Irish software company protests ‘trackware’ label

22 Mar 2006

An Irish company’s software has been mistakenly classified as trackware in the latest gaffe by anti-virus software makers that has seen legitimate software applications unfairly tagged as being a security risk.

Last week PixAlert discovered that one of its products had been identified as trackware by Symantec, one of the world’s largest anti-virus vendors. Ironically, the Dublin-based company’s product involved in this case, SafeScreen, is security software designed to help parents prevent their children from viewing inappropriate images on their computers.

Under the classification, any person using Symantec anti-virus software who tries to install SafeScreen will be told that the product is trackware. Symantec defines this as programs that track system activity, gather system information or track user habits and relay this information to third-party organisations — a classification that PixAlert has categorically refuted.

“By their own definition we’re not trackware; we don’t relay information to third parties,” said PixAlert CEO John Nolan. “It looks like it’s a simple case of misclassification.” However, when PixAlert contacted Symantec it was told that there would be a four-week waiting time for a response and no guarantees have been made that SafeScreen will be removed from the list after that time.

“It’s a worrying ability for a corporate company when they can seriously affect the reputation of a product,” Nolan told SafeScreen has a ‘try before you buy’ version for download on its website; around 1,000 people avail of this option every month and Nolan estimated that around one-third of these would be Symantec users. People using other anti-virus products do not receive this warning.

“Obviously it’s affecting adoption of SafeScreen to some degree,” said Nolan. “If a negative impression is created you would have to work hard to retrieve it.” He added that PixAlert believed that its product had been misclassified “arbitrarily” and claimed that Symantec had not notified it of the change.

A spokesperson for Symantec said they were unable to give specific details of PixAlert’s case but claimed that the detection of such a piece of software does not in any way imply that it is a virus. “It is highlighted to customers as a potential security risk. This is the approach for various forms of non-traditional risks such as spyware, adware and trackware. Users are advised of the presence of such a program and given the option to retain or delete it as Symantec believes users should be given clear notice and choice regarding the installation of monitoring software on their systems,” the spokesperson said.

This is not the first time that genuine software has fallen foul of security vendors. As recently as 10 March McAfee issued an update that wrongly flagged several legitimate application files as being low-level malware. It subsequently issued a new update rectifying this but it is believed that many users may have deleted any suspected files before then. The programs affected included some well known applications such as Microsoft Excel, Macromedia Flash and Google Toolbar.

By Gordon Smith