Spyware adware sneakware
Summary: Sneaky software -- what's your favorite term for it?
The debate over the definitions of adware and spyware has been going on for months. None of the spyware/adware companies want their software to be labeled spyware and many don't even want it to be labeled adware. Within the anti-spyware community there's been a lot of discussion about the terminology as well, and many of us would like to move away from the word spyware, but the difficulty lies in deciding what exact to label the mysterious "stuff" that appears on users' computers: they-don't-know-where-it-came-from-or-how-they-got-it-and-they want-it-off-right-away-ware.
Joel Walsh of WebProNews.com just might have inspired the solution. Sneakware! See Beating Adware, the Sneakiest Software. He contends that adware is "something reasonable people don't want on their computers ". There are those who would argue that, but I think for the most part he's right.
Other labels that have been suggested are Potentially Unwanted Programs (PUP), Potentially Unwanted Software (PUS), Greyware, Advertising Supported Software (ASSware), Mysteryware, Junkware, Parasiteware. Of course the adware industry will object to those with any negative connotation, so the discussion continues. I invite readers to post their favorite term or label and/or make suggestions in the comments.
Related links:
Anti-Spyware Coalition Spyware Definitions and Supporting Documents (PDF)
Wired Giving New Meaning to 'Spyware'
CNET Group delivers definition of spyware
Net4Now Spyware? Adware? Does it really matter?
Freedom to Tinker What is Spyware?
Eric Goldman Some People Like "Spyware"?
Link via SpywareInfo news
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
Spyware is fine for me...
It's all bad. It's all Spyware. None of it is wanted, and users are getting screwed by the millions daily.
Instead of wasting time and resources on what to call it, concentrate on obliterating it from the internet please.
To those Spyware/Adware companies that don't like the name?
Tough Sh*t. Go get a real job and life and you won't have to worry about it any longer.
You people are the bane of my IT existance.
Easy there Bit
I'm beyond troubled lanquage...
I'd like to see all these jackels strung up by their, um, you know what I mean.
This crap takes 30-40% of my support time and I'm fed up with it.
Re: I'm beyond troubled language
acceptable.
Malware
I prefer the term malware - as defined by the Cybersecurity Association. For them a program or system of programs is considered to be malware if it is generally believed to be difficult to find and remove. Specifically, they define a program as malware if both the following are true (sorry *nix users, Windows focus coming):
- 1 - It does not appear in the Add or Remove Programs dialog in the Windows Control Panel, or it appears in that menu but cannot be fully removed using the Add or Remove Programs utility.
- 2 - It automatically launches at system startup, or user login, without a clear on-screen alert to the user.
For more details see:
www.cybersecurity.org/malware-detection-and-removal.html
The two-point definition is simple and inclusive enough to catch most malware - and is fairer than most definitions.
However, I do not believe that it is tough enough. Having had to re-install most of my own business software last year, due to spyware accumulation, I would judge a program to be spyware if it met only one of the above rules, PLUS it was installed either:
- A - Without requesting specific user or administrator consent; or
- B - Was installed as a function of a program for which the user or administrator gave consent - but the function cannot be turned off - or disabled - without removing the whole original installation.
This form of piggy-backing, or dual program installation under one name, is what caught me out. Mostly I would say that I am pretty switched on - and I haven't suffered any major downtime for over two years (the software instal reffered to was done piecemeal - a major irritation and waste of time but not 'business threatening'). That says to me that the main problem is not technical, it is secrecy and underhand practice by the malware industry.
If not properly managed malware can undermine the best security management of systems, as crackers also piggy-back on new vulnerabilities installed as a direct consequence of malware.
On that score I would caution the malware industry; Clean up your act, or 'negative conotations' will be the least of your worries.
For the software majors I would say: This definition (which is a true definition by the way, as opposed to your own pathetic efforts) says that you need to be more open about exactly what function does what, and how sys admins and users retain control...
Problem is...
But, I'm a person that has cleaned off several systems from this form of assault. The terminology and verbage used should be ours to dictate, not the companies that have been exploiting us for several years.
I'll stick with the malware term myself and hope that changes to terminology DON'T occur. This is already a slippery enough slope for uneducated users, lets not complicate it further by tossing new words at them every few months. Just who does that benefit? Not the user, that's for certain.
I applaud those that are frontliners to this fight (Suzi, Eric Howes, Ben Edelman, Paperghost, etc...) but I'd rather see a focus on forcing companies to "clean up" their acts vs creating new language for everyone to learn. In my, ever so humble, opinion this is more of a side fight/distraction from the issues that we all know exist.
Malware, yes. But the problem is bigger.
And the problem blends in with boxed software and other products that aggessively add themselves to the autostarts of a system for strictly cash reasons that have nothing to do with product functionality, like adding autoplays for photo upload services to printer installs.
All this junk is startupware, and it's a management problem--it's not just good, or just evil--it just needs control on every computer. I've put more details and a full defintion up at http://www.startupware.com.
RE: Spyware adware sneakware
How about Arthritis-ware?
Flawed business model
1)Who initiates the service? With Google, it's the user. With Gator (to continue the example), the application is often installed without the user's knowledge.
2)How above board and honest is the company? With Claria, they initially denied that their software did what they later admitted it did. Also, there is no web site you can vists and choose to download Gator, let alone read and consent to a EULA. With all of the Google applications, you have the option to opt out (and not use the software).
3)Google applications can be initiated and terminated at will. In other words, it uses exactly as much computing resources as the user allows. Gator runs in the background, often unbeknownst to the user.
Claria and Google are just one example. And the above list is far from complete.
You can download Gator
Yeah, like I'd trust them with passwords.
But you CAN trust 'em...
...That is, trust them to upload your passwords to some server somewhere.
Crapware comes to mind
I can't overly complain, this surge of spyware related problems is 70% of my business, but it is funded on MY end by the victim. That ain't right, but I won't hold my breath waiting for POLITICIANS to solve the issue.
Call it Scumware, then. (NT)
Ha ha - who thought of "scumware" first?
You beat me to posting the recommendation for the name "scumware". I've been referring to spyware and adware collectively as scumware for maybe 18 months.
When did you first start using / hear the name?
I think pretty highly of myself, but sort of doubt that I came up with the idea "first" ... but wouldn't it be cool?
Anyone know the etymology of "scumware" as a word describing adware, spyware, "potentially unwanted software" (PUS - gotta like that one) &etc?
Ciao!
-Jay Libove, CISSP
Atlanta, GA, US
An excellent reference page
http://www.urbandictionary.com/define.php?term=scumware
What to call it
about miseryware!!!! anyone?
Sneakware?
But a Mac and be done with it!
ARGH!
If you're going to put something like that into a discussion, list out reasons. Why should I buy a Mac? Why should I change how I work as a course of action in response to criminials?!
Mac/Linux/FireFox/Opera all have less known security exploits. All of them have fewer patches than Windows. But without taking the proper steps to secure your system YOU ARE NOT SECURE.
Can a virus infect a Mac? At present no...does that prevent you from passing that virus onto windows machines? No, you can still be USED to distribute a virus...There's more to these debates than a one line statement of "Microsoft sucks."