don't know
anything about the forces tugging at both ends of this one within Microsoft,
but I don't think the issue is off the table.

--

[snip]

If you need to remove or interdict certain kinds of cookies, Microsoft
Antispyware doesn't do that job in the builds distributed thus far.
Microsoft's stated position, reiterated just yesterday, for example, in
the monthly internet chat with Mike Nash, is that they are learning from
the course of the public beta--so keep the feedback up, and watch to see
whether this functionality may appear later in the beta.

==> Bill, partially TIC, I have Giant on my 2K system and MSAS on one of
my XP systems. I know Giant and MSAS is no Giant.<GBG>. MS should never
have eliminated the cookie eating function, at least as an option. The
internet community is split right down the middle inre: tracking cookies.
MS should have known that. Comments about MSAS being a learning process
may be true but taking apart a known and effective security program is
either senseless or arrogant. It was bad enough when MS killed functioning
for 9X. It was worse when they downgraded to 'Ignore' as a primary option
several well known and malicious pieces of crapware. Killing the ability
to eat cookies is even worse because it only add ammo to the argument the
MS wants to become Big Brother. Even though the downgrading to 'Ignore'
didn't become publicly known for a few months, it's knowledge became
public while MS was negotiating w/Claria. Talk about bad timing.

That stinks and to even posit that it'll be included in a later version
carries absolutely no weight. The only way MS can carry this off
sucessfully is to allow choice by the user and not the programmer. IOW,
it's my computer and I decide what goes on it regardless of what anyone
else thinks! Until MS learns this lesson they will have to continue to
suffer from a lack of trust by the user.

 

[peruser]

Thanks for the source - I appreciate the extra effort.

 

[PhilGreg]

I hear you. 'catch is, to allow choice by the user, they've got to
classify the buggers in some agreed upon formal way.

[snip]

Why? They're only trying to reinvent the wheel. There are already numerous
and credible web sites that delineate what each piece of malware does and
gives instructions on how to delete it.
A simple link to them at the 'Ignore' option will provide the necessary
info for the user to make an informed choice. There's literally dozens of
them;
http://www.google.com/search?hl=en&q=malware+definitions&btnG=Google+Search

Not to mention newsgroups as well.

Meanwhile MS and its coalition can continue working on definitions

 

[Bill Sanderson]

What kind of coordination and $$ payments would be necessary for Microsoft
to incorporate such a mechanism into the product? They'd be dependent on
the performance of those third parties, and the infrastruture used would
have to be beefed up to handle the traffic from many 10's of millions of
customers--remember this will potentially be on every Windows machine, over
time.

Not a chance--whatever they do will have to be based on either their own
analysis and standards, or agreed upon industry standards of some sort.

I ran a TrendMicro Housecall scan of my machine yesterday. It detected 17
cookies , for which the default action was "pass"--I changed that to
"remove."

There was no information whatever available about those cookies--at least
the ones I checked--they had numeric names--cookie162, and while the names
were clickable, that just lead to a search result showing 0 items found.

I decided to trust their judgement, and I don't seem to have lost any useful
cookies that I've noticed today, but if this is all objective and easy to
see and understand, I don't see that reflected in the actual information
presented by Housecall.

(I do believe that some other scanners do better on this, though.)

--

I hear you. 'catch is, to allow choice by the user, they've got to
classify the buggers in some agreed upon formal way.

[snip]

Why? They're only trying to reinvent the wheel. There are already numerous
and credible web sites that delineate what each piece of malware does and
gives instructions on how to delete it.
A simple link to them at the 'Ignore' option will provide the necessary
info for the user to make an informed choice. There's literally dozens of
them;
http://www.google.com/search?hl=en&q=malware+definitions&btnG=Google+Search

Not to mention newsgroups as well.

Meanwhile MS and its coalition can continue working on definitions

 

[PhilGreg]

What kind of coordination and $$ payments would be necessary for
Microsoft to incorporate such a mechanism into the product? They'd be
dependent on the performance of those third parties, and the
infrastruture used would have to be beefed up to handle the traffic from
many 10's of millions of customers--remember this will potentially be on
every Windows machine, over time.

Not a chance--whatever they do will have to be based on either their own
analysis and standards, or agreed upon industry standards of some sort.

I ran a TrendMicro Housecall scan of my machine yesterday. It detected
17 cookies , for which the default action was "pass"--I changed that to
"remove."

There was no information whatever available about those cookies--at least
the ones I checked--they had numeric names--cookie162, and while the
names were clickable, that just lead to a search result showing 0 items
found.

I decided to trust their judgement, and I don't seem to have lost any
useful cookies that I've noticed today, but if this is all objective and
easy to see and understand, I don't see that reflected in the actual
information presented by Housecall.

(I do believe that some other scanners do better on this, though.)

==> Not talking about cookies in general although tracking cookies should
be highlighted. I'm talking about the real nasty stuff like WhenU and Ezula
and Nail.exe and the old Gator which still exists. There's a plethora of
legitimate malware databases out there that can be accessed. For that
matter, with MS developing its own search technology it appears to me that
that would be, for MS, an ideal vehicle for pulling up data. Furthermore,
if the data comes from 3rd parties it kinda' lets MS off the hook when it
comes to the validity of its MSAS recommendations while at the same time
enabling the user to become educated about the dangers out on the net. It's
a win win situation.

BTW, I have to laugh at most of the online scanners. They require the user
to lower their defenses to check for vulnerabilities....Helllooo<G>.