P
Paul G
For some of us (such as myself with a sandbox for beta
testing), the anti spyware utility, fine as it is seems
to lack one or two key features:
It would be nice to have a 'report suspect spyware
utility' feature.
My sandbox is essentially a fresh clean install with
nothing loaded and is then imaged for easy restoration.
As I surf the net, hoping to find/verify spyware, I'm
bound to pick up spyware and in the process any processes
that escape the security agent and become resident in
memory, can be assumed to be spyware.
In this case it would be nice to have a feature that
allows one to upload a copy of the exe to a spyware
clearing house. The spyware clearing house generates
statistics that are also gathered on the file such as
name, md5 checksum, count of manual detections
(registered copies can get to vote once on a given
spyware file, but a total count of uploded files is
maintained).
Having such as list (microsoft) would allow the
maintainers of the signatures to quickly identify new
spyware threats and pass it along to the antispyware user
base.
It also would be a good idea to have a 'paranoia' mode
that second guesses everything, such as when any process
is started, like zonealarm catching processes going out
on the net, it pops up a confirmation dialog stating -
this program xyz.exe is being launched. It is not known
to be spyware, but might be. Do you want to proceed?-,
auto archive a copy of the bat/exe/js/whatever it does
not recognize and has no prior knowledge and offer to
send that file as potential spyware.
A sandbox is the ideal environment for trolling for new
spyware and spyware enabler controls and would be a good
way to keep up with the new threats.
testing), the anti spyware utility, fine as it is seems
to lack one or two key features:
It would be nice to have a 'report suspect spyware
utility' feature.
My sandbox is essentially a fresh clean install with
nothing loaded and is then imaged for easy restoration.
As I surf the net, hoping to find/verify spyware, I'm
bound to pick up spyware and in the process any processes
that escape the security agent and become resident in
memory, can be assumed to be spyware.
In this case it would be nice to have a feature that
allows one to upload a copy of the exe to a spyware
clearing house. The spyware clearing house generates
statistics that are also gathered on the file such as
name, md5 checksum, count of manual detections
(registered copies can get to vote once on a given
spyware file, but a total count of uploded files is
maintained).
Having such as list (microsoft) would allow the
maintainers of the signatures to quickly identify new
spyware threats and pass it along to the antispyware user
base.
It also would be a good idea to have a 'paranoia' mode
that second guesses everything, such as when any process
is started, like zonealarm catching processes going out
on the net, it pops up a confirmation dialog stating -
this program xyz.exe is being launched. It is not known
to be spyware, but might be. Do you want to proceed?-,
auto archive a copy of the bat/exe/js/whatever it does
not recognize and has no prior knowledge and offer to
send that file as potential spyware.
A sandbox is the ideal environment for trolling for new
spyware and spyware enabler controls and would be a good
way to keep up with the new threats.