Top Web Businesses Oppose Utah Spyware Law

theodp writes "According to MediaPost.com: 'Some of the Web's leading content and technology providers have taken action to lobby against Utah's controversial Spyware Control Act, which is awaiting the governor's signature. Web publishers and businesses including AOL, Amazon, Cnet, eBay, Google, Microsoft, and Yahoo! signed a letter to the bill's sponsors arguing that the bill could create serious repercussions for the entire online community. The parties to the letter warned that the bill could interfere with computer security and would also impair the delivery of local, targeted ads'."

I don't think it's a big deal.

[Dr+Reducto]

I dont see a problem:

Under the bill, any software that reports its users' online actions, sends personal data to other companies, or serves pop-up ads without permission is prohibited.

How hard is it to get permission? All you have to say is: "Do you want to be informed of the best deals in your area?", and %90 of people will say: "Sign me up!". Im sure it will be easy to get around this law if a company wants to. And given the profit motive, why wouldn't they?

Re:I don't think it's a big deal.

[pvt_medic]

dont most of these people already do this, they just bunch it somewhere in the ULA and just about everyone clicks ok.

Re:I don't think it's a big deal.

[xkenny13]

%90 of people will say: "Sign me up!"

Actually, it will probably be more like SPAM is today: "You gave permission to one of our 3rd party affiliates to receive this great offer (blah blah blah)".

Will a permission clause really make that big of a difference?

Re:I don't think it's a big deal.

NGSCB + SCO = Linux is dying.

Re:I don't think it's a big deal.

[janbjurstrom]

Without having RTFA (yeah, shocking, isn't it), I'd say /big/ business will fight anything they feel would be the slightest inconvenience to their business-as-usual focus on p.r.o.f.i.t.

"What?! Testing DDT before spraying it EVERYWHERE? What don't you understand: No bugs!! You friggin commie business playa-hata."

"Waddyamean cigarettes might be bad for pregnant women?? What? No, of course we don't need to test it - it's silky-smoooth isn't it?"

"Union? You're fired! Unite that, buster!"

"Our cars burst in flames, you say? For no apparent reason, huh? Well ...how 'bout that.. look, cows!"

Re:I don't think it's a big deal.

[stephenisu]

Some of this stuff is starting to ignore the asking for permission bit. That is when things are no longer good. Then again that is already violating other laws.

Re:I don't think it's a big deal.

you know, profit motivation seems to always be a larger factor then any law at determining behaviour. Thats whats wrong with capitalism

Re:I don't think it's a big deal.

[myowntrueself]

Aquateen Hunger Force 'Interfection' episode.

Wwwyzzardd: "You have been signed up to recieve free emails about other emails."

'And the surgery to have the implant inserted in the base of your skull is almost painless'

Re:I don't think it's a big deal.

[myowntrueself]

Of course, dude.

Capitalism works because of generic human stupidity and lack of awareness.

I *swear* that the human race is losing consciousness....

Re:I don't think it's a big deal.

I *swear* that the human race is losing consciousness.
Only America. The rest of the world is actually gaining consciousness.

Re:I don't think it's a big deal.

[You're+All+Wrong]

"already violating other laws"

Not really. On the whole the legislature does not even consider such 'offences' as even being offences. They're off the map, neither expresly legal or illegal; and the way that you're set up, if it's not explicitly illegal, it's legal. So lots of those "bad" things peope complain about are in fact perfecty legal.

Of course, the law is out of date, but do remember that you can't charge someone retroactively.

e.g. Forging IP headers is not a crime, however despicable it may be.

Oh - I read the Utah bill - it's total codswallop. What the fuck are "Java Scripts". Can you say "dunnowhatthefuckimtalkingabout"?

YAW.
(I apologise for my grammer/punctuation/spelling. I'm in a real can't-even-see-the-screen flu haze at the moment.)

Re:I don't think it's a big deal.

[ScrewMaster]

Keep firmly in mind that we still have over ten thousand tactical and strategic atomic weapons hooked to deadman switches. So, if you're right and we do lose consciousness, the rest of you won't need to buy flashlight batteries for a long time.

Re:I don't think it's a big deal.

[thirdrock]

Keep firmly in mind that we still have over ten thousand tactical and strategic atomic weapons hooked to deadman switches. So, if you're right and we do lose consciousness, the rest of you won't need to buy flashlight batteries for a long time.

That's OK. We already have a mineshaft advantage over you. I will just taken my 7 allocated women and head on down.

"Mr.President, we can't let a mineshaft gap develop."

Re:I don't think it's a big deal.

[macdaddy357]

Those EULAs are a bunch of crap. Just clicking "yes" on a pop-up so it will go the F*%& away does not constitute informed consent. Also, if a user agrees to take one piece of adware, 8 or 9 others join in unannounced, and leave a door open for more. All spyware should be illegal pop-up "agreements" or not.

Re:I don't think it's a big deal.

[bladernr]

Those EULAs are a bunch of crap. Just clicking "yes" on a pop-up so it will go the F*%& away does not constitute informed consent. Also, if a user agrees to take one piece of adware, 8 or 9 others join in unannounced, and leave a door open for more. All spyware should be illegal pop-up "agreements" or not. How ya like dat?

I've got a particularly strong conspiracy theory about this. It goes like this:

1. The government should invest all the money for consumer protection in consumer education and programs to inform the public; do away with regulation; let the market make decisions.
2. Informed consumers would not simply click on something, or buy something etc.
3. Making it harder to sell things, more expensive, lowering profits.
4. So the government actually helps big business by pretending to hurt them with regulations. It doesn't abolish regulations and invest in education, empowering people to vote with their pocketbook, because it would work.

The only thing I can't figure out is if harboring this idea makes me ultra-liberal or ultra-conservative...

Re:I don't think it's a big deal.

Union? You're fired! Unite that, buster!"

Blaim the government. I worked for a company that united with other suppliers of similar services, to bargin collectively with our customers. The government called it collusion.

Then our employees (providers of labor services) got together with suppliers of similar services, to bargin collectively with their customer (us, their employer). We complained, but the government said it was their right.

Why, in a democractic republic, did we choose to extend one set of rights to one group of people (providers of manufacturing labor, for instance), and refuse the same abilities to another group (business owners)?

Re:I don't think it's a big deal.

Business owners have rights as people, the same ones that workers do, as people. But the businesses they run are not people, so one shouldn't expect them to have the same rights as individuals.

Re:I don't think it's a big deal.

Web publishers and businesses including American Online, Amazon.com, Cnet, eBay, Google, Microsoft Corp., and Yahoo!

Now we know who the new creeps are.

Shame on you, Google.

Re:I don't think it's a big deal.

hey I say leave things the way they are. then again I'm a computer tech in a starved industry happy to be working and I clean this crap for hours at a time each week off of foolish peoples computers.
spyware may be the thing thats proping up the IT industry right now?

Viva La Spyware!!!!

Re:I don't think it's a big deal.

[ambrosine10]

Actually the bans on DDT have led to large numbers of deaths in third-world countries, since it is the only proven method of dealing with malaria. There was a New Yorker article on this a while back.

Re:I don't think it's a big deal.

[bhtooefr]

RTFA. Here's why they're pissed:

AOL: I guess they target ads based on location...
Amazon: Ditto...
C|Net: Don't know here...
eBay: Maybe it traces the location of the visitor to provide the right country?
Google: AdWords, AdWords, AdWords (and a little bit of Google Toolbar, even though it says IN VERY PLAIN ENGLISH what it's going to do...)
MS: AutoUpdate, and maybe Windows Update?
Yahoo!: Don't know, but I'm not surprised that something they did fits under what this bill doesn't allow.

Re:I don't think it's a big deal.

Yes, because customer has a right to use the product even if he doesn't give a permission....

Re:I don't think it's a big deal.

[janbjurstrom]

Reading your link, I found their tests - in themselves - to be kind of hazardous ;).

As you understood from my sarcastic post, I don't know very much about the history of DDT - so, interesting article, thanks.

Re:I don't think it's a big deal.

[Pig+Hogger]

The government should invest all the money for consumer protection in consumer education and programs to inform the public; do away with regulation; let the market make decisions.

Are you crazy? The bourgeois will never let this happen!!!

Re:I don't think it's a big deal.

[jasonisgodzilla]

Let's see, what are the top predators of insects in most areas, reptiles and birds. What does DDT do to reptile and bird eggs? It ruins them and drives most of the species to extinction. Great idea, lets use a poisonous chemical that kills of all the natural predators to cut back the moquito population for a year or two. Great thinking there buddy.

This just in ...

Overly broad anti-technology bills considered harmful. Film at 11.

Politicians and technology, again.

[The+I+Shing]

-- Sigh --

Is this yet another example of technologically illiterate politicians eagerly passing bills without bothering to find out what the law is going to do?

At first, I read the post and thought, why are all these businesses opposed to this law? It must be a good law if a lot of big corporations don't like it.

But after reading the article, I think that the legislators' efforts went off half-cocked, and they let one company write the bill to suit themselves.

I wonder why these big companies waited until after the bill passed to begin lobbying. If the governor signs the bill, isn't it going to be a lot harder to get rid of it?

I'm in favor of laws limiting spyware and adware, but I think it's important to get it right the first time. If the FTC doesn't even have a definition for spyware, it's back to the drawing board.

Re:Politicians and technology, again.

[BrynM]

I wonder why these big companies waited until after the bill passed to begin lobbying. If the governor signs the bill, isn't it going to be a lot harder to get rid of it?

The article mentioned that this thing literally sped through the legislature. The companies had to gather enough resistance to seem coherent and by the time they did, the bill passed. In today's climate of "See I help the little people" politics, this doesn't surprise me at all. Look at how quickly other "comsumer" or "security" bills have been slam dunked in US government. Modern politicians are deperate to seem like they are doing something that the common man and woman can grasp. Whether that something is the right something to do probably doesn't even enter the equasion. The more percieved "good" that a politician can do, the more room he/she has to do what they want and still get re-elected.

Re:Politicians and technology, again.

[bludstone]

"they let one company write the bill to suit themselves."

People dont realize how epidemic this is in American politics. The politicians often don't even write the laws, they _literally_ allow companies to write the laws, and simply sign what they are given into law.

It even got to the point where laws are copyrighted, and one had to pay hundreds of dollars simply for a copy of the law. Someone posted a copy of the law online and was met with copyright complaints.

see here. http://caselaw.lp.findlaw.com/scripts/getcase.pl?n avby=search&case=/data2/circs/5th/9940632cv0.h tml

of course, they eventually found in Veeck's favor, http://www.ca5.uscourts.gov/opinions/pub/99/99-406 32-cv2.htm but it still must be noted.

heres a slashdot article on it:
http://slashdot.org/yro/01/05/13/1921223.shtm l

I could also post a flurry of links regarding American fore-father's worries about the growing strength of "company" and to watch out for its influence on the government, but that would be preaching to the choir.

Re:Politicians and technology, again.

[ericspinder]

I wonder why these big companies waited until after the bill passed to begin lobbying. If the governor signs the bill, isn't it going to be a lot harder to get rid of it?

The legislation probally just slipped under their radar. Most companies (SCO excepted of course) just see Utah as "one of the 40 or so states that we don't have an office in". Add in legislator fustration (nothing moves bills quicker than a fustrated law-maker), and a dash of "just another privacy bill".

Re:Politicians and technology, again.

[Buran]

Your link is incorrect. The case is here.

"For the reasons discussed above, we REVERSE the district court's judgment against Peter Veeck, and REMAND with instructions to dismiss SBCCI's claims."

Re:Politicians and technology, again.

Correct me if I am missing something, but in this case this SBCCI company researched, created and then published guidelines as to how buildings should be built. They publish these guidelines in a book, and copyright it. Does not seem to me to be much different than a book on best practices (aka design patterns) in the software industry. Now, however, some counties adopted these best practices in presumably their entirety (the writeup is not clear on this) as local building codes (IE laws). But SBCCI is still publishing a book of guidelines. This guy bought the book, which is apparently accompanied by a cd containing it in digital form, and put the book on the net. I don't think SBCCI was doing anything that horrid here. Its their product, its copyrighted, and he copied it w/out permission onto the internet.

Had he obtained a copy of the local building codes, and published them on the net, then I would be A-ok with that. Maybe it is just nitpicking since A=B=C, but his directly buying a product and copying it onto the net makes him afoul of the law to me.

Re:Politicians and technology, again.

As someone who does work that has to conform to the NEC (National Electrical Code) I find this decision very interesting. The NEC is written by the non-profit National Fire Underwriters and adopted by various jurisdictions just as the building codes in this case. And yes, the NEC is copyrighted and no, you can not get a copy of your local electrical code from the building department because of that.

Re:Politicians and technology, again.

[BumBiscuit]

The article mentioned that this thing literally sped through the legislature.

Can't say I'm surprised that this moved quickly. It is, after all, an election year, and spam is something that virtually every voter with an e-mail account is against. I believe that Stephen Urquhart, the bill's sponsor, is looking at the end of his first 4-year term this year, so I'm sure he fought pretty hard for it.

I also find it pretty amusing that Urquhart, who you might expect to be at least somewhat technically savvy, doesn't even have his own web site.

Re:Politicians and technology, again.

[You're+All+Wrong]

"Is this yet another example of technologically illiterate politicians eagerly passing bills without bothering to find out..."

I shit you not, but just this week I heard of some council in the UK tha only at the last minute stopped a dihydrogen-monoxide banning bill. The stupid fuckers had fallen for the joke hook line and sinker and were trying to legislate against it!

Illiteracy is _rife_ in this field. Chose your vote wisely.

YAW.

Re:Politicians and technology, again.

[You're+All+Wrong]

"Your link is incorrect."

Nope, his link was fine. Slashcode mangled it; he provided a perfectly well-formed link, and is not to blame.

YAW.

Re:Politicians and technology, again.

[Buran]

Still seems sensible to point it out in case someone tries to click through and gets the error I got, though your point is taken. And I poked around a bit; looks like this problem goes away for links wrapped in href tags. It seems to me this is a bug that needs to be fixed. But this isn't the place to go into that.

Not sure what "YAW" stands for. I've seen it elsewhere but haven't come across the explanation. Can you fill me in?

Re:Politicians and technology, again.

[donutello]

Correction:

People dont realize how epidemic this is in American politics. The politicians often don't even write the laws, they _literally_ allow companies to write the laws, and simply sign what they are given into law.

s/companies/special interests/g

Companies are just one example of the special interests that manipulate politicians. Trial lawyers, labor unions, teachers associations, tribal groups, you name it. It's a difference in semantics but a very important one since some of those groups want you to believe it's just the corporations who are doing it so you will turn a blind eye to their political manipulation.

Re:Politicians and technology, again.

[1u3hr]

Nope, his link was fine. Slashcode mangled it; he provided a perfectly well-formed link, and is not to blame.

He's posted 371 comments so he should be aware how Slashcode breaks long strings (to foil page-widening troll posts)

He wrote:
see here. http://caselaw.lp.findlaw.com/scripts/getcase.pl?n avby=search&case=/data2/circs/5th/9940632cv0.h tml

he should have written:
<a href="http://caselaw.lp.findlaw.com/scripts/getcas e.pl?navby=search&case=/data2/circs/5th/9940632cv0 .html">see here</a>

which displays like:
see here

Re:Politicians and technology, again.

[hesiod]

> Not sure what "YAW" stands for

His nick is "You're All Wrong"... YAW

Re:Politicians and technology, again.

[hesiod]

> his directly buying a product and copying it onto the net makes him afoul of the law to me

There are no fine details to this: It should never be illegal to post a copy of a law to a website, regardless of how he got it. If he stole the publisher's "Look & Feel" of the page, then it is arguable (very arguable, I believe the way something vaguely looks should not be copyrightable).

Re:Politicians and technology, again.

[genner]

It's a aeronatical term , it's the opposite of pitch.

Re:Politicians and technology, again.

[Buran]

Actually, it's generally carried out at a right angle to the pitch axis. ;) So is roll. (Sorry, no Rock around here!)

Smoke & Mirrors

[grub]

For example, the parties to the letter warned that the bill could interfere with computer security by preventing information technology and security companies from collecting data to analyze and prevent virus attacks, and would also impair the delivery of local, targeted ads.

If they are that concerned about security they could have AV companies include a [X] "Report viruses to Foo.com AV Central" option to eliminate that minor complaint and be compliant with the new law. As for targetted ads.. well, that's what they're really concerned about. It's a multi-million (billion?) dollar industry. Screaming about how bad the bill is for security is just a smoke and mirrors game.

I only hope that the spyware people don't go after the AdAware or Spybot Search & Destroy folks under the guise of the DMCA.

The way things today are going though..

Re:Smoke & Mirrors

[MushMouth]

The Problem with AdAware and the like is that they do not actually block programs/controls by their own published guidelines. They also do not respond at all to any sort of dialog to inquire why they choose to block the programs that they do, yet not other toolbars which have the exact same functionality, privacy statements, uninstaller, and installer.

Re:Smoke & Mirrors

[localhost00]

I only hope that the spyware people don't go after the AdAware [lavasoftusa.com] or Spybot Search & Destroy [safer-networking.org] folks under the guise of the DMCA.

By your logic, spyware companies shoud also go after those who create drive formatting software.

Re:Smoke & Mirrors

[grub]

No, that doesn't involve any reverse engineering or decompilation of software.

Re:Smoke & Mirrors

[sumdumass]

I only hope that the spyware people don't go after the AdAware or Spybot Search & Destroy folks under the guise of the DMCA.

i don't think they can go after them with the DMCA. the adware removing programs usually just watch what is being installed and then devise a way to remove what is phoning home.

then they offer way to remove it with an update to thier consumer product. there is really nothing more going on here. other that watching network trafic for somthignthats not supposed to be there and tracing it back to an offending program, then either watching it install to see what was changed or removing the program and looking for the problem that arise afterwards.

Re:Smoke & Mirrors

[egamma]

"Ad-aware and Spybot S&D do not prevent spyware from being installed".Mostly true

Spybot has the immunize feature. But better than that: Spyware Blaster and even Ie-spyad can help with that.

Hmm...

I doubt anyone is surprised by Microsoft's, AOL's, etc, complaints, but Google and the like? That seems a bit odd.

Do they believe that later legislation will "restrict" even more things that affect their buisness, or do they sponsor spyware?

Re:Hmm...

[thewldisntenough]

I doubt anyone is surprised by Microsoft's, AOL's, etc, complaints, but Google and the like? That seems a bit odd.
A big cash cow for "Google and the like" is targeted ads...Of course they'll be first in line to protest this bill. IMHO, I think targeted or paid ads should be banned anyway...In my own experiences with search on Google, etc, I've seen many targeted ads come up something like this -
William Shakespeare For Only $.99!
or
research+DMCA Dirt Cheap!

Re:Hmm...

[stratjakt]

Perhaps they arent fools, and realize that legal solutions to technical problems ALWAYS backfire.

Re:Hmm...

Yes, those pesky work safety laws really get in the way, don't they ;)

Re:Hmm...

[orthogonal]

I doubt anyone is surprised by Microsoft's, AOL's, etc, complaints, but Google and the like? That seems a bit odd.

Google's a great company for offering an unbiased search with small, tasteful text ads, and for sustaining the newsgroup archives many of us still call DejaGoogle.

So we tend to see Google as one of the "good guys". And to some extent, they are one of the good guys.

That said, Google also records the IP address and the search term of each Google search, potentially amassing a great deal of privacy threatening information about you, and it offers the Goggle tool-bar, which apparently "phones home" data about the sites a user visits.

And then Google gets a pass on this from too many of us, because of the good it does.

Any concentration of personal information in a single entity's hands is a threat, even if that entity is wholly benign, because the existence of this trove of information would at the very least tempt other unscrupulous entities to steal the information. And even if Google is wholly benign now, that's no guarantee that it always will be. And frankly, there's no proof that Google is wholly benign.

This is, incidentally, why we must also be wary of government programs like "Total Information Awareness" and MATRIX: even if they're used for wholly benign purposes, like counter-terrorism -- now, there's no guarantee they won't be subverted -- just as FBI Director J. Edgar Hoover subverted the FBI -- for monitoring dissidents or for increasing the personal political power of the men who control these databases.

Re:Hmm...

[WebMasterP]

Amen!

This is a recurring problem. Society seems to think we have to solve a problem with a one dimensional attack. Why not use a socio-technical or legal-technical solution? I'm not saying I have the answers; but we should take more than one angle.

As for the guy who thinks banning targeted ads is a bad thing. I'm sure a lot of people disagree with you. I know I do. I would much rather get ads from slashdot telling me about 6.0Mbps/768kbps DSL from Speakeasy than tampon ads from OB or someone. Besides, if you can drive down the cost of advertising, it should theoretically drive down the cost of consumer goods... if that pans out, we have yet to see for sure.

If you think that...

[BgJonson79]

your "targeted ads" are going to be discarded because someone thinks they're spyware, maybe the ads should be re-thought?

Re:If you think that...

I live in NH. Statistically, I'm more likely to be a tech worker than someone living in any other state ;-)

There's a Difference

[blackmonday]

There's a difference between a *relatively* benign cookie stored in the browser and a trojan spyware program as bundled with kazaa, comet cursor, etc.
Having said that, I'm not sure legislation is the best way to take care of this. Can't we use existing laws in court to fight spyware?

Re:There's a Difference

[happyfrogcow]

probably, but we're starting to see in legislature what we've been seeing in software patents for a long time now. "breaking and entering.. on the internet" or "illegal wiretap... through web page" or whatever else. I would imagine we do have laws to govern some of this already, but that doesn't force lobby groups to give the government more money. i'm too suspicious anymore to think money isn't the motive behind most of government.

Re:There's a Difference

You're right. New uninformed legislation helps nobody. Nor does OLD uninformed legislation. I think the worst thing any government can do is try to stretch antiquated laws to fit current situations. A good example is the 2nd ammendment of the Constitution. It made a lot of sense at the time, but it serves little purpose now, except for gun enthusiasts. But this isn't a 2nd ammendment debate. This is really about writing well-informed legislation regarding technology.
Unfortunately, it doesn't seem that this can happen as long as the baby-boomers are still in office. For the time-being, it looks like our best hopes rest in the laps of the computer industry itself.

Secondly, legislation is just as helpful in solving political issues as my used toilet paper is, as long as the laws are not being enforced. Again, I don't think there should be creative enforcement of existing laws. What we really need to do is intelligently craft new, straightforward and transparent laws to address the problems that continue to emerge from computer technologies.

definition of Spyware

[ssand]

While this could potentially be welcoming, I fail to see it actually enforcable. With many programs that contain spyware, you agree to their terms of services which more than likely includes that 1. they may redirect you. 2. You allow them to update/install what they want ... and so forth. Further more there are programs that may not be spyware, but are milicious, and problematic for users (like RealOne).

Re:definition of Spyware

[DR+SoB]

What are you talking about? I mean, I don't get spam anymore since the gov't stepped in, so why would this fail?

Re:definition of Spyware

gossip burrying the "i agree to this " in a 20 page doc of legalese ,designed so people cant/wont read it, is not accepting it in my opin.

it should be clear a layman. with NO ATTEMPTS TO HIDE IT.

Re:definition of Spyware

[Talence]

Actually, weirdly enough... my unfiltered spams/day count has dropped noticeably.

Re:definition of Spyware

[222]

yea, just like the war on drugs / terrorism.

Re:definition of Spyware

[hyphz]

Nothing in the proposed law mentions "without permission".

Unless they were going to include a complete disclaimer in the license and even that is shaky.

local, targeted ads?

[Gr33nNight]

..local, targeted ads..

So, since I live in Wisconsin, I should be seeing tons of ads for cheese and beer..?

Re:local, targeted ads?

[mopslik]

So, since I live in Wisconsin, I should be seeing tons of ads for cheese and beer..?

What about those folks that live in Dildo, Newfoundland?

Never mind the fact that it's located right next to Spread Eagle...

Re:local, targeted ads?

[gstoddart]

So, since I live in Wisconsin, I should be seeing tons of ads for cheese and beer..?

I always assumed you already did.

Re:local, targeted ads?

[happyfrogcow]

Mmmm, is there a Wisconsin bit i can set in my TCP/IP headers?

Re:local, targeted ads?

[prockcore]

So, since I live in Wisconsin, I should be seeing tons of ads for cheese and beer..?

No, you should be seeing travel brochures.

Re:local, targeted ads?

Residents of Dildo are called Dildoians.

Oh no! The internet is leaking into the real world.

Re:local, targeted ads?

[extra88]

Cheese and beer don't need to be advertised there, they are ubiquitous. What you need is ads for heart disease clinics.

Re:local, targeted ads?

[eRacer1]

What about those folks that live in Dildo, Newfoundland?

Never mind the fact that it's located right next to Spread Eagle...

Spread Eagle, Wisconsin doesn't need a Dildo nearby because there is a Goodman just down the road.

Re:local, targeted ads?

That's nothing. What about the ads we get in Blow Me Down and Come by Chance.

Yes, well...

[Tuxedo+Jack]

That's why those of us who give a damn do this:

- Refuse most cookies
- Block malicious servers with HOSTS files
- Mozilla (Block Images from Selected Server)
- Spybot/Ad-Aware (If in Windows)

Althought admittedly, this phrase is interesting:

"Under the bill, any software that reports its users' online actions, sends personal data to other companies, or serves pop-up ads without permission is prohibited. It does contain certain exceptions that some industry analysts have deemed "self-contradictory," such as "cookies" used for personalizing Web pages, and ads served by HTML or JavaScript."

That completely outlaws a crapwad of software there.

However, as a lot of spyware is non-U.S. in origin, it won't curb all of it.

Re:Yes, well...

However, as a lot of spyware is non-U.S. in origin, it won't curb all of it.

Such as what?

Re:Yes, well...

[Tuxedo+Jack]

Go to http://www.spywareinfo.com. They have a far better database than I do.

Here's a hint, though - a changed WWW prefix to ehttp.cc. CoolWebSearch.

Re:Yes, well...

[f0rt0r]

That is what I do, too. Plus with the style sheet add-in for Mozilla, you can stop flash ads from playing, too. Not bad for a free browser, not bad at all.

How about a user-settable "No-soliciting" cookie that any site can read? If the site detects its presence, they cannot send you any ads. Ignoring this cookie would be a punishable offense. :)

Yeah

[JoeBaldwin]

So we want them to deliver "local targeted ads"?

FUCK NO!

We want NO FUCKING ADS AT ALL!!!

Jesus christ, someone aught to drill into their skulls, maybe they'll find some valuable air which can be released back into the atmosphere...

Re:Yeah

[pvt_medic]

but the thing is we all take for granted that the internet is just a free thing. We all forget about the hundred of computers, the power, the bandwidth, the development, etc. these sites are not just put out there out of the goodness of the authors heart, they have to at least break even, and most companies prefer to make a little profit. I hate ads as much as the next person, but a couple of ads sure beats having to pay for services online.

Re:Yeah

[EzInKy]

I hate ads as much as the next person, but a couple of ads sure beats having to pay for services online.

I may be alone here, but personally I never really minded ads, and sometimes I actually miss those plain old static banners. Every now and then I'd click on one if it was something that caught my interest, and I even managed to pick up some decent bargains occasionally. As a matter of fact, I never even considered blocking any ads until they became so distracting that I couldn't read a sites content for fear of retinal burn from all the obnoxious flashing going on, so now I simply block everything I can.

Re:Yeah

[Jane_Dozey]

small, unintrusive ads I can deal with. If they don't get in my way or distract me from the web page I actually came to visit then that's all fine. It's just when they popup and get in the way, or flash at me saying I've won something, or just plain start trying to take over the page I'm trying to read that I get annonyed. Hence the reason I now block as many ads as i can. But these companies allowing advertising on their site have to get a revenue from somewhere and that's where the advertisers come in. If i had a website I needed money for to keep going, I'd probably allow adverts (although I'd try and keep them discrete).

So broad, anti-adware and kid-proofing is spyware!

[LostCluster]

Yep... this is an interesting problem. The bill says (1) A person may not:...
(c) use a context based triggering mechanism to display an advertisement that partially or wholly covers or obscures paid avertising or other content on an Internet website in a way that interferes with a user's ability to view the Internet website.

That could be read to say program that removes any part of the website from the user's view and replaces it with either something else or even plain nothingness is prohibited. So many non-spyware user-friendly uses of technology could get caught in the crossfire...

Gave the bill a quick read ...

[Dark+Lord+Seth]

( damned overuse of underline and italics hurts the eyes! ) .. and at first glance it does appear rather broad. Can't really go into detail, at least not without suffering serious eye injuries, but I think those people may be on to something, considering the bill just about kills any form of advertisement, including the few kinds of advertisement which we do not mind. Much... ( Google's AdSense anyone? )

Re:Gave the bill a quick read ...

[HTH+NE1]

( damned overuse of underline and italics hurts the eyes! )

And the lack of indentation for the lists making it harder to follow the logic.

I have a cleaned up version, but this site won't let me nest lists as deep as this bill does (3 vs. 5). So here's a temporary mirror. Pardon the uncentered headers.

Flawed laws

[broothal]

I agree that the law looks flawed, and it's okay to protest. What I don't understand is, where were these guys when another flawed law passed congress?

Re:Flawed laws

[AndroidCat]

Where were they? Lobbying for it in some cases.

Kiss your Internet companies goodbye...

[LostCluster]

This is a nice try by a well intentioned legislator, but a state law will have very little effect on the operations of Internet companies not operating from their state. Let's face it, the United States has trouble geting its laws to regulate offshore casinos and offshore-based music download services.

If you don't like the laws of the jurisdiction you're setting up an Internet company, it's far too easy to set up shop in a more friendly jurisdiction. With this law being clearly written by somebody who isn't bothering to carve out a nice safe territory for targeted ads, Utah will basically lose any bit of the Internet content industry it has left to other states.

Re:Kiss your Internet companies goodbye...

[sl3xd]

Utah will basically lose any bit of the Internet content industry it has left to other states

Um... I live in Utah. The only "Internet content industry" here is the online version(s) of the local newspapers. There ain't nothin' to lose!

Utah is generally not 'hip' enough for anything in the entertainment industry to publicize much. A couple of exceptions are the Sundance Film Festival, (which only exists because of Robert Redford's clout, and the fact that he liked the area enough to buy substantial portions of it) and that it is a relatively popular place to film for TV and movies, mainly because of its diverse climates/environments and relatively cheap workforce and extras.)

And for the 'news' industry? Well, it's a rather long way from anywhere you would find much world or national news; this is more a function of population than anything else. It just makes sense that you have a big news company on the east-coast; that's where the nation's capital is, as well as the vast majority of the US population!

So honestly... what is there to lose, both in present and future terms.

I'm sorry, but I just can't see MTV or CNN moving their offices to Salt Lake City.

It never had an internet content industry to begin with-- period. It's just not elite enough a place for most content creators to be caught dead in.

Re:Kiss your Internet companies goodbye...

I'm honestly not trying to troll here, so just stop and think about this for a second. Clear your mind if you have to. Now ask yourself the following question:

Why does it seem like nothing intelligent has come out of Utah lately?

Am I really the only person who sees the word Utah in the headlines and immediately begins wondering what mildly entertaining foolry is about to follow?

effect on computer security

[Naito]

only effect on security banning spyware could have is to IMPROVE it. fucking spyware. sick of removing it from people's computers. it might affect computer sales tho. With no more spyware on their computers, newbies will be able to get by with a much slower machine. The loads of spyware make people complain that their 2.4Ghz P4 isn't fast enough and help sell the 3.2s etc, so that even with it's bogged down by spyware it still feels like a 2.0

Re:effect on computer security

Re: sick of removing it from people's computers

You sould charge them for this. After all it is a service. Hell, you could set up a contract to remove them every month.

You know that the spyware/adware will be back in a month don't you.

Newbies will and do go back to the sites and click the (I agree) button again and again. This could be a good business.

"Email Marketing? from MS no....that can't be.

Re:effect on computer security

[SmackCrackandPot]

Amen to that! Ever since the last E-mail virus that circulated round our labs, I've been trying to account for every open port, http and ftp request on my PC. Finding out that certain components s were automatically self-updating every time someone logged in, has not made me happy. I wish this law would include self updating system components.

Utah has done this before

[John+Harrison]

Trying to be leading edge a digital signature law was passed that was basically written by a company that had started up doing what? Digital signatures! Oddly this company was spun off of the bank that the speaker of the house (Marty Stephens) works for.

At least thats how I remember it.

Re:Utah has done this before

[helix400]

This is pretty much how it works. I was listening to the Utah House Legistlative session online (listening for the UTOPIA bill) when I first heard about this anti-spyware bill. I can confirm that many bills are written and submitted by companies with the sole intention of trying to protect their interests and block out competition.

The problem is, there were hundreds of bills that needed to be debated, and so each individual bill gets little debate time. When a technology bill comes up, the attitude they all have is "Well...I really don't know what it means. However, I have to vote on it. If nobody else raises any serious objections, I'll assume its a good bill." This bill didn't have any serious objections, and so it was quickly passed.

On a side note, the anti-UTOPIA bill was written almost solely by Qwest to kill the fiber optic plan. The bill survived the first few legal hurdles before some representatives started to actively question the bill and how it was designed by Qwest solely to kill competition. Then representatives drastically amended the bill for the better.

Re:Utah has done this before

And I used to work for that company. The bank (Zions Bank) created a subsidiary, Digital Signature Turst (now owned by Identrus) in order to bid on a contract that the legistlation created - to provide Public Key Infrastructure. The legislation (passed in 1996) called for state agencies to go on-line. DST was created in order to bid on the contract to provide the PKI for it.

Its interesting to note that the specific legislation didn't go much of anywhere. From my tenure at DST, it was very apparent to me that the PKI industry in general was just too fragmented to really get anything useful done. There was (and arguably still is) too many competing solutions to PKI in general, some of which don't work well with the other solutions.

There were two other companies started in Utah to bid on the same contract, and they lost out. They are also out of business. One was UserFIRST and the other one was Arcanvs. DST would have probably been out of business too if it weren't for Identrus buying them.

If you think about it, how many people do you know who use S-MIME email? For me, DST employees were the only ones I knew of. SSL certificates is about as much PKI as most people see in their day-to-day lives on the Internet, and its been that way for a long time.

Re:Free Software.

[Anonymous+Crowhead]

With Free Software, things like this would not happen.

BS. IF linux gets adopted by the mainstream desktop market, you can bet your ass that spyware will quickly follow. And the mainstream desktop users will be just as helpless and unable to stop it as they are now.

That's a warning?

[gfxguy]

"The parties to the letter warned that the bill could interfere with computer security and would also impair the delivery of local, targeted ads"

Isn't that the point? That's a warning? I hope it's a promise. I'll keep my computer secure, thanks, I don't need someone like MS telling me how to do it.

Oh boo hoo, cry me a river.

[Orion+Blastar]

I do not want to install their malware, nor should I think it should be legal to trick the user to install it either. If the users knew what kind of program it was, they would not install it. But it has to be hidden behind OS updates, Media Players, shareware, helper programs, toolbars, and other things.

Find another way to make money, I am not buying their defense of Spyware/Adware one bit.

Localized Internet Laws

[Eberlin]

I've always been puzzled as to how this works. I know there should be lots of cases of such things already (Sharman Networks, for example) where a "local" law is used to prosecute someone from another area.

With the Internet being what it is, how do we effectively enforce such things? Seems like a lot of chest-pumping without much effect. More politicians posturing? So how can local laws be enforced on a global community? (besides pissing enough people off to get the DMCA slapped on you and ruin your US travel itinerary a la Dmitri)

Re:Localized Internet Laws

[cluckshot]

The whole issue centers around the issue or Nexis in law. (The Connection) So long as the law allows that you are connected or had contact with the Plaintiff you are subject to the laws he has. It would seem that since the webpage is deliberately placed in a media and advertized in a way such as to affect the actions of a person in this or that jurisdiction it comes under the law.

The problem is that the EU for example does not honor UTAH warrants like the 49 other US States do. So this really only applies inside the USA. The Netherlands tried to apply jurisdiction as did Belgium to the whole world over "War Crimes" recently. It almost worked but the USA had other ideas on the matter and turned some screws and that died.

The real issue here is that the Business pushing the spam is selling goods inside the USA so it pretty much comes under the Nexis of US Courts and Laws. It would take a simple act of US Law forbidding the collection of any foreign debt which was incurred outside of US Laws and the Spammers would be out of MONEY.

If any US State simply forbid the collection of Credit Cards and Payments of Debits with Triplicate Damages plus Legal the Money guys would get in line. (Same as US Fair Debt Collection Practices Act of 1979)

Re:Localized Internet Laws

[nineoneone]

...how do we effectively enforce such things?

Short answer: we don't, thank god.
We don't want politicians extending their slimy tentacles onto the net. We really don't.

"...impair the delivery of local, targeted ads..."

GOOD.

'nuff said.

Here's the big objection of theirs

[Rick+Zeman]

...and would also impair the delivery of local, targeted ads.

'nuff said.

CNET Article on state anti-spyware bills

[hobbespatch]

CNET Article on Utah & Otherstates Spyware Laws.

The result, after some negotiation and input from Net companies, is a bill that bars companies from installing software that reports its users' online actions, sends any personal data to other companies, or pops up advertisements without permission. It contains some loopholes: Advertisements served by ordinary HTML or JavaScript are exempted, as are the ordinary "cookies" often used to help personalize Web pages.

I still don't see how this is bad. Sure it has 'enforcement' issues, but it carries a $10,000 fine, it might serve as a good deterrent.

My Favorite Part!!

[mustangsal66]

(b) recover the greater of:
(i) actual damages; or
(ii) $10,000 for each separate violation of this chapter.
(3) In an action under Subsection (1), a court may:
(a) increase the damages up to three times the damages allowed by Subsection (2) if the court finds the defendant willfully or knowingly violated this chapter; and
(b) award costs and reasonable attorney fees to a prevailing party.

---
1: Download adware
2: Sue
3: Profit!!!!
---
Bahama vacation here I come!

Re:My Favorite Part!!

[happyfrogcow]

1: Download adware
2: Sue
3: Profit!!!!


Sorry pal, but on the Internet, adware downloads you...

Re:My Favorite Part!!

[DR+SoB]

"(ii) $10,000 for each separate violation of this chapter."

It's funny, the average adaware results I've seen for "moron" computer users is 100-150 removed spyware's. So for _EVERY_ computer that's a $1,000,000 violation (at least!).

Hello children, can you say "class action suit", I know you can!

Re:My Favorite Part!!

[romper]

Dude, you're not supposed to fill in #2.

wrong

[Nf1nk]

this crap ware would exist in Linux as soon as the user base got big enough to have a proffitable segment of morons, who don't know to check the MD5 hashes (or even what they were). yes propritary software created this problem, but free software alone will not get rid of it

"TOP WEB BUSINESSES OPPOSE UT SPYWARE LAW"

[DR+SoB]

And in other news:

The NRA is against gun control laws.

Anti-abortionist demonstrated at an abortion clinic.

Muslim extremists sent threatening letters.

The stock market is crashing.

And the sky is falling...

Claria

[happyfrogcow]

Companies like Claria and WhenU, for example, are legal adware providers, although each has been involved in high-profile lawsuits over their software. Both companies still face pending legal action.

What are they smoking? Claria is spyware.

Let me control my own computer!

[blcamp]

Criminey Sakes already!

* It's my computer, bought and paid for.
* It's my software, bought and paid for (and/or acquired free, legally).
* It's my bandwidth, bought and paid for (on a monthly basis).

Let me decide what to do with it.

If I want to load up my HD with bloatware, spyware, malware or whatever, as long as it harms no one else... who the hell cares?

If, on the other hand, I want to run my system cleanly, block out all malware sources with a HOSTS file, install anti-spyware and anti-virus software and do whatever else I see fit... again... who the hell cares?

It's my choice to run my computer and my software to twiddle my own bits as I damn well see fit.

If the government doesn't know anything about what the hell it is regulating, it out to stay the hell out of trying to do anything with it.

Re:Let me control my own computer!

>> If I want to load up my HD with bloatware, spyware, malware or whatever, as long as it harms no one else... who the hell cares?

That's the problem with it. You can't tell if it harms no one else. Often the malware/spyware is a trojan that the average user doesn't know what it is doing (or that it is even there). While its not hurting you noticeably, it could be used to DDOS any number of targets.

Re:Let me control my own computer!

[danheretic]

I sympathize, but... you're not quite right here.

It is your computer, bought and paid for.

As for the software, you're simply leasing a copy of it. You don't buy it. What you're purchasing is the distribution media and a license to use the software. (Which license, by the way, can be revoked at any time, according to many software companies terms of use.)

Your bandwidth is likewise leased, unless you happen to buy and bury the cable yourself, and even then you have to connect *somewhere*.

Re:Let me control my own computer!

[bgeer]

Did you even read the article? It doesn't say you can't install spyware on your computer, it says you can't install in on someone elses's computer. It says you can't distribute spyware that screws up people's browsers by replacing the advertisements based on context triggering.

Basically the law says you can't sell Drain-O at a lemonade stand, not that you can't drink it on your own if you want to.

Re:Let me control my own computer!

[/dev/trash]

You license the software. Just like you license music.

Re:Let me control my own computer!

Why should you have to block malware / spyware with Hosts files, install anti-spyware etc.

THAT is the point of this bill.

Next you'll be saying that supplimental EULA's on security patches is a good thing

Re:Let me control my own computer!

[Geoffreyerffoeg]

Two reasons:

> If I want to load up my HD with bloatware, spyware, malware or whatever, as long as it harms no one else... who the hell cares?

If you'll allow this is, you'll likely free your computer for a spam/DoS zombie. Then it will harm others, and people will care.

> If the government doesn't know anything about what the hell it is regulating, it out to stay the hell out of trying to do anything with it.

The government is made out of people. If the government can't fix something right, it means people in general couldn't fix it right. Have you seen the loads of malware on the Add/Remove Programs list on any Windows PC today? One whose network's hardware filter should've blocked all malware sites? One whose data (student grade records) should not be seen by unauthorized others in the campus, let alone random people at Spyware Co.?

Re:Let me control my own computer!

[twray]

It's my bandwidth, bought and paid for (on a monthly basis).

Since your ISP wants to be competitive with other ISP's, they accept money/favors/sex from ad factories like GATOR. This money subsidises your monthly bandwidth costs.

If you want to pay double or triple, you can probably find another ISP who won't do this.

PS: If you find one, post it on Slashdot and send me a personal message.

Re:So broad, anti-adware and kid-proofing is spywa

You answered your problem in your post. The first part of part (c) states "to display an advertisement". The application is only prohibited if it replaces content or ads with more ads. Replacing it with blank space is fine.

Re:So broad, anti-adware and kid-proofing is spywa

[squiggleslash]

No it couldn't. It specifically says "display an advertisement", and a blank area is clearly not an advertisement by any definition. (And no, before anyone says "But a clever lawyer could argue...", the law doesn't work that way, it never has done. People get so hung up on urban legends about what clever lawyers have done together with righteous anger about laws that have been abused that they assume everything is a matter of lawyers redefining the English language. It almost never works that way.)

It kind of reminds me of an old Knight-Ridder News Service wire where it was explained why the inscription on the metal bands used by the U.S. Department of the Interior to tag migratory birds had been changed.

The bands used to bear the address of the Washington Biological Survey, abbreviated

Wash. Biol. Surv.

Until the agency received the following letter from a camper:

Dear Sirs:
While camping last week I shot one of your birds. I think it was a crow. I followed the cooking instructions on the leg tag and I want to tell you it was horrible.

The bands are now marked Fish and Wildlife Service.

You're not paying attention.

[Moryath]

See, the problem is, Spyware jerks (like Gator) always CLAIM that what they are delivering is (a) with permission, (b) wanted, and (c) delivering some sort of benefit to the consumer.

And it takes a hell of a lot to debunk that.

The BIG one is to get shitholes like Gator to stop using "trickler" apps that reinstall the program if the user tries to remove it.

Re:You're not paying attention.

[Stonent1]

And it takes a hell of a lot to debunk that.

In some cases, it takes a hell of a lot to convince them you've changed your mind. Of course now there are good and free spyware removal tools. I've been to some sites that pop up messages that say "Javascript error: Not a Win32 environment" :)

Re:You're not paying attention.

[raalynthslair]

"I've been to some sites that pop up messages that say "Javascript error: Not a Win32 environment" :) "

Just another good reason to use anything other than M$. ^_^

Re:You're not paying attention.

[s13g3]

Uhm, I dunno about you, but it would take absolutely no effort on my part whatsoever to debunk the above claims. Period, paragraph, end-of-story, I do not want advertising, advertising software, tracking software, special deals/offers, targeted marketing, tracking cookies, malware, spyware or anything other than the app I specifically downloaded or the web-page I specifically viewed. I don't give a d4mn if MS or Yahoo! (whose mail service I use) thinks this has security implications for them, as that's total BS of the pointy-haired boss variety.

If I went to gator.com (or whatever their website is) and downloaded their marketing software, that would be one thing. But I haven't, and never will. My guess is 98% of people wouldn't either. I don't want to be plagued by their crap. If I wanted to be some kind of running marketing/advertising survey participant, there are places I could go to do that (e.g. NPDOR.com) As it is, I don't even plug my satellite IRD or cable receiver (yes, I have both) into the phone line b/c I don't want them reporting my viewing statistics. I am not a guinea-pig for Nielsen, and neither is my PC.

So yah, fsck MS and Yahoo! and the rest. Destroy all spy/mal-ware and tar-ball and feather the spammers! I shouldn't have to run software on my PC to find out if some asshole webmaster or programmer is hunting for my name/email/home address/surfing habits, etc. Spyware, malware and the like are just overblown viruses (and just as malicious in many cases), and should be treated by the authorities as such. If Y! can and wants to denote my viewing habits within their site, that's fine. I subscribe to their service and use their hardware. If I click on an ad link (I won't), they can track that without ever installing software or cookies on my PC. Sure, that takes some horespower from their servers and space in their DBase, but I don't recall signing up for a Y! "Help us cut costs" distributed computing project. If I should provide my real name, address, or zip code to Yahoo! (I haven't, and won't) and they say they reserve the right to use that info, that's also ok, assuming I'm made immediately aware of this in very plain text at the top of the EULA. I even fed them a nearby zip code... I don't mind that there's an ad on my email page; That's how they make their money. I still won't click-thru, but they get paid by the impression, so if they want to send me ads local to Atlanta, that's ok, just so long as they

• keep their grubby paws out of my box!

The Internet may be the next big advertising medium (it's gotta pay for itself somehow), BUT MY PC IS NOT!

Final thought for close. It is permissible for neighborhoods and office parks, etc., to put up signs saying "No Soliciting". This means that you can't just walk onto mine or someone else's private property and harass them to buy something. People have been shot for less. There is a sign outside of my neighborhood that says "No Soliciting". Boy/Girl Scouts are ok in my book. Jehovah's Witnesses and Insurance salesmen offend me, and I don't want them at my door bugging me. The law gives me the recourse, when properly posted, to have these people fined or in some cases arrested. Used to be bulk mailin my Snail-Mail box. That was bad enough but went away with the internet (USPS must miss those days). SPAM in my email box is just as bad. But installing software/cookies without my consent (something no one will *EVER* get legitimately) is no different than a salesman violating my personal privacy and property to come into my home and pitch me stuff I don't want. I almost never watch TV. Never mind the lack of content on the tube ('cept for Stargate, Enterprise CNN/FNN, and Discovery Wings), the advertising is obnoxious... Can't even legally get a filter to tone down the volume of commericals. But I do suscribe for that content. Thank any and all G-d's that ISP's don't operate th

Re:You're not paying attention.

[name773]

The BIG one is to get [losers] like Gator to stop using "trickler" apps
the big one is to get windows people to start using linux or any other open source os, because it eliminates the spyware problem

Re:You're not paying attention.

[lunky]

Brilliantly said.

Re:You're not paying attention.

[jb_davis]

Let's also think of solutions that have a chance of working while we're at it. We all know Windows users will not be switching any time soon, Linux is just not there yet; it's still far too painful to install and learn for the average person.

Re:You're not paying attention.

[tweel.2]

EXACTLY !
We are of one mind here.
Unfortunately the EvilScumPoliticians will water this legislation down to the point of total ineffectiveness !
Why? . . . $$$, why else.
Personally, I would like to see this activity subject to the death penalty.
I am tired of EVERY channel of human interaction turned into a means of indiscriminate advertising.
Placing a cookie SHOULD be a deathpenaltyoffence !
(Lets get us a rope, boys, and have us a necktie party !)
---
runonwords=uniqueindividualconcept

Re:You're not paying attention.

[willabr]

S u r f N a z i ' s M u s t D i e

Re:You're not paying attention.

[TeraCo]

until suddenly one day, when linux has superior market share, and the spyware writers and virus writers flock to the platform with a vengeance. Your technical superiority doesn't make you immune, the fact that you aren't a big target audience makes you immune.

Re:You're not paying attention.

[name773]

in the idea of open source, the users can take out spyware... if the software writers ever let it in to begin with. that's because the users can edit the source code before compiling.
so yes, the users who compile their own apps will be immune.

it's the development model, not the technical superiority of open source that makes it immune to spyware.

Re:You're not paying attention.

[slugo3]

Yes, well put indeed.
I have been telling my customers that the spyware there paying me a lot of money to clean is basically a "legitimate virus". How else do you describe some crap software that has taken over a users machine and made it unusable?. The users bear some of the responsibility but there should be limits. What were seeing now is the "wild west" era of the internet before laws go on the books concerning the "rights" of an internet connected PC :p
I can't wait for a virus that comes with a click through EULA, it would be interesting to see (legally) what would happen.

Re:You're not paying attention.

[TeraCo]

What about linux apps which aren't released open source? If linux reaches a desktop majority, it will have a wealth of software available to it, only a small portion of which will be open sourced.

Re:You're not paying attention.

[Mr.+Troll]

*GASP*

You just called Gator SPYWARE!!! Prepare to be sued sucka

Re:You're not paying attention.

[smyle]

Thank any and all G-d's that ISP's don't operate the way the Cable comapnies do, or your web-surfing would be interrupted every 5 minutes by some ad that takes over your entire system, automatically turns on your speakers to the loudest setting and can't be bypassed.

Dangit! Stop giving them ideas!

Re:You're not paying attention.

[True+Grit]

I wish just one of the people always saying Linux/Unix will be hit just as bad as Windows has by spyware and virii when it gets as popular, would explain to us just exactly how this is going to happen, because I'm *really* interested in this theory. Windows is vulnerable because of its design, history, and intended audience. Linux, OTOH, was *born* in the networked multiuser world where not everyone can be trusted, its had features from the very beginning that Windows has gotten only recently. Sure *nix isn't immune, but I'm still waiting to hear the evidence for it being "just as vulnerable" as Windows.

Re:You're not paying attention.

[mattyrobinson69]

The Internet may be the next big advertising medium (it's gotta pay for itself somehow), BUT MY PC IS NOT!

The internet is paying for itself, thats what ISP's and ecommerce is for. There's other, less frowned upon methods of making money on the internet and if you cant, go stack shelves at the supermarket or something else equally honest (even a lawyer ;) ).

Re:You're not paying attention.

[mattyrobinson69]

i missed out a / in my second tag, ah well

Re:You're not paying attention.

[jasonisgodzilla]

Use Firefox and you dont have to worry about this crap. I haven't had a single piece of scumware since I switched. My neighbor across the street kept getting infected with this garbage. I swithched them to firefox and spyware free for 1 month now.

Re:You're not paying attention.

[name773]

i did not say in the future. right now, i run slackware 9.1 and i have one closed source program installed, the flash player plugin. that's not even an app.

Re:You're not paying attention.

[TeraCo]

Sure, but you replied to me.. and I was talking about in the future. Do you frequently ignore the topic at hand when you reply to people? :P

Re:You're not paying attention.

[name773]

well, you got me there :)

Re:You're not paying attention.

[s13g3]

Thx =)

I like a good rant sometimes... Sometimes twice in the same day, even.

Re:So broad, anti-adware and kid-proofing is spywa

[CaptainCheese]

read that again:
(c) use a context based triggering mechanism to display an advertisement that partially or wholly covers or obscures paid avertising or other content on an Internet website in a way that interferes with a user's ability to view the Internet website.

you specifically have to paste an advertisement over someone elses' website for this clause to refer to you.

posting "plain nothingness" only counts as advertising if you're selling nothing! ^_^

[OffTopic]Re:If you think that...

[mustangsal66]

Why are the people who call Bush a dictator the same ones who want to take away our guns?

Not true.... I'm a NRA card carrying, Whitetail hunting, handgun owning Independant. The way I see things currently is Bush is killing free speach and needs to get out of office!!

Re:[OffTopic]Re:If you think that...

[hambonewilkins]

Good point mustandsal66. I probably disagree with your politics, but I agree with your overall point that the parent is wrong.

In general, I think you also have to be logically consistent. If you are a strict constructionist (as many Bush-lovers are) you pretty much could only have the guns that existed at the time of the constitution or you'd be pretty logically inconsitent (yes on the exact law for everything else, but that whole arms and militia thing we can be a little wavy on).

Also, there are many countries in the world without guns that are not dictatorships and vice versa. But it was a great argument while it lasted.

Re:[OffTopic]Re:If you think that...

[the+arbiter]

Also weighing in, and I couldn't agree more...Bush & Co. would take away your guns in a second, don't even kid yourself. The Constitution is, to them, just an impediment to their goals, to be circumvented as efficiently as possible. Gun-owning liberal, that's me.

Re:[OffTopic]Re:If you think that...

[TykeClone]

In general, I think you also have to be logically consistent. If you are a strict constructionist (as many Bush-lovers are) you pretty much could only have the guns that existed at the time of the constitution or you'd be pretty logically inconsitent (yes on the exact law for everything else, but that whole arms and militia thing we can be a little wavy on).

At the time, there was very little difference between civilian and military firearms. To be logically consistant would require the government to end all gun control laws...

Re:[OffTopic]Re:If you think that...

[sumdumass]

It is usually the liberals who are trying to take guns away. I even remember when they thought they could outlaw the amunition to effectivly make guns ineffective.

The problem is most anti gun laws make restrictions were there should be none. I can understand not having a convicted criminal posessing guns but an underlying freedom in this country is the ability to have firearms. when someone starts saying you don't need a gunn like that they are effectivly saying you don't need the freedom or types of freedom that i don't agree with.

The gun has always been a symbol (in the U.S.) of somethign that guarenties freedom. Reguardless of it's perceived value of a couple of gun toting citizens being able to save our freedom from a military so technically advanced, the actual value of such a hypothetical situation being attacked is often construed as an attack on ones ability to keep thier freedom.

It is still an asault on that freedom when you can only be free if you obey my will. I, for one, am just as disapointed in the attacks on other freedoms we hold dear. Bush and co as you put it, is stretching the limits of your freedom in the name of peace. I am disapointed as the next person but i think the gun laws are a more important issue and historically the liberals are more likley to take that away from you.

Re:[OffTopic]Re:If you think that...

[c4ffeine]

Finally, someone rational about gun control. Don't forget the following facts:

1. The Constitution was written just after ordinary citizens had to use weapons to defend their freedom. Thus, it can be agrued that they put in the "right to bear arms" clause in case of a similar situation arising.

2. Most 'civilian' weapons are useless against, well, pretty much anything. Your only hope to kill a soldier would probably involve an assault rifle or other heavy weapons (mostly currently banned).

So, you would need heavy weapons to have a chance in an uprising. The 'right to bear arms' clause was to give citizens a chance, so... scrap the gun control crap

Re:[OffTopic]Re:If you think that...

[True+Grit]

1. So, you would need heavy weapons to have a chance in an uprising.

You do realize the insanity that this line of thought leads to, don't you? The need for the civilian to protect himself from an abusive government is an understood problem, but is the solution to this problem really allowing anyone unrestricted access to M60 machine guns, Stinger and Hellfire missiles, 500lb bombs, napalm, fighter jets, tanks, etc, etc? While an abusive government is a possibilty, typically civilians are FAR MORE likely to suffer at the hands of other *civilians*, and in fact, many suffer at the hands of *relatives*, not strangers.

This is where the gun freaks' argument breaks down, because warfare, and the weapons of war, are VASTLY MORE LETHAL AND DESTRUCTIVE now than they were in the 18th century, which leads to a massive increase in the level of mayhem and slaughter that one person, or a few people, can cause in a large dense population. The need to protect the good citizens from other citizens using heavy weaponry today now *trumps* the ideal of giving the civilian populace the *theoretical* ability to use force against an abusive government.

And I emphasize the word "theoretical" here, since most successful rebellions involve support from outside sources and often foreign military assistance. How quickly we Americans have forgotten the French blood that was spilled at Yorktown fighting for *our* liberty, and that was a time when military weapons were essentially the same as civilian firearms and explosives were still fairly primitive and rare.

IMO, our Founding Fathers' ideal about a strong citizenry being able to protect itself from an abusive government, as noble and understandable as it was, simply *died* with the advent of advanced artillery, among other things. Modern heavy artillery is the "queen of the battlefield", devastating against light infantry (such as armed civilians), and its the first historical example of a specialized heavy weapon that is expensive to maintain, has no civilian purpose or role, and can only be used effectively by trained personnel (professional soldiers). Just about everyone could figure out how to use a pistol if they were handed one, but how many people would be able to figure out how to operate and aim a 155mm howitzer? I wish it were otherwise, but it isn't, so its high time for the gun freaks to face reality: their argument was rendered obsolete nearly a century ago. I'm not much concerned about hunting rifles and the like, but I vote to let the Army be the only one to have Stinger missiles and cluster munitions, despite the risk, because I don't want wanton destruction to be so easily accomplished by the next Timothy McVeigh.

Re:[OffTopic]Re:If you think that...

[hambonewilkins]

"A well regulated militia, being necessary to the security of a free state, the right of the people to keep and bear arms, shall not be infringed."

How do you get from the above that to be logically consistent means to end all gun control laws. Are you a member of a well-regulated militia?

Re:[OffTopic]Re:If you think that...

"A cold beer, being necessary for a bitchen' party, the right of the people to keep and drink beer shall not be infringed."

What's it matter if he's in a well-regulated militia or not? The beer doesn't have to be cold, s/he doesn't have to be in a militia.

Re:[OffTopic]Re:If you think that...

[TykeClone]

All able bodied citizens in good standing are members of the militia.

militia != national guard

militia != military reserve

serious repercussions.....

[Naked+Chef]

Yeah, like less advertising rammed down our throats...less spam, less spyware?

Re:So broad, anti-adware and kid-proofing is spywa

[BrynM]

(1) A person may not:... (c) use a context based triggering mechanism to display an advertisement that partially or wholly covers or obscures paid avertising or other content on an Internet website in a way that interferes with a user's ability to view the Internet website.

So under this, would Pop-Under Ads be okay? Are MDI and child windows illegal under this bill? Woohoo! The "About Internet Explorer" popup in the help menu is illegal! Hell, the menu itself is illegal if it obscures the web page. And Clippy has finally been outlawed! This will be so much fun! I'm so glad we have politicians who think these things through so we don't have to. I should have never studied IT and went into politics where I can make sweeping technology decisions instead.

I hate ads as much as the next guy, but...

[rjelks]

I don't think we need Utah legislators dictating technology to us. Maybe I'm cynical after looking at other tech-laws. Do we really want laws written by someone who needs an assistant to write an email? I think everyone in my office has a computer that operates about 20-30% too slow due to spyware/adware. Maybe people should increase security on their browsers and watch what they download. While a law against spyware sounds cool, I just believe it's going to backfire on us somehow. Anyway this law wouldn't even protect against Gator (or whatever they're called) anyway :)

Re:Free Software.

That might be true, you will probably see adware grow in the linux desktop market, but at least if you download and run some, other user with different id's will not get popops. All you need to get rid of them is to create anew user and start over, not reisnatll the hole OS !!!!! (that piss me off since my room mate messed up with my computer and now i'm stuck with this and the only solution to get rid of this for good is to re-install. anti-popops software don't worth crap, you better never get adware if you need a clean system (like I like).

Re:Utah?

That'd be a +5 funny if it weren't for the whole SCO thing. Try again, please.

Re:So broad, anti-adware and kid-proofing is spywa

Umm.. the About dialog box is NOT a context-based triggering mechanism.

confused?!

[bluewee]

Google signing, but microsoft signing the letter as well... good or bad?!?

Biased Article

[Percy_Blakeney]

I hope that nobody is using this article as a base for their opinion of this bill. That had to be one of the most biased articles I've read lately. Here's just a few of the problems:

• Googe, Yahoo, cNet, and eBay are involved, but the writer never directly quotes them, favoring to paraphrase their letter.
• There are no opposition quotes.
• The only quoted source is Avi Naider, who is the CEO of an adware company that is hurt by the bill.
• MediaDailyNews is not an unbiased source; it is in their best interest to see this bill fail.

I'm not sure whether this is supposed to be actual "news" or just a PR release. I know nothing about the actual bill, but this article definitely did not help me understand it. Why is Slashdot covering such a biased piece?

Re:Biased Article

[Eil]

Why is Slashdot covering such a biased piece?

Uh...

Send A Public Comment to the FTC

[hobbespatch]

Got an idea on how to make them Spyware laws better?

Turns out the FTC is gonna be hosting Spyware workshop here in DC in April. FTC Workshop Information

The workshop is titled Monitoring Software on Your PC: Spyware, Adware, and Other Software and will take place on April 19, 2004. It is open to the public and there is no attendance fee.

On the site is information on how to submit a public comment to the records of the event.

Re:Send A Public Comment to the FTC

[Anne+Thwacks]

Got an idea on how to make them Spyware laws better?

Yes.. add a clause mentioning the use of cruel and inhuman torture and/or cruise missiles.

You don't have to be braindead to get elected...

[mcmonkey]

But apparently it helps.

Is this yet another example of technologically illiterate politicians eagerly passing bills without bothering to find out what the law is going to do?

H2O mixup creates scare

ALISO VIEJO, Calif. (AP) -- City officials were so concerned about the potentially dangerous properties of dihydrogen monoxide that they considered banning foam cups after they learned the chemical was used in their production.

Then they learned, to their chagrin, that dihydrogen monoxide -- H2O for short -- is the scientific term for water.

"It's embarrassing," said City Manager David J. Norman. "We had a paralegal who did bad research."

I don't fault folks for not knowing what dihydrogen monoxide is, but for charging ahead, guns blazing, completely unburdened by the thought process. Sounds like presidential material to me.

Your browser is now spyware

[BumBiscuit]

According to the text of the bill:

(4) Except as provided in Subsection (5), "spyware" means software residing on a computer that: (a) monitors the computer's usage; (b) (i) sends information about the computer's usage to a remote computer or server

Which means that your browser, which routinely sends each web site you visit a referring URL, is spyware in Utah.

Well, except for Internet Explorer, that is. Since IE is part of the operating system, it is excepted from the definition of spyware by subsection (5)(c).

I'll leave it to the foilhats to decide whether Bill Gates has been donating heavily to the Mormon church.

Re:Coffee and music -- Why?

[Neil+Blender]

Let's say you're sitting at a Starbucks, drinking some coffee. You hear a song over the speakers you happen to like. All you have to do is call out: "Could I get this on a CD, please?"
You, sir, have just written the most succinct analogy of the Slashdot mentality I have ever read.

Re:Free Software.

[happyfrogcow]

Not really. "Free" software implies source code is available. With source code available, I would be able to determine when, from where, and to where any data it collects is going. I can also remove that part of the code, recompile it, distribute patches that remove that part of the code for other people, and so on. People would then be free to use my modifications instead.

Only if the software in question is closed source, and hence not Free, would this situation continue. In a Free situation, it is possible that some people might not use my modified version, but with enough people knowledgeable about it, it could become the version people are mostly refered to.

Re:So broad, anti-adware and kid-proofing is spywa

[bgeer]

Yep... this is an interesting problem. The bill says (1) A person may not:...
(c) use a context based triggering mechanism to display an advertisement that partially or wholly covers or obscures paid avertising or other content on an Internet website in a way that interferes with a user's ability to view the Internet website.

That could be read to say program that removes any part of the website from the user's view and replaces it with either something else or even plain nothingness is prohibited. So many non-spyware user-friendly uses of technology could get caught in the crossfire...

No it doesn't, it says replacing it with an advertisement is prohibited. It's very specific. It sounds like a great law to me.

WHAT DO YOU MEAN "TOP WEB BUSINESSES"?

None of those companies offer porn sites. If you want to talk to top web businesses you need to talk to a porn site!

They should all

[Sfing_ter]

They should all download and intsall STFU 1.0 from our buddy Mike Anderer.

Re:Free Software.

[osu-neko]

BS. IF linux gets adopted by the mainstream desktop market, you can bet your ass that spyware will quickly follow. And the mainstream desktop users will be just as helpless and unable to stop it as they are now.

BS. I can't bloody well get Firefox to install things when I'm trying under Linux. In an OS that makes installing anything a major operation only really undertakeable when logged in as root (and thus can't be done accidently while clicking around in a web browser logged in normally), it just ain't gonna happen...

No...

Why would you need an ad for cheese and beer? You're probably already consuming plenty. It's like selling freezers to eskimos.

Instead you'll get ads for Lactaid and AlAnon.

Oh no!

[Aldric]

"would also impair the delivery of local, targeted ads'."

What, it will interfer with companies plaguing me with ads I didn't ask for? Shocking!

Maybe someday Microsoft and the rest will get a clue. There is a reason pop-up blockers are so widely used.

Re:Oh no!

[qtp]

Maybe someday Microsoft and the rest will get a clue. There is a reason pop-up blockers are so widely used.

These companies have a clue, and they do understand why people use pop-up and image server blockers.

Unfotunately, they do not see this as an issue of user rights, but of instead view this as purely a business issue. They define the blocking of advertising as a damaging practice that is limiting the internets potential value as an revenue generator for business (because, of course, the only reason to have an internet is so people can make money off of the users, right?).

They view the usage of their websites without viewing the advertisements as a breach of an unwritten contract, much as network television executives view going to the bathroom instead of watching the comercials break to be "theft".

They do understand that the internet wasdesigned to be an end to end system where viewers and providers given similar control over each aspect of its usage, but they view this as a design flaw that interferes with current (read: out-dated) business practices that became standard in the broadcast media (television and radio) where a user must view or listen to the advertisements if he or she wishes to view or listen to the programming.

Now they are insisting on greater control of the users expirience, including the right to track your every use of a computer that you have purchased. Since the late 1990s, the software companies have endeavored to monitor your usage, not only by tracking your internet usage, but by embedding unique identifiers into the documents and emails you write that will verify that the same user on a specific computer wrote all of the documents with that embedded identifier.

These companies do have the option of blocking access to those who do not have cookies enabled, do not download the advert image, or do not permit the pop-up. Why haven't they taken these measures? I can onnly speculate that this would seem to be admitting defeat. It would be leaving the final choice in the hands of the users (I don't want to bother with the pop-ups, therefore I'll do without the content on that site) and that if they cannot prevent the user from having that choice, they would rather not make obvious that the choice is there.

This law is not so horribly written, and it does nothing to prevent the user from willingly installing tracking and advert software as long the user is fully informed of what the software does and has detailed information about what information is being collected, when it is being collected, who it is being collected by, and who it is for.

This is what these companies fear most, an informed and knowledgable user base. They want their relationship with the user to resemble the relationship enjoyed by the broadcasters with their viewers. They would like to reduce the internet to a platform for providing entertainment and collecting advertising revenue.

And that's why they are opposed to this law. Not because they don't understand the iternet, but because they do, and they're not quite sure that they like the way it's turned out.

Windows XP - Illegal.

[DR+SoB]

Wouldn't this bill effectively make Windows XP illegal? Not to mention a number of RFC's? I've never given my computer permission to send broadcast packets on my network, yet it appears to be full of them?! What about a PING, I don't give my permission for PING to respond to unsolicited requests, yet it keeps responding! Heck even my Linksys router is illegal..

I DO think this is a big deal.

[e9th]

Spyware MUST be outlawed. Otherwise, don't be surprised when, say, Google starts telling you, "Sorry, we just tried to install our 'tracking' software on your system and failed. Please take your searches elsewhere."

Re:I DO think this is a big deal.

[SmackCrackandPot]

Oddly enough, whenever you do a Google search, the keywords and the IP address you are using, are sent to each of the web page sites that are found.

Re:I DO think this is a big deal.

[bnenning]

Spyware MUST be outlawed.

Depending on your definition of "spyware", I might agree. I would think a large amount of spyware is already illegal under various laws that prohibit tampering and unauthorized access.

Otherwise, don't be surprised when, say, Google starts telling you, "Sorry, we just tried to install our 'tracking' software on your system and failed. Please take your searches elsewhere."

If I own a website, why shouldn't I be allowed to grant access to only those clients I choose?

Re:I DO think this is a big deal.

[e9th]

Yeah, I know. I was talking about tracking software that persists after leaving a site. I just picked Google as an example.

Re:I DO think this is a big deal.

[nineoneone]

Spyware MUST be outlawed.

Maybe not.
What about smarter filtering software?

Re:I DO think this is a big deal.

[e9th]

You should. I'd just like to see some limits on the conditions you can impose.

Re:I DO think this is a big deal.

[e9th]

Good point, but it might be tough to fake them out if you're running Linux and their crap is a .dll

Re:Free Software.

[Anonymous+Crowhead]

It doesn't matter. If the code for all the spyware out there was available, do you think the average user would even know about it let alone what to do with it? The don't have the ability to modify and recompile source code and they never will.

If and when OSS makes it to the mainstream desktop, the average user will have no real concept of what OSS is and they won't even care.

Simular to the spam debait

[SnapperHead]

This is very simular to the spam debait, only becuase its the ones that go out of there way to hide who they really are, and where it came from.

I hate spam as much as everyone else. I have a series of filters I use to get rid of as much as possiable. Even then, it only works about 98% of the time.

If I install AIM, they have a little bar that shows ads. That doesn't bother me. I get a free service from them, then just have to have a SMALL add in the "buddy list". Small price to pay.

What I don't agree with, is companys that install spyware without telling you about it. They NEED to say they are going to install it, and when you uninstall the application, the spyware needs to be uninstalled as well.

Another thing, which is how they get you to install there spyware. I had a problem a while back, I went to some silly joke website. It asked if I wanted to install Macromadia Flash. (Notice the spelling) Since this was a new latop, I said sure. From that day on, every 12 hours and everytime the laptop booted up. It would ask if I wanted to install "free scratch cards". Funny, there is a EULA, and an accept button. No decline / cancel / exit button, no close button, etc.

Everytime you would delete the file, it would reappear a few hours later. Still to this day, I can't figure out how to get rid of it. I did however find a way to disable it, but its still on my machine.

That should be illegal. You should be required to tell the user WHAT they are REALLY installing. Misspelling company names and what not should be considered as fraud. Bundling spyware with other freeware apps without mentioning this to the user should also be illegal.

Hijacking browsers and making it very difficult to change, or reset should also be illegal. I had a friend of mine whos machine was taking over so bad, that is browser only had 1 inputbox. No back and forward arrows, no stop or refresh. Just a inputbox which submits to a spyware search engine. Which interestingly enough returned the SAME results as google, even had the same style. The difference is, the names where changed and there was ads ALL over the place. It was so bad, that a reinstall of windows was the best option.

I don't have a problem with ads on freeware apps. As long as ...

1) I am told about it
2) When I uninstall the freeware app, the spyware goes along.
3) It doesn't damage my system by hijacking it.
4) There isn't fraud as to the source of the application or its install methods.

is there any way...

to give Utah back to Mexico?

Re:Free Software.

[Rakishi]

And how many users do you think would use root by default? You can use restricted accounts on WinXP but no one does...

[Offtopic] Guns, etc.

They're two completely different issues, anyway. I'm not surprised that people like the parent poster are out there.

Think about it this way. When the Bill of Rights was written, it made a lot of sense to let people carry guns and form militias that would deter the federal government from getting too uppity.

Nowadays, this just doesn't make sense. If you want to be able to counterbalance the US army with your citizen militias in 2004, citizens must be allowed nukes, fighter jets, and so on -- muskets simply won't do. Not only is it a little too expensive for me to build my own nuke, it's also a really bad idea for any one person to have that kind of destructive power (most people would agree on this one).

So the amendment is obselete and needs revision. The constitution is designed to be changed. I don't know what level of armament a citizen *should* be allowed in today's US, but we need to figure that out using modern arguments, examining other countries with weaker/stronger laws, etc..

And no matter how you feel about Bush's foreign policy decisions, you having a gun at home (even if it's fully automatic) isn't going to make a damned bit of difference to him.

Okay, I'm done now.

Re:[Offtopic] Guns, etc.

>>And no matter how you feel about Bush's foreign policy decisions, you having a gun at home (even if it's fully automatic) isn't going to make a damned bit of difference to him.

But it might to the JBT coming through the door.

also

[fullmetal55]

if linux were to become more mainstream, the majority of users would be running their systems as root for the sole reason you stated. Windows XP allows you to have restricted access, yet hardly anybody uses the feature. If Linux gets adopted as a mainstream OS, Spyware, Viruses, and all kinds of goodies will follow. There are few viruses now because if they can hit .1% of a userbase, they'll go after the largest userbase.

IANAL - but add 1 friggen ,+word+,

[mynameis+(mother+...]

Ok so after 'reading' the bill. and ass-u-ming that (1)(a)(i)(A)(B)(ii)(2) etc. translates to:

1
+- a
| + i
| | +- A ...<aka 1(a)i.A>
| | +- B
| |
| +-ii
|
+- b

2

[If you attempted to RTFB, you understand...]

Then simply changing 5

From: (a) software designed and installed solely to diagnose or resolve technical difficulties; To: (a) software designed and installed solely to diagnose, prevent, or resolve technical difficulties; --changes in bold--

`Friggen' resolves the 'so broad it gets benevolent software' problem.

Or has someone else found something I [completely plausably given the fustercluck of formatting and politi-bloat] missed?

Re:Free Software.

[happyfrogcow]

Agreed, they probably wouldn't. but IF the code were available, then someone would have an easier time figuring out what is causing the problems on someone's computer and it would be almost trivial to make a fix for it. I think IF code were available, it would reduce the problem somewhat.

However, what chance is there that some adware company would release Free Software? They'd most likely package it up in someone elses binary like they already do.

In the case of linux though, and many other multiuser, access controlled systems, the bad effects would sort of be minimalized in that unless you were acting as some priviledged user when you installed the adware, it wouldn't effect every user, just you.

impairing

[da2]

surely the impairing the delivery of ANY ad, targeted or otherwise is a wonderful thing.

Also microsoft are complaining but i thought i heard somewhere they are puttting pop-up blocking in the new IE, some slight irony/hypocrasy/i cant think of the word

Monkey Wrench in the Works

[anubi]

I think you brought up a good point assuming the applications downloaded are all open source.

But then, requiring all stuff open source would remove a lot of incentive for doing a lot of specialized stuff.

I have no problem with something like a core algorithm for a motor control being proprietary, or maybe databases - but I feel strongly that one requirement that should go in exchange for the legal mandate of keeping my nose out of it is that it be very clear that the responsibility for what the code does rests squarely with the one claiming ownership of the proprietary code and takes *all* legal liability for *any* consequences of using that code.

The business caveat for Open Source code is that in exchange for letting you in on its innards, is that you are supposed to read and understand the code, and thereby know its actions when executed.

Code doesn't lie. If it doesn't do what you expected, there is no one out there responsible for it. You may contact the author, or support organizations, and you are free to negotiate suitable arrangements for technical support if you can't read or don't have the time to tune the code so it does exactly whatever it is you wanted.

It sure looks to me that they see this Utah legislation as throwing a monkey wrench into their business plan of first snaring an audience, then once they become dependent on their services, then requiring them to install proprietary software. Pacific Bell did that to me. I went for years on their dialup. Suddenly I start getting emails from them telling me its mandatory that I visit their website and download their proprietary Yahoo code. I read the EULA, and again saw all those disclaimers of any liability, as well as implicit permission to share my stuff with their marketing partners. I just about puked at that point. I hated to kill that account, but I had to.

It seems to me the largest vector for viral infections is the use of any programs ( which, by their very nature, require permissions to run and access the TCPIP stack ) to execute rogue scripts. Microsoft's stuff is full of it. Linux would be too if it were as popular. I do not see the problem as being OS-centric, as rogue programs and exploits can be written to exploit an executable under any OS. Any other programs demanding executable permissions ( plug-ins, etc. ) out there only open up yet more security problems. Anyone who has surfed the net notes that an ever-increasing number of webmasters are now requiring the use of some specialized plug-in to view content instead of just using the standard way of doing the exact same thing. These specialized plug-ins are wide open for spoofing and tampering, as by their nature, once installed, they are given the keys to the kingdom.

It looks to me this legislation would effectively bar the trickery of demanding installation of plug-ins ( which may well have ulterior motives unseen by the downloader ) to view content.

I feel a lot of the internet businessmen have been watching the supermarkets and their "value cards" and have been thinking of implementing it on the web. I get the idea each has been tinkering with getting their proprietary bots in our machines much like the supermarkets coerced their cards into our wallets and purses. This legislation looks like it throws a monkey wrench into that plan.

Go for it. It may ( like the DMCA ) need some adjustment later, but for now, it sure looks like it will help curb the flow of exploitable code people are demanded to install at the whim of webmasters who inflict this on their visitors.

Re:Free Software.

[rsborg]

Not really. "Free" software implies source code is available. With source code available, I would be able to determine when, from where, and to where any data it collects is going. I can also remove that part of the code, recompile it, distribute patches that remove that part of the code for other people, and so on. People would then be free to use my modifications instead.

Hey man, just because Linux is Open-sourced, doesn't mean that apps (read: potential spyware) that runs on it is open-source. Do you think Oracle opensourced their DB when they released it for linux?

Q: Is it any easier in linux to packet sniff the data coming/going from your PC? Cause that's the only way you can analyze whats going on behind a closed-source app. And if Linux were mainstream, you better believe the spyware (along with a lot of non-spyware) would be closed-source.

The real issue.

[CycoChuck]

I can understand Google and Amazon having a problem with this bill because it will effect their advertising revenue. But the qustion you have to ask is why is Microsoft complaining? Is MS using spyware to monitor how you use your computer and what software you have installed? Call me paranoid, but I do think it is something we should be asking.

This is ridiculous

[Negativeions101]

This is unbelievable. My mind is blown to see Google on this list as well. Have they sold out, now!? This Bill is about SPYWARE! What does spyware have to do with ads? Unless a company purposely wants to fool a user into showing ads this bill shouldn't affect those comapnies in any way. They just need to get permission. What's the problem? This is unbelievable... opposing an anti-spyware bill. If that's not the most blatantly obvious sack of bullcrap anyone's ever seen, I don't know what is. It's crap like this that makes me glad the nukes will fall soon.

Interfere with local, targeted ads?

[Infonaut]

"and would also impair the delivery of local, targeted ads.."

Gee, wouldn't THAT suck. Allowing people to use the 'Net without constant harrassment from marketers would surely provoke an outcry from the outraged Net populace.

Re:Interfere with local, targeted ads?

[SeregonSandgrain]

"and would also impair the delivery of local, targeted ads.."

I get a laugh out of those ads with the singles ads with the customized state\province name.

It shows me a chick in a bikini on a nice sunny day and asks "Single in Saskatchewan?". I find this funny because not only does Saskatchewan not fit on the ad, no one in Saskatchewan would wear a bikini simply because it's too damn cold.

I think I'm rambling again...
ASP

Repercussions

[panic911]

Yeah.. a lot of repurcussions might happen from this bill being passed: not having to run ad/spyware scan utils on a daily basis, not having to call me (your friendly neighborhood IT guy) everytime your computer starts going slow (and it's almost always because of adware/spyware), not having your personal information transmitted all over the internet without your permission, no more invading your privacy (which should be illegal to begin with!), and not having a ton of security flaws in your system due to buggy spyware/adware code.

Sounds like some terrible repurcussions.

It surprises me that so many big companies signed this letter. Any big legitimate company _SHOULD_ ask your permission first anyway, and it sounds like if they do ask your permission, its letit. And the ones who dont, have lost a lot of respect from me and I refuse to use any of their software/services.

Honestly, I would much rather have a company ask my permission (and hell, I might even be inclined to accept, if they have enough respect to at least ask me first), than to have them deceitfully plant software on my machine.

Re:Repercussions

[panic911]

It surprises me that so many big companies signed this letter. Any big legitimate company _SHOULD_ ask your permission first anyway, and it sounds like if they do ask your permission, its letit.

letit should be legit .. mmmmm le tit

Re:Free Software.

[happyfrogcow]

Hey man, just because Linux is Open-sourced, doesn't mean that apps (read: potential spyware) that runs on it is open-source. Do you think Oracle opensourced their DB when they released it for linux?

You are right. But the orininal poster seemed be talking about Free software. Software is "Free", if, among other things, source code is freely available. I'm well aware of binary distribution of applications for Linux. I was speaking theoretically, to continue the original posters use of "Free".

However, it is my opinion that if you can stick to a policy of running only Free software, you can reduce the chances of running such malware by accident.

Well if you dont contact your

[Congress]

if you dont contact your elected officials and tell them about your issues and concerns or if you dont actually take action about your complaints then nothing will change!

Re:Well if you dont contact your

[t_allardyce]

you dont count, no amount of letter writing or faxing counts. only big corporations count, and now we have diebold voting machines, even your vote wont count. just watch this bill go down the drian because some big-shot companies are about to make afew 'donations'.

Re:So broad, anti-adware and kid-proofing is spywa

[LostCluster]

No it doesn't, it says replacing it with an advertisement is prohibited. It's very specific. It sounds like a great law to me. One word alone is rarely specific... and notice nobody bothered to define "advertisement" for the purposes of this law.

It seems ok as far as Utah laws go

[Jack9]

From the article:
"The parties to the letter warned that the bill could interfere with computer security and would also impair the delivery of local, targeted ads."

Yeah, THAT'S THE POINT. The law will not interfere with computer security. The law will cause most major companies to have to resort to 3rd party gator-like advertisements which will affect computer security. What a way to spin it!

I wonder how many people read the legislation?

[DarkHelmet433]

I read the article and thought "what a bunch of whiners!" and then read the legislation. Wow. One of the side effects is to make it illegal to have a targeted ad trigger based on a federally registered trademark. So, it becomes illegal to have an ad system (even if the computer owner explicitly wants it!) to detect "1800contacts" or "windows" or the like as triggers for suggesting cheaper contact lenses or linux/open source etc.

I hate ads as much as most people, but I know of people who do actually use this stuff on purpose - they're also the type of people who collect coupons etc. Should it be illegal for them to install software to look up cheaper/better alternatives?

It seems to me that this is more about a company trying to protect is business models than about consumer interest or spyware/adware/etc.

The FTC is clueless

[cardshark2001]

I'm in favor of laws limiting spyware and adware, but I think it's important to get it right the first time. If the FTC doesn't even have a definition for spyware, it's back to the drawing board.

The first time I ran into adware, I got pretty ticked off about it. I was running a pop-up killer, yet I was still getting pop ups, at Google and my bank even.

Google put a link on their page "Why Google doesn't use pop-ups", I clicked it, and I read all about [ad/spy]ware. I quickly discovered Ad-Aware, and removed gator from my system. I'm embarrassed that I had it and didn't know it, but, to continue my story....

I did a hell of a lot of research about ad-ware and spy-ware, and I wrote a very detailed letter to the FTC about it, what it was and why it was wrong. I waited with bated breath for their response. Here's what I got:

Thank you for writing to us about unsolicited commercial email (UCE). UCE is a very big problem in the US, and we're working on a solution.....

Thanks guys.

Opposition for a reason

[JayLEB]

One should also take note that the reason these big companies are so opposed to this anti-spyware bill is that the information gathered by companies such as Gator, Comet Cursor, Doubleclick, Wildtangent, etc... serves as a veritable goldmine for marketers inside MS, Amazon, and a whole bunch of other big companies. If they know what we're browsing, how we're browsing, then they know what we like, what we used to like, and what we don't like. Knowledge like this is what marketers DIE for. They have an undying urge to understand the consumer, and the spyware companies can (and most likely do) provide this information for a price. This is obviously a fight to took keep this information flowing smoothly.

Google provides local targeted ads

[AndroidCat]

When I do a search on Google, the little ads on the right are frequently for Toronto area businesses, and usually relevant to my search. (Hell, I get google.ca when I type google.com unless I force it not to.) They're probably doing it via IP address rather malware or cookies, but since they do provide local targeted ads, they're right to be concerned that this law is too broad.

Talk about passing the buck!

[yoshi_mon]

"It's embarrassing," said City Manager David J. Norman. "We had a paralegal who did bad research."

You have to love the world today when the best that they can come up with is some lame excuse about how it was someone else's fault.

Sorry David, if you have to rely on everyone for even some of the most basic knowladge then you really don't deserve to be a public offical.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Illegal activities

[Ticklemonster]

I think it's almost funny that congress is all concerned about email spam when the biggest problem out there is hostile scripting in web sites.

I wrote a column for our local paper last year saying that this was a problem that was going to get out of hand, and went on to say that if a person wanted to ...let's say make a politician look bad, all they had to do was put some scripting into a site that would install itself into a computer and sit back and download kiddie porn into the host machine, then find a way to get the politician to go to the web site. Give it some time, then report him. Bingo, kiddie porn on joe congressman's machine. (way oversimplified, but you catch the drift)

Poor slob in England less than 8 months later went throught the same ordeal.

And as far as maliscious coding is concerned, browser hijackers and the such, this should be illegal, period. And pop ups are making a computer do something a person did not specifically state that they wanted it to do. This should also be illegal.

Spyware should only be allowed if the "allow 3rd party information gathering" button is checked on a person's browser. No, wait, there isn't one, is there? WELL THERE SHOULD BE.

Yes, there are ways around all of this, that's why we have brains, but let's face it, we have laws to protect the ignorant from themselves as much as from others...

Oh no?

[Kanasta]

the parties warned that the bill could impair the delivery of local, targeted ads!

Can't they come up with something more significant? Oh no! my ads aren't targeted! quick format the HD!

Re:Oh no?

[BCW2]

That would include those of us that want no ads of any kind, ever.

There is text spam(email), graphic spam(pop-ups, banners), and audio spam(telemarketwits). All spam sucks, and will never get a penny from me.

Re:So broad, anti-adware and kid-proofing is spywa

[andfarm]

I guess the man's eating crow now. *groan*

The real issue...

[SmurfButcher+Bob]

... is curtilage.

Nothing about "privacy", it's more simple than that. It all comes down to who owns the machine... who is accountable for what it does, and who has authority of what it does.

Spyware is all about authority, without accountability. Period.

In real life, though you cannot have one without the other. Consider the typical business, or household setup - you have...

a) A hardware device, and Dad (or the sysadmin) owns it. He's the one the feds will arrest, first, when his IP address is linked to a pile of kiddy porn.

b) Software licenses, owned by the licensee. Note that this person is *not* usually the same dude as the hardware owner... consider co-locations, or consider the game that Mom bought, to put on Dad's machine, for little 5 year old Billy to play.

c) Users. These are the people who actually use the software, in concert with the hardware. Note that they own neither.

You can see how authority, and especially accountability, come into play. Little Billy has no accountability, therefore he cannot have any authority. Giving him authority means he can bind Dad into any license agreements that come down the pike; despite that Dad may have explicitly forbidden such agreements.

Likewise, Mom only has authority over the software license. She has no implicit rights to any of the hardware... she cannot loan it to a friend, sell it, lease clock time, or whatever. She can do whatever the hell she wants with the license, however, because it's hers... which includes letting Billy take one of her seats. Billy cannot reassign the seat she's given him, however, unless she agrees. After all, come License Violation Time, it'll be enforced against HER, not Billy.

Same goes for the hardware - when all is said and done, Dad (or whoever owns the hardware) is going to be implicated.

The perfect world respects this setup. In fact, it adds another layer - the Network Guy.

The Network Guy owns all the cables, switches, routers that connect the machines to whatever. In the perfect world, he hates everyone... bandwidth is precious, and every packet is metered and paid for in blood. He has the right, since HE OWNS IT, to demand only certain types of traffic occur, and he has the right to demand that noone may deviate from his plan.

The hardware owner pays the blood to the network guy, and he hates him for it. He also hates the software licencees - they're forever encumbering his machines, and he doesn't do it lightly. In fact, he demands (since HE OWNS THEM) that noone has any right to install anything, nor bind him to nor involve his hardware with any EULAs or whatever, period. CPU and drive assets are precious commodities, and those machines exist exactly to fulfill HIS purpose, and noone else's. He also hates the network guy, since the network guy is forever allowing packets to bounce off his NIC - which the machine reacts to, and causes an unauthorized change in state in the machine. The network guy has no right to cause such changes, unless the hardware owner has specifically agreed that those types of changes are allowed. The hardware guy is only allowed to cause specific changes in state of specific pieces of the network, and the networ guy is only allowed to cause specific changes in state of specific hardware devices.

The software licensee is hated by all, and hates them all back. This person has no home, and has no implicit rights to anything other than, exactly, delegation of the licensed seat(s). This person is free to agree to whatever EULAs, terms restrictions, mortgage payments, or other encumberances... all day long, it matters not. However, they have no right to any of the hardware, nor any of the network - both of those resources must be negotiated for, separately. Both the hardware owner and the network guy will refuse to be bound by any terms in the license, since they have no interest in it, and both refuse to delegate any of their authority to the licensee. After all, she's a Typhoid Mary.

F

Fines, not bans.

[Rai]

I don't want a law banning adware/spyware.

I want a law that imposes HUGE fines for companies who do. If they wanna clog up the internet with this crap, fine, but the company who's products/services are being solicited should pay about 0.001% of the total dollar value of the company for every popup/banner/etc. At least half of this fine should go to the people whose property and time are being invaded and wasted. And none of that "oh, we had their permission to do this" bullshit. Nobody knowingly installs spyware on their machine (at least, without making some attempt to get rid of it.) When this kind of lowlife advertising starts turning a loss instead of a profit, it will stop overnight.

Don't like it? Fine a new way to peddle your wares.

Re:Fines, not bans.

> Nobody knowingly installs spyware

This is a problem with users not reading the EULA.
Some Malware is truely evil (the sort that tries to install itself when you visit a website), but others (the sort that ships with say KaZaA) is installed with the users blessing.

Won't work

[max+born]

A ridiculous monstrosity of redundant verbiage. But funny.

Notice they make an exception for JavaScript, but not for Java Applets or Servlets? (Part 1, section 5b, iii). I suppose Utah will be searching sourceforge for violators.

They also make an exception for obtaining the name of your operating system (Part 1, section 5c). They're legislating $ENVIRONMENT_VARIABLES?

This kind of thing should be up to the user. Why don't they fix health care.

errr....

[MoFoQ]

...would also impair the delivery of local, targeted ads

Isn't that one of the major goals, especially if u happen to be "shopping for porn," you certainly don't want to get an ad for viagra/cialis/etc. (even if u need it or not).

Re:So broad, anti-adware and kid-proofing is spywa

[squiggleslash]

The full sentence being:

(c) use a context based triggering mechanism to display an advertisement that partially or wholly covers or obscures paid avertising or other content on an Internet website in a way that interferes with a user's ability to view the Internet website.

Note that the words "use", "context", "based", "triggering", "mechanism", "display", "partially", "wholly", "covers", "obscures", "paid", "content", "Internet", "website", "interferes", "user's", "ability", and "view" are not defined either.

Judges aren't idiots. They're not going to define a blank space as an advert. At the very least, an advert has to promote some entity - what entity does a blank space promote?

close friend story

Mod the parent up because this is true. Lobbiests AND companies do this. They, literally, write the bills for the legislators.

I had a very close friend tell me she wanted to be a lobbiest (she has a background in politics, Bush campaign, prominent position, etc.) During the course of the conversation, I asked her what she would actually be doing - as in "what do lobbiests REALLY do, day to day?" - and she says, "write bills and get them in the legislator's hands".

We went on and on about this because I was fascinated. We talked about the draft process and how a bill actually made it through the process (and got to the congress critters). I mean, she tells me they actually put the words on the page and then hand the critters the document as a bill. That's it. What shocked me so hard was the fact that it was sooo smooth and "simple" that it defied description. While I knew it went on, I just didn't realize it was so blatant. But it is.

True enough that I feel compelled to write about it (as an AC) here on Slashdot.

Re:You don't have to be braindead to get elected..

[bladernr]

I don't fault folks for not knowing what dihydrogen monoxide is, but for charging ahead, guns blazing, completely unburdened by the thought process. Sounds like presidential material to me.

The part that embarasses me as an American? That applies to both of the major party candidates.

I think you should have to vote on a ballot without names or parties. Their should just be a list of their honest views and their platform, and next to that their voting record on those issues. No rhetoric. No "invoking the flag," thank you Mr President. No BS catch phrases like "bring it on," thank you Mr Senator.

Of course, most people would go to the poles, read what was in front of them, get disgusted, and leave with their ballot unmarked.

HOLY BANDWIDTH BATMAN!

One more silly thing coming out of the Beehive State. With a population of less than three million, leading the nation in the use of local providers (including one run by the Mormon Church), why doesn't the online community quit lobbying, and just quit serving this obviously very disturbed constituency. Unplug Utah!

Re:So broad, anti-adware and kid-proofing is spywa

[Rakarra]

Judges aren't idiots. They're not going to define a blank space as an advert. At the very least, an advert has to promote some entity - what entity does a blank space promote?

Maybe it's an ad for nihilism.com?

is it me or is Utah really creating problems?

[ricochet81]

..MATRIX, UTOPIA, SCO, this thing. I am sick of hearing about Utah and their crazy stupid ideas on how to fuck up our internet. Can we vote them off the island?

Re:is it me or is Utah really creating problems?

[JoeBaldwin]

Bush can give them "freedom" like he did to Iraq. No vote necessary... :)

Stale Cookies

[tcgroat]

Am I the only one who finds it ironic that the linked article requests a cookie good for over 30 years?

how about slashdot and doubleclick ??

[pair-a-noyd]

I've seen doubleclick ads show up here on /. as recently as the other day..

Hmmmmmmmmm??????

Even worse...

[Shoten]

There's a long list of things it might interfere with, unfortunately...For example:

Mormon underwear, and delivery of local, targeted ads.
Fruit basket creation, and delivery of local, targeted ads.
Various small farm animals, and delivery of local, targeted ads.
The square root of Bob Dole's left ass cheek, and delivery of local, targeted ads.

It's good to know that these online providers want to protect all that important stuff for us!

Need plain, simple, clear definitions on EULAs

[mstovenour]

Today it is almost impossible to discern from the end user license agreement exactly how the software will track me or how my personal information will be used.

At one time loans and credit accounts were the scourge of the common person with no patients for reading long verbose contracts. Many a person was mislead into loan terms that would make you puke today. Then along came the "truth in lending" laws that require a standardized disclosure section for all loans, credit cards, etc. Now when I get a credit card application in the mail, all I have to do is flip it over and look for this well organized table. It lists my interest rate, payment terms, fees, penalties, etc. No guessing; I know in 5 seconds exactly what I'm getting myself into.

We need the same plain, simple disclosure for all software that will install on the computer displayed when installed; a requirement that all installed software show up in the package management system as installed (i.e. control panel); and a method to query that plain, simple disclosure any time we want through the package management system.

Without this, all those laws will do is force tracking companies to further obscure the EULA and "trick" us into giving consent. Anyone want to help draft a disclosure table and its contents?

Utah has done this before-Politicalware.

Maybe bills should be submitted in a machine friendly format with a high semantic markup.

Then we can run it through "politicalware" to extract the salient points, and point out conflicts and other issues.

If everyone's going to inudate the political process as a means to get their bill through (overwelm your opponent). Then one needs to use 30 years of conputing to tame the beast.

You missed the point.

[Moryath]

Uhm, no.

Gator claim #1: "Oh, they downloaded something we're partnered with (Divx even) so they implicitly agreed to the installation." And Gator pays EVERYONE to include their spyware with the install and bury the agreement somewhere in a click-through box.

Gator claim #2: "The trickler is only there to update and fix the software if problems happen." - but in reality, it's ALSO there to reinstall itself if you use Ad-Aware, Spybot, or any of the other programs designed to get RID of Gator. And of course Gator's "uninstall" doesn't exist, you have to uninstall whatever it came in with (assuming you can figure out what it was), and then it leaves the trickler in place...

The worst of it is that Gator's trickler then drops in a ton MORE components that Gator is partnered with, like that browser hijacker New.Net.

Re:You missed the point.

[s13g3]

Nope... I've not missed the point... This IS my point. BS, BS and *more* BS. I did not implicitly agree to shit besides the fact that I wanted to install DIVX, and NOTHING BUT DIVX. Bundling gator software in so it autoinstalls without me knowing it or having a choice in the matter is like like passing a bill in the house that just happens to contain a a tidy little $5mil raise for your local senator on page 396 in a 2 pt. font. It's pure trash.

As for their second claim... Let's imagine a travelling salesman walks onto my property, picks the locks on my door and walks into my house. He proceeds to note everything in my home on his little PDA, and send all this info back to his home office. I finally find him lurking in a corner of my attic, where he proceeds to pitch me on something, and as I'm |1ck1N5 his a$$ out the door, he sez, "But I have great offers! Are you sure you want to do this." My response is a resounding (Robin Williams impersonation here) "FSCK OFF".

So, sumn bitch shoulda gone to jail in the first place. I didn't invite him in; He invited himself the same way Gator does. Actually, to make it more accurate, instead of him picking the lock, say he sneaks in the back door while I let my buddy Dr. DivX in the front door, when no one is looking.

So, I've thrown him out. I was nice enough not to call the cops this time. Later this evening, I'm about to go to bed (Dr. DivX is no longer even in the house), when, lo and behold, I find our Gator-skin-boots salesman hiding under my bed. "SPECIAL OFFERS!", he cries. "FSCK OFF 0R D|3!!!!!!!!!!", I reply.

His excuse for coming back in? "Well, there's a driveway, and it leads to a door, and, well, if you didn't want me in your house, you wouldn't have put a door or any windows on it."

"WTF are you talking about," I ask.

"STFU and RTFM," the guy says. "There's a door on your house, so that's an open invitation for me to come in."

"Well, WTF about the 2 locks and deadbolt on the door???"

"Oh... Those... Well, y'see, I happen to have this handy-dandy universal garage-door remote control, and I used that 'cuz I really need to inventory your house and what you watch on TV. BTW, these little techno-gremlins and their buddies, the /. trolls, here are gonna hide in the corners, report everything you do to our home office, smoke cigars, and torment your cat. Hope you don't mind. They don't eat much, I swear."

"Wait one damn second here... GET THE HELL OUT."

This is the point where I set the salesman on fire.

Hence my original point. I don't give a d4mn what they CLAIM I agreed to, it's total 5]-[1+. I didn't agree to do anything but install an app, and that does not include agreement to install somebody eles's piece of shit speware (i liked the typo... it's my new word for spyware) package. I never have and never will voluntarily install this shit or anything like it on my PC (note, PC, stands for PERSONAL computer, not PUBLIC), and no one can resonably debate with me otherwise. It will simply never happen. Therefore, Gator is invading my privacy and trespassing on my PERSONAL computer which resides on my PRIVATE property, and so they and all the other like them should be dealt with as the hijacking information terrorists they are.

If it's illegal for the FEDERAL GOVERNEMENT and it's agencies to conduct an unlawful search of me or my property (and that includes my computer network) without a warrant, why isn't illegal for Gator to do so?

Answer, it IS illegal. Problem is, the businesses and the technolgically unwashed dunderheads that are in office don't want you to know this. They think they are above the law (which needs to be re-worded and updated), and we have to do everything that we can to make sure these bills go through... Preferrably with penalties just as stiff as those for tresspass and illegal search and seizure... As in I beat them about the head with a flaming trout until they HAVE seizures, at which point they are twitching, and on fire. Yes, yes, I like that mental image VERY much.

How to infest Linux

[crucini]

I'm almost at a loss to begin answering, because to me it's obvious that none of Linux's protections help here at all. The main problem is that the user can be fooled into pressing whatever buttons are needeed.

It's really a two part question: how will the malicious code get run initially, and how will it insert it's back doors. There are many ways - here are some of the more obvious.

Initial Running: probably by the same mechanism that spyware uses today. Offer a "free download" with the spyware bundled. The same people that run it on Windows will run it on Linux. And don't say they won't have root - they will have to have root if Linux replaces Windows. Anyhow, root is not really needed, as I'll show.

Creating Backdoors:If the malware is installed by root, anything goes. Daemons added to the rc scripts, possibly a rootkit to cover up, possibly kernel modules that add all sorts of nasty advertising hooks. Imagine if every time text is read from a file or a socket, a brief ad is prefixed. Yuck!
If the user merely runs the malware once under his own ID, many tricks are still possible. Immediately launch a background process that continues the malware installation after the "bait" app exits. Hide malware executables in densely populated directories like the browser cache, and modify .bashrc, etc., to launch them on login. Copy an app like Mozilla to a hidden file, apply a binary malware patch, and change the desktop menu/icon to point to the hacked copy. Download a hacked glibc to a hidden locatin and set LD_LIBRARY_PATH in .bashrc to point there - then any kind of horror is possible.

Of course, you can cheat and use a buffer overflow for the initial install, but to stay congruent with Windows spyware we should assume tricking the user into running a "bait" application.

Re:How to infest Linux

[hesiod]

The first thing you need to do is look at what you are actually replying to. He did not say there would be no viruses/virusware, he said there would not be as much of it.

> to me it's obvious that none of Linux's protections help here at all

Then obviously, you don't know anything about Linux. Regular users CAN'T INSTALL SOFTWARE, and even more important, SOFTWARE CAN'T INSTALL ITSELF.

Then you bring up the BS argument that "all users would need root." No, they would not. Where this stuff counts the most is on a company network, where those users would NOT have root access, and the admin should be smart enough not to install shit like Realplayer.

And your other scenario requires users running the software manually. Well, if a user will do it on Windows, they will do it in Linux. The difference is that ONLY THAT USER WILL BE AFFECTED. Anyone else who logs in will never be affected by it, so right there I have showed you are wrong (remember what the argument really is about).

Why are you so religiously anti-Linux? Was your great aunt run over by a penguin or something?

Re:How to infest Linux

[Syrrh]

We're not talking about servers on a company network where quotas are enforced and not everyone is 100% trusted. This is about home desktops. If you screw up your userland, it's still a big deal if you're the only person using it.

Re:How to infest Linux

[True+Grit]

Ok, let's agree that stupid people will get hurt no matter what OS they use if they don't use their OS properly. Given however, a home user that is reasonably competent and isn't an idiot that runs his machine regularly as root when connected to the net, you haven't yet given a reasonable explanation for Linux's future failures.

I never said it would be immune, I'm just wanting to understand your theory that it will be as bad as Windows. Most of Window's weaknesses have been because of stupidity: MS never concerned itself about security and the net where everyone can't be trusted, because they were oriented towards the individual desktop user, and didn't pay attention to security fundamentals. I imagine they'll get better now, but there are still thousands of copies of Win95/98 out there that are effectively naked when connected to the net, MS still has IE defaulting to automatically run stuff from the net, and the recent exploitation of a messenging service provided by Windows' API is another example of MS not thinking about network security before adding a "feature".

Unlike Windows, Unix was born as a networking OS, security has been important from the very beginning. There are exploits possible with Windows (at least up till XP) that have NEVER BEEN POSSIBLE on Unix since its AT&T days. Aside from idiot users, I still can't see how it will be as bad. If the user isn't sure about something they should install it with a temporary user used for testing and run the software that way and see what it tries to do. The ability to test software in a "sandbox" is something Windows was never able to do until recently. This is the point you seem to be missing: with Linux you don't *need* to be root to try out new software.

Your entire argument assumes the user will give the unknown, untrusted app root access to the system, even when its not necessary. Most people coming to Linux however quickly become aware of the issue of security and trust because its important to Linux. Some Linux software will actually *complain* if you're running it as root because of the dangers involved. That's the difference it seems to me, its the attitude and perspective of the people who put the OS together.

Most Linux distros come with most networking features locked down, requiring the user to explicitly turn these things on. Windows tends to still default to turning everything on, and leaving things open to remote activation. Most Linux distros will warn the user about running as root and have the user create a normal account for regular use. Many Linux distros even insist on you using a password for your normal user, never mind root. With Windows XP this basic kind of preventative measures are still optional, Windows and MS doesn't seem to care whether you shoot yourself in the foot or not.

I believe people coming to Linux will *tend* to be less likely to do stupid things because the OS and the people using it are willing to *tell* them they're being an idiot when they're being an idiot. MS doesn't care what happens after you've given them your money, their standard answer to most problems is to reinstall anyway, but when you go to a Linux related newsgroup or forum and tell them you run regularly as root they'll correct your ignorance real quick.

That's what it boils down to. MS has shown by its behavior that they are only interested in making more money, they know that most people will have to buy their OS anyway to be able to run the majority of apps out there. I think that its different with Linux distros, who don't have the monopoly leverage to force you to come to them, I know its different with Debian Linux, which doesn't ask you for money anyway, although donations are welcome :), they are concerned that the OS work for you, since they themselves are also regular users, but when you're being stupid, they're not afraid to tell you that either.

Re:You don't have to be braindead to get elected..

[crucini]

OK, I'll have a shot.
Honest Views:"I believe in America, in keeping America great, and it standing up for the core beliefs of this great nation. I believe that America is for every American, and nobody should be left behind. I believe that we must work harder than ever to preserve our freedom, build the economy, and defend America."
Voting Record:Voted YES on the WARMFUZZYBUNNY act, a law that will defend Americans from evildoers. Voted YES on the PROTECTOURECONOMY act, a splendid law that will give $1000 to every American. Voted YES on the STOPTHEIF act, which will defend America's vital intellectual property from cyberthieves so future generations can enjoy our vibrant cultural heritage.
This is not the place for rhetoric or flag-waving, but I must point out the simple fact that my opponent, while holding the same views and voting for the same bills, is a bad choice because either (a) He has no experience in government at this level or (b) He is a Washington Insider, with more allegiance to lobbyists and special interests than to voters. Amen.

Re:You don't have to be braindead to get elected..

Of course, most people would go to the poles

Here in Canada, we just go to the Canadians.

Artillery and Insurrection

[crucini]

You articulate the argument well, but I think it's a flawed argument. How often does artillery come into play in a coup? There are lots of reasons a government might hesitate to shell its own towns.

By the time there is a serious enough divide to cause an uprising, the government and military will also be somewhat divided.

Look at the Vietnam war. Weren't normal rifles more useful to the Vietnamese than artillery?

If the citizens need parity with the military, it's not in artillery but in c3i - encrypted radios, mapping and map-sharing systems, etc. But these systems would need a complete rethink to become more peer-to-peer and less dependant on centralized command.

As for your point about training, I think it applies even more strongly to ordinary military rifles. I think a small group of trained soldiers can win over a large group of untrained people with the same equipment. That was probably equally true in 1776.

Re:Artillery and Insurrection

[gowen]

How often does artillery come into play in a coup?

You'd be surprised

Re:Artillery and Insurrection

I'd be willing to bet people are less likely to use artillery in NYC than someplace in Sierra Leone.

Just a thought, though.

Re:Artillery and Insurrection

[True+Grit]

1. How often does artillery come into play in a coup?

I think the other poster answered this.

1. There are lots of reasons a government might hesitate to shell its own towns.

A repressive government wanting to maintain power is willing to do just about anything when push comes to shove, e.g. Tiennamien Square.

1. Look at the Vietnam war. Weren't normal rifles more useful to the Vietnamese than artillery?

Please don't compare apples to oranges. Read the part of my first post about most rebellions only being successful when those rebelling had outside support. Now read up on the Vietnam conflict, especially about the part where it describes *two* Vietnams, the North and the South, and the level of military support coming from the USSR and China at the time. You might also want to ask some combat vets about the differences between the Viet Minh (guerrillas, the "VC") and the NVA (North Vietnamese Regular Army). There are other obvious differences too, like the civilians in question not being the same nationality as the occupying military force.

Besides, it wasn't rifles that drove out the French before we showed up. Read up on the battle of Dien Bien Phu. The use of Chinese artillery was crucial for the Viet Minh's victory over the French.

1. By the time there is a serious enough divide to cause an uprising, the government and military will also be somewhat divided.

First, I don't know what your point is by mentioning this, but I'll go ahead and say there is never any guaranttee that the military will be as divided as the civilian populace. In many countries, the military is often the greater threat to the civilians than the government is, or rather, the military runs the government. Despite the vast protests in Iran by the civilians, there is no evidence its military will side with its people. I could also mention Tiennamien again here. Even with us, our military was indeed demoralized by the dispute over Vietnam, but not to the point of rebellion, and in fact they were still willing to kill unarmed American kids when ordered to do so (the 4 college student demonstrators at Kent State, Ohio).

1. If the citizens need parity with the military, it's not in artillery but in c3i

I used artillery just as *one* example of why the gun advocate's argument falls apart, c3i is another good example too, but IMO, the artillery was the first historical military technology that, unlike hunting rifles and many personal weapons, has no use by the civilian population, and indeed would be a destabilizing element if so many civilians had access to that kind of destructive technology.

1. I think a small group of trained soldiers can win over a large group of untrained people with the same equipment.

That is certainly true today given the complexity of modern military equipment, however...

1. That was probably equally true in 1776.

I believe things were significantly different back then. The most complex thing a soldier needed to know about was his musket, something not nearly as complex as today's M16 or AK64. In fact, many people then had hunting rifles which were better at shooting than the military muskets, their weakness was not being designed to mount a bayonet. The initial weakness of the Americans then was their inability to fight the British regulars at close quarters due mainly to lack of training and proper equipment. Artillery was not used in large numbers by anyone then and wasn't the efficient infantry killer it became later, and it rarely played a crucial role in a given battle of the time.

However, even lacking the discipline and training needed to defeat the British quickly, they could still, as essentially rebelling civilians, keep the rebellion going on for several years, time enough to not only train themselves, and get

Its intresting that

the government goes halfway around the world to exterminate terrorists, but when it comes to domestic terrorists, they dont do anything.

Re:So broad, anti-adware and kid-proofing is spywa

[hyphz]

It's an obvious urban legend - if the guy thought that "Wash. Biol. Surv" was cooking instructions, how did he know where to send the letter?

Re:So broad, anti-adware and kid-proofing is spywa

context-based triggering. CONTEXT-based triggering.

Re:So broad, anti-adware and kid-proofing is spywa

[squiggleslash]

Probably. I actually found it on the Guardian Unlimited Talk board's "Any good jokes?" thread (sadly deleted now, for reasons that have enraged regulars there, even if, for the most part, they were the same jokes posted again and again.)

If they really want to know all of this...

[f0rt0r]

They can just ask. As long as they didn't gather any personal info ( email, home address, etc. ) I would not have a problem with it.

Re:You don't have to be braindead to get elected..

> most people would go to the poles,

North or South? I believe you mean POLLS.

California proposition time?

[Whatsmynickname]

Sounds a lot like this article.

This has got to stop somehow. Hey, maybe California should make a proposition to stop this! Wonder how far this would go?

Typical dumb*&%t legislation

[robin147]

There's nothing like a stupid knee jerk reaction by uninformed legislators doing something about stuff they are clueless about. The only thing worse than something like this, is when the feds do it, and nullify some state law that does better.

Doesn't that outlaw Interner Explorer?

[An+Elephant]

"software that display advertisements...pop-up windows... without permission"

Explanation of the Law, and Analysis of Criticism

[bedelman]

It's been fascinating to see this discussion -- with some folks taking the time to pretty carefully understand the bill, and others (perfectly understandably) deferring to news coverage. As someone who's had the opportunity to talk to Utah legislators about this bill, I thought I'd put together an analysis of what the bill does. I've also received a copy of the letter that gives the AOL et al. critique of the bill, so I've tried to respond to it, point by point.

Details: A Close Reading of Utah's Spyware Control Act.

Ben Edelman

Read the bill, carefully!

[bedelman]

I agree that that's the impression you'd inevitably get after reading the article. That's clearly what the article's author wanted! the question is: What impression would you get after reading the bill? Or after listening to the sponsor of the bill defend it?!

For an alternative perspective, check out my A Close Reading of Utah's Spyware Control Act. I go through the bill's major provisions, then take a close look at the specific concerns raised by its critics. I received a copy of a letter they sent to bill sponsors, so I can examin the arguments in considerably greater detail than, for example, the MediaPost article.

Ben Edelman

Article misrepresents what the bill requires

[bedelman]

Jack,

You're right that the bill would be awfully overbroad if it did what the article says it does. But the article is wrong. Read the bill and see for yourself.

Or, better yet, read my FAQ-style analysis and see 1) what the bill really does, and 2) what the article got wrong.

A Close Reading of Utah's Spyware Control Act

In short: Software that reports users' online activities is only prohibited under the bill if the software lacks a proper license agreement and uninstall program. So plenty of programs can still report users' activities, so long as this is properly disclosed and so long as users can change their minds later.

Ben Edelman

Bill Signed Into Law

[bedelman]

For those still reading --

I'm told that Governor Walker signed the bill into law today.

Ben Edelman
benedelman.org