Symantec Takes Heat For Changing Adware Advice

A noted antivirus researcher takes the well-known antivirus company to task for its changing adware definitions. Symantec, meanwhile, claims the high road. (Courtesy: TechWeb)

March 4, 2006

4 Min Read
NetworkComputing logo in a gray background | NetworkComputing

Symantec's out-of-court settlement with an adware maker is a loss for users, an anti-spyware researcher said this week.

Friday, Feb. 24, the Cupertino, Calif. security company announced that it had dismissed its lawsuit against browser and e-mail toolbar maker Hotbar.com, Inc. Last June, Symantec filed a zero-dollar suit against the New York company, saying then that it was seeking a legal ruling that would affirm the position that Hotbar's programs "are indeed adware and can be treated as computer security risks."

Under the new arrangement struck with Hotbar, Symantec has agreed to dismiss the lawsuit but will still classify the company's software as "adware."

Symantec called it a victory.

"What we got out of this was peace from these guys," said Joy Cartun, Symantec's senior director of legal affairs. "We didn't change our detection, so in that way we won."Hotbar, which had hounded Symantec with at least five litigation threats in the first half of 2005, is now blocked from any further action, said Cartun. "We get them to go away, but without having to make a change in our detection of them [as adware]."

Hotbar's chief executive, however, was convinced that he had won. "Both sides now recognize that our application is disclosing its behavior," said Oren Dobronsky. "We've gained that recognition, so that when users scan for spyware, they don't get some kind of alert and by default, then remove it."

Symantec acknowledged that although its security software will continue to detect Hotbar's products as adware, it has changed the recommendation it gives to customers. Previously, Symantec recommended that users delete Hotbar; now, says Symantec, it's reclassified Hotbar's toolbars as "low-risk" and recommends that users ignore the software and let it be.

"We're telling users what it is, and assisting them to make a choice [whether to keep or remove Hotbar]," argued Symantec's Cartun. She also claimed that Symantec had been thinking of making the change long before Hotbar started complaining.

"The change was driven not by Hotbar, but from what we learned what our customers wanted. They wanted guidance," she said. "The change was on a totally independent track [from the lawsuit]."Noted anti-spyware researcher Ben Edelman isn't buying that. By backing down on its recommendation from delete to ignore, said Edelman, Symantec's not serving its customers.

"If I was an IT guy paying Symantec to defend my computers, I'd ask 'what are we paying them for, I still see Hotbar on a user's computer,'" said Edelman. "Something's gone wrong at Symantec."

This isn't the first time that an anti-spyware maker has backed off from a vendor. A year ago, Microsoft quietly changed the advice it gave users on programs supplied by Claria, one of the largest adware purveyors. The resulting storm in the press and by bloggers forced Microsoft to issue an open letter to customers explaining why it made the changes.

Symantec's move is more of the same, said Edelman.

"They just don't get it. Whether software gets consent from users to install isn't the only thing they should be looking at." He questioned whether users of Hotbar understood they would get pop-up, pop-under, and auto-opening ads when they consented to the installation, and criticized the company for targeting kids with come-ons to download and install their toolbars."Children may be less able to assess the merits of an Hotbar offer," Edelman wrote on his Web site in an analysis of Hotbar done last May. "[They're ] less able to determine whether Hotbar software is a good value, less likely to realize the privacy and other consequences of installing such software, less inclined to examine a lengthy license agreement."

Symantec and other security vendors claiming to sniff out adware and spyware should take factors like those into account, Edelman told TechWeb.

"Unfortunately, this isn't the kind of analysis that comes naturally to security experts," he said. "They're used to thinking of worms as all bad, and they're not in a position to shift gears to more subjective decisions."

Still, Edelman's hopeful, if not because of the Symantec dismissal, then because of the general trend he sees shaping up.

"What's interesting is how much things have changed since last spring. Then, there were new letters going out to anti-spyware companies every week. That's stopped as far as we know."Why? I think the legal merits have sunk in, and that adware makers know they don't have a leg to stand on."

SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like


More Insights