Wednesday, March 22, 2006

stopbadware.org should check their own sources

in the recently released report on kazaa, stopbadware.org states:
Sharman Networks claims that Kazaa has "NO SPYWARE", based on a highly restricted definition of spyware (namely, that no personally identifiable information is sent by the program). However, Kazaa's installation includes several bundled programs that are considered spyware under the common definition of spyware as software that subverts the computer's operation for the benefit of a third party (see Anti-Spyware Coalition and Wikipedia's article on "Spyware").


unfortunately, if they'd actually read the anti-spyware coalition's glossary they'd know that in technical settings the anti-spyware coalition uses a definition not unlike sharman networks' definition...

this isn't a deal-killer... at least some of the adware bundled with kazaa is also spyware (even by narrow definitions like my own or the anti-spyware coalition's narrow spyware definition), so sharman networks' claim of no spyware is false...

the problem is what is being communicated to the reader... stopbadware.org is using wikipedia's entry alone as their definition and in my experience wikipedia is not a good authoritative source (a fine informative source, mind you) on much of anything malware related... as the anti-spyware coalition's glossary clearly states, that is not the industry agreed upon definition for spyware - it is a colloquialism that they are forced to recognize in popular usage...

so what? well think about this: with the people backing stopbadware.org, they are invariably going to be regarded by most as authorities in the field - so their use of colloquial definitions rather than formal technical definitions will only serve to reinforce the misconceptions those colloquial definitions represent and lead astray those members of the public who are actually trying to distill meaning out of the various souces in this field...

part of me is tempted to say oh well... after all, what do you expect from people who invented the term "badware" (apparently not aware that the "mal" in malware comes from latin and means "bad") to describe "malicious software that tracks your moves online and feeds that information back to shady marketing groups", which basically boils down to advertising-related spyware (which is a much more descriptive term, come to think of it)... but you know what, misinformation coming from a source this high profile and seemingly authoritative is just not a good thing...

0 comments: