How Do You Define Spyware?
from the not-so-easy dept
Now that we’ve done an absolutely dreadful job of defining and (not) banning spam, politicians have worked their way up to spyware – where they’re discovering an identical problem. Just how do you define spyware? While a federal anti-spyware bill is being worked on in Congress, over in Utah they’re pushing ahead with their own state version. However, a bunch of well known internet companies are lobbying hard against the bill, saying that the definition of spyware is way too broad and would end up banning plenty of things that should remain perfectly legal. Once again, it sounds quite similar to the discussions about anti-spam legislation. The companies involved say they support the concept of stopping spyware, but are worried about this particular attempt to do so. Of course, as with the spam debate, this could just lead to a watered down law that does nothing useful other than make politicians claim they did something. The real issue isn’t with the actions of the spyware – but that it often gets installed without the user realizing what they’re installing. Sometimes, users want to use a product that might be considered spyware, but they should at least be in a better position to understand what it’s doing with their data and be given more control to turn it off if they no longer want it.
Comments on “How Do You Define Spyware?”
Spyware Def
A cookie is not Spyware.
Software like Windows Media Player and WinAmp that reports usage statistics and miscellaneous non-user specific data to a central repository *and* tell you about it *and* (most importantly) give you the option to NOT report such information are not spyware.
Software like WMP and WinAmp that do not make it easy to to NOT report information (like, oh.. say anything by REAL for example) and consistently put a program in your Systray even though you’ve disabled it, Ctrl-Alt-Deleted it and uninstalled 50 or 60 times are *probably* spyware.
Programs that install themselves behind your back, that don’t have a visible window or icon in the task bar/systray that report on your surfing trends and serve no useful purpose and/or were never requested by the owner of the PC are definately sypware.
Programs that have one ‘obvious’ purpose (Gator) and yet also do other sneaky things such as reporting your surfing trends and/or replacing ads on websites you visit are definately spyware.
Except for the Probably part they all seem pretty cut and dry to me.
Re: Spyware Def
While I agree completely with our definitions, you haven’t define a law. Law’s can’t have probably in them. Furthermore, you need to define “behind your back”. Burying a disclaimer in the terms of service would allow this software to be legal yet who reads the TOS?
I’m a fan of free markets. Between ISP’s and browser addons, pop-ups are being eliminated. If more people removed spyware with tools like adaware, the economics would force these companies to stop.
Easier Definition
Anything removed by Ad-Aware or SpyBot is Spyware. They have already created the definition. Can you write that into legislation?
Spyware is hacking.
Anyone who takes code and uses it to record personal information is a hacker.
If you notice that a machine has “spyware” loaded, what information has it obtained? And for who? Does someone have my bank account information? My online trading account information?
With names like “Key Logger, Hijackers, plugin-ignore, tracks, and trojans”, how should we define it?
If it modifys the original operating condition of a web browser without notification, or even if it is buried deep in a license agreement, the user will likely miss it.
(That is another subject)
In any case, it may be safe to say that most people have no private information when they log into a computer. Seeing as we have industries that depend on privacy and security, the industry may want to take the helm here.
Just my two cents.
Re: Spyware is hacking.
Anyone who takes code and uses it to record personal information is a hacker.
You might be confusing a hacker
with acracker.
doesnt take a genius to know what spyware is
one huge problem i had while reading this was that companies who defend against spyware saying that it is way too broad to define it is just saving their own tail. they most likly distribute alot of the spyware. i think that spyware should be defined as whatever you dont want on your computer that downloads on its own without you really doing anything. the non spyware i would say is the stuff you choose to download. that is one of the most simplest ways of defining it.
definition of spyware
From the most authoritative site on spyware – http://www.spywareinfo.com:
Spyware is software or hardware installed on a computer without the user’s knowledge which gathers information about that user for later retrieval by whomever controls the spyware.
Spyware can be broken down into two different categories, surveillance spyware and advertising spyware.
Surveillance software includes key loggers, screen capture devices, and trojans. These would be used by corporations, private detectives, law enforcement, intelligence agencies, suspicious spouses, etc.
Advertising spyware is software that is installed alongside other software or via activex controls on the internet, often without the user’s knowledge, or without full disclosure that it will be used for gathering personal information and/or showing the user ads. Advertising spyware logs information about the user, possibly including passwords, email addresses, web browsing history, online buying habits, the computer’s hardware and software configuration, the name, age, sex, etc of the user.
As with spam, advertising spyware uses the CPU, RAM, and resources of the user’s computer, making the user pay for the costs associated with operating it. It then makes use of the user’s bandwidth to connect to the internet and upload whatever personal information it has gathered, and to download advertisements which it will present to the user, either by way of pop up windows, or with the ad banners of ad-supported software. All of this can be considered theft in the cases of advertising spyware that installs without disclosure.
http://www.spywareinfo.com/articles/spyware/
ANY anti-spyware law is better than none...
if for no other reason than companies like Claria (Gator) won’t be able to just sue someone who makes a program to remove their software. Once the threat of lawsuits flying around is somewhat removed, we’ll see antivirus companies with larger resources start to tackle the problem head-on. The little guys are losing the battle. If a Symantec or a Network Associates were able to aggressively remove spyware without making themselves a huge target for spyware companies to sue, their software might make more than a half-hearted attempt at ridding users’ machines of spyware.
yboqfsxp cgtedib
csei yhpjqxt hbzuyn pufgdzt dxkzho mfexslw bfztl