Broadband Tech > Security > Security > Sunbelt Adjusts WhenU Detections

reply to eburger68

Re: Sunbelt Adjusts WhenU Detections

Sybille:

You wrote:

reply to eburger68
Hi Eric,

Thanx 4 your earlier reply, i did check out those links you posted, and a few more besides !

I don't know where you + Suzie + TeMerc + all the other good peeps get the patience to to do as MUCH as you All do. I'm a very patient guy, but i think the mountains of info you all must read/write, along with the significant amount of time it must take researching + cross referencing it all + hosting/posting it etc, would burn most people out.

- - -

2 everybody -

Sure people will have differences, that's just how life is. Not perfect, never has been and Never will be, and they should get used to it and relax a bit more. But when it gets personal it's stepped over the line and benefits No One or the issues. In fact it makes it so much worse cos some people waste lotsa time on that and not what it's Really about.

Exchanging ideas and discussion is great cos it helps us All move forward, sometimes faster, sometimes with hurdles thrown in the way. Who said everything was meant to be easy peasy all the time, cos it aint, but let's @ least try and move in the right direction together.

The crapware merchants would just love it if we all fell out and couldn't sort it out amongst ourselves ! So let's try and keep focused on the Real bad guys hey.

Regards,

Spanner
--
I Only Know What I Know But I'm Learning all The Time - Stay Safe - Spanner intheWorks/SpannerITWks

reply to eburger68
Eric,

You wrote:

reply to eburger68

reply to roamer_1
Bruce:

You wrote:

said by roamer_1:

---

Not exactly- You had said something to the effect that past reputation could be taken into account, but could not be an "end all" criteria, I simply proposed that if the company offered no spyware in any way for a reasonable period (1 yr was the example) then the delisting would take place- Perhaps I read you wrong. It seems you are now saying that past reputation cannot be a factor whatsoever! (?)

Perhaps you could flesh out how you see "past reputation" being applied?

---

said by roamer_1:

---

I understand perfectly that labels are useless for targeting decisions (and I agree with your writings to that effect), but they are awfully handy in discussions. One saves alot of time labeling a creature a "duck" rather than explaining all the features that separate it from other avians in general every time a duck is described... Perhaps with a few well placed labels we might stop talking past each other.

---

said by roamer_1:

---

I was trying to delineate software that has install, notification, keeps ads within itself, and has an uninstall etc. Features you (seem to) describe as making it legitimate, though it is still adware. To me there is no difference, but if you need to define a legal difference, so be it.

I was suggesting an expansion of detect/remove to cover that "group" as well (AolMess and YahooBar were suggested earlier as examples of inclusion), so that these morphing companies could not say they were being unfairly singled out.

---

said by roamer_1:

---

I am against the idea that since the user was stupid enough to install it there should be no easy way to remove it and it must be relegated to A/R simply because it supplies an uninstall routine, or that it would be "Line item only" for removal.

---

said by roamer_1:

---

However, since you raised the point (and with any couched threat unintended), you would be suprised how many of your users ARE your users only with the blessing of their local guru or tech. If it doesn't fly with me, you can bet my users will be elswhere- especially when it comes to security software. My previous post aside, most of my users listen to me and accept my recommendations. I say this only to highlight the point that you do well to be here (and other places like in kind) and pound this out in an acceptable fashion.

---

said by roamer_1:

---

But you also can't take away the ability of the program to do the meat and potatos work that we rely on it to do. As I said before, CYA legally... fine. but give me a "Select all /remove" and keep detecting... Or a global option to select all... so that I can override the suggested action.

I know that you are holding your nose while you do this. I understand that you don't like these companies any more than I do. But in the midst of it you seem to be making the case for a type of "acceptable" level of adware, rather than a rally to "how do we beat 'em now?" which is an uncomfortable residue of this discussion.

So what are you saying in a general sense (not WhenU particularly for the moment)? Is there no productive way that Anti-Spy can assist if an adware drops below a certain level? And if such is the case, where might that level be defined? And if defined, How does one prevent further slippage (herein lies the brow of the proverbial slippery slope)?

---

said by roamer_1:

---

I didn't figure there would be any. Adware is within your pervue (at least traditionally). There are lots of mass uninstallers out there (regedit comes to mind), so that concept shouldn't be a problem...

---

said by roamer_1:

---

If the "known offender" thing is what is in the way, then just give me a PUP (Spybot S&D) page with a "Select all" in settings. Then I can cherry pick the acceptable ones out of the list rather than checking the whole list except three or four...

---

reply to eburger68

OK I have to rant here. First let me say that I skipped about 16 pages of posts but from what I've seen it all looks the same anyway.

I think this thread is a perfect example of one of the major problems that plagues this industry today. This industry has developed a regrettably zealous and uninformed following. By that I mean that absolutely nothing any of these companies ever does will ever work as an apeasement to the large group of individuals that 1. Do not do their own research, 2. Take the word of self-appointed "experts", and 3. Allow their mentality to be formed by the highest common denominator, or simply, follow the herd.

From what I've seen here about the only thing that would satisfy the majority of these posters is to plant a nuke at each and every one of these adware companies and delisting antispyware companies and wipe them out. Unfortunately this is the kind of juvenile mentality that these antispyware companies are up against. It doesn't matter that these companies typically stock themselves with anywhere from 5 to 100 real experts that evaluate and fight this stuff everyday, publish legitimate research, and have the background to actually decide what stuff is harmful and what is not, as seen with Lavasoft and Pest Patrol one zealot starts a rampage about a delisting that 1,000 blind sheep jump on board with and naturally a commercial company has to cave. It's a disservice, to the antispyware companies, to the delisted companies, and believe it or not to the end user. This mentality is so rampant that often an end user that doesn't spend 10 hours a day often receives this extremist advice in some forum from some 13 yr old kid who received the same advice from an "expert" and they take it as gospel and voila, we're crowning another tin foil beanie chief. Now the antispyware company providing that end user with the solution has to take 3 days to calm down and explain to that user how their information is wrong.

I would venture to say that 95% of people in these forums have no formal education in regards to spyware evaluation, detection, and removal. Their education is solely in HJT logs and what someone else has told them is bad. Find me 10 people that have researched every entry on their own and based their decision on that and I'll come to your house and brush your teeth. I would also say that 85% of these people do not do their own research and accept what is spoon fed to them. You spend 3 hours a day on Hijack This logs you say? Great, from that I want you to tell me every distribution method that application takes advantage of as well as provide me with a detailed analysis of captured packet sniffer logs. Along with that I will need to know the company that produces the application, including registrar, address, and contact info. While you're at it go ahead and disassemble all the executables and dlls and get me a detailed report on those.

While we are on the subject and you have your assignments lined up you might as well provide us with every correspondence, contract, agreement, and conversation that has taken place between every antispyware company and every adware company or researcher that they have dealt with. I'm sure this will help you to prove the "conspiracy". Transparency is your argument to that? Well folks unfortunately we live in a corporate world and there's things called NDA's or Non Disclosure Agreements that are typically precursors to any kind of exchange of proprietary technology and information, which of course is a necessity to an honest and partial evaluation.

Now I'll use what I've seen in this thread as a perfect example. I've seen Eric Howes posting in this forum and references to his research. I'll be frank and say that I'm no fan of that rogue antispyware list. While I do believe it serves a purpose and can be informative to those who know how to filter out the biased leaning in favor of Lavasoft I have seen that thing quoted left and right, up and down, 9 ways to Sunday by this zealous following. Up until the point when he justified the Sunbelt changes you all thought Eric and that list was the best thing since sliced bread. Once his research came out and he justified the claims of Sunbelt you people turned on him, tried to chew him up, and spit him out. Absolutely zero weight was given to the fact that he actually did perform and provide non-biased research to back up the decision.

I don't think you can find in any other industry, firewall, antivirus, or otherwise, such a close minded, uninformed, blinder view of progression than in the spyware industry. It suffers from a mentality that is a cancer to the greater good. With such a blind outlook on things you have to realize, if an adware or whatever company honestly cleans up its act and justifies non-detection, only to have the antispyware company have to cave to a herd following public, we're never going to see an end to the problem. What encouragement do these guys have at all if their best efforts go for nill because of an uninformed public? They might as well keep exploiting loopholes and achieving installs and just deal with the antispyware removals than attempt to spend money righting their wrongs.

OK I think I've ranted enough and hopefully you understand my point. I think it applies to life as it does to the industry and I'll provide a couple recommendations to what should be done.

Lessons:

1. Do your own research
2. Use what your told as a factor of your research, not an excuse to do your research
3. People are grownups and need to accept some of the responsiblity over what they do. Your hand wasn't held when installing Windows, why can't we expect the same responsibility for an install dialog?

Resolution:

1. A non-biased researcher standard needs to be created, such as an MCSE or MVP for antispyware studies. This standard could be collaberated on by antispyware developers and open to the public for testing.

2. Subject the standard to strict revocation until we balance the industry. You start slanting in a bias manner or providing pure opinions in your advice, bye bye certification.

3. DO YOUR OWN RESEARCH. DO YOUR OWN RESEARCH. DO YOUR OWN RESEARCH. God, Buddha, and all others gave you a mind of your own and you didn't spend 13+ years in school to be told what to believe by others.

4. Use SaranWrap, not tin foil. This has got to be the most important of all. And no, antispyware vendors didn't kill JFK, build and isolate Area 51, hide Martians, start the FreeMasons and New World Order, pollute the water with pacifying hallucinogens, or turn a blind eye to Pearl Harbor

reply to eburger68
You really should have taken the time to read the 16 pages of posts you admitted to skipping. I'm sure some of the info in them would have enlightened your somewhat sour and obtuse view of the companies and people involved.Oh and by the way, YOU never stated your qualifacations to berate the posters involved in this thread.

reply to IndustryBurnout

reply to eburger68
You rant at us about doing our homework and doing our own research and then admit you skipped 16 pages of posts. I think you sat in front of me at College. Is that you Bob??.

nevermind