Language Selection

English French German Italian Portuguese Spanish

Giving New Meaning to 'Spyware'

Filed under
Security

Supreme Court Justice Potter Stewart famously said that he couldn't define obscenity, but that he knew it when he saw it.

The same has long been the case with spyware. It's not easy to define, but most people know it when parasitic programs suck up resources on their computer and clog their browsers with pop-up ads.

Recognizing that one person's search toolbar is another's spyware, a coalition of consumer groups, ISPs and software companies announced on Tuesday that it has finally come up with a mutually agreeable definition for the internet plague.

Spyware impairs "users' control over material changes that affect their user experience, privacy or system security; use of their system resources, including what programs are installed on their computers; or collection, use and distribution of their personal or otherwise sensitive information," according to the Anti-Spyware Coalition, which includes Microsoft, EarthLink, McAfee and Hewlett-Packard.

The group hopes the definitions will clear the way for anti-spyware legislation and help create a formal, centralized method for companies to dispute or change their software's classification.

"One of the biggest challenges we've had with spyware has been agreeing on what it is," said Ari Schwartz, associate director of the Center for Democracy and Technology, which has led the group's work. "The anti-spyware community needs a way to quickly and decisively categorize the new programs spawning at exponential rates across the internet."

The lack of standard definitions of spyware and adware has doomed federal and state legislation and hampered collaboration between anti-spyware forces.

In a colloquial sense, spyware is used to refer to a whole range of programs, including unwanted browser toolbars that come bundled with other downloads, surf-tracking software that generates pop-up ads, and software that tries to capture passwords and credit-card numbers.

Software companies like Claria, which distribute their pop-up advertising software by bundling it with free programs such as peer-to-peer software, adamantly deny their products are "spyware." They point out that users can usually find a definition of the programs' effects deep in the user agreement.

It is unclear what effect the new definitions will have on current anti-spyware programs, such as Lavasoft's Ad-Aware and Microsoft's free AntiSpyware tool.

Recently, Microsoft downgraded the default program action for Claria's software from "Remove" to "Ignore," which prompted widespread criticism.

Microsoft responded by saying that it had changed the handling of "Claria software in order to be fair and consistent with how Windows AntiSpyware (beta) handles similar software from other vendors."

Microsoft is in negotiations to buy venture-capital-backed Claria, according to The New York Times.

Ben Edelman, the country's foremost spyware researcher, questions whether the new definitions are simply there so that adware companies can find a way to get a stamp of approval for their software.

"From the perspective of users whose computers are infected, there is nothing hard about (defining spyware)," Edelman said. "If you have adware or spyware on your computer, you want it gone.

"Maybe the toolbar is Mother Theresa, but it's Mother Theresa sitting in your living room uninvited and you want her gone also," Edelman said. "You don't need a committee of 50 smart guys in D.C. sipping ice tea in order to decide that.

"The question is, what do you want to do with it? If you had a consensus of 100 computer-repair technicians or Bill Gates himself, what would they say to do?"

By Ryan Singel
Wired News

More in Tux Machines

Automatically Change Wallpapers in Linux with Little Simple Wallpaper Changer

Here is a tiny script that automatically changes wallpaper at regular intervals in your Linux desktop. Read more

EU Law Threatens Free/Open Source Software

  • EU votes on copyright law that could kill memes and open source software
    The European Union has passed an initial vote in favour of the Copyright Directive, a legislation experts say "threatens the internet". As reported by Wired, the mandate is designed to update internet copyright law but contains two controversial clauses. Ultimately, it could force prominent online platforms to censor their users' content before it's posted—which could impact everyone from meme creators to open source software designers and livestreamers. Despite passing a vote yesterday—held by the EU's Legal Affairs Committee (JURI)—the directive needs parliamentary approval before becoming law.
  • The EU Parliament Legal Affairs Committee Vote on Directive on Copyright, David Clark Cause and IBM's Call for Code, Equus' New WHITEBOX OPEN Server Platform and More
    Yesterday the European Parliament Legal Affairs Committee voted in favor of "the most harmful provisions of the proposed Directive on Copyright in the Digital Single Market", Creative Commons reports. The provisions include the Article 11 "link tax", which requires "anyone using snippets of journalistic content to first get a license or pay a fee to the publisher for its use online." The committee also voted in favor of Article 13, which "requires online platforms to monitor their users' uploads and try to prevent copyright infringement through automated filtering." There are still several steps to get through before the Directive is completely adopted. See EDRi for more information.
  • GitHub: Changes to EU copyright law could derail open source distribution
  • The E.U. votes to make memes essentially illegal
    On Wednesday, European Parliament’s Committee on Legal Affairs voted to essentially make memes illegal. The decision came as part of the approval process for the innocuously named “Article 13,” which would require larger sites to scan all user uploads using content recognition technology in an attempt to flag any and all remotely copyrighted material in photos, text, music, videos, and more. Meaning memes using stills from copyrighted films could be auto-blocked, along with remixes of viral videos, and basically anything that’s popular on live-streaming sites like Twitch.
  • Europe takes step towards 'censorship machines' for internet uploads
    A key committee at the European Parliament has voted for a new provision in a legislative act that forces tech giants and other online platforms to share revenues with publishers. It is known as Article 13, and is part of an updating of the Copyright Directive. Article 13 proposes that large websites use “content recognition technologies” to scan for copyrighted materials, though it doesn’t explain how this works in practice. This means texts, sounds and even code which get uploaded have to go through an automated filtering system, potentially threatening the creation of memes and open-source software developers.

The EC’s Expected Decision Against Android Is an Unfortunate Attack on Open Source Software

The European Commission (“EC”) is preparing to release its decision against Android, and its framing of the issues makes clear that successful open source software will have a hard time in Europe. In its Statement of Objections, the Commission signaled that Apple’s iOS, Android’s fiercest rival, would be excluded from the market definition because it is closed source and not available to other hardware makers. The decision is expected to declare unlawful strategies to monetize a free product, provide a consistent user experience to customers expecting the Google brand, and to maintain code consistency to minimize problems for developers using the platform. The decision is not expected to contain any indication on how open source platform developers can solve these problems that are fundamental to their success. Read more

Google, IBM and Microsoft

  • Five Common Chromebook Myths Debunked
    When Chromebooks first came out in 2011, they were basically just low-spec laptops that could access web apps – fine for students maybe, but not to be regarded as serious computers. While they’ve become more popular (the low cost, simplicity, and dependability appeal to businesses and education systems), as of 2018 Chromebooks still haven’t managed to become widely accepted as a Windows/Apple/Linux alternative. That may be about to change. The humble Chromebook has gotten a lot of upgrades, so let’s get ourselves up to speed on some things that just aren’t true anymore. [...] The 2011 Chrome OS was pretty bare-bones, but it’s gone to the opposite extreme since then. Not only is it steadily blurring the line between Chrome and Android, it can now install and run some Windows programs as well, at the same time as a Chrome and an Android app, if you like. And hey, while you’re at it, why not open a Linux app as well? You can already install Linux on a Chromebook if you want, but one of the next versions of Chrome OS is going to include a Linux virtual machine accessible right from your desktop (which is already possible, just not built-in and user-friendly). In sum, Chrome OS has gone from barely being an operating system to one that can run apps from four other OSes at the same time.
  • Like “IBM’s Work During the Holocaust”: Inside Microsoft, Growing Outrage Over a Contract with ICE
  • Ubuntu Podcast from the UK LoCo: S11E15 – Fifteen Minutes - Ubuntu Podcast
    ...Microsoft getting into hot water over their work with US Immigration and Customs Enforcement. Plus we round up the community news.