Spyware? Researchware? What's The Difference?
from the choices,-choices... dept
The question of defining spyware has come up many times before — whether for the purpose of enacting laws, or to make certain companies seem more legit. Now the controversy is getting louder, as ComScore is trying to more narrowly define spyware by carving out a separate section they call “researchware” that won’t get deleted by anti-spyware programs. ComScore is the well known research company that reports on users surfing and buying habits — but they do so by installing software on computers and monitoring what they do. ComScore claims that its software is entirely upfront about the practice and is easy to uninstall. Many people agree. However, the software is still marketed as an “accelerator” product, distributed with some other free applications and does monitor what you surf. In other words, it pretty much acts just like any other spyware — but may be a little more open about it. With various anti-spyware products deleting ComScore’s MarketScore, and some universities banning it from their networks, ComScore thinks it’s time to fight back. This does raise the question, though, of what the real problem is with spyware. Is it that the software spies on what you do? Or is it that it gets installed without you realizing it and then spies on what you do? Then, of course, there’s the fuzzy middle ground: what about software you knowingly install that spies on you, but which didn’t make it clear in the original agreement the extent to which it spied on you, and what kind of security risk that meant for you? There’s a simple response of course. If companies want to distribute this kind of software, why not make it 100% clear right upfront, in non-legalese what the software does to make the decision clear for users? Obviously, no one wants to make their own product sound bad, but if they can clearly point out all the downsides, and still get people to install it, then no one will have anything to complain about.
Comments on “Spyware? Researchware? What's The Difference?”
Funny you should mention MarketScore
I had an entry about them in my newsletter about security for normal people.
MarketScore reportedly changes your browser configuration so that it can sit in the middle of a connection you think is secure and, if they choose, read your credit card number during your amazon.com order. I wonder if they clearly disclose that little feature.
If they’re as honest as Abe Lincoln, there’s still the problem that they’re making you trust the security of their servers. A bad guy who broke into MarketScore’s machines could steal a lot of credit card numbers.