Language Selection

English French German Italian Portuguese Spanish

Giving New Meaning to 'Spyware'

Filed under
Security

Supreme Court Justice Potter Stewart famously said that he couldn't define obscenity, but that he knew it when he saw it.

The same has long been the case with spyware. It's not easy to define, but most people know it when parasitic programs suck up resources on their computer and clog their browsers with pop-up ads.

Recognizing that one person's search toolbar is another's spyware, a coalition of consumer groups, ISPs and software companies announced on Tuesday that it has finally come up with a mutually agreeable definition for the internet plague.

Spyware impairs "users' control over material changes that affect their user experience, privacy or system security; use of their system resources, including what programs are installed on their computers; or collection, use and distribution of their personal or otherwise sensitive information," according to the Anti-Spyware Coalition, which includes Microsoft, EarthLink, McAfee and Hewlett-Packard.

The group hopes the definitions will clear the way for anti-spyware legislation and help create a formal, centralized method for companies to dispute or change their software's classification.

"One of the biggest challenges we've had with spyware has been agreeing on what it is," said Ari Schwartz, associate director of the Center for Democracy and Technology, which has led the group's work. "The anti-spyware community needs a way to quickly and decisively categorize the new programs spawning at exponential rates across the internet."

The lack of standard definitions of spyware and adware has doomed federal and state legislation and hampered collaboration between anti-spyware forces.

In a colloquial sense, spyware is used to refer to a whole range of programs, including unwanted browser toolbars that come bundled with other downloads, surf-tracking software that generates pop-up ads, and software that tries to capture passwords and credit-card numbers.

Software companies like Claria, which distribute their pop-up advertising software by bundling it with free programs such as peer-to-peer software, adamantly deny their products are "spyware." They point out that users can usually find a definition of the programs' effects deep in the user agreement.

It is unclear what effect the new definitions will have on current anti-spyware programs, such as Lavasoft's Ad-Aware and Microsoft's free AntiSpyware tool.

Recently, Microsoft downgraded the default program action for Claria's software from "Remove" to "Ignore," which prompted widespread criticism.

Microsoft responded by saying that it had changed the handling of "Claria software in order to be fair and consistent with how Windows AntiSpyware (beta) handles similar software from other vendors."

Microsoft is in negotiations to buy venture-capital-backed Claria, according to The New York Times.

Ben Edelman, the country's foremost spyware researcher, questions whether the new definitions are simply there so that adware companies can find a way to get a stamp of approval for their software.

"From the perspective of users whose computers are infected, there is nothing hard about (defining spyware)," Edelman said. "If you have adware or spyware on your computer, you want it gone.

"Maybe the toolbar is Mother Theresa, but it's Mother Theresa sitting in your living room uninvited and you want her gone also," Edelman said. "You don't need a committee of 50 smart guys in D.C. sipping ice tea in order to decide that.

"The question is, what do you want to do with it? If you had a consensus of 100 computer-repair technicians or Bill Gates himself, what would they say to do?"

By Ryan Singel
Wired News

More in Tux Machines

Why Everyone should know vim

Vim is an improved version of Vi, a known text editor available by default in UNIX distributions. Another alternative for modal editors is Emacs but they’re so different that I kind of feel they serve different purposes. Both are great, regardless. I don’t feel vim is necessarily a geeky kind of taste or not. Vim introduced modal editing to me and that has changed my life, really. If you have ever tried vim, you may have noticed you have to press “I” or “A” (lower case) to start writing (note: I’m aware there are more ways to start editing but the purpose is not to cover Vim’s functionalities.). The fun part starts once you realize you can associate Insert and Append commands to something. And then editing text is like thinking of what you want the computer to show on the computer instead of struggling where you at before writing. The same goes for other commands which are easily converted to mnemonics and this is what helped getting comfortable with Vim. Note that Emacs does not have this kind of keybindings but they do have a Vim-like mode - Evil (Extensive Vi Layer). More often than not, I just need to think of what I want to accomplish and type the first letters. Like Replace, Visual, Delete, and so on. It is a modal editor after all, meaning it has modes for everything. This is also what increases my productivity when writing files. I just think of my intentions and Vim does the things for me. Read more

Graphics: Intel and Mesa 18.1 RC1 Released

  • Intel 2018Q1 Graphics Stack Recipe
    Last week Intel's Open-Source Technology Center released their latest quarterly "graphics stack recipe" for the Linux desktop. The Intel Graphics Stack Recipe is the company's recommended configuration for an optimal and supported open-source graphics driver experience for their Intel HD/UHD/Iris Graphics found on Intel processors.
  • Mesa 18.1-RC1 Released With The Latest Open-Source 3D Driver Features
    Seemingly flying under our radar is that Mesa 18.1 has already been branched and the first release candidate issued. While the Mesa website hasn't yet been updated for the 18.1 details, Dylan Baker appears to be the release manager for the 18.1 series -- the second quarter of 2018 release stream.

Exploring Contributors Centrality Over Time

At the end of my previous post we concluded with yet another question. Indeed, on the 2017 KDEPIM contributor network we found out that Christian Mollekopf while being a very consistent committer didn't appear as centrality as we would expect. Yet from the topology he seemed to act as a bridge between the core contributors and contributors with a very low centrality. This time we'll try to look into this and figure out what might be going on. My first attempt at this was to try to look into the contributor network on a different time period and see how it goes. If we take two snapshots of the network for the two semesters of 2017, how would it look? Well, easy to do with my current scripts so let's see! Read more

KDE: Elisa 0.1.1, KDE Plasma 5.13 and More

  • 0.1.1 Release of Elisa
    The Elisa team is happy to announce the first bug fix release for the 0.1 version.
  • KDE Plasma 5.13 Is Making Great Improvements On Its Wayland Support
    KDE Plasma 5.13 that is due for release in June will have a great number of improvements to its Wayland support for allowing the KDE Plasma desktop to work much better on this alternative to the X.Org Server. KDE developer Roman Gilg has provided a nice summary of some of the Wayland improvements in the queue for the Plasma 5.13.0 release due out towards the middle of June.
  • This week in Usability & Productivity, part 15
    I’ve initiated a big project: overhauling KDE Open & Save dialogs for greater usability and productivity.
  • Latte bug fix release v0.7.5
    Latte Dock v0.7.5   has been released containing important fixes and improvements! Hopefullly this is going to be the last stable version for v0.7.x family. During the next months the next stable branch (v0.8.x) is going to appear.