Security Vendors Aim For Standard Spyware Testing


Several security companies and organizations will collaborate on creating standard spyware testing methods in an attempt to bring some order to a mixed-up security jumble, the firms announced Monday.

McAfee, Symantec, Trend Micro, ICSA Labs, and Thompson Cyber Security Labs will join forces to standardized evaluation criteria, develop spyware metrics, and create a common standard for spyware samples.

The initiative, dubbed Spywaretesting.org, will also make it easier for customers to compare anti-spyware vendors' products, said the companies.

"The successful industry practices previously established for sharing virus information demonstrate the effectiveness of cooperation," said Vincent Weafer, senior director of development for Symantec's security response group, in a statement. "By standardizing methods for sharing spyware samples and testing anti-spyware solutions, customers win."

The ad-hoc group's future plans will include cooperating on spyware naming conventions, intelligence-sharing, and emergency information distribution guidelines.

"There is an enormous amount of confusion about the origins of spyware and the effectiveness of the tools designed to fight it," said Larry Bridwell of ICSA Labs, in a separate statement. "This agreement is an important first step in maturing the industry to the point where it can effectively combat the proliferation of spyware"

The group's first document, a PDF file on anti-spyware testing procedures, can be found on the Spywaretesting.org site.

Anti-spyware working groups seem to sprout like so much spring grass. Last week, Google, Lenovo, Sun Microsystems, MIT, and Cambridge University launched StopBadware.org, a program that will try to shame spyware vendors into giving up their lucrative businesses.