Charles Arthur On Technology

Your support helps us to tell the story

Support Now

Find out moreClose

As your White House correspondent, I ask the tough questions and seek the answers that matter.

Your support enables me to be in the room, pressing for transparency and accountability. Without your contributions, we wouldn't have the resources to challenge those in power.

Your donation makes it possible for us to keep doing this important work, keeping you informed every step of the way to the November election

Andrew Feinberg

White House Correspondent

What, exactly, is spyware? The question has become important now that Microsoft has entered the market. The company is careful to emphasise that what is presently being offered for free download through its website is a "beta" product, but even this has been causing a stir.

What, exactly, is spyware? The question has become important now that Microsoft has entered the market. The company is careful to emphasise that what is presently being offered for free download through its website is a "beta" product, but even this has been causing a stir.

First to be stirred, and shaken, are the companies already selling anti-spyware products. The entry of the behemoth of software into their space is a validation of what they were doing, but this isn't much recompense for seeing a potentially lucrative market cut from under you. What if all the spyware business shifts to Microsoft, and it becomes the central resource for deciding what spyware is? Web developers, after all, know that the dominance of Internet Explorer (with about 90 per cent of the market) has meant that Microsoft's definition of how a web page should appear rules, even though, according to the independent World Wide Web Consortium (W3C), it's often wrong.

There's no W3C for spyware, though. How do you define it? The working definition most people use for "spyware" is: some piece of software installed without the user's full knowledge that does something unasked-for to the machine, including hijacking settings and misdirecting browsers, as well as "trapping" keystrokes and sending them out over the internet.

But this is hard to pin down. Thus Microsoft last week had to apologise and pay an agreed sum to a Dutch portal, Startpagina. nl, because the Microsoft AntiSpyware product mistakenly labelled it a "browser hijacker". The director of the site, Bert Wiggers, said: "One mistake by Microsoft can cause considerable damage for other businesses." Startpagina isn't a hijacker. But a case still roaring around the web - but yet to reach the law courts - shows how complex this problem can get.

The problem is a company called iDownload, which offers a product called iSearch, which quite a few companies have classified as spyware or adware. Indeed, if you read the terms and conditions that come with iSearch carefully (as Ed Bott has done at www.edbott.com/ weblog/archives/000491.html, or just read the thing itself at toolbar.isearch.com/terms.html), you'll find that by clicking "Agree" when it comes to installation you're agreeing to have all sorts of pop-ups, pop-unders and "interstitials" (between pages?) appear, and the redirection of your browser on "certain URLs" (search engines, perhaps?), plus automatic updates of iSearch itself and "added features or functionality of additional software, including search clients and toolbars, conveniently without your input or interaction". Yet iDownload can portray itself as legitimate because iSearch has a licence agreement, which does tell you roughly what it will do.

That hasn't stopped many people and organisations, from Mr Bott to CastleCops.com (a spyware-watching website) and Symantec, one of the biggest hitters in the antivirus world, from classifying iSearch as spyware. Symantec says it "is a search hijacker and also tracks user activity on a remote server".

Now, iDownload is the purveyor not only of iSearch but also (and this is where the story gets really murky) an anti-virus and anti-spyware product it calls Virus Hunter ("Keeps your computer virus free, scans e-mail, KaZaA, and protects against spyware!"). Pardon? An anti-spyware product and a putative spyware product, being sold from the same place?

It turns out that Virus Hunter is a rebadged - and more expensive, with more limited terms (including no refunds) - version of BitDefender, which really is an antivirus/antispyware product, but which is available to resellers, who can rename it as they like.

Unsurprisingly, this playing of both ends against the middle (the middle being you, having spyware on your computer and needing anti-spyware to get it off) has caused uproar online among those who'd like to see spyware stamped out. iDownload, which appears to operate out of an office suite in Austin, Texas, has had its firm of lawyers firing off letters to all and sundry, telling them not to class iSearch as spyware.

The upshot: you really wouldn't want iSearch on your computer. But if Microsoft's anti-spyware product flagged it as such, and iDownload complained, would Microsoft fold on the basis that, well, there is a licence agreement, and caveat surfer and all that?

Something similar has already happened. AdAware and Pest Patrol, the latter from the giant Computer Associates, quietly removed WhenU software from their databases of spy/adware recently. Why? Not because the software had changed. The suspicion was that there was pressure from WhenU. Happily, the pressure from users was greater, which led to the products (principally a WhenU program called save.exe) going back on the bad list soon afterwards.

"Anti-spyware software's only as good as the willingness of its maker to stand behind the signature file [that identifies something as spyware]," comments Michael Cherry, an analyst with Directions on Microsoft. "It's my biggest fear about anti-spyware. Will Microsoft get too weak on calling badly-behaved software 'malicious'? Will it hold to a definition, even if it has to go to court to defend it?"

What's not mentioned in all this is the reason why spyware and adware exists - and exist it does, being installed (often without the owner's knowledge) on roughly 80 per cent of Windows computers. The reason: serving ads is big business. Pop-ups, pop-unders, redirected searches - they all generate tiny bits of cash that accrue somewhere out there to the companies getting this stuff distributed. It's not like virus-writers, who often do it for fun. This is about money, and - what's more - it's legal (if unethical, in most cases). And that means that in getting into the anti-spyware market, Microsoft is not just fighting a single rival, as it did when taking on Netscape. Instead, it's going to be up against both sides: rival anti-spyware companies, and the ones who create it. Both will be prepared for court battles. And those are probably the last thing Microsoft feels like coping with just now.

www.charlesarthur.com/blog