Language Selection

English French German Italian Portuguese Spanish

Little Agreement on Spyware Guidelines

Filed under
Security

Many anti-spyware programs scour computer hard drives for those data-tracking files called cookies that we often get from Web visits. Microsoft Corp.'s tool does not. And there are disputes aplenty about whether certain widely used advertising programs circulating on the Internet are clean of spyware.

No surprise, then, that there's little agreement on what should be considered spyware, and what adware is exactly. Or on whether adware, which delivers ads, is a form of spyware or a breed apart.

Consumers are confounded. Is their computer-cleaning overzealous or not thorough enough? Are they removing useful programs with the dreck?

No less vexed are makers of anti-spyware software. They're beset by legal headaches, constantly challenged for what their products define and target as malware.

"It certainly distracts us from the job at hand," said David Moll, chief executive of Webroot Software Inc.

Help may be on the way. Led by the tech-advocacy group Center for Democracy and Technology, the anti-spyware industry is crafting definitions and plans to eventually set up dispute-resolution procedures. A draft is expected by late summer.

"A definition is the foundation," said Ari Schwartz, the center's associate director. "If a consumer's going to make a decision in the marketplace about what they have and what software they are going to use, it's helpful to have a basis to do that on."

Similar efforts, however, have failed before.

Part of the challenge stems from how the term "spyware" evolved.

"It started out as being called spyware because a lot of it was spying on people and sending personal information," said Dave Methvin, chief technology officer with tech diagnostic site PC Pitstop. "It's a catchy, quick word that is always easy for people to understand and say."

But the term stuck even as some of these programs, in response to consumer complaints, began sending back less data and became less sneaky.

In some people's minds, spyware came to include programs that change Web browser settings without asking or trick users into racking up huge phone bills by making the equivalent of "900" calls to foreign porn sites.

"`Spyware' has sort of become the euphemism for any software I don't want," said Wayne Porter, co-founder of SpywareGuide.com.

The result is chaos.

Microsoft, for instance, chose not to scan cookies because many sites need them to remember passwords and otherwise customize a surfer's experience. Cory Treffiletti of the online ad agency Carat Interactive says cookies help sites identify repeat visitors so the same ads aren't shown over and over.

But other spyware hunters flag cookies on the grounds that they help advertisers track behavior. EarthLink Inc.'s Scott Mecredy says anti-spyware programs have gotten sophisticated enough to distinguish good cookies from bad.

Then there's the question of whether "spyware" includes adware.

Claria Corp., formerly known as Gator Corp., has sued several anti-spyware companies and Web sites for calling its advertising software "spyware." PC Pitstop rewrote some of its materials as part of a settlement.

Even "adware" isn't good enough for some.

Joseph Telafici, director of operations for McAfee Inc.'s security research unit, says the company now gets one or two complaints a week, compared with two or three per quarter last year from companies whose programs it has dubbed spyware or adware.

McAfee is in the process of assigning a full-time lawyer.

Symantec Corp. sought to pre-empt a lawsuit by filing one itself, asking a federal court to declare that it had the right to call Hotbot.com Inc.'s toolbar adware. Hotbot did not respond to requests for comment.

Symantec still faces a lawsuit by Trekeight LLC, whose product Symantec brands adware.

Though it has yet to sue, 180solutions Inc. takes issue with "adware," preferring "searchware" or "sponsorware." "Adware" has become too linked with bad actors, and the industry needs more differentiation, said its chief executive, Keith Smith. Most anti-spyware vendors, however, still put 180solutions in that category.

Aluria Software LLC says one company, WhenU.com Inc., has changed its practices enough that it is now spyware- and adware-safe.

But America Online Inc., though it uses Aluria's technology, prefers a different test: What its users think.

AOL found that users overwhelmingly choose to rid their computers of WhenU's SaveNow application when anti-spyware scans uncover it, so AOL continues to list as adware.

Adding to the confusion is the fact that many legitimate programs -- including Microsoft Corp.'s Windows operating system and Web browser -- send out data without making the user fully aware, one of the common attributes of spyware.

And many programs that spy do have legitimate functions -- people may run a keystroke recorder to monitor spouses whom they suspect of cheating. Or they may willingly accept adware in exchange for a free game or screensaver.

Anti-spyware software companies say they leave removal decisions to customers, though many users simply follow their recommendations, failing to distinguish the mild from the malicious.

"If an anti-spyware company recommends that the software (gets) blocked, consumers will typically block it," said Keith Smith, chief executive of 180solutions. "It doesn't matter how good an experience they have with it."

Alex St. John, chief executive of WildTangent Inc., says anti-spyware companies have an incentive to overlist programs: It makes their products appear effective. Better definitions, he said, would help clear his company's game-delivery product.

"We want to do anything under our power to be clearly defined as a legitimate, upright consumer company," he said. "We would love to have something to adhere to."

Guidelines could give anti-spyware vendors a better defense.

For consumers, said Tori Case of Computer Associates International Inc., "if we start using the correct terminology, we can demystify it a bit and help people understand what the real risks are."

By ANICK JESDANUN
Associated Press

More in Tux Machines

today's leftovers

  • Why You Should Consider Open Sourcing Your Software
    Free & Open source software have grown so rapidly in the last few years. Just compare the situation of being ignored and considered like a nerds-movement in the early 2000’s to the situation today in 2017. We surly made a huge advancement so far. Thanks to the amazing ecosystem of open source which links both communities and enterprises together. However, when it comes to individuals, a lot of people are hesitant when it comes to open-sourcing their software. They think that the “secret” behind it will be stolen. They think that they will be releasing their work “for nothing in return” when they do so. That’s definitely false.
  • Caspia Projects and Thunderbird – Open Source In Absentia
    What does this have to do with Thunderbird? I sat in a room a few weeks ago with 10 guys at Clallam Bay, all who have been in a full-time, intensive software training program for about a year, who are really interested in trying to do real-world projects rather than simply hidden internal projects that are classroom assignments, or personal projects with no public outlet. I start in April spending two days per week with these guys. Then there are another 10 or so guys at WSR in Monroe that started last month, though the situation there is more complex. The situation is similar to other groups of students that might be able to work on Thunderbird or Mozilla projects, with these differences:1) Student or GSOC projects tend to have a duration of a few months, while the expected commitment time for this group is much longer.
  • Make Dragonfly BSD great again!
    Recently I spent some time reading Dragonfly BSD code. While doing so I spotted a vulnerability in the sysvsem subsystem that let user to point to any piece of memory and write data through it (including the kernel space). This can be turned into execution of arbitrary code in the kernel context and by exploiting this, we're gonna make Dragonfly BSD great again!

Desktop GNU/Linux

  • [Video] Litebook Alpha Review! | Unboxing, Apps, and Gaming!
  • Beginners Guide To Linux
    Curious about getting into Raspberry Pi or just Linux in general but you're not sure where to start? This post is for you. It's not intended to be a comprehensive guide, rather a gentle intro into the Linux world. I'm not a Linux expert, but I know from experience that it can be an intimidating platform to get started in. I want this post to show you what you need to know to get started with Linux.
  • [Video] 5 Reasons To Switch To Linux
  • System76 Provides Wireless Fixes for Ubiquity
    We are proud to have contributed to Ubiquity in such a way that we feel improves all users’ lives when using Ubuntu. We will continue improving the platform and hope that our users will see value in what we do.
  • GNOME 3.24 Released, See What`s New
    After being in development for six months, GNOME 3.24 was released today, bringing improvements such as Night Light, weather information in the date / time indicator, along with updates to its applications, and more.

Late Night Linux, Bad Voltage, and Effective Communication in Podcasting

  • Late Night Linux – Episode 06
    Jesse is back but this time Félim is in his sick bed so it’s a 3 man show yet again. Some heated debates about Nextcloud’s actions, Ubuntu extended support and PowerPC distros, followed by a deep dive into the world of HiDPI 4k support in Linux.
  • Bad Voltage Live at SCaLE 15x
    The Bad Voltage live stage show, from SCaLE 15x in Pasadena, March 2017!
  • Effective Communication in Podcasting
    When I got serious about doing Linux videos on YouTube, I drew on all of that Old Media experience plus I took a few classes to make sure I knew what I was talking about before handing out advice to others. That has led to the EzeeLinux project. The goal of EzeeLinux is to educate folks about Linux and get them started on the right path to success… I have been truly humbled by the response it has gotten. That said, I don’t feel like I’m competing with anyone – the more, the merrier! I honestly feel that Linux and Open Source Software are arguably one of the few truly good things happening in the world today. It brings people from all over the world together and provides a means to get cutting edge technology into the hands of anyone, anywhere who wants to take the time to learn how to use it regardless of their financial situation. That is the kind of power that can quite literally change the world, folks. No one should be left behind in this Information Age. Come to think of it, Ed Murrow would probably do a documentary about Linux if he was still around today… It would be right up his street, I think. It’s the kind of thing he liked to talk about.

Leftovers: Software

  • [Video] Linux Audio Programs Compared 2017
    I made this video for those that are new to, or just interested in making music on the Linux OS. I go over the features, goods and bads of Rosegarden, LMMS, Ardour, Mixbus, and EnergyXT, as well as touch on Qtractor. I don't don't go much into details of the particular versions I am using, but the video was made in the early part of 2017 and I'm running Ubuntu 16.04LTS.
  • Green Recorder: A Simple Desktop/Screen Recorder for Linux
    Green Recorder is a simple, open source desktop recorder developed for Linux systems built using Python, GTK and FFmpeg. It supports most of the Linux desktop environments such as Unity, Gnome, Cinnamon, Mate, Xfce and so on. Recently it has been updated to work with Wayland too in Gnome session.
  • Komorebi: A New Way To Enhance Your Desktop Using Animated/Parallax Wallpapers
    In past there were applications that allowed us to run videos/Gif as wallpaper on the desktop and make desktop look much cooler but than all of sudden the development of such Apps stopped and I can't name any App that exist for this purpose. Komorebi is fairly new application designed to make your desktop experience much better and make desktop cool as well, we can say it is kind of 'live wallpaper' situation here or 3D wallpaper. It is developed by Abe Masri and available under GPL license for free.
  • Stacer Sytem Optimizer: A Must Have Application For Ubuntu/Linux Mint
    There are multiple ways to optimize your Linux, the most geeky way is using Terminal, there are also applications available that performs such actions like Bleachbit, Ubuntu cleaner and so on. Stacer is simple, open-source, quick and new application designed to offer you all-in-one optimizer for your Ubuntu/Linux Mint (It's alternative to CCleaner but only for Linux).
  • Qtox: Open Source and Fully Secure Skype Replacement for Linux
    Long years ago, we've talked about a Skype alternative called Tox which was still in its early developmental stages. Tox was supposed to become the anti-thesis of Skype by being a fully open-source video and voice chat client that placed user privacy and security at its center. Well, guess what, there are now fully active and well-maintained chat clients that are built on top of Tox protocol. qTox is one of them.
  • Rclone 1.36 Released With SFTP And Local Symlinks Support, More
    Rclone 1.36 was released recently, bringing support for SFTP, local symbolic links support, mount improvements, along with many other new features and bug fixes. For those not familiar with Rclone, this is a cross-platform command line tool for synchronizing files and folders to multiple cloud storages, which supports Dropbox, Google Drive, Amazon S3, Amazon Drive, Microsoft One Drive, Yandex Disk, and more. It can be used to sync files either from your machine or from one cloud storage to another.
  • Streamlink Twitch GUI 1.2.0 Adds Support For Communities And Team Pages, Basic Hotkeys
    Streamlink Twitch GUI (previously Livestreamer Twitch GUI) is a multi-platform Twitch.tv browser. The application is powered by Node.js, Chromium and Streamlink, though it can still use Livestreamer (which is no longer maintained) too.
  • Code Editor `Brackets` 1.9 Released, Available In PPA
    Brackets is a free, open source code editor focused on front-end web development (HTML, CSS and JavaScript).
  • Terminix Terminal Emulator Renamed To Tilix, Sees New Bugfix Release
    [Quick update] Terminix, a GTK3 tiling terminal emulator, has been renamed to Tilix due to some trademark issues.