Language Selection

English French German Italian Portuguese Spanish

Giving New Meaning to 'Spyware'

Filed under
Security

Supreme Court Justice Potter Stewart famously said that he couldn't define obscenity, but that he knew it when he saw it.

The same has long been the case with spyware. It's not easy to define, but most people know it when parasitic programs suck up resources on their computer and clog their browsers with pop-up ads.

Recognizing that one person's search toolbar is another's spyware, a coalition of consumer groups, ISPs and software companies announced on Tuesday that it has finally come up with a mutually agreeable definition for the internet plague.

Spyware impairs "users' control over material changes that affect their user experience, privacy or system security; use of their system resources, including what programs are installed on their computers; or collection, use and distribution of their personal or otherwise sensitive information," according to the Anti-Spyware Coalition, which includes Microsoft, EarthLink, McAfee and Hewlett-Packard.

The group hopes the definitions will clear the way for anti-spyware legislation and help create a formal, centralized method for companies to dispute or change their software's classification.

"One of the biggest challenges we've had with spyware has been agreeing on what it is," said Ari Schwartz, associate director of the Center for Democracy and Technology, which has led the group's work. "The anti-spyware community needs a way to quickly and decisively categorize the new programs spawning at exponential rates across the internet."

The lack of standard definitions of spyware and adware has doomed federal and state legislation and hampered collaboration between anti-spyware forces.

In a colloquial sense, spyware is used to refer to a whole range of programs, including unwanted browser toolbars that come bundled with other downloads, surf-tracking software that generates pop-up ads, and software that tries to capture passwords and credit-card numbers.

Software companies like Claria, which distribute their pop-up advertising software by bundling it with free programs such as peer-to-peer software, adamantly deny their products are "spyware." They point out that users can usually find a definition of the programs' effects deep in the user agreement.

It is unclear what effect the new definitions will have on current anti-spyware programs, such as Lavasoft's Ad-Aware and Microsoft's free AntiSpyware tool.

Recently, Microsoft downgraded the default program action for Claria's software from "Remove" to "Ignore," which prompted widespread criticism.

Microsoft responded by saying that it had changed the handling of "Claria software in order to be fair and consistent with how Windows AntiSpyware (beta) handles similar software from other vendors."

Microsoft is in negotiations to buy venture-capital-backed Claria, according to The New York Times.

Ben Edelman, the country's foremost spyware researcher, questions whether the new definitions are simply there so that adware companies can find a way to get a stamp of approval for their software.

"From the perspective of users whose computers are infected, there is nothing hard about (defining spyware)," Edelman said. "If you have adware or spyware on your computer, you want it gone.

"Maybe the toolbar is Mother Theresa, but it's Mother Theresa sitting in your living room uninvited and you want her gone also," Edelman said. "You don't need a committee of 50 smart guys in D.C. sipping ice tea in order to decide that.

"The question is, what do you want to do with it? If you had a consensus of 100 computer-repair technicians or Bill Gates himself, what would they say to do?"

By Ryan Singel
Wired News

More in Tux Machines

gThumb: View and manage your photos in Fedora

Fedora uses Eye of GNOME to display images, but it’s a very basic program. Out of the box, Fedora doesn’t have a great tool for managing photos. If you’re familiar with the Fedora Workstation’s desktop environment, GNOME, then you may be familiar with GNOME Photos. This is a young app available in GNOME Software that seeks to make managing photos a painless task. You may not know that there’s a more robust tool out there that packs more features and looks just as at home on Fedora. It’s called gThumb. Read more

University of Missouri Adopts Open Access

Ubuntu Development Updates: GDM, Kernel, and Ubuntu Phone

  • Ubuntu 17.10 Proceeding With Transition From LightDM To GDM
    As part of the switch over to the GNOME Shell desktop environment by default for Ubuntu 17.10, they are also abandoning the LightDM display/log-in manager in favor of GNOME's GDM.
  • [Ubuntu] Kernel Team Summary: June 22, 2017
    We intend to target a 4.13 kernel for the Ubuntu 17.10 release. The Ubuntu 17.10 Kernel Freeze is Thurs Oct 5, 2017.
  • Ubuntu Phone project failed because it was a mess: claim
    A developer who worked with the Ubuntu Phone project has outlined the reasons for its failure, painting a picture of confusion, poor communication and lack of technical and marketing foresight. Simon Raffeiner stopped working with the project in mid-2016, about 10 months before Canonical owner Mark Shuttleworth announced that development of the phone and the tablet were being stopped.

Tumbleweed Development and Laptop Experience

  • openSUSE Tumbleweed Gets Qt 5.9, Linux Kernel 4.11.6, and MP3 Out-Of-The-Box
    Users of the openSUSE Tumbleweed operating system are getting a lot of the latest GNU/Linux technologies and Open Source software applications lately as a total of seven snapshots were released this week. openSUSE Project's Douglas DeMaio is back to report that openSUSE Tumbleweed is now powered by the latest Linux 4.11.6 kernel, and the GStreamer multimedia framework was updated to the major 1.12 series, adding out-of-the-box MP3 decoding support in the distribution.
  • Tumbleweed Gets Qt 5.9, mp3 Out-Of-The Box
    A total of seven openSUSE Tumbleweed snapshots featuring new software were released this week along with an upgrade to GStreamer that allows for mp3 decoding to work out-of-the box. The newest stable Linux Kernel 4.11.6 is also available in the latest Tumbleweed snapshot 20170620. Updates in the repositories from the 20170620 snapshot brought both the 52.2 versions of Mozilla Firefox and Thunderbird, which fixed some critical vulnerabilities. Systemd 233 provided a package for a new systemd-umount binary and, with the update of dracut 044.1, supports the new compatibility rule. Fontconfig’s 2.12.3 version fixed the build issues with gperf 3.1 and on GNU Hurd. The Beta 2 version of LibreOffice 5.4 cleaned up the license string and got rid of the Oxygen theme. A removal of support for old, non-systemd distros was made available in the snapshot with libvirt 3.4.0.
  • Dell Latitude D630 Tumbleweed Refresh
    I am not quick to buy new things, though I did replace my Dell Latitude D630 about three months ago with a newer Dell latitude E6440. My plan was to deprecate the machine and put it on a "reserve only" status. In my process of setting up the E6440, I found that I used my D630 still but quite differently, it became my home station machine and my E6440 would be my mobile machine that would return back to "base" where I would have it connect as a client to the D630 for keyboard and mouse. It was a rather nice arrangement. Unfortunately, the hard drive died on the D630 and I needed to install openSUSE once again on it in order to continue to use my workspace as I have been. What is $50 on a new hard drive to restore my SuperCubicle, right? [...] I run KDE Plasma for my desktop. I've tried others but the customization options in KDE Plasma just fits my personal tastes best. I have also been real happy with the speed improvements of KDE Plasma in the last couple years and especially those of KDE Plasma 5.10 on Tumbleweed as of late.