Talk:Spyware

Obviously, we all know what the best software is, but is it worth writing something objective about antispyware solutions and linking to a number of reviews? Could be helpful... Elliott C. Bäck 05:47, 5 May 2005 (UTC)Reply

There used to be a huge list of links on the main page, most of which went to pages that were either spammy or pushing some sketchy products--I've cleaned up the links so that at least all of them are somewhat relevent. If I missed something, let me know...

You removed links to several Wikipedia articles on spyware removal programs. I recommend returning those links. -- LGagnon 17:20, May 2, 2005 (UTC)

Can you state which in particular you find relevant, non-spammy, and non-redundant? Elliott C. Bäck 18:32, 2 May 2005 (UTC)Reply

At the very least, Ad-aware and Spybot should be mentioned in the article. They are the top 2 anti-spyware programs, so it would be best to at least mention this in the article. Other notable ones (MS's new program will likely be important over time) should be given at least a small mention. That isn't to say that all need to be mentioned (the rest can just be added to Category:Spyware removal), of course. -- LGagnon 20:04, May 2, 2005 (UTC)

Oh. Those aren't mentioned in the article, but I didn't change the article. They're still in the external links, though, of course. Feel free to mention them in the article...

I've not used wiki's for long, all of what I state here is strictly "IMO".

Topics:

What is spyware?
How does spyware get on your computer?
Who makes spyware and why is it on my computer?
How do I fix it? spyware removal
Can I uninstall just the spyware?
What legal obligations might I have if I uninstall spyware?
Spyware in the news
How do I prevent it?
Where can spyware hide?
Why is it not in add/remove programs?
Can I just delete files I think are spyware? (gasp, dirty winsocks in my system32 folder!)
Why is it hard to remove?
Why does it make my computer unstable?
Why doesn't my antivirus program prevent it?
Why doesn't my firewall stop it?
But I download games, play mp3's, get cheat codes, download cracks, and visit all the COOL sites!

I've seen documented issues ad-aware, and spybot destroy internet connectivity to the point, where a normal ISP can only send them to their OEM for help. It's a good idea to stress what should happen, and what can happen.

Ad-Aware and Spybot used to destroy LSP files when certain spyware was removed. For the most part I think the issues have been removed. If not, the program LSPFix can usually take care of the problem. Maybe something about LSPFix can be added to the article?

Brendan 16:39, 5 Aug 2004 (UTC)

It should also tone down the "big brother" aspect of the goverment means, because most people experience spyware as a big nuisence (sp?).

Thanks, Scott Edwards - daxal.com

Anything downloaded "free" from the internet must be assumed to have "spyware," in the form of adware attached to it, especially all the cool stuff. Software has to be paid for somehow. If it isn't paid for by subscription, then it's paid for with advertising. My teenage daughter downloaded so much stuff jammed with adware that it caused my entire system to lockup and cost almost US$500 to repair. Kazaa was the absolute worst. We bought Kazaa Lite so she could play her mp3 files, subscribed to Pest Patrol and regularly scan the system for unwanted programs.

Basically, you got screwed. Lots of free software doesn't have spyware. See the article Open Source. And you paid for a scam when you bought Kazaa Lite, that program is free.

Brendan 16:39, 5 Aug 2004 (UTC)

I cannot speak too highly of Pest Patrol. Its website[1] will scan your system for free and provide instructions on how to remove whatever spyware is found, if any. Otherwise, for about US$40 you can download its removal program. The fee licenses the program to the user for one year. In addition, the Pest Patrol website has a very informative encyclopedia of pests which is updated continually. The US$40 has been money very well spent. I've removed at least 200 pests from my system since I downloaded it in June 2004. --Maryevelyn 00:54, 5 Aug 2004 (UTC)

Here is my expierence with SpyWareNuker:

I purchased SpyWareNuker on 5/21/2003

On 3/22/2005 SpyWareNuker found some SpyWare and when I said remove it the SpyWareNuker deleted ALL my VCom files.

Since then their tech support has been giving me bad instructions about resolving this.

I have now had to reinstall VCom SystemSuite5 four times because SpyWareNuker keeps deleting the files.

I have ALL the emails between myself and their tech support

I have been in computers since 1956 and have a very extensive background both in software and hardware. My picture was even in Business week and I was a VP with 7 Computer Companies.

Here is my background: http://www.dowebpages.com/work

Can you believe that in their last email they said in part, "The images you have sent are all from different programs which leads us to believe that you are not sure what program you are using."

Whoops! I wrote this based on my misunderstanding of a sentence in the article. Obviously its too late for me to be editing Wiki. I may rephrase that sentence so no one else is confused by it.

Brendan 02:15, 19 Aug 2004 (UTC)

Can anyone verify that all the links to spyware-removal sites are genuine? As it so rightly says in the article, many sites claming to offer anti-spyware software are just using a clever means to install their own. www.freespywareremoval.info, for example, looks like a very helpful site, but I'm hesitant about using it before someone can confirm that it's genuine. I'm interested to know what such sites have to gain by handing out this free software. It seems like no one gives software out for free on the internet without some vested interest. Does anyone have any answers?

This this one here http://www.lavasoftusa.com/ direct download in http://downloads.foruns.org/?id=30 www.freespywareremoval.info looks clean to me!

A free spyware remover I've just installed tells me it guards against 'tracking cookies'. What are these, how do they work?

Tracking cookies are used by advertisers to store information about you based upon the sites you visit (and download their adverts from). A privacy rather than a security breach. Maybe an article should be created on other "dangers of the web" and remedies. Tracking cookies can mostly be prevented by not allowing third party cookies from websites. (This is an option in IE and Firefox IIRC).

Hi, Ferkelparade. About your contrib "Revision as of 11:31, 14 Feb 2005 rv rather incoherent POV". This is not nearly enough a justification. What is incoherent ? And what is POV ? You have to do your homework befor revert. Note as well a POV section is seldom to be deleted but rewriten.

Now about the actual content of my contrib here. The point in spyware is mostly human factor. Who will deny that ? And the most efficient solution is... human factor. Educate, understand, think: and off the spyware! Correct or not?

I think you may have rved hastily because of anon. Nontheless, there is a point here. If it's POV: rewrite as you think best. Beyond your freedom, that's your duty.

Bye bye

Anon - 213.190.129.19 09:33, 17 Feb 2005 (UTC)

Although Enigma's software is no longer classified as "rogue/suspect" (Spyware Warrior - Rogue/Suspect Anti-Spyware) it is still not recommended as a solution. To quote, "Given the many excellent competing anti-spyware applications that are available (some for free), users would do better looking elsewhere for trustworthy anti-spyware protection." From personal experience and testing of their products, I would have to agree. --Kyrin\^talk 17:55, 2005 Apr 5 (UTC)

Have you tried Adware Alert http://sahosted.com/spyware/index.html

It's on the Rogue Antispyware list. RainR 02:17, 21 Jun 2005 (UTC)

Just FYI, this article was mentioned in a San Fransico Chronicle article about spyware today. go wikipedia! YggdrasilsRoot 7 July 2005 14:25 (UTC)

I'd like to see this become a featured article. It's a topic of substantial importance to the majority of people who visit Wikipedia. It has been a remarkably stable and uncontroversial article. It's even been cited in mainstream media. With the gracious contribution of screenshots by User:Incognito and User:StevePR I think we have a shot at featured status. Here are a few things that concern me, though:

I'm not sure if we should list "known spyware" programs -- at least, not so predominantly. We can't expect to keep such a list up to date, and there are much better lists out there on the Web than we can maintain here. We do have a Category:Spyware in which the Wikipedia articles for various pieces of spyware are already listed, so it's not as if we'd be without a list of Wikipedia articles about spyware.

It would seem more useful to have detailed descriptions of a few typical pieces of spyware -- the ways they get on a system, their effects, the nature of the firms or attackers who control them, and so on. We need to avoid original research here, though: even if you're a security technician (as I am) it's probably not enough to just fill in details about the latest spyware you cleaned off a system. Citations are a plus.

More screenshots or images would always be great. Particularly if anyone has, or feels like making, (freely licensed!) screenshots of particular pieces of spyware in action.

Currently we've got a template box at the bottom of the article about "forms of software distribution". I'm not sure what that's doing here -- it was here when I came to this article, so I've avoided deleting it. Spyware doesn't seem to be to be a "form of software distribution" any more than viruses or worms are. The template box seems a little ... curious ... anyway, since it lists "vaporware" which is precisely not a form of software distribution.

Thoughts? What else does this article need before it gets submitted to WP:FAC? --FOo 7 July 2005 23:36 (UTC)

I'd also like to see this article become a FA. We'll need to work on it a bit more before nominating it, though. The lack of a References section is a serious problem, as there's no way it can be a FA without one (and I highly recommend using citations for specific parts of the article, as it really strengthens the article's integrity). We should go through the External links section (which seems a bit big for an article with no References section) and see what we can move into the References section. -- LGagnon 19:45, July 10, 2005 (UTC)

Good point. I've done a little of this now. --FOo 21:02, 10 July 2005 (UTC)Reply

Could we get more news articles in there? I've moved one in from External links, but I'm sure we can get a lot more. It's best to have more reputable sources added to the References section so it looks more reliable (and you shouldn't have trouble finding some). Also, since you are a security technician, you may have some books that mention info on the subject, so if you do you could use them as well. Also, let's try to get these things cited with the ref/note scheme. For instance, the article for Chuck Palahniuk (which I worked on) is heavily cited in this method, making it very sturdy and unquestionably well researched. This I find to be the best way to insure that an article stands a fighting chance of becoming a FA. -- LGagnon 22:02, July 10, 2005 (UTC)

Let's also move some of the external links scattered throughout the article to the reference section and replace their previous position with citations. Again, this is a highly recommended way of strengthening the article. -- LGagnon 22:13, July 10, 2005 (UTC)

There are many websites linked in this article that only repeat info from other, more reliable sites that are have been added as references already. Additionally, a Google search is linked, which isn't usable as a reference. I'm going remove many of these links to make the article a bit cleaner. -- LGagnon 00:38, July 11, 2005 (UTC)

Check that Google search again, and please consider putting it back in as a direct link rather than a reference, then. The purpose of that search (for the name of the "Marketscore" spyware in *.edu sites) was to illustrate the prevalence of blocking this particular spyware in educational sites. --FOo 02:04, 11 July 2005 (UTC)Reply

Let's not move references (especially ones that are cited) to the Research section. We only need one References section, after all, and moving them around makes for a confusing and unorganized article. -- LGagnon 01:03, July 11, 2005 (UTC)

Someone has been adding references with citations links but the citation goes nowhere within the article (specifically, Hardmeier, Sandi, Healan, Mike, and Stevenson, Larry). Can someone actually cite these references properly? Also, can we add citations for references that were added without them? -- LGagnon 01:07, July 11, 2005 (UTC)

There are a lot of links to castlecops.com that do not serve as a reference for this article yet are scattered all over the article. I suspect this as being link spam and I am going to start removing these links unless someone can give a good reason for there being so many of them. -- LGagnon 01:25, July 11, 2005 (UTC)

Agreed. These appear to have been added by User:Zhen-Xjell who just showed up recently and started throwing links to the Castlecops site on a number of articles. --FOo 02:07, 11 July 2005 (UTC)Reply

I've just found out that Zhen-Xjell works for CastleCops. I'm deleting his link spam. -- LGagnon 02:11, July 11, 2005 (UTC)

I don't make any attempt to hide that information, however as I have previously said, the information I provided (much to CC, but also to other sites such as Sunbelt, Microsoft and Spywareinfo) is useful information. As I said elsewhere, I made a research section in the spyware article with links to database lists that cover startups, services, LSPs, process lists, spyware/adware, etc. Just what is the aim of the article if such information is disgarded simply because I posted it?--Paul Laudanski 02:01, 12 July 2005 (UTC)Reply

As I mentioned in your talk page, you add them without reason (do they give info that other links don't provide?). And if there is so much useful info on the site that you can find multiple instances of useful info, yet you won't use it for actual, citable references (which you did try, but you put a citation on it that lead to nowhere within the article, making it look very suspect), then you should only give a link to the main page of the website. Otherwise, multiple links to a website without justification is link spam. -- LGagnon 02:12, July 12, 2005 (UTC)

I am still a 'newbie' when it comes to Wiki code, and wasn't sure what that was so I copied/pasted what was already there. Of course I now know. As to the practical question of what is WP permissible, I have made a reply in Wikipedia:Votes for deletion/CastleCops.--Paul Laudanski 03:17, 12 July 2005 (UTC)Reply

(do they give info that other links don't provide?) said by User:LGagnon. I apologize for not answering this one sooner. Most of the CC links I added contain information that otherwise cannot be found elsewhere. For instance, the CLSID link (O2/O3) and the other links under the Research section have their master copies (and thus either sole instance or most current) at CC. Notable examples are the O18s and O20s. I thought it was pertinent to include CC in the list of Communities since we do have (at the moment) 143,529 registered users (with a large volunteer staff dedicated to security, privacy, and spyware matters). This is why I had created a Research section and moved the Process Library link there as they have a vast database of processes. Until today, I was unaware they even had a forum community. I hope this answers any questions. --Paul Laudanski 04:43, 12 July 2005 (UTC)Reply

I just rechecked the article and it was the citations I removed, not the links themselves. If you want to add citations for those somewhere in the article where it would be useful, then that would be helpful. Anyways, the reason I said they looked suspect is because it seemed as if you were passing them off as actual citations (assuming you had noticed the tons of citations spread throughout the articled). I had assumed the reason for the citations was obvious from how I was handling them in my edits. As for your website, you can add a link to it in the External links section, but only one that links to the main page of the site. Various links to a site are usually only done when articles from the site are being used as cited references. If you'd like to use articles from your site as references for info in the article already (try not to use it for already cited text, though), or for new info you'd like to add, that will be fine so long as proper citations are used. -- LGagnon 06:00, July 12, 2005 (UTC)

Thank you for the informative reply. I can understand now why my ignorance as a new comer has caused confusion. It certainly was not my intent to do any harm, rather to do good. As a reference point [2] so that I understand, would the addition of Larry Stevenson's article on Spyware and EULA Hooping [3] be OK to reinclude along with the entries I added from Sandi Hardmeier and Mike Healan (Spyware#References)? I have more links on this topic available from other noteable experts on Spyware I would certainly love to add. On the topic of re-adding my site to the Spyware#Communities, would it be appropriate then to include a text description stating several database research lists are available? I'll try it out now, so please let me know.--Paul Laudanski 06:37, 12 July 2005 (UTC)Reply

Yes, you may re-enter your site in the Communities section with a short text description. That's perfectly fine, so long as it's only one link. As for any specific articles, we shouldn't clutter the References section with uncited references at this point, as that will only fill it up with explained references that we don't have a need for. If you can cite a piece of text in the article that it is usable as a reference for (or if you can add new, useful information that it can be cited for), then it'll be ok. Let's try to add more references than External links, though; the EL section doesn't really need to be filled up that much more, while the References section is always open to more (that is, so long as it is reasonable and citable). -- LGagnon 18:29, July 12, 2005 (UTC)

Understood. Have you checked my entry? I had last night linked to the article CastleCops followed by the external link to the homepage. As to more references, I'll ponder thru it and see what else I can add of value.--Paul Laudanski 19:44, 12 July 2005 (UTC)Reply

Listed under "Known programs bundling malware" is MSN Messenger.

However, there is nothing on the MSN Messenger Wikipedia page that mentions any malware.

Would it be an idea to add a quick note in this article mentioning what kinds of malware are bundled with each of the "Known Programs"?

(Posted by MinstrelOfC: Note that I am not logged in due to technical issues)

66.82.9.43 01:43, 12 July 2005 (UTC)Reply

That section seems like a bad idea to me -- if nothing else, it will be very difficult to maintain in an even-handed way. Perhaps it should simply go. If people working on articles for particular software products wish to place them in Category:Spyware, they can do that, after all. --FOo 02:14, 12 July 2005 (UTC)Reply

I think that it can be maintained for at least programs that we have articles for; that'll reduce the amounto of work needed for it. I suggest renaming the section "Notable programs bundling malware". As for MSN Messenger, that seems like a suspect entry. I'll remove it until someone can verify it. -- LGagnon 02:46, July 12, 2005 (UTC)

Many of the programs listed in the section no longer contain any malware/spyware. Is the list intended for historical purposes, or current warnings? If it's for current warnings, the programs that have cleaned up their act should be delisted. If it's for historical purposes, then I think something other than a list (perhaps detailed explanations of what was included, why it was bad, etc..) should be added. Kynes 03:18, July 13, 2005 (UTC)

We aren't in the business of maintaining a "blacklist" of software that comes with spyware. This is exactly why the list seems like a bad idea to me -- making a bulleted list of programs with spyware is going to come across to many readers as a piece of advice: Don't use these programs; they're bad. And Wikipedia is not in the business of giving advice.

However, when & if we do mention that a particular popular program has shipped with spyware, I don't think we'd be justified in deleting that fact just because the latest version has come clean. After all, we don't say that Jesse James isn't a thief just because he isn't stealing any more. Many articles about software, such as Sendmail and Internet Explorer, deal with the security history of those programs -- frequently despite the vendors' wish that we would all forget old buggy versions as "ancient history". Well, history is part of what encyclopedias do; and that's what Wikipedia is.

All in all, I'd be most comfortable with this if we integrated the names of programs that have been well-known or infamous for shipping with spyware, into the paragraphs that discuss that phenomenon. That way we can make it clear that they are being named only as examples, rather than as a blacklist; that it doesn't matter whether they're still shipping with it but rather that they were well-known for doing so; and that we're not interested in trying (hopelessly!) to maintain an exhaustive list. --FOo 04:48, 13 July 2005 (UTC)Reply

That sounds like a good idea, FOo. I particularly like the idea to put the names in existing paragraphs, rather than a ominous-looking/sounding list. Within paragraphs, it's much easier to describe actually what spyware was contained (and why the programs as well-known or infamous). As a list, it does sound a bit too much like a warning. Perhaps some names would fit better into the 'routes of infection' and/or 'user consent and legality' sections. As far as keeping cleaned-up-programs, I agree with you, so long as the names move to an become more of a historic example rather than the black-listing-looking-list. Kynes 14:36, July 13, 2005 (UTC)

Maybe we could make a section about the history of spyware that is shipped with programs? -- LGagnon 20:09, July 13, 2005 (UTC)

A history of spyware shipped with programs section sounds like a very good idea. Kynes 16:18, July 14, 2005 (UTC)

I added references for the ones I could find good references for. If we can't find a good reference for a program, we shouldn't list it. That will help prevent hoax entries. -- RainR 09:18, 27 July 2005 (UTC)Reply

That is a very good image to show spyware, but not all theose toolbars are spyware. The Alexa Toolbar and Ask Jeeves Toolbar are the ones I notice. I don't really have any sugestions, I just felt like pointing that out.--The Computer Mutt 20:15, July 12, 2005 (UTC)

Alexa is flagged by Ad-Aware, so it's at least thought of as spyware by some sources, though I understand that many folks find it useful. I can't speak to the others. --FOo 21:15, 12 July 2005 (UTC)Reply

The Desktop.com toolbar, depicted in the image is also not Spyware. See my conversation with FOo. I believe this image should be removed until it can be replaced with an image that does not contain non-Spyware products. --Wksears 20:35, 13 July 2005 (UTC)Reply

I'm slowly coming around to agreeing with you. A lot of the toolbars in that image are ones that people do install for themselves and aren't usually associated with spyware -- for instance the Google and Yahoo! toolbars. I'm writing to Ben Edelman to see if he'll allow us to use some of the screenshots from his Web site. In the meantime, I've moved the image reference here to the talk page. --FOo 00:36, 14 July 2005 (UTC)Reply

I believe a more appropriate name for the image is Toolbarware.png. Internet Explorer browser toolbar software is a different subject, which may merit an article of its own. Note, however, that depending on who you ask, a number of the toolbars pictured that have been characterized in the discussion so far as non-spyware have been considered spyware or at least borderline, not by many, but by a few people online, at least. The Alexa toolbar certainly has, just try a google search for "Alexa spyware", and the Google toolbar is considered by some, perhaps a negligible number of people to be on the borderline.

Spyware makers are starting to learn that it actually hurts them when people start recognizing that their product actually is spyware, see here. So the typical marketing pitch is "It's not spyware", when in fact it is. That makes it really hard to evaluate in a neutral way, which of the toolbars are actually spyware, so it doesn't seem best to represent them as universally recognized as spyware... only at most as examples of what kind of software that components some computer users consider spyware are typically bundled with. And toolbars are a good example, but fairly narrow of a category (compared to the broad selection of software with bundled spyware): Kazaa or Gator might be better examples, but of-course they say KaZaa's not spyware, and Claria also spins a distinction between adware and spyware.

Merely having some clauses in a EULA presented at installation and/or the documentation describing a program's tracking activities does not make it non-spyware.

This is the problem that arises when using just a few vague names to categorize software... namely, what the names imply and what the names mean to different people bounces around too much: end users think in broad terms, but marketing product vendors want the world's definition of spyware to be as narrow as possible, to ensure their product doesn't fit any severe category; it is easier to give a positive spin on the name adware, of course, and it would be nice if the name spyware were reserved for truly the worst cases, but in practice, it's not... --Mysidia 22:02, 27 July 2005 (UTC)Reply

I couldn't agree with you more! The world hasn't given us a clear and accepted list of criteria by which to distinguish spyware from other things. I don't believe there's a fixed and definitive border between spyware and legitimate advertising-supported software (on the one hand), nor between spyware and clear-cut computer crime or viruses on the other. (I have personally seen a worm outbreak install advertising pop-ups on computers, yes.)

Various interests have proposed definitions of "spyware", usually ones that are intended to justify their own behavior. This is not unusual in the slightest! As a parallel, there's a saying in the anti-spam community: "spammers try to define 'spam' as 'that which we do not do'." That is, many of the parties who contribute to the public discourse about spam -- e.g. Microsoft and Yahoo -- are in part responsible for the problem, but try to define the terms so that their responsibility is not spoken about. Corporate spammers love it when people associate spam with fly-by-night porn sites and the Russian Mafia, because it makes it easier for people to believe that Microsoft List Builder (formerly bCentral) is anything other than a spam-for-hire operation.

That said, we (as Wikipedia editors) aren't here to provide a clear-cut definition of "spyware" either. One of the things I've tried to do here is to instead discuss many of the various behaviors that people associate with spyware, rather than pretending to set up rules for what is and isn't spyware. A corollary of that is that we have quite little ground to stand on in arguing that any particular piece of software is (or isn't) spyware. For instance, we can say that Alexa Toolbar is removed by some anti-spyware programs, but that many people choose to install it. Google Toolbar, to my knowledge, is not removed by anti-spyware programs ... although even if it were, sometimes that wouldn't be definitive: if Microsoft (a competitor to Google) chooses to call Google's work spyware, should we believe them?

Because we have little ground to stand on in claiming that something is spyware, in dealing with this image and the Desktop.com programmer who criticized our use of it, I chose to err on the side of caution. I suggest this is a good policy for this article: if someone can present a reasonable argument that something isn't spyware, and is straightforward and honest rather than (e.g.) threatening us or trying to browbeat us with marketing feces-talk, we should avoid calling that particular thing spyware unless we have an equally credible expert opinion otherwise. (If Edelman says it's spyware, it's spyware.) --FOo 00:19, 28 July 2005 (UTC)Reply

Subject: Wikipedia article on Spyware

Mr. Edelman --

I and a number of other folks have been working recently on the article "Spyware" for Wikipedia, the open-source encyclopedia. Your Web site and your research have been massively useful in researching this subject -- particularly with regard to the disparity between the "consent" that spyware makers claim, and the fact of their installation of spyware by way of drive-by download.

Recently, I've been looking for images to illustrate the article -- most particularly, screenshots of computers infested with spyware. Wikipedia requires that images be freely redistributable -- so I'm wondering if you would be willing to permit us to use and redistribute some of the screenshots from your Web site?

The article we're working on is here:

       http://en.wikipedia.org/wiki/Spyware

Naturally, we would love it if you, as a researcher in the field, had any suggestions or improvements to make on this article.

Thank you for your consideration!

(signature)

--FOo 00:41, 14 July 2005 (UTC)Reply

It's great to hear from you. I'm a big fan of Wikipedia and of all who contribute their effort to this important effort.

I'm happy permit my screenshots to be used in Wikipedia. Can you confirm that the images will be attributed to their source, consistent with <http://en.wikipedia.org/wiki/Wikipedia:Image_use_policy>? Reviewing that policy, it seems that I'll need to license the images at issue under the GFDL. That should be fine -- perhaps you can let me know which images are at issue, so I can make sure I know what I'm licensing!

Ben

These screenshots have been made available by Ben Edelman to illustrate this article. They are all from his Web site at http://www.benedelman.org/spyware/. He has licensed them all under the GFDL. Please see the image descriptions for the original URLs of the images. --FOo 18:55, 14 July 2005 (UTC)Reply

File:Benedelman-spyware-blogspot-2a.png File:Benedelman-spyware-pacerd-3d.png File:Benedelman-spyware-whenu-license-image011.png

Anyone have any opinions as to which of these would be best to illustrate the introduction? --FOo 18:55, 14 July 2005 (UTC)Reply

They're nice, but I think that they count as fair use, not GFDL. After all, Edelman does not own the copyright to Windows, IE, or BearShare. Then again, I'm not entirely sure how copyright works for sceenshots. Either way, we're not likely to get a 100% GFDL screenshot for this article (don't know of any OSS programs effected by spyware, and don't know of any OSS spyware), but a fair use ones should be perfectly fine. -- LGagnon 02:58, July 15, 2005 (UTC)

Hm. You have a point. Edelman's work in composing the screenshot and making the files still merits some status under copyright, I suspect. Anyway, we have his OK on using them, which I think is important since they're copied directly from his site. --FOo 03:07, 15 July 2005 (UTC)Reply

They all include miniature versions of images made by the companies.. whether the art used in Internet explorer dialog boxes or the Logo used by the company who made the software he took a screenshot of.. In a way, the image in the upper left seems most illustrative, because it pictures the kind of browser prank that the worst spyware has been known to pull (getting the user to install with a quick "Yes" click, without realizing they are downloading and running an application)... --Mysidia 04:37, 28 July 2005 (UTC)Reply

The ones currently listed are worthy of mention, but there are others which I feel ought to be included. I know WP is not a link farm, but this is an article on Spyware.--Paul Laudanski 19:02, 27 July 2005 (UTC)Reply

The External links section needs to be reviewed and have unneeded links removed from it. The section is a bit big as it is, and we shouldn't have links that merely give the same info as the others just for the sake of including them (no link farming, remember). Also, unless someone plans on citing the uncited references in the References section, I suggest removing them, as they currently add nothing to the article. That section is quite big too, which is not a problem, but it shouldn't become a link farm either; at this point, if a reference doesn't relate to anything specific in the article, it's best not to have it there doing nothing. -- LGagnon 21:56, August 1, 2005 (UTC)

I disagree. First the article has already undergone peer review and no one has made mention of the external links section as being an issue. The links that are there now I believe are not enough -- especially the portion that links to spyware cleaners. The links provided in the article are those who are fighting spyware everyday, and granted this is a spyware article, how can it exist without those folks? --Paul Laudanski 23:19, 1 August 2005 (UTC)Reply

I did mention the issue in peer review, though probably not as explicitly as I did above. Even if I didn't mention it, that is besides the point; legitamite issues that are brought up after peer review still need to be dealt with. Like I've said, Wikipedia is not a link farm; we are not here to give shoutouts to people and/or websites that know about the subject just for the sake of mentioning them. We only need references for sites that improve the article, not ones that are simply on the subject matter. At the same time, we only need links in the External links section that provide info that niether the article nor another link in the article provides; in the former case, we should strive to not need to include them, as Wikipedia should be as self-sufficient as possible (thus, the latter case really needs to be taken into account). -- LGagnon 23:41, August 1, 2005 (UTC)

I have to agree with LGagnon. We have categories to provide connection between this article and other articles on similar topics. Almost all of the anti-spyware programs, for instance, have their own Wikipedia articles, and are in a relevant category, Category:Spyware removal.

So perhaps we should simply refer readers to this category rather than listing anti-spyware software on this article. I've tried that out on the article -- see how it looks. Should we do this for the other sections of external links, and pare out the links that don't really inform the article? If it's terrible, go ahead and revert me. :) --FOo 04:32, 2 August 2005 (UTC)Reply

I'm a pretty informed guy, and look how I came into WP. There were lots of things I didn't know, and still don't about WP. However, the spyware article is not for experts, as such, users who come to it may indeed be new. Having that information right at the bottom is going to be highly helpful for them. Removing it may create more issues that its worth. You keep talking about "link farms" User:LGagnon and giving shout outs to other sites. It isn't about that at all, it is about getting the data out to the user community so they can reap the immediate benefits.--Paul Laudanski 14:26, 2 August 2005 (UTC)Reply

I understand what you're getting at, Paul. I hope you see what LGagnon is saying, too. It's easy for a Wikipedia article on a popular topic to get overwhelmed by external links. We aren't Yahoo or Dmoz -- external links are supposed to be a distant third behind content and references here. And one of the bigger problems of a large external-links section is that it invites people to add more and more links of tangential relevance.

As it stands, many of the external links provide the same information that is provided in cited references. Some provide rather less information than is already in the text of the article. (The virusspy.com link is one example.) We also do not need a half dozen "guides" that tell users, "Run an anti-spyware program in safe mode, then install Firefox."

Also, on this particular topic, any external link to an ad-supported site needs to come under additional scrutiny, because of the chance that it's been planted to direct advertisement revenue to the site operator. Many people have added links to sites that mislead the reader into thinking that s/he needs to buy a particular commercial anti-spyware program -- usually, not one of the reputable ones. This is one of the perils of treating external links as a big part of the article. --FOo 15:44, 2 August 2005 (UTC)Reply

You bring up some excellent keywords such as DMOZ. How about then linking to a couple directories out there (incl Google and Yahoo), while also tacking on the Categories as mentioned above? --Paul Laudanski 16:32, 2 August 2005 (UTC)Reply

User:Fubar_Obfusco added in SpywareBlaster for real time protection. There are a bunch of applications which are left out. Last night we launched a new survey on just this very topic. We have many -- but not all -- active protection applications listed here. SpywareGuard is the active protection from Javacool. For instance, Script Sentry has been long in the game, very long, but no one ever mentions it. This isn't to say SpywareBlaster shouldn't be referenced (I know JC), but I think for encyclopedic value the history of active protection in general has to be considered. --Paul Laudanski 23:11, 2 August 2005 (UTC)Reply

I agree! Feel free to modify the article text -- this is, after all, Wikipedia! I notice that the top five apps on your survey are Ad-Aware, Windows AntiSpyware, Spybot S&D, Spysweeper, and "Other", but that the sample size is pretty small (58). I've never used Spysweeper -- I don't personally run Windows, and my workplace uses Ad-Aware, Windows AntiSpyware, and Spybot S&D -- but it certainly seems to deserve a mention.

I added SpywareBlaster specifically because I'd heard it referred to as being unusual in that it was a "spyware blocker" (i.e. real-time protection) before the other well-known ones were. That is, Javacool recognized a need for real-time protection and had a product that did it before the others did. If there's an earlier "blocker"/"real-time" anti-spyware program that's still likely to be recognized, it should probably be noted instead. I can't speak to the distinction between what it does and what Spyware Guard does, and the Javacool Web site doesn't seem to say specifically. Can you elaborate on that distinction?

The article might also benefit from more (cited!) information about the strengths and weaknesses of these programs. If we end up with lots of information we might need to shell off an article Anti-spyware software (currently a redirect back here), but for now I don't think we're too overwhelmed here. --FOo 00:15, 3 August 2005 (UTC)Reply

The sample size for that survey is small since it went live just under 24 hours ago. There is another antispyware survey of which you may find of interest with over 10,000 pollsters: Which anti-spyware cleaner is the best?. Let me get back to you on the rest as we're getting close to dinner. :D --Paul Laudanski 01:39, 3 August 2005 (UTC)Reply

As the individual who screeded the list used in this survey I should explain that we were strictly interested in Active Protection (programs running in background and performing monitoring tasks). I deliberately omitted SpywareBlaster as it is really passive protection (it runs once, finishes, and does not run again until manually initiated). I agree that it provides excellent protection, as do programs which add malicious sites to the IE Restricted Zone and supplemental Hosts files. It was omitted from our list simply because it did not meet the criteria of the list. --Loren Decker 22:02, 6 August 2005 (UTC)Reply

Thanks for the reply on that. --Paul Laudanski 01:04, 7 August 2005 (UTC)Reply

The {{note|name}} thing that goes before references isn't supposed to be placed there for no reason. More than once, we've had editors add them without a {{ref|name}} anywhere in the article to go along with it. The newly added Ecker, Clint reference suffers from this sort of thing, and should either be connected to something in the text (even if something new has to be written for it) or removed. Like I said before, we don't need references hanging around that can't be cited in the text. -- LGagnon 19:25, August 6, 2005 (UTC)

For now, I'm removing the following references:

• Clover, Andrew (2005). "Parasites, or unsolicited commercial software". Retrieved July 10, 2005.
• Edelman, Ben (2005). "'Spyware': Research, Testing, Legislation, and Suits". Retrieved July 10, 2005.
• Hardmeier, Sandi "Malware: Help prevent the Infection". Microsoft. March 22, 2005
• Healan, Mike "Browser Hijacking". Spywareinfo. Jan 12, 2005
• "Security at Home: Spyware". Microsoft.com. Retrieved July 10, 2005.
• Wagner, Christian (2004). "Spyware/AdWare/Malware FAQ and Removal Guide". Retrieved July 10, 2005.

These references shouldn't be added back in until we can actually cite them in the text, as we have no use for pointless references at this point. -- LGagnon 19:30, August 6, 2005 (UTC)

I am amazed, truly I am. Do you know these people? Do you know their reach in the antispyware community? I added in Andrew, Sandi, and Mike. Ben was already there before my edits. Rather than removing them, how about finding a place to reference them in the article? How can a spyware article exist with key folks being removed? --Paul Laudanski 20:13, 6 August 2005 (UTC)Reply

I don't think you understand my point. This isn't about kicking out people based on whether or not they have clout in the anti-spyware community (and no, we're not required to include them if they do have it; this article is not about them). The thing is that at this point we should only be adding references we can cite in the article's text; all others are just deadweight taking up space, no matter how relevant they are. The point is not to remove these permanently (as I moved them here so they could potentially be used in the future), but to set a standard to keep the references section from being flooded with references that aren't really being used for the article. -- LGagnon 21:42, August 6, 2005 (UTC)

I hate to think of "out of sight out of mind". I'd like to think that rather than taking the approach of information removal, take the time to find or create a spot in the article that can call upon a reference. At the moment I cannot do a full review to find such spots, but I had the hopes since this is WP someone would dive right in and help build. --Paul Laudanski 01:02, 7 August 2005 (UTC)Reply

And someone will eventually. The info is still here, after all. In the meantime, the standard needs to be set rather than leave that stuff sitting there any longer. It's been a while since they were added, and no one bothered to cite them; that only makes it seem like no one is planning to. If you want to do so, you're still free to do it, and the info is still here, so it won't be forgotten. -- LGagnon 01:15, August 7, 2005 (UTC)

No hard feelings. Ultimately I would like to see an article that is beyond compare and can truly be called upon from any community as a reference. Although, if you happen to be modifying the article, feel free to re-add them back in appropriately. --Paul Laudanski 01:19, 7 August 2005 (UTC)Reply

LGagnon -- I fully agree with you that references in the References section MUST be works that are actually used and cited in the article. As I pointed out in my recent proposal Wikipedia:How not to be a spammer, the only purpose of the References section is to cite works that are actually used as sources for the article. It is not simply to recommend related works.

However, that said, at least one of the references you removed is actually cited. The Clint Ecker reference I added just prior to adding a paragraph which cites it. Please re-check all the references you removed to make sure that you didn't remove any others that are actually cited. --FOo 23:07, 6 August 2005 (UTC)Reply

At the time that you added the reference, you had no cited text to go with it. Had it been added at the same time, I wouldn't have removed it. It'd be best to add both at the same time in the future so that a situation like this won't happen again. That said, no hard feelings. :) -- LGagnon 23:58, August 6, 2005 (UTC)

Isn't it true that in some cases removing spyware is illegal (breach of contract in Kazza [which stops working if spyware is removed]) in some cases? If so it should probably be mentioned (I researched it but found very little). This is sort of mentioned in the "User consent and legality" section. This link is Broken 03:17, 11 August 2005 (UTC)Reply

Spyware authors would certainly like it if users believed it to be illegal to remove spyware, simply because they put up a "license" claiming so! Without some evidence that any such "license" has ever been enforced, I don't think we need to take them very seriously. Some of them that I've seen suggest that the user must maintain the spyware in perpetuity -- which would seem to mean that the user may never reformat or throw away their computer! --FOo 05:31, 11 August 2005 (UTC)Reply

First off a contract breach is a tort which is a civil matter rather than a crime so it cannot be illegal in the legal sense to remove spyware as a matter of definition. It is not illegal to fail to pay your mortgage, but your bank has civil remedies against you. On the other hand an intentionally or recklessly false claim that an action is illegal could itself be fraud and thus criminal, there is a false statement made with the intention of material gain.

Finally on the civil issue the question here is whether any contract term in a spyware contract is enforceable. First is there a contract, is there an offer, agreement and exchange of consideration? Getting a click-wrap contract accepted by the courts as agreement is not as easy as some think. Most click-wraps are a contract of adhesion and thus invalid. IANAL but neither are many of the people who write the spyware 'contracts'. To make a clickthrough stick the contract terms have to be terms that are usual for that type of business, and the party that created the contract has to be able to show that the terms were the type of terms that would be likely to be agreed upon if the other party was aware of them, there has to be actual or constructive notice of the terms, certain terms have to be conspicuous. So no I don't think it at all likely such a contract would stick but it might be important to mention the slimebags use this ruse.--Gorgonzilla 04:51, 15 August 2005 (UTC)Reply

Can anyone verify that there have been reports of spyware for Linux, Mac OS X, or any other non-Windows platform? The sentence about it seems quite suspect to me, and I think it should be changed back to stating that no spyware has been found on those platforms if no proof can be given. -- LGagnon 14:03, August 21, 2005 (UTC)

As a security technician who uses Linux and Mac OS X every day and provides security support for Windows users, I can confirm that I've never seen any Linux or Mac OS X spyware ... and I've looked, extensively. There have been no credible reports of it. There have been a couple of firms who have tried to sell "anti-spyware" software for OS X ... which software doesn't appear to do anything, but they promise it will protect you from spyware. (And I'll sell you an amulet that protects you from ghosts. Nobody wearing one has ever been eaten by a ghost.)

If anyone has any actual, cite-able sources showing spyware on Linux, OS X, or any other non-Windows system, I sincerely invite them to contribute them. However, in the absence of sources (and in the presence of so very many sources showing spyware for Windows) there is no justification for claiming that any spyware exists for other systems.

I'll make the following caveat: There are certainly backdoors, exploits, and other security threats for non-Windows systems. There are keyloggers, trojaned copies of executables, and the like. However, we would not class these as "spyware" for the same reason that we don't subsume Windows viruses into "spyware" -- they are more descriptively placed in these other caregories. --FOo 15:41, 21 August 2005 (UTC)Reply

Huh. So folks think this is a feature-quality article. Great, spiffy, shiny, and all that jazz. There are still some things to do here. The following is a shot at a "to-do" list and a list of recurring problems that have cropped up in the editing of this article. Everyone, please feel free to add to it. :) --FOo 03:36, 24 August 2005 (UTC)Reply

OK, I've got a question that is probably stupid but I'll ask it anyway. Is it safe to have to have more than one anti-spyware program installed on the same computer?

Basically, yes.

You might run into some problems if you have multiple programs doing real-time protection at the same time, or if you have one program doing real-time and one program scanning. But simply having two installed should not cause problems. --FOo 04:31, 26 August 2005 (UTC)Reply

Thank You.

I'm having trouble finding a source that this had spyware - can someone find one and add it? --SPUI (talk) 14:41, 28 August 2005 (UTC)Reply

I cleaned up the external links section. We need to keep these from getting out of control. Please see the Wikipedia policy on external links in the FAQ if you have any question about what should or shouldn't be there. Basically, Wikipedia is for infomation, not lists of links. The external links should compliment the article, not overtake it. coyote376 7:20, Sept 17, 2005 (UTC)

One thing to really look out for is to check to see whether the external links link to anti-spyware software makers using affiliate ids. That means the webmasters of the "informational" sites get paid for each person referred to the anti-spyware software's site. This could lead to some incentive to create poor sites, if for example they recommend lower quality anti-spyware because the lower quality software has larger affiliate commisions. --RainR 12:08, 6 October 2005 (UTC)Reply

Excellent point. In general we should be pretty suspicious of any external link to a site that pushes software we known to be of lower quality ... or to a site that uses affiliate links itself. --FOo 03:15, 7 October 2005 (UTC)Reply

About 2-spyware.com, it shows exactly what I mean about affiliate IDs. Funny how the top four recommended anti-spywares are all ones that the webmaster has affiliate IDs for. --RainR 10:04, 7 October 2005 (UTC)Reply

yes it is. But referring to your previous comment: "This could lead to some incentive to create poor sites" read some content, navigate around to see if it is really poor or has no content at all, just links. another your quote: "they recommend lower quality anti-spyware" - no in 2-spyware.com case they are referring mostly to "spyware doctor" which has excellent reviews throughout internet. in reference to coyote376 "The external links should compliment the article, not overtake it." - 2-spyware.com actually does that: read the different spyware types: they organised strictly by: what it is, ways of infection, what it does, examples, how to remove and list of parasites. It compliments article.

I moved this discussion from my talk page --RainR

Where do you see link spam? Its a site name. It is within the logo. -- Ugnius 09:30, 7 October 2005 (UTC)Reply

This comment was in relation to [4]

Perhaps spam is too strong of word. I felt the site does not fit within the Wikipedia external link policy. --RainR 10:14, 7 October 2005 (UTC)Reply

OK. lets find arguments why:

the link must be valuable, so that site has unique, hand written reviews, every spyware remover was installed and tested prior to writing the review and you can see that just by actually reading them. huge research center with actual help for visitors. timely answers.

from the external links policy:

What to link to:

Is it accessible? - sure.

Is it proper (useful, tasteful, etc.)? - only few sites in spyware theme actually has similar amount of information.

Is it entered correctly? -yes it is.

this site has even more information that wikipedia about different spyware types and spywares itself.

What should not be linked to:

advertising purposes... Actually there are very few ads in that site. Valuable information is priority.

Lets compare to the other external links:

processlibrary.com - the clone of liutilities.com. actually its their site with the same information just to inflate the serps index and their income. no unique information, no much difference from their main site.

subratam.org - if you'd navigate a bit through site, you'd see that its only few articles and few reviews. compared to hundreds unique content. and there informations is taken from other pages like kaspersky, so NO unique content.

antisource.com - new forum with only few threads

careofwindowsxp and magoo advice are just one article with actually lack of really unique information.

others are really useful forums, so they are good resources.

what is the reason that you think that site dedicated to spyware doesnt belong to spyware category? -- Ugnius 12:03, 7 October 2005 (UTC)Reply

Just because there are still questionable links doesn't mean that all links are acceptable. I'll leave them for now, since I don't want to brush against the WP:3RR. --RainR 12:54, 7 October 2005 (UTC)Reply

I'd like to get proper arguments why, lets keep rational discusion. thank you. -- Ugnius

There does seem to be some unique content there, I'll give it that. The question is whether the unique content balances out the obvious commercialism of the site. --RainR 23:04, 7 October 2005 (UTC)Reply

I find obvious commercialism in all remaining sites I described as a great resources, practically all of them have G ads, and aff links. (with exception of spywareinfo). That doesn't mean that these sites are bad resources and doesn't compliment the article. The question is: is there enough unique content? Correct me if I'm wrong, but this site doesnt look like overloaded with ads, pushes one product or pushes users to buy. User can choose to use free manual solution or product for automated solution by reading reviews. Even for commercial products there is a possibility to choose what to buy. If the site earns something on commissions it doesnt mean, that it is a bad site. When analysing the site you need to look if the content is really unique and if its enought of it. Lots of sites (affiliate sites) just uses the texts what they get from vendors or some scraped texts from other sites, which are not unique. To create unique texts and analyses takes a lot of time and hard work, its is much easier to steal something from others, and this site looks unique all over. -- Ugnius

With the exception of a few articles, 2-spyware adds nothing unique to "Spyware" that you can not already find at CastleCops. Even the content of the articles can be found at CastleCops, just worded differently. There is no new information at 2-spyware. The commercialism at 2-spyware is much more blatant than at most anti-spyware websites. For example, when browsing CastleCops, you are not presented with multiple ads on every page as with 2-spyware. Furthermore, your website may do more harm than good. Every IT professional knows that one of the best tools for removing spyware is Hijackthis but because the website owner at 2-spyware can't make money from Hijackthis, it doesn't even make the top 4??? That's absurd (and dangerous). I wouldn't use ANY of his top 4 products and neither would any credible person charged with removing spyware from a computer. Just about every spyware removal forum out there relies on Hijackthis. It is the number one troubleshooting tool in the industry. How many articles does 2-spyware have? 58 How many of those articles even mentions hijackthis? 1 This website is little more than a storefront for "Spyware Doctor", "eTrust Pest Patrol", "Spy Hunter" and "X-Cleaner". This website contains nothing worthwhile that can't already be found at CastleCops. It may actually contain misleading or dangerous information to anyone with a spyware infestation. And, it is clearly running for profit. The website doesn't even list Hijackthis on their software page of antispyware programs. For these reasons, as well as the reasons mentioned by RainR, it has been removed. Ccole 06:11, 9 October 2005 (UTC)Reply

I disagree. CCole is known user which tries to push his completely new and empty site errorwindows with ads all over, and spams wikipedia with his link to completely empty forum. And he passes his angriness to other sites. What unique in 2-spyware:

1. All parasites categories - even wikipedia doesnt has this information and I hope it will have. for example you can compare sections about adware, computer worms between wiki and 2-spyware. Articles compliment each other clearly.

2. 178 manual installed, tested and reviewed antispyware product. The list is growing.

3. Articles, directory, certification. everything dedicated to spyware.

4. Clear identifications of corrupt antispyware products with evidence.

Articles in 2-spyware has nothing in common with castlecops, and they are not worded, they are written.

Hijackthis is a tool for advanced users, not spyware removal program. You can find very comprehensive tutorial on hijackthis in 2-spyware.

nothing dangerous is not to list free programs in top5. HIjackthis is a good tool and I hope there will be more information on this tool in this site.

removal of the link just because one program is not listen within antispyware section (even if it is listed in other section) is not the reason, because it will be added shortly after owners will read this discussion on wikipedia.