Why are Spyware removal and Antivirus software separate products?
April 3, 2004 2:47 PM   Subscribe

At least historically the AV companies have treated any commercial product as legit, even obvious Remote Access Trojans such as Eblaster. I would guess the reason is the fear of being sued, but I'm not sure about that.
However, this seems to be changing, as the 2004 issue of Norton Antivirus includes spyware-removers.
posted by mr.marx at 3:36 PM on April 3, 2004

AV companies are slowly getting around to more spyware detection and removal - slowly.

The first reason is simply that spyware isn't viral. When you installed Gator (for example) you agreed, in a manner of speaking, to let it install its friends at a later date, to let it send anything back to its creators, etc. So, although spyware does Bad Things much like viruses, there's a thin line of distinction. This distinction is important because AV companies don't want to risk action from an legitimate (if unsavory) company because the AV software removed their wares.

From the AV company's perspective - at what point do you draw the line? Do you un-install the 'web accelerator' that proxies all your traffic through third-party servers, but leave Weatherbug which provides a useful (and popular) service but with often unpopular (amongst those concerned) privacy statements? Remember as well that the real customers of AV software are corporate users - annual desktop plus management server license fees are the real cash cow - so the AV vendors aren't going to roll out this functionality until they can present an enterprise-friendly interface.

All that having been said, AV companies are getting into spyware removal. They have a clever euphemism for it that doesn't spring to mind - "possibly undesirable installed programs" or something like that - but I've seen it as a checkbox on some (enterprise) AV configuration software.

OK, I've got to leave for the airport. The other answer is that behavior-based HIPS software (Cisco Secure Agent and Entercept) are the next-generation AV software, and they may recognize and neutralize spyware based on behavior alone.
posted by sohcahtoa at 3:47 PM on April 3, 2004

Dell got a lot of flack recently for instructing its tech support people NOT to tell customers how to remove spyware when it is determined it was the spyware that was causing the customer's problem. The reason is legal. Dell, like the AV companies don't want to have the Gators and the other spyware companies up in its grill threatening lawsuits.

Like sohcahtoa said, there's that line and technically users are giving the spyware companies permission to install.

I've switched to Mac but the other night I had to switch into VPC and run Windows for a while and was blown away by all the opportunities to get spyware presented to the Windows crowd. You unfortunate bastards.
posted by birdherder at 4:12 PM on April 3, 2004

Not to derail, but the only reason there is so much spyware (or anything else for that matter) for windows is because of its overwhelming popularity. Mac's have viruses, so does Linux. The difference is the sheer number of users change how often new viruses and malicious code (I am putting spyware under malicious) gets introduced into the operating system. This is unfortunate for the people who do not know their computer very well and put up with, what for me would be enough to shoot the damn thing, bullshit from all the spyware adverts and system hogging processes.
posted by Keyser Soze at 6:02 PM on April 3, 2004

True Keyser. Malware/Virus writers go for volume. I've gotten spoiled by not seeing any of those annoyances since switching. A benefit of not running the popular OS is less threats of harm or annoyances.

One the first apps I bought was NAV so I get a little reassuance every time I open a .dmg, .sit, or .tar. One of these days someone will write a virus for the Mac to wipe the smug smile off our Mac loving faces.
posted by birdherder at 8:30 PM on April 3, 2004

Good point Keyser, and one of the reasons why I got my mother an imac as her first computer. It's hard enough talking her through problems on that from a distance of several thousand miles without having to deal with some crappy piece of software accidentally downloaded from some malicious pop-up.
posted by thatwhichfalls at 12:19 AM on April 4, 2004

Yet another reason to diversify the OS scene.
posted by kaibutsu at 3:40 AM on April 4, 2004

My new Norton bitch-slapped Gator.
posted by dgaicun at 9:53 PM on April 5, 2004

« Older In Nabokov's autobiography, &q...   |   Two very nice friends of mine-... Newer »

This thread is closed to new comments.