Friday, February 11, 2005

fyi Spyware vs. anti-spyware: get it together please!


Pointers to articles:

Coast antispyware consortium falls apart

Anti-Spyware Site Knocked Out By DoS

New Program Attacks Microsoft's AntiSpyware,4902,99666,00.html?nlid=AM_B

Nearly 30 Symantec Titles Open To Attack

Kobielus kommentary:
All of these headlines plopped into my inbox in a single day—this morning. It’s enough to make me swear off caffeine. I’ve got bad enough jitters from the morning news—why feed the fire? I’ve recently been plagued by spyware, and a persistent Trojan that keeps the barn door open to more. I have to run four (count ‘em—four!) anti-spyware programs daily to deal with the situation. But that’s like shoveling the snow while the blizzard’s still in progress. What I gather from this news is that the situation will get much worse before it gets better, because:

• The budding young anti-spyware tool industry can’t organize a coordinated collective response to this common threat.
• The anti-spyware tools that are out there are being attacked and neutralized effectively by the spyware community (or by their own inadequate engineering—viz. the beta Microsoft tool that consistently gives me the Blue Screen of Death)
• The big anti-malware vendors don’t necessarily offer rock-solid defenses against spyware and other threats.
• The biggest OS/application platform vendor is still scrambling to put together a coherent roadmap (and is hurriedly acquiring established vendors to cobble together a strategy).

All the more reason why each of us needs to keep virtual baseball bats by our virtual beds. We can’t trust the locks and guards and surveillance systems that we thought were keeping our perimeters safe. Perpetual vigilance, suspicion, and cynicism are the price we pay for Internet-centric computing. Intruders abound. Sometimes, they trigger no alarm. Sometimes, they snip the wires on their way in.