No 'One Fell Swoop' for Spyware..

[IGBT]

Text


Exemplifying our dissatisfaction is the inability of these products to eradicate Claria Corp.'s family of behavioral marketing applications to our satisfaction. According to Webroot Software Inc.'s Q1 2005 State of Spyware report, Claria's GAIN applications are the second-most-common adware programs detected in Webroot's online scans.


Unfortunately, at this time, it is best to consider these products as intriguing baby steps in the war against spyware?addressing the core security concerns but leaving system performance and worker productivity as targets to address down the road.

 

[ProviaFan]

Interesting, but sad. Might as well say it now since I probably missed the original thread(s), but I am disgusted to see some companies (*cough*Microsoft*couch*) making compromises with these worthless purveyors of malware. :|

 

[mechBgon]

From the sidebar... this guy's article has merit.

Before spending time and money on solutions that follow users around removing harmful applications they've unwittingly installed, companies should make sure that they're granting their users the smallest set of system administration privileges required to get their work done. Far too many users, in both home and corporate settings, run their systems with administrative rights?accounts that grant users (and the processes, both harmful and innocent, that they launch) absolute power over the machines they're using.

Very well said. In a business setting especially, but also in the home, there's merit to the least-privilege approach if it'll work for you. What a nuisance that there's major-name software that is either not tested to ensure it'll work under Limited / Restricted-User accounts, or that is deliberately designed not to (Quickbooks for example). :frown:

 

[spyordie007]

Originally posted by: mechBgon
From the sidebar... this guy's article has merit.

Before spending time and money on solutions that follow users around removing harmful applications they've unwittingly installed, companies should make sure that they're granting their users the smallest set of system administration privileges required to get their work done. Far too many users, in both home and corporate settings, run their systems with administrative rights?accounts that grant users (and the processes, both harmful and innocent, that they launch) absolute power over the machines they're using.

Very well said. In a business setting especially, but also in the home, there's merit to the least-privilege approach if it'll work for you. What a nuisance that there's major-name software that is either not tested to ensure it'll work under Limited / Restricted-User accounts, or that is deliberately designed not to (Quickbooks for example). :frown:

That's when you pull out run-as for these applications.

 

[mechBgon]

Originally posted by: spyordie007

Originally posted by: mechBgon
From the sidebar... this guy's article has merit.

Before spending time and money on solutions that follow users around removing harmful applications they've unwittingly installed, companies should make sure that they're granting their users the smallest set of system administration privileges required to get their work done. Far too many users, in both home and corporate settings, run their systems with administrative rights?accounts that grant users (and the processes, both harmful and innocent, that they launch) absolute power over the machines they're using.

Very well said. In a business setting especially, but also in the home, there's merit to the least-privilege approach if it'll work for you. What a nuisance that there's major-name software that is either not tested to ensure it'll work under Limited / Restricted-User accounts, or that is deliberately designed not to (Quickbooks for example). :frown:

That's when you pull out run-as for these applications.

That's what I do personally, but I don't like the idea of our employees knowing Admin or Power User credentials on their computers. I have one QuickBooks user and resorted to a RunAs with the /savecred switch, and it runs QB under a dedicated account created to make that work. But of course the app has its own "world view" of drive mappings, printers, etc as a result. I sent a pretty aggressively-worded feedback to Intuit regarding what I think of their software :evil: Maybe they've pulled their heads out of the sand since then, I haven't looked lately.

edit: at any rate, if I had a choice between antivirus software plus Restricted User accounts, or antivirus software plus a dedicated antispyware add-on, it's a no-brainer in favor of the first option as long as it's feasible in one's environment. No performance hit, no cost, no need for updates.