Open Letter to Software Publishers: No Startupware Allowed!
by Jerry Stern
Chief Technical Officer at Science Translations
Article reprint from the December 2005 ASPects
Another day, another cleanup. This morning’s cleanup was described by a new customer like this: “It’s broken. We can’t run our customer check-in program. The night staff keeps surfing the internet, and loading spyware, so that’s probably it.”
What I found was a computer that, on first look, had shortcuts to software on a drive “y:\” but had no mapped drives, and that was a member of a network named “MSHOME”, which is the default name for new peer-to-peer networks under the Windows XP “run me and I’ll change all your settings back to defaults” network wizard. There was no apparent connection to the network. “System Idle Process” was at 96 to 98%. There was clearly some spyware there, and a peer-to-peer music program, but they didn’t appear to be taking many cycles in Task Manager.
OK, next, ran HijackThis–-the log is three pages long; it should be half a page. The customer created their own doorstop. There were four anti-spyware programs running–all trial versions, and an anti-virus program which included anti-spyware features. The anti-virus software was the product installed by Dell at the factory, and long past the 90-day trial. Overall, the anti-spyware had stopped the spyware from running, and from connecting to the network, in much the same way that a very large boulder, when strategically placed on the roof of a car, will act as a parking brake, by flattening all four tires.
After over an hour, I’d chiseled and uninstalled and ripped out junk in Safe Mode until the task list was down to the absolute basics. Replaced the antivirus software, added parental control software to restrict internet access by password, did a scan, and the new antivirus reported that it had found two pups. Right–it no longer searches for malware, but for PUPs. That’s “Potentially Unwanted Programs.” Mustn’t insult the spyware by putting a negative label on it–this is more software written by lawyers.
At some point, consumers are going to have to learn about autoplays. When they do, if your software autostarts without a very good reason, it’s not going to stay installed past a very short trial. And if it does, I’ll personally rip it out as non-essential during the next spyware/virus/generic doorstop computer tuneup call. And I’m not alone; every field tech I’ve spoken to does the same. Make your software run only when asked to, make it self-repair if needed, and maybe, just maybe, customers won’t blame it when they’ve turned their computers into doorstops.