Stop the “Anti-Spyware” nonsense!


Some time ago the term “spyware” was invented, and promptly “anti-spyware” products appeared. Their “myth” still persists, many people (who should know better!) recommending that you have an “anti-virus and a anti-spyware product” (I’ve even seen “anti-malware” added to this list which is an even bigger nonsense, since the term malware includes both viruses and spyware!)

There might have been some shortcoming in anti-malware products years ago which allowed these products to appear, however these days there isn’t really a difference. Still, we are left with the archaic idea that we must pay ~30 USD a year for such a product in addition to the anti-malware suite.

A quick quiz: what does spyware do?

  • It writes files to the disk – just like any downloader / dropper – AV products can certainly handle that.
  • It writes to the registry (to make itself start automatically for example) – just like a wast majority of malware – AV products can handle that (probably this was the one weak point of anti-malware solutions which allowed these products to appear).
  • It injects DLLs into other processes (for example by registering a BHO) – just like any good password stealer – AV products can certainly handle that.

Both solutions have the same technological underpinnings (blacklisting of files / registry keys), with the anti-malware solutions having a bigger “list”. So as much as I disagree with the idea of blacklisting, I would hands down choose the bigger list, especially if it includes the smaller one.

So people, please do your users a favor: stop recommending separate “anti-spyware” solutions.

,

Leave a Reply

Your email address will not be published. Required fields are marked *