“Never Disable A Competitor”
In an opinion piece on Network World, Andy Patrizio broke down the current situation between our company PC Pitstop and Malwarebytes. Andy believes that an anti-malware product should never disable a competitor and he even dinged Microsoft for doing that in the past. He also states that,
“The idea that one Microsoft security partner would attack another is unprecedented, as far as I know, especially in the security arena.”
The full Network World article is available at http://www.networkworld.com/article/3155113/security/when-anti-malware-vendors-get-into-a-slap-fight-users-lose.html
Dismissing Trivial Claims
Andy comments on Malwarebytes decision to label PC Matic as a PUP, stating,
“PC Pitstop was considered a PUP for a few reasons, some of which are trivial (claiming that registry cleaning is necessary) and for more logical reasons, such as silent removal of necessary applications, including Chrome’s updater and Java’s updater.”
While he believes that PC Matic disabling updaters is a more logical reason to be a PUP, this is incorrect. PC Matic doesn’t leave the user without updated applications as it takes care of software updates for them. We only disable updaters for programs that we patch automatically for the user. Our vulnerability updates are done quietly and automatically in the background leading to a higher percentage of updates and keeping users more secure.
Software Vulnerabilities — NOT Trivial…
The vulnerabilities disclosed by Malwarebytes were highlighted as “the most damning claim” in the blog. These vulnerabilities, which were disclosed to us a few hours before the blog by Malwarebytes was posted, have already been fixed by our development team. We do take vulnerabilities very seriously and thank Malwarebytes for helping us make our program more secure. However, software having a vulnerability does not make it a PUP/PUA. All well known software has vulnerabilities that need to be patched, some more frequently than others. Java, Flash, Chrome, Firefox and a long list of others have had hundreds of vulnerabilities in the past and are not PUP/PUA. It’s the harsh reality within software development. Malwarebytes themselves also had several severe vulnerabilities in the last year. Andy also mentioned the issues Malwarebytes recently experienced, reporting
“…a few months back, Flexera listed Malwarebytes as one of the top 10 most out-of-date apps, the only anti-malware product on the list.”
Something Missing?
After seeing the claims made by Malwarebytes Andy says,
“Have you noticed something missing in all of this? Like, all of the other anti-malware competitors. Why haven’t Symantec, McAfee, ESET, Kaspersky, Trend Micro and Microsoft labeled PC Matic a PUP? Why aren’t they disabling PC Matic? This really does smack of sour grapes on the part of Malwarebytes simply because PC Pitstop pointed out their lousy performance.”
Background
On December 8, 2016, Malwarebytes started classifying PC Pitstop’s security solution, PC Matic, as a Potentially Unwanted Program (PUP)/Potentially Unwanted Application (PUA). PC Pitstop officials attempted to reach out to Malwarebytes via both formal and informal channels. After no response, PC Pitstop CEO, Rob Cheng, wrote a message informing PC Matic users of the issue.
Shortly after this message was generated, Malwarebytes wrote an article explaining why they were classifying PC Matic as a PUP/PUA. To which, PC Pitstop released a response addressing each claim.
This has led to several third parties, Network World included, sharing their opinions of both Malwarebytes and PC Matic. One instance was Tom Lawrence of Lawrence Systems. Initially, Tom agreed with Malwarebytes’ classification of PC Matic. However, he took the time to speak with PC Pitstop’s Vice President of Cyber Security, Dodi Glenn, to discuss the allegations. After conversing with Dodi and learning more about the product, it is safe to say, he agrees Malwarebytes is incorrectly categorizing PC Matic.