They share similarity, but they are still seen as two separate categories of software. The malware discussed above is absolutely not the same as DRM / Anti-cheat that are bundled in most games today and bundling something that is definitely a "malware" will get you kicked off those platform whereas DRM / Anti-cheat is tolerated.
> They share similarity, but they are still seen as two separate categories of software
Malware isn't really a uniform category of software. They can be harmful in a lot of different ways. Something like a kernel level anti-cheat is malware in almost every sense of the name except the developer's promise that it's not doing anything nasty. And there's a long list of DRM that affects the performance, security, or stability of the system while most users aren't aware this is happening or why. They install a game, everything else that comes with it is realistically hidden just like any malware.
So while you could group them in different categories, many forms of DRM are malware in form and function.
The philosophical definition is what is being discussed because at the end of the day that is all we have. There is no hard-coded, software-defined definition for malware other than the loose, varying definitions baked into anti-malware programs and services, that are based on our philosophical definition and frequently experience false positives and negatives. Conversely, there are very precise definitions for things like a regular expression or a hash table, but malware isn't like that. To say it is "our" philosophical definition is also a bit farsical -- malware is defined by the corporations that own the anti-malware companies. We don't have much say in what that definition is, in practice.
But sticking with a philosophical defintion, malware is a very fuzzy category, and that line is so blurred as to essentially not be there in the case of anti-cheat programs and services, which effectively spy on the user (malware behavior) for financial gain (having a gaming platform that doesn't have a large number of cheaters) and often employ malware tactics like rootkits, VM detection, process inspection, etc.. Similairly Google Analytics definitely meets the criteria we generally use to define malware (spyware in that case) if you raise the bar a bit for things running in the browser.
I agree to a certain point but what I'm trying to say is that you can embed google analytics in your games and it won't get banned from steam, but if you add some kind of software that install popup ads whenever you boot your computer, you will get banned.
No matter how we define those at the end of the day there is a difference between them, so maybe "malware" is the wrong word here as this seems to irk many, but seeing all the replies that group DRM / anti-cheat / analytics / ads (interstitial) and malicious software that get sneakily installed to add toolbar / popups to a computer all being grouped together as one and the same is just wrong because in the practical world those companies makes a clear distinction between them.
So my question is, if the correct word is not "malware" to uniquely specify that subset of software that is clearly banned from those store and won't at large also includes stuff that are OK like analytics. What is it?
Personally, in the real world, I would never specify something like analytics or ads (interstitial) as "malware" (even if philosophically they are) because to me, the way I've seen it used was to identify software that get sneakily installed and add malicious stuff to the user's computer (popup / toolbar / crypto mining).
DRM / Anti-cheat, even tho they are "bad" (I get that), are not going to suddenly start showing ads popup (and if they did and they totally can, the stores would banned those games and would classify it as malware not just DRM).
Making a word too broad means we loose the meaning. There has to be a specific word that describes the exact type of software that I am desperately trying to specify. And I know you know what I'm referring to, and I'm sure everyone understood what I meant, and I get that it isn't "malware" but what is it?
> What matters here is the definition from those platform
I do not agree and I really don't see you being able to support this. They are just different categories of malware. Malware is defined by its characteristics, not the "platform's" (developer's?) definition.
Even if we don't have an absolutely clear, rock solid and immutable definition of what malware is, it's generally accepted that if a piece of software is affecting the stability, security, or performance of a system, while the owner may not even be aware of the presence, function, or impact of that software, then it's malware. More generally performing actions to the detriment of the owner and without the owner's knowledge.
White-hat software that infected routers to fix backdoors and eliminate black-hat malware (so to improve the security, stability, or performance of the system) was in practice still considered malware.
So keep in mind that an attacker punching you in the face doesn't get to decide whether it's assault or actually just percussive transmission of information. It's the characteristics of the action which define it.
