Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

U.S. To Impose Spyware Control Laws

CowboyNeal posted more than 10 years ago | from the every-click-you-make dept.

United States 402

ArbiterOne writes "BBC has the story: A bill has been introduced into the U.S. House of Representatives to control the proliferation of spyware and malware. The proposed bill would force programs to inform the user before installing programs, and require that spyware be easily removed. A study by EarthLink found that the average user has 28 spyware programs on their computer!"

cancel ×

402 comments

Sorry! There are no comments related to the filter you selected.

I'm just a bill on... (1)

UnCivil Liberty (786163) | more than 10 years ago | (#9472476)

If anyone could provide a link to the bill that is mentioned in the article (which they neglected to even name) it would be appreciated, the article is broad and doesn't go in to the technical details that I'm sure ./'ers are interested in.

Re:I'm just a bill on... (5, Informative)

autiger (576148) | more than 10 years ago | (#9472511)


H.R. 2929 Safeguard Against Privacy Invasions Act [loc.gov] sponsored by Mary Bono.

Re:I'm just a bill on... (1)

jjleard (575385) | more than 10 years ago | (#9472644)

Can someone find out who is funding these two? I see from PolitcalMoneyLine.com that Mary Bono has received $50,250 from "Communications, Technology" and Ed Towns has received $43,864. Unfortunately, I'm not a regsitered user and cannot drill down to see exactly from whom those donations originated.

More indepth read (1)

UnCivil Liberty (786163) | more than 10 years ago | (#9472719)

FULL DETAILS: http://thomas.loc.gov/cgi-bin/query/z?c108:H.R.292 9:

Major highlights (and these are some BIG things people):

REGULATION OF EULA's:
(1) LOCATION OF LICENSE AGREEMENT- The terms of such license, contract, or agreement shall be set forth on a World Wide Web page and the mechanism by which the user of the covered computer agrees to such license, contract, or agreement shall be included on the same page.

(2) NOTICE- The terms of the license, contract, or other agreement shall--

(A) include provisions, that are clearly stated and prominently displayed, which specify that agreement to such license, contract, or other agreement constitutes consent to transmission of the spyware for purposes of subsection (a); and

(B) clearly explain the purpose of including the spyware.

REQUIRES COMPANY IDENTIFICATION:
(3) IDENTIFICATION- The name of the person or entity transmitting the spyware, a valid physical street address of such person or entity, and a functioning return electronic mail address for such person or entity shall be included on the World Wide Web page referred to in paragraph (1).

ENFORCEMENT
(a) ENFORCEMENT THROUGH FTC ACT-

(1) UNFAIR OR DECEPTIVE ACT OR PRACTICE- A violation of any provision of this Act or any regulation issued under this Act is an unfair or deceptive act or practice unlawful under section 5(a)(1) of the Federal Trade Commission Act (15 U.S.C. 45(a)(1)).

(2) GUIDELINES AND OPINIONS- In order to assist in compliance with this Act, the Federal Trade Commission may issue generally applicable guidelines and, upon request, advisory opinions with respect to specific types of acts or practices that would, or would not, comply with this Act.

(b) CRIMINAL PENALTIES- Whoever--

(1) violates section 2(c) or the regulations issued under such section, or

(2) knowingly violates any other provision of this Act or any regulation issued under this Act,

shall be fined under title 18, United States Code, or imprisoned for not more than 1 year, or both.

I wonder which 28 are on my Mac? Oh wait... (5, Funny)

Anonymous Coward | more than 10 years ago | (#9472477)

NONE!

I wonder how many testicles the avg Mac user has? (-1, Flamebait)

Anonymous Coward | more than 10 years ago | (#9472549)

oh wait...NONE!

Re:I wonder which 28 are on my Mac? Oh wait... (1)

Klingensor (642772) | more than 10 years ago | (#9472562)

Yea! I wonder which are on my OS/2 (ecS) system....
No, I don't wonder. I know exactly how many are there. That number is ZERO.

Re:I wonder which 28 are on my Mac? Oh wait... (4, Insightful)

Chess_the_cat (653159) | more than 10 years ago | (#9472608)

I wonder how many are on my Windows machine? Oh wait, none. It's not that hard to keep spyware off your machine. Goodness. I guess the key is "the average user...". Ah well.

Re:I wonder which 28 are on my Mac? Oh wait... (0)

Anonymous Coward | more than 10 years ago | (#9472725)

Agreed. My brother has Windows machines that are locked down solid. He knows what he's doing.

I'm writing from an OS/2 machine, with which I've taken no precautions at all. It is out on the net naked....

My brother spends x-hours/week at a cost of y-bucks/hour to take care of his jewels.

I do nothing.

Now, my serious stuff runs behind bunches of security, and never sees the internet at all. But fooling around on a machine dedicated to fooling around is a lot of fun. In my many years running OS/2, never once have I had a problem.

Re:I wonder which 28 are on my Mac? Oh wait... (-1, Flamebait)

Anonymous Coward | more than 10 years ago | (#9472595)

you are an idiot

Re:I wonder which 28 are on my ? (1)

awfwal (596968) | more than 10 years ago | (#9472596)

Oh wait... NONE!

My bad (1)

awfwal (596968) | more than 10 years ago | (#9472641)

That was suppose to say (!windows)

I guess that's what the preview button is for. Duh.

Definition of spyware (4, Insightful)

God! Awful 2 (631283) | more than 10 years ago | (#9472717)

Do they mean 28 actual spyware programs? That seems pretty hard to swallow. Or do they mean 28 tracking cookies (which are OS independent).

-a

But what about SunnComm? (4, Insightful)

The Importance of (529734) | more than 10 years ago | (#9472479)

Will this bill make it illegal for "copy-protected" CDs to add malware to your computer through autorun? Will they be required to make it easy to remove the malware?

Re:But what about SunnComm? (5, Funny)

dsanfte (443781) | more than 10 years ago | (#9472532)

The term "mal" is French. I cannot believe, as a patriotic citizen, that you would endorse or condone the use of language from the mouths of the Republic's enemies! Traitor! This is not the act of a respectful, honorable, patriotic citizen. You will be punished for this act of treason, let me assure you.

Re:But what about SunnComm? (4, Informative)

DrEldarion (114072) | more than 10 years ago | (#9472542)

Actually, it's Latin. The French (along with the other Latin-based languages) just inherited it.

Re:But what about SunnComm? (2, Funny)

cdrudge (68377) | more than 10 years ago | (#9472681)

Freedomware just doesn't have the same ring to it. Malware is bad. The French are bad (well...not good). Frenchware?

Re:But what about SunnComm? (2, Funny)

lpret (570480) | more than 10 years ago | (#9472697)

The terrorists have already won if we allow malware on American computers!!1

Therefore, we need more boobies! no logic, i just like the thought

Re:But what about SunnComm? (1)

k4_pacific (736911) | more than 10 years ago | (#9472538)

I sure hope so, because this would really piss off the RIAA by making people aware of what these CDs are doing.

Re:But what about SunnComm? (2, Informative)

XryanX (775412) | more than 10 years ago | (#9472550)

The prefix 'mal' means 'bad'. I'm sure the RIAA would try to argue that their copy protection is good, not bad.

It'd be interesting to see how the Congress handles that issue.

Re:But what about SunnComm? (1)

boarder8925 (714555) | more than 10 years ago | (#9472579)

Will this bill make it illegal for "copy-protected" CDs to add malware to your computer through autorun? Will they be required to make it easy to remove the malware?
No.

Believe it or not... (4, Interesting)

rd4tech (711615) | more than 10 years ago | (#9472480)

I had once to repair a user PC (average Joe's) with about 1447 installed whatnot... (according to adaware) It was taking the darn thing 35 minutes just to boot up and was veryyyy slow when operating. And she was having quite a powerfull machine too..

Re:Believe it or not... (5, Funny)

Anonymous Coward | more than 10 years ago | (#9472487)

With only 110 less they would have been 1337!!

Re:Believe it or not... (1)

Anath (472249) | more than 10 years ago | (#9472540)

And you would have won a free Gmail account.. Oh, wait...

Re:Believe it or not... (1)

rd4tech (711615) | more than 10 years ago | (#9472585)

The chick with the 1337 computer... :)

Re:Believe it or not... (4, Interesting)

dealsites (746817) | more than 10 years ago | (#9472521)

That sounds pretty resonable. On a side note, I bet the PC makers kinda like spyware. After all, it will eventually slow down the average joe's PC, and unless he knows how to remoe spyware, he might upgrade to get a "faster" PC.

--
Live deals updated in real time. Over 500 a day! [dealsites.net]

Re:Believe it or not... (1, Informative)

Anonymous Coward | more than 10 years ago | (#9472586)

PC makers hate spyware because of all the tech calls "why is my PC so slow?"

Re:Believe it or not... (4, Insightful)

MBCook (132727) | more than 10 years ago | (#9472658)

Yep.

I fix computers for people in my neighborhood. I'm the guy they call when they don't know how to do something, or they got a new DVD drive, or something isn't working. I've seen that happen a few times.

Just a week ago I was called to help a nice lady setup her new Dell and copy the files off her old Gateway. She bought the computer because she was tired of the Gateway always crashing and being slow and such. Every few minutes a "Explorer has crashed" dialog would come up. I can understand why she hated it.

So she bought a new Dell. Well, when copying files over I noticed what the problem was on the old Gateway. Tons and tons of spyware. Things loading in the tray, in startup, in IE, chaning preferences, causing popups, everything. She thought the computer was just "old" and was having problems, when it was all the spyware. I told her I could fix it, but she wasn't interested.

Now the fact is she had other reasons for getting the new PC. She wanted a flatscreen to get more desk space. She had a camcorder and wanted to be able to make DVDs of family movies and other such things. Her old computer would have been fine for her other tasks (like surfing and e-mail and word processing), but she really would have needed a new one to make DVDs and CDs and such.

But the point is, I can EASILY see tons of people buying new computers due to spyware. If it wasn't for that, why wouldn't Dell and other ship somehting like Ad-Aware on the computers they sell?

Re:Believe it or not... (0)

Anonymous Coward | more than 10 years ago | (#9472703)

We got some HP Pavillions at work, and they came with various spyware packages already installed (including WildTangent).

Pretty irresponsible on HP's part. We spent a day just blowing the configurations away and reloading to be sure there weren't other things on there we couldn't find.

Re:Believe it or not... (2, Interesting)

lpret (570480) | more than 10 years ago | (#9472721)

On a side of that side note, I'd like to add that that is how I got my "play" computer. A friend of mine needed help because she got a new computer, I asked what happened with her old one and she said it didn't work. I told her I'd take a look at it and she said I could have it -- monitor and all. I now have a nice 1.8 ghz dell that had about 2300 pieces of malware on it. It's now my box that I try different distros on and test my home-rolled knoppix.

Re:Believe it or not... (1)

pjt33 (739471) | more than 10 years ago | (#9472587)

There's some overlap. A typical spyware program will show as about 20 entries in AdAware IIRC from the time I removed a few from my brother's computer. It lists the running process(es), executable, registry keys, any related cookies, etc. separately.

Re:Believe it or not... (1)

Waffle Iron (339739) | more than 10 years ago | (#9472616)

Ok, I'm a little rusty on Windows because I haven't used it for web browsing in the past few years. How do all of these things get installed? Did she have to click "yes" on an ActiveX install dialog 1447 different times, or is there a totally automatic way to hijack the computer?

If its an automatic breakin, aren't there already recently passed "get tough on cybercrime" laws on the books that would classify the spyware author as an unlawful combatant or something?

Re:Believe it or not... (1)

alphaseven (540122) | more than 10 years ago | (#9472640)

I had once to repair a user PC (average Joe's) with about 1447 installed whatnot... (according to adaware) It was taking the darn thing 35 minutes just to boot up and was veryyyy slow when operating. And she was having quite a powerfull machine too..

Is that 1447 including cookies? I hate how adaware equates cookies with spyware.

Bloody obvious (5, Interesting)

hattig (47930) | more than 10 years ago | (#9472482)

It is a shame that things like this need to be made law.

I expect that spyware already falls under the Computer Misuse Act 1990 in the UK regarding modification of a computer system without the user/owner being aware.

As far as I am aware, these bits of software are viruses and should be treated as such. Including the writers of said spyware.

Why use legislation? (4, Insightful)

Anonymous Coward | more than 10 years ago | (#9472483)

Why is legislation necessary here? this is a problem that could be solved with just a little technical nous.

Instead, we get another law, pretend it's enough, and find it's as toothless as the paper it's written on.

Re:Why use legislation? (4, Insightful)

Scott Wood (1415) | more than 10 years ago | (#9472507)

Because, like spam, it is a behavioral problem, not purely a technical problem. System break-ins and e-mail worms can be prevented by technical means as well, but that doesn't mean it should be legal to carry them out.

It's About Time (4, Interesting)

Ridgelift (228977) | more than 10 years ago | (#9472484)

Once installed, it can redirect web searches, install bookmarks or bombard a user with pop-up ads tailored to other search terms. It can also drain computing power, crash a machine and, in the case of the most malicious spyware, steal confidential information

A friend of mine works for a technical call center for a large US hardware manufacturer. The contract he works on is supporting notebook computers.

A customer recently called in because his computer was running slow. After installing and running ad-aware and spybot, the customer had over 4600 spyware programs. Yes, you read that right, over 4600 spyware programs. It's a miracle that thing ran at all.

Legislation to curtail spyware is long over due. An operating system that is resistant to spyware is already available, and it ain't Windows.

Re:It's About Time (3, Insightful)

DrEldarion (114072) | more than 10 years ago | (#9472554)

Are you sure it was actually 4600 different programs? I find that hard to believe - It seems that the computer wouldn't run at all with that many programs running in the background.

Could the "4600" number have been the total number of spyware programs running, files found, and registry keys found?

Re:It's About Time (1)

betelgeuse-4 (745816) | more than 10 years ago | (#9472559)

Were all 4600 actually programs? A lot of the stuff Ad-aware picks up is things like cookies and registry values.

Re:It's About Time (1)

Zocalo (252965) | more than 10 years ago | (#9472573)

Yes, you read that right, over 4600 spyware programs.

Yes, but Ad-Aware, Spybot S&D and most other spyware removal tools would have counted a cookie from an ad bureau as a "program" in your quote above. While I wouldn't class a cookie as a program, they do enable large scale information gathering and hopefully will get explicitly covered by the wording of the legislation to avoid any loopholes. And on the subject of wording, the phrase the legislators need to remember is "failure to have the opt-in checkbox off by default is a breach of the legislation".

Whether it'll be effective or not is a different matter of course, but at least it should be a little easier to track down the infringers of this legislation than those of U-CAN-SPAM.

Re:It's About Time (1)

Wyatt Earp (1029) | more than 10 years ago | (#9472648)

My GF was just saying that she worked on a machine two weeks ago that had over 2500 pieces of spyware on it.

2500 individual pieces, not registery entries and other associated files, but 2500 pieces of spyware on a P3.

I have to ask... (4, Insightful)

Motherfucking Shit (636021) | more than 10 years ago | (#9472489)

Why is it that the Beeb has the scoop on a pending US bill, before I can find this story in any of the major US media outlets?

Re:I have to ask... (1)

Khaed (544779) | more than 10 years ago | (#9472637)

The US Media doesn't jump at a chance to cover computer related issues. With the news items of the last few days*, this isn't really a huge issue for the US media. If it were a virus or something that was "big news" to the average person, then we'd hear about it. But most people don't understand what spyware and malware are. *American beheaded, terrorist killed, the 9/11 commission saying on thing, Cheney saying another, Putin saying he said this and that about Iraq... plus the Peterson trial. lot of things the media is going to go crazy covering. To the point where everyone but addicts get tired of it.

Re:I have to ask... (1)

cgenman (325138) | more than 10 years ago | (#9472657)

You do know all that the major US media news outlets do is re-run BBC stories, right?

Re:I have to ask... (1)

thrillseeker (518224) | more than 10 years ago | (#9472674)

Why is it that the Beeb has the scoop on a pending US bill, before I can find this story in any of the major US media outlets?

Because the U.S. media hasn't figured a way to blame the problem of spyware on the Bush administration yet.

Re:I have to ask... (1)

southpolesammy (150094) | more than 10 years ago | (#9472694)

The first rule about US media coverage of US Gov't is you do not talk about the US media's coverage of the US Gov't. The second rule....

Carry on citizen...Big Brother is appeased.

spyware (-1, Troll)

Anonymous Coward | more than 10 years ago | (#9472498)

I for one welcome our new spyware overlords!

No really, I do.

correction (4, Insightful)

bl8n8r (649187) | more than 10 years ago | (#9472499)

The average WINDOWS machine has 28 spyware programs on it.

Re:correction (1)

k4_pacific (736911) | more than 10 years ago | (#9472524)

Actually, the average Windows machine would have more than 28 if Macs and Linux systems which have none are included in this survey as well.

Re:correction (0)

Anonymous Coward | more than 10 years ago | (#9472583)

Don't people refer to Windows-only when they say 'PC'? Earthlink's study said the average PC, not the average computer.

Re:correction (1)

amRadioHed (463061) | more than 10 years ago | (#9472645)

Some times. Not always. It's ambiguous.

Re:correction (0)

Anonymous Coward | more than 10 years ago | (#9472639)

Or, perhaps, OS/2....

Re:correction (3, Insightful)

Stigmata669 (517894) | more than 10 years ago | (#9472622)

In all fairness, the average machine is a WINDOWS machine. Mac/Linux/Unix desktops are just statistical outliers.

Here's the real solutuion! (-1, Redundant)

Anonymous Coward | more than 10 years ago | (#9472501)

IE of course (4, Insightful)

simetra (155655) | more than 10 years ago | (#9472503)

It would be interesting to see what percentage of these "victims" used IE as their browser exclusively. I only use IE for sites written by fanboys which require IE. Otherwise, I use Opera. For kicks, I ran spybot on my pc at work and all it found were about a dozen cookies. The techie who suggested doing this says that the typical pc on our network has anywhere from 20 to 50 bad things. Go figure.

Re:IE of course (1)

DrEldarion (114072) | more than 10 years ago | (#9472630)

It's not IE's fault - it's the fault of stupid users. I use IE exclusively and haven't EVER had a spyware program on my computer because I'm not dumb about it.

The problem is that the computer-illiterate have somehow gotten it into their heads that clicking "yes" to any window that pops up is a good thing. I'd be willing to bet that a good portion of them don't even read the window before clicking "yes". Of course, if they did read the window, they'd most likely be all excited to have an "AWESOME NEW PROGRAM that remembers their passwords!" and click "yes" anyway.

The only way this will stop is by educating users. Even this law probably won't help, since people will just say okay to the installer anyway. Take your average user and tell them to install a program - chances are they'll just click "next" furiously until the installer is done. Do they have any idea what was on those previous pages? Nope. Do they care? Nope. Just putting an extra screen in there saying "Hey, we're installing these spyware programs, k?" isn't likely to change much.

Re:IE of course (1)

XryanX (775412) | more than 10 years ago | (#9472700)

"I use IE exclusively and haven't EVER had a spyware program on my computer because I'm not dumb about it."

Well, there's spyware that's bundled in with legite software. WildTangent(comes with AIM) is the one that pops to mind. You also have the stuff that comes with file-sharing software.

A step in the right direction.. (4, Funny)

Anath (472249) | more than 10 years ago | (#9472508)

It is, but I can't see it being useful.

Unless it contains decent punishments of course, like say.. Dragging the Spyware foisting bastards out into the street and shooting them in the back of the head, or some sort of testicle electrode device (like a "home detention" prisoner, goes off whenever the spyware "calls home")

How did Earthlink conduct this "survey"? (4, Insightful)

setzman (541053) | more than 10 years ago | (#9472509)

A recent survey by the US internet provider Earthlink found that the average computer was packed with hidden software, such as cookies tracking online habits.

It uncovered an average of 28 spyware programs on each PC scanned during the first three months of the year.

How exactly was Earthlink able to detect the installed spyware? Tracking outgoing requests that were related to known spyware apps? Or did they allow users to run software that reported back to Earthlink for this survey?

Re:How did Earthlink conduct this "survey"? (2, Informative)

LostCluster (625375) | more than 10 years ago | (#9472553)

Earthlink offers a spyware blocking program [earthlink.net] to its customers and also a free web-based version. I assume they can glean some survey information from the users of these tools.

Re:How did Earthlink conduct this "survey"? (1)

k4_pacific (736911) | more than 10 years ago | (#9472555)

And if they did run a program that reported back to Earthlink, was it too not counted as spyware?

Pointless - another law to make them look good (1, Insightful)

jimmy page (565870) | more than 10 years ago | (#9472512)

Again, 90% of the spyware ppl will either find away around it or trick ppl into downloading it. This is spam in another form.


At least the lawmakers *look* good.

28 on average? (2, Insightful)

qualico (731143) | more than 10 years ago | (#9472515)

That's conservative.
If you include the cookies and registry entries that number has been into the hundreds for the clients I have been removing spyware, malware and adware from.

When clients asked how they can legally do that, I can only point to the fact that it says so in the obfuscated end user agreement the company bets your not going read.

SO if this law is passed, just how will it be enforced?

Re:28 on average? (1)

Steinfiend (700505) | more than 10 years ago | (#9472612)

As previous articles on Slashdot have mentioned, the 28 does include cookies. Its debatable as to whether cookies should really be included in a report like this because of their lack of "payload".

Yes they report specific pieces of data to the originator but they don't have the ability to gather other information or damage the system.

Re:28 on average? (1)

crackshoe (751995) | more than 10 years ago | (#9472689)

hahahahah. Enforcement isn't what they're trying to do -- they're trying to look busy and responsive.

Google's position paper... (4, Informative)

LostCluster (625375) | more than 10 years ago | (#9472518)

It's been on Slashdot mentioned before, but a good starting point for this kind of legislation is Google's Proposed Software Principles [google.com] defining what honest programs should be doing.

Yes, I am a cynic (2, Insightful)

segfault7375 (135849) | more than 10 years ago | (#9472519)


This is great except for the fact that companies like Claria (aka Gator) will simply buy a politican to say that their "products" are not spyware, and therefore not covered under this bill.

Re:Yes, I am a cynic (2, Informative)

LostCluster (625375) | more than 10 years ago | (#9472566)

I don't even think they need to change anything they're doing, since Gator at least requires an affirmative confirmation to install and politely cleans up when asked to. As bad as they are, at least they're playing by the proposed rules already.

a lot of spyware already 'informs you'... (5, Interesting)

seibed (30057) | more than 10 years ago | (#9472523)

a lot of spyware already 'informs you'... its just that the average public just clicks right through all of the legal stuff anyway.

Re:a lot of spyware already 'informs you'... (1)

Darkon (206829) | more than 10 years ago | (#9472578)

Exactly. Wouldn't the dialog boxes IE already spews out asking "do you want to install and run Gator/CometCursor/BonziBuddy/spyware-of-the-month? " already meet at least the first requirement of this law? How much spyware actually gets installed completely silently?

It might work (3, Insightful)

14erCleaner (745600) | more than 10 years ago | (#9472531)

You know, this actually has a chance of being effective, unlike the anti-spam laws. Spyware is pretty useless if it doesn't report home on its spy results, so it should be possible to trace programs that violate the law back to those responsible.

Of course, the definition of "spyware" is critical. Legislatures in the past have had a hard time defining computer-related terms without making them too broad (for example, is your web browser spyware? After all, it's sending cookies back to all kinds of web sites!)

And what will it help? (5, Funny)

klingens (147173) | more than 10 years ago | (#9472535)

I am sure this new law will be a overwhelming success story like the recent CANSPAM act.
And now excuse me, I need to clean my Inbox again.

28.... 28!!! (2, Interesting)

joeldg (518249) | more than 10 years ago | (#9472537)

People have on average 28 spyware programs?
holy crap!!

well, at least this is another notch in the belt of opensource.

That just amazes me. I tried a while back to see how easy it was to create one and installed a windows machine and hacked together an easy directx control that installed itself on page load and changed (just for testing) the word "Yahoo" into the word "Shit" and then had fun surfing aroud on "Shit! mail" and "Shit! autos".. It took a total of about two hours to create in Delphi and I am a unix programmer not a windows programmer.

Just thinking how easy it would have been to make one that replaced 460x80 images with one from one of my servers and this really does not surprise me.

I wonder who has (1)

JohnnyGTO (102952) | more than 10 years ago | (#9472541)

my 84 ?

A good first step, but not far enough. (2, Insightful)

blockhouse (42351) | more than 10 years ago | (#9472543)

What we really need is an act that would BAN malware, etc. altogether.

Not as if it really matters. This bill, if passed, would only drive malware underground, and it'll be much harder to control. Viruses have been illegal for *years* but we all know how much they continue to plague humanity.

300+ cases (1)

Derg (557233) | more than 10 years ago | (#9472552)

i was doing a bit of a cleanup and secure job on my girlfriends roomates comp yesterday and found well over 300 pieces of spyware and malware, not counting legitimately installed adware. I cannot feasibly imagine how this happened, but most of it seemed to be multiples of each kind, and when counted that way the count is down to about 75 different pieces of crap. guh when will people learn??

Copy Protected CD's (3, Interesting)

Professor Calculus (447783) | more than 10 years ago | (#9472560)

I wonder if this will destroy SunnComm's copy protected CD model? The CD installs software on a Windows machine without user permission to prevent them from accessing it directly. Obviously this can be bypassed with the infamous Shift Key "Hack" anyway, but it works for most people cause they don't know what it is doing in the background. This bill could force SunnComm to get the user's permission to install the software, and even Joe Shmoe could bypass it then.

Re:Copy Protected CD's (1)

Dachannien (617929) | more than 10 years ago | (#9472709)

Unfortunately, it appears the bill is specifically limited in scope only to cover programs that transmit information about the user, how the computer is used, or things that are stored on the computer to someone else over the Internet.

Only 28? (0, Redundant)

kyoko21 (198413) | more than 10 years ago | (#9472565)

My roommate's computer had over 50 malicious executables that I had to uninstall... talk about a pain in the butt... *sigh*

Not Really Enough (2, Insightful)

Steinfiend (700505) | more than 10 years ago | (#9472571)

A key congressional panel endorsed a bill that would force the makers of spyware to notify users before installing any software on their PCs.

As someone closely involved in the ISP Tech Support business anything that can help eliminate this problem would be gratefully received. I'm not sure this is going to have ANY effect though. 'Legitimate' (if that's not an oxymoron) spyware installers already notify users through an EULA or similar. The illegitimate ones don't care about the law anyway so will ignore this. What we really need are steep penalties for offenders when they are identified.

Oh, users who don't click on any message that flashes in front of them without reading it first would be helpful too.

Sigh.. Below Average Again.. (2, Funny)

sparkane (145547) | more than 10 years ago | (#9472588)

I only have 0 spywares on my ENTIRE network. :(

My law (0, Troll)

Apreche (239272) | more than 10 years ago | (#9472593)

This law is probably going to read something like this...

If you make spyware you pay fines or get sued or go to jail or something. Obvious loophole included.

My law would look like this:
If you get spyware on your computer, you are no longer allowed to use a computer.

The logic is that you need a license to drive because driving poses a risk to others. Well, I think the rest of this paragraph is implied so I wont bother typing it. Catch my drift?

Re:My law (1)

Prod_Deity (686460) | more than 10 years ago | (#9472665)

"My law would look like this:
If you get spyware on your computer, you are no longer allowed to use a computer."

You're preaching to the congregation.

Re:My law (correction) (0)

Anonymous Coward | more than 10 years ago | (#9472712)

Using an unnetworked computer is like using a car on your own private race track.

Using a *networked* computer poses a risk to others.

Your law should look like this:
"If you get spyware on your computer, then your Internet connection gets yanked."

29...30...31...32... (3, Funny)

immel (699491) | more than 10 years ago | (#9472598)

28 pieces of spyware on the drive
28 pieces of spyware
Go to download.com get a "Removal app"
29 pieces of spyware on the drive!
_
But seriously, there are a lot of apps out there pretending to be "spyware removal programs" that are actually spyware themselves. ACCEPT NO IMITATIONS!

Misleading title: it's not the law, only proposed (2, Informative)

scruffy (29773) | more than 10 years ago | (#9472600)

This is only been proposed in one of the two US legistlatures. There are a few hurdles to pass before it becomes law, if ever.

Doh! (0)

Anonymous Coward | more than 10 years ago | (#9472603)

Once again, our older and wiser brethren have decided to make laws about issues they certainly know little about. Apparently, someone forgot to tell them that spyware installed by a website hosted in some foriegn countries may not be covered under our U.S. law *gasp*. It's really funny how the election process works.

1. Vote for someone who wants to be in office whether or not he/she has any real experience.
2. Watch helplessly as he/she fsck's up your county/city/country for a few years.
3. Loudly complain about how fscked things are.
4. Vote for another schmuck who promises to fix things.
5. Lather, rinse, and repeat.

It's amazing. If company's were run like countries, the entire world would be an economic cluster-fsck. If law makers were actually required to know a little about things like economics, technology, science, etc., they might actually be able to make laws and regulations that actually help the people they are meant to help, and not the company's/special interests they really help.

HELP slashdot... Movable Type Blog Problems... (0)

Anonymous Coward | more than 10 years ago | (#9472604)

MT problem: http://www.crookedtimber.org/archives/001832.html [crookedtimber.org] Soooo, it turns out that moving a Movable Type blog from one host to another using MT's "Import" facilities works OK -- up to a point. An unforeseen problem is that the MT installation in our old home had a couple of other blogs running on it prior to the birth of Crooked Timber. This meant that archived CT posts on that system didn't have IDs starting from 00001.html --- they started from 200-odd. Posts on the new host do have IDs starting from 1 (or 31, actually, for other reasons). The upshot of all this is that if links to this blog are currently broken -- e.g., if you linked to a CT post from a few months ago from your blog, that link will still bring you to this site, but to the wrong post. That's not good. Now. What I want to know from the MT whiz kids who read this blog is, can this be fixed? ...

Possible method of identification and removal (4, Interesting)

willith (218835) | more than 10 years ago | (#9472605)

I deal with a lot of spyware/adware at work, and one of the big problems is that the user usually has no idea why the advert windows are popping up, nor from where they're coming.

I'd love to see spyware makers be forced to provide a small link at the bottom of *each advert window* that says something like, "This advertisement is being shown to you by $NAME_OF_PROGRAM. Click here for more information." Then, you could click the link and be taken to a page with a brief description of what the program is and what it does, and how to remove it. If it was installed because you installed KaZaa or whatever, it should say so there, too.

Perhaps I should torture myself further by dreaming up more completely reasonable but totally impossible things...

Misleading Statistic (0)

Anonymous Coward | more than 10 years ago | (#9472607)

The statistic "the average user has 28 spyware programs" is misleading at least if not plain wrong.

Two reasons:

- The Earthlink studied counted certain cookies as spyware. Whether some cookies are spyware or not is debatable. However, cookies *are not* spyware programs.

- The average user is the wrong metric to look at. The median would have been more relevant.

Personally I think most users have a small number of *spyware programs*. But lots of cookies.

Not what you think (2, Informative)

z0ink (572154) | more than 10 years ago | (#9472609)

Safeguard Against Privacy Invasions Act - Directs the Federal Trade Commission (FTC) to prohibit the transmission of a spyware program to a covered computer (one used by a financial institution or the Federal Government) by means of the Internet, unless the user of the computer expressly consents to such transmission in response to a clear and conspicuous request or through an affirmative request for such transmission.

It looks like this bill is only designed to protect banks and their own boxes. Better luck next time Average Joe American.

Alarmist or facetious? (3, Insightful)

fname (199759) | more than 10 years ago | (#9472615)

28 spyware programs? No, that's not at all what Earthlink said. They did I study counting the number of spyware programs, adware programs and tracking cookies, and found an average of 28 per computer. Someone, either malevolently or ignorantly, decided to trumpet this as 28 spyware programs per PC. Even though the number seems on the face of it absurd (it is), most reporters and Slashdotters don't bother digging in & figuring out what the number really means.

So I don't know if the writer & editor thought it was funny or true, but either way, stating that the average computer has 28 instances of spyware is outright false.

Re:Alarmist or facetious? (3, Informative)

fname (199759) | more than 10 years ago | (#9472669)

OK, I found some links to back up my claims. First, here [bbc.co.uk] is the initial BBC article mis-characterizing Earthlink's study. Here's [figby.com] a guy who did some shoe-leather work to point out the falsehood in Earthlink's study, along with some more helpful links. Enjoy.

Re:Alarmist or facetious? (2, Informative)

fname (199759) | more than 10 years ago | (#9472702)

Sorry to keep replying to myself. But I would be remiss if I didn't point out that Earthlink intentionally tried to mislead the press & the public when they trumpeted their results by creating their own definitition of spyware. Only 0.35 real spyware programs er computer, by the way. Here's Earthlink's original press release [prnewswire.com] , and the actual report [earthlink.net] . I still blame the press for dropping the ball, anyone who bothered to read the actual report would know that the press release & headline is a bunch of hot air.

Spyware awareness (1)

Synkronos (789022) | more than 10 years ago | (#9472629)

If nothing else (it will be extremely difficult to police, after all), this bill will hopefully increase spyware awareness amongst the average n00b user. While most users are aware of the need for up-to-date antivirus packages, especially after the recent spate of high-profile hits, most are blissfully unaware of programs like Spybot Search and Destroy [safer-networking.org] or Lavasoft AdAware [lavasoftusa.com] , which I feel are just as critical a part of my security armoury as my firewall (ZoneAlarm [zonelabs.com] ) and my AV (NAV [symantec.com] ).

On a slight aside, Norton AV does include a certain amount of spyware scanning [symantec.com] in their latest version (NAV 2004).

what earthlink used... (1)

fugas (619989) | more than 10 years ago | (#9472655)

for anyone interested, this [webroot.com] is the spyware scanner tool that was by used EarthLink to come up with their stats.

Spyware situation out of hand (2, Insightful)

amaiman (103647) | more than 10 years ago | (#9472656)

The spyware situation on the Internet is really starting to get out of hand. Every time someone asks me to fix their computer, it's loaded down with spyware. I remove it, and then a week later it's full of it again.

The problem lies in several places:

1) Users running insecure operating systems and browsers. This isn't going to change, your average user is going to continue to use Windows and IE.

2) User stupidity. "Hey, that message says there's a problem with my computer, I'd better click 'Yes' to fix it." or "It said I had to click 'Yes' to enter that web site." User stupidity is also not going to change any time soon.

3) The creators of the spyware viruses. I would call many of these programs viruses, because in my opinion, any software unintentionally installed that resists removal attempts is a virus. Even with anti-spyware software, some of these things are a real pain to remove from a machine.

Legislation is a step in the right direction, however it's not going to solve the problem, since the Internet is global. The spyware companies will also find loophooles/small print and other ways to keep doing what they're doing anyway. Writing viruses is illegal, and people still do that on a consistent basis.

The only solution to the spyware program is a targeted campaign to teach users how to recognize spyware and not get it installed in the first place. Combine that with a list of common software that installs scumware (such as RealOne Player) and educational materials on how to install real anti-spyware software (not just more spyware that claims to be), and then we can slowly start to move towards lowering the number of infected machines.

What about (insert bad thing) from Outside US? (1)

Esion Modnar (632431) | more than 10 years ago | (#9472659)

Even if the law works perfectly in this country (doubtful), there's still a big world full of Bad Guys out there, willing to send you shit over the dub-dub-dub.

Definition of Spyware (3, Insightful)

i8a4re (594587) | more than 10 years ago | (#9472660)

Since we all know how technical majority of politicians are, I can just see them basing this whole bill on the definition of spyware. If you ask any of the companies that make spyware if their product is spyware, everyone will say that it isn't. This is just going to lead to millions of dollars being wasted on deliberations as to the definition of spyware etc.

This bill it just an attempt to treat one problem. Why don't they make an ethical software bill where all software is required to follow certain standards. Don't worry about the user being informed of the reporting of their personal info. There are too many ways to legally get the consent of the user like a 349575 page EULA. Just focus on things like being easy to find and uninstall. This would make all spyware as we know it illegal. Also, required all software list the legal name of the individual(s) or company that developed the software.

While I think that spyware and virus writers should be summarily executed, we all know that it is better to treat the source of the problem. Do something like imposing a small fine for every piece of software they install on your computer without giving you the ability to uninsall it with less than 10 clicks and no visiting a website (that doesn't exist) to complete the uninstall process. Figure $5 per violation, they'll be out of busines in no time.

/. Story covering earthlink study (1)

Pahalial (580781) | more than 10 years ago | (#9472699)

here [slashdot.org] - don't know why this link wasn't in the story itself, but if anyone has any questions about those figures, go there.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>