Walt Mossberg at the Wall Street Journal reviews the new Microsoft AntiSpyware program today. I disagree with several of his conclusions. Let’s start with one complaint where I think he’s absolutely right:
I found the program easy to use, though downloading it was a bit of a hassle because Microsoft tries to get you to verify that your copy of Windows isn’t pirated, which can force you to dig up your Windows serial number. You can avoid this step and still download the program, but you have to pay careful attention to the download options.
I agree. The whole Genuine Windows program should be reserved for add-ons and fun stuff. Security updates should be available to anyone with as little hassle as possible.
The software offers two kinds of scans: a quick, five-minute version, and a longer version that took about half an hour on my test machine. But the scans missed some spyware found by [Webroot’s] Spy Sweeper. In particular, Microsoft missed “tracking cookies,” small files deposited by Web companies, often without your knowledge or permission, that track your online activities. The Microsoft program deliberately doesn’t look for these. Microsoft officials say they are concerned that some legitimate cookies, such as those that store Web-site login information, could be unfairly labeled as spyware. They promise to add tracking-cookie detection in the future.
Absolutely agreed that cookies aren’t spyware and shouldn’t be detected or removed as such.
It’s quite striking how badly other companies (even companies I generally admire, i.e. Webroot) have done with this issue. It seems like they’ve been stuck in competition with each other — who can detect more stuff as “spyware” and make the issue sound bigger, perhaps for PR purposes. Certainly the Webroot surveys for Earthlink had this ring to them — reporting millions of tracking cookies as if this told the world something about the spyware problem.
Major kudos to Microsoft for getting this right the first time, and for being an industry leader in doing so. Here’s hoping the reviews praise this improvement.
The security companies have trained reviewers to think “more is better,” and this may take some time to overcome. I hope that Microsoft doesn’t cave on this issue just to avoid some unwarranted criticism.
Even worse is the way the program handles another spyware problem, the hijacking of Web-browser home pages and search pages. This is a spyware technique in which the home and search pages in a Web browser are replaced by pages selected by a spyware company, and it’s nearly impossible for a user to restore his or her own selections.
The usual way of handling this, with programs like Spy Sweeper, is to detect the page changes and to restore the user’s original choices. But the Microsoft program tries to replace the spyware pages with home and search pages from MSN, Microsoft’s own online service. This smacks of the same kind of coercion the spyware authors are using.
Microsoft insists it isn’t trying to drive people to MSN…
I discussed this problem in an earlier post. The code that Walt is complaining about is exactly what was in the original Giant AntiSpyware, and there’s a logical technical reason for it. (Remember, the Microsoft beta was released less than three weeks after the program was purchased, and there were two holidays in there.) So insinuating that this is devious behavior from Microsoft is unwarranted. Nonetheless, I expect that this feature will be changed in the final release. I would recommend that the program ask the user during setup to confirm that that the current home page is their preferred entry. Clicking Yes would write the value of the current home page to the Default_Page_URL value in the Registry
Not only that, but Microsoft AntiSpyware does nothing at all to protect users of the rival Firefox Web browser from home- and search-page hijacking. It detects and corrects such hijacking only in its own Internet Explorer Web browser. The company says it is trying to focus on things that affect “the largest number of customers,” and it notes that the vast majority of users rely on IE. But this, too, smacks of favoritism toward Microsoft products.
Well, again, this is the original code from Giant Software, so it seems a trifle unfair to blame Microsoft. But tell me, has anyone seen a home page hijacker that works on Firefox? Is Walt asking for a solution to a problem that doesn’t exist?
Walt recommends Spy Sweeper. Sadly, I think the main reason is because its scan detects hundreds of tracking cookies and thus appears to be more aggressive. In my review of that program last year, I found that it actually tried to remove or disable completely innocent programs that I use regularly. A reader reported similar experiences; in fact, Webroot’s program actually disabled all access to the Internet for her. More (and more aggressive) is not necessarily better.
I’ll have more to say about cookies in a follow-up post.