Language Selection

English French German Italian Portuguese Spanish

Giving New Meaning to 'Spyware'

Filed under
Security

Supreme Court Justice Potter Stewart famously said that he couldn't define obscenity, but that he knew it when he saw it.

The same has long been the case with spyware. It's not easy to define, but most people know it when parasitic programs suck up resources on their computer and clog their browsers with pop-up ads.

Recognizing that one person's search toolbar is another's spyware, a coalition of consumer groups, ISPs and software companies announced on Tuesday that it has finally come up with a mutually agreeable definition for the internet plague.

Spyware impairs "users' control over material changes that affect their user experience, privacy or system security; use of their system resources, including what programs are installed on their computers; or collection, use and distribution of their personal or otherwise sensitive information," according to the Anti-Spyware Coalition, which includes Microsoft, EarthLink, McAfee and Hewlett-Packard.

The group hopes the definitions will clear the way for anti-spyware legislation and help create a formal, centralized method for companies to dispute or change their software's classification.

"One of the biggest challenges we've had with spyware has been agreeing on what it is," said Ari Schwartz, associate director of the Center for Democracy and Technology, which has led the group's work. "The anti-spyware community needs a way to quickly and decisively categorize the new programs spawning at exponential rates across the internet."

The lack of standard definitions of spyware and adware has doomed federal and state legislation and hampered collaboration between anti-spyware forces.

In a colloquial sense, spyware is used to refer to a whole range of programs, including unwanted browser toolbars that come bundled with other downloads, surf-tracking software that generates pop-up ads, and software that tries to capture passwords and credit-card numbers.

Software companies like Claria, which distribute their pop-up advertising software by bundling it with free programs such as peer-to-peer software, adamantly deny their products are "spyware." They point out that users can usually find a definition of the programs' effects deep in the user agreement.

It is unclear what effect the new definitions will have on current anti-spyware programs, such as Lavasoft's Ad-Aware and Microsoft's free AntiSpyware tool.

Recently, Microsoft downgraded the default program action for Claria's software from "Remove" to "Ignore," which prompted widespread criticism.

Microsoft responded by saying that it had changed the handling of "Claria software in order to be fair and consistent with how Windows AntiSpyware (beta) handles similar software from other vendors."

Microsoft is in negotiations to buy venture-capital-backed Claria, according to The New York Times.

Ben Edelman, the country's foremost spyware researcher, questions whether the new definitions are simply there so that adware companies can find a way to get a stamp of approval for their software.

"From the perspective of users whose computers are infected, there is nothing hard about (defining spyware)," Edelman said. "If you have adware or spyware on your computer, you want it gone.

"Maybe the toolbar is Mother Theresa, but it's Mother Theresa sitting in your living room uninvited and you want her gone also," Edelman said. "You don't need a committee of 50 smart guys in D.C. sipping ice tea in order to decide that.

"The question is, what do you want to do with it? If you had a consensus of 100 computer-repair technicians or Bill Gates himself, what would they say to do?"

By Ryan Singel
Wired News

More in Tux Machines

Leftovers: Red Hat

Leftovers: Ubuntu Derivatives

Android Leftovers

Leftovers: OSS

  • Why Does the Government Use Open Source Code?
  • Twitter open-sources Diffy, a tool for automatically spotting bugs in code
    Twitter is today announcing the availability of Diffy, a new piece of open-source software that developers can use to spot bugs when they’re making updates to certain parts of code. Twitter uses the code internally. Now the social networking company is releasing it to the rest of the world.
  • We wrote an open source bank parser
    Our first project is something I was already working on, an extensible parser to chew bank statements and shit out transaction sheets. We made a gem, made an API and learnt a lot in the process. (We even wrote a java API to unlock pdf files given a password. Whew!). We currently have a meager three bank support, but we've managed to build a framework that makes it super easy to add other banks and statement formats.
  • Google Patches Critical Vulnerabilities in Chrome 45
  • Chrome Browser Nearing 30 Percent Market Share [Ed: Calling Microsoft-connected firm “a prominent Web analytics company”]
    It's no secret that Google Chrome and Mozilla Firefox--both open source browsers--were locked in a neck-and-neck market share battle for a long time. The two browsers have remained on rapid release cycles, and for years they tended to leapfrog each other for market share in small increments each month.
  • FossaMail Open-Source Mail Client Launches Update
    FossaMail is built on the Mozilla Thunderbird client but without all the will-they-or-won’t-they of the rumors that Mozilla has done with Thunderbird. Even better, FossaMail is compatible with both Windows and Linux, while offering a 64-bit download in Windows to up the speed, address more memory, and perform other 64-bit operations. At the same time, FossaMail looks and feels just like Thunderbird, despite the oval tab fiasco. It still offers a contacts list, calendar, and chat, just like most users have come to expect from their email platforms. It’s so close to Thunderbird, in fact, that the developers didn’t bother with an extensive tutorial or FAQ, but instead just point users to the Thunderbird help section if they have any problems.
  • Proprietary vs. open source WCM [Ed: pro-proprietary]
    As it turns out, open source software is not always so free, proprietary software is not necessarily closed, and help from the open source community isn’t nearly as comprehensive as the level of support you get from a professional vendor.
  • Releases 1.19.1 of Tioga and 0.13.1 of ctioga2
  • ORNL Building Efficiency Software Available as Open Source Code
  • Autotune Code from ORNL Tunes Your Building Energy Efficiency
  • ORNL Offers Automated Calibration Software for Building Efficiency Studies as Open Source Code
  • Book cover for the Free Culture book finally done
    Creating a good looking book cover proved harder than I expected. I wanted to create a cover looking similar to the original cover of the Free Culture book we are translating to Norwegian, and I wanted it in vector format for high resolution printing. But my inkscape knowledge were not nearly good enough to pull that off.
  • Hacker proves with Open Data that Microsoft license costs don’t matter
    goes against one of the arguments used more frequently to promote Free Software (which, in and by itself, is intrinsically weak, and therefore not used as the main one by the most experts) that is licensing costs. The graph clearly show that such costs (the leftmost column) are only a small part of the total. From left to right the columns show “software license costs”, “immaterial goods” (whatever that means…), “software acquisition and development”, “litigation and other legal expenses” (as much as licenses..), “software assistance and maintenance”
  • M$’s Licensing Costs Are Only The Tip Of The Iceberg Of IT – Look Below
  • There’s still a chance to save WiFi
    You may not know it, but wifi is under assault in the USA due to proposed FCC regulations about modifications to devices with modular radios. In short, it would make it illegal for vendors to sell devices with firmware that users can replace. This is of concern to everyone, because Wifi routers are notoriously buggy and insecure. It is also of special concern to amateur radio hobbyists, due to the use of these devices in the Amateur Radio Service (FCC Part 97).