In Microsoft Takes on Spyware, I said Microsoft's release of a free antispyware tool was a good start. But I think Windows AntiSpyware might fail if the company doesn't keep in mind three considerations: assurance of no surprise fees in the future, ease of deployment, and Group Policy integration.
So far, Microsoft has said that although the beta is free, it might not stay free when the product "goes gold." I think the notion of charging for Windows AntiSpyware is terrible. Microsoft should assure customers that keeping systems secure is a "built-in" feature of Windows. For nearly 3 years, Redmond has claimed that it realizes security is Job One in today's world. Great, sounds good to me. After all, Microsoft has used this The world has changed and we've got to change with it concept as their excuse for not fixing a number of scary remote procedure call (RPC) holes in Windows NT 4.0. It seems only fair, then, that the company respond to this "new reality" in its most recent OSs, including Windows 2003 and Windows XP. So come on, Microsoft, do the right thing and pledge to keep spyware protection free. Imagine if it became common knowledge that keystroke loggers were running on a huge percentage of Windows systems, and that the only "safe" desktop systems were Apple Computer's Macintosh systems. How good would that be for sales?
Remember, this is a beta we're talking about, so no one can say what the final product will look like. Also, Windows AntiSpyware is really just an enhanced version of a previously existing product. So, we have to wonder how we'll install the final product. Currently, it's a basic .exe-type setup program—to which I respond, What?. Microsoft started pushing the Windows Installer (MSI) format for installation routines back in February 2000. You'd think, 5 years later, the company would actually be using it. Hey Microsoft! I like Windows AntiSpyware! Make it easy to actually use! I'd love to be able to use Group Policy to roll this thing out. Please consider repackaging the software in an MSI format, and perhaps a nice MST editor so that I can customize it for my organization and deploy it simply. That way, my users won't be able to so easily install spyware, which translates to less maintenance time and fewer frantic support calls.
And such Group Policy centralization doesn't have to be anything snazzy—just a few registry entries and an Administrative Templates interface. But let me control things such as when automatic scans occur, whether they occur, and what to do when the software detects spyware—remove all, remove none, follow Windows AntiSpyware's advice. Let me keep the user from disabling real-time protection, and for heaven's sake let me prevent that user from connecting to SpyNet, the online network of shared spyware information. Let me handle reporting the bad stuff to SpyNet, and let my non-technical users focus their energies on whatever I hired them to do rather than spending their time helping to build your spyware database.
Along those lines, give me the ability to centralize spyware reports. Hopefully we'll soon see Microsoft's Audit Collection Service (ACS), a tool that centralizes the Security log for any number of systems. Perhaps simply stuffing the spyware logs into the Security log is the easiest way to go.
Spyware is a major threat, and I'm glad Microsoft is taking steps to address it. Let's hope the company takes a few more baby steps to ensure that the problem is put behind us forever.
