For the past couple years, former Microsoft developer Alex St. John (he was one of the folks behind DirectX) has been writing a monthly column for CPU Magazine, and for about as long he’s been bitching and whining about anti-spyware programs.
After leaving Microsoft, St. John created Wild Tangent which, according to its website, “develops and distributes 1st party and 3rd party downloadable games through a broad network.” I know of the company mainly because Wild Tangent’s crappy games frequently come pre-installed on computers from HP, so every time I buy an HP computer or re-install the OS on an HP, its one of the things I have to go through and uninstall.
Anyway, St. John’s objection to anti-spyware software arose from the fact that a lot of anti-spyware programs flag Wild Tangent as spyware. It isn’t spyware, of course, but as St. John himself acknowledges, a deal that Wild Tangent made for the software to be bundled with AIM 5.0 fueled that spyware perception more than anything else (the short version is that WildTangent became uninstallable and created additional, non-AIM processes at the same time that AIM decided to foist pop-ups on its users — users thought Wild Tangent was spyware and causing the ads, and as St. John puts it, the whole episode was “a PR nightmare”).
But in responding to this PR nightmare, St. John’s proposes absurd solutions for the problem of spyware and similar malware. For example, Sony got caught distributing rootkits on CDs. St. John actually complains that the problem is that Sony doesn’t have enough access to user’s computers,
In a dramatic and humorous demonstration of how absurd the situation ahs become, Sony’s new CD copy-protection scheme, which hides running processes from Windows (Trojan horse?) and debugging tools to prevent music piracy, has been hacked to enable World of Warcraft cheaters to foil WoW’s Warden software (spyware?), which scans your computer for cheating software before you play WoW. Sony of course made a patch available to fix the security hole, but how will you get it if Sony’s invisible software can’t self-patch?
WT? Why would I want to grant to Sony — which has already screwed up my computer if I bought one of its copy-protected CDs — to then have the access to patch said software automatically? In fact, each of the patches that Sony has released to correct the rootkit problem have themselves suffered from one problem or another, in at least one case introducing new vulnerabilities. Yeah, damn, I wish Sony could auto-patch an infected PC.
Frankly, I don’t want software automatically patching. Take World of Warcraft (please). Every single time WoW attempts to update itself I get some sort of message — I assume from the MS firewall — warning me that this program is attempting to download a patch and do I want to allow this or block this. I want this sort of notification.
St. John think this is simply too inconvenient,
[After releasing Windows XP Service Pack 2] Microsoft followed up this maneuver with Microsoft AntiSpyware, a “spyware-blocking” application that also happens to prevent self-patching applications from running in the background or autolaunching without the baffled consumers’ express permission.
If an application cannot run in the background to download patches automatically in wasted bandwidth (as Windows does), then the only solution is to force consumers to patch download at the moment they try to use their applications. To further confuse consumers, Windows may presume to pop up any number of random warning dialogs when a legitimate application attempts to communicate home to check for patches.
A million times no. The most annoying thing about Windows is the number of programs which rudely set themselves to autolaunch without permission (every time I insert a flash drive, 15 different programs think they need to autolaunch and scan for music or photos, etc.)
Every program installed on my PC, including the OS, should get explicit permission before automatically downloading and installing a patch.
Source:
All Software Will Be “Spyware”. Alex St. John, Computer Power User Magazine, January 2006.