Slashdot Mirror


The Pure Software Act of 2006

lurker412 writes "The MIT Technology Review features a proposal by Simson Garfinkel to provide honest labels on software in the same way that the Pure Food and Drug Act of 1906 forced manufacturers of foods and drugs to divulge the contents of their products. The proposal targets adware, spyware and other unsavory practices. It suggests that by requiring software manufacturers to include clear icons for each nasty behavior--rather than hide the disclosures in seldom read or understood click-through SLAs--end users will be better protected. Garfinkel specifically lists eight types of sneaky behavior, but the list is not meant to be exhaustive."

13 of 261 comments (clear)

  1. Erm... by r4bb1t · · Score: 5, Insightful

    How do they plan on labeling software solely distributed over the internet? I'd venture to say that 90% of the spyware that's out there comes through download-only software (DivX, peer to peer software, etc...).

  2. The idea is great... by MacFury · · Score: 4, Insightful

    Implementation would be far too much trouble. Developers would fight you at every turn. Would my software be spyware if I had it collect general system stats if you choose to register, so that I know the average machine speed of my clients? Would that carry the same label as a program that logged every keystroke and sent that back?

    1. Re:The idea is great... by kawika · · Score: 4, Insightful

      You missed the point, or more likely did not read the article. Having one of these icons doesn't mean your program is "spyware". It means that your program performs one or more of these functions. Other programs such as virus scanners or keyboard drivers might have them too. The point is to inform users in a concise way of program behaviors that may cause some sort of trouble. The more of these things a program does (like autoupdate or sending back click data) the harder a user should look at the license to be sure they really trust what is going on.

  3. The right way to fight "spyware" by kawika · · Score: 4, Insightful

    As that article says, most of the proposals to control spyware get bogged down in trying to define spyware without catching sofware that is clearly legitimate, such as an antivirus program trying to "phone home" automatically to update its virus signatures.

    I would much rather see regulation that required all software to clearly declare its intentions, and to get explicit and verified permission to install.

  4. Re:The 'Evil' Bit by badasscat · · Score: 4, Insightful

    I can hear the software vendors right now. "Oh, sure, I'm going to label my software as 'pop-up', that'll bring in the customers, oh, yeah!" More likely, they'll fight it on the grounds of anyone who ever made or makes use of the Yes/No dialog box -- "That's a pop-up, too, make them label their software." Totally meaningless.

    Oh, I don't know. You could have said the same thing about food labels, but the fact is a lot of the food industry actually wanted them. I would think the same about this. Honest software vendors (which is still the majority of the industry), I would think would jump at the chance to be part of something like this, because it would help distinguish why their software is better than the shyster spamware and adware companies' stuff. I mean what if on the one hand you have Real with a whole bunch of scary icons, and on the other you have Apple with only one or two for QuickTime/iTunes? If I were Apple I'd be very happy about this. That's just one example; the easiest that came to mind. In every category you'd have companies on both sides of the issue, depending on who would benefit; it just depends on who's got the most lobbying power in each specific case.

    And btw, to respond to another early comment, I too wondered initially what a certain musical duo was doing putting forth software regulation recommendations when I first read the posting.

  5. Copy protection and DRM by vegetablespork · · Score: 4, Insightful
    should be required to be disclosed in a standard manner on the outside of the packaging. Products that require registration or "activation" to run after purchase like TurboTax (last year's--don't know about this year's since I switched to TaxCut) and PowerQuest's recent utilities should be required to carry this disclosure in a standard, readable, consistent format.

    If anyone cries that this would be like a scarlet letter and harm his sales, remind him that proponents of DRM (while wielding effective monopolies in their product areas) were saying to "let the market sort it out." Free markets require good information, which such a law will provide.

    --

    Call (206) 338-5780 COLLECT for information about a genuine BA, BS, MA, MS, MBA, or Ph.D.

  6. Re:The sound of silence by Fnkmaster · · Score: 4, Insightful
    My friends and I have a theory about Simpson - his career as a technology writer and pundit is based primarily on the Memorable Name principle (also known as the "American McGee principle"). This phenomenon seems particularly common in the tech industry.


    American McGee is, in my opinion, an emblematic case of this phenomenon. Why was his game called "American McGee's A.L.I.C.E."? Do you ever hear about "John Smith's BullshitGame 2003"? I think not (we won't get into whether or not the game here sucked, which I believe everybody can agree with). Why was Mr. McGee a speaker at so many industry conventions and trade shows? Was it because of his amazing intellect and insights? His colorful lively presentation style? The quality of his work in the gaming industry? No, it's because his fucking name is "American McGee".


    Simpson Garfinkel is a pretty good tech writer. Certainly a lot more knowledgeable than some of the idjits out there. But first and foremost, his success and the attention he gets is because his name is eminently brandable and memorable due to its remarkable resemblence to "Simon and Garfunkle". This works at a subconscious level, from what I've observed, even when people don't immediately note the resemblence of his name - they note what a strange name it is, and they always seem to remember it later if they encounter it again.


    I won't bother getting to all the other examples of this phenomenon at work - some of them are people I know personally who are great people but owe much of their success to this kind of clever branding ("Jennifer 8. Lee" anyone?). The power of this phenomenon is undeniable. We may all sit around and think we are above this kind of low-level marketing manipulation of our brains, but we need to face the facts: we are being manipulated by the Strange Name Mafia into their sick and twisted view of the technology industry.


    Boycott weird-named pundits. Err. Or something.

  7. Labels - but not. by Allen+Zadr · · Score: 4, Insightful
    One thing that makes this less desirable from a software marketing standpoint is that in the short-term (early adoption), there is no 'negative' labels, where 8 negative labels means that your program could be considered 'safe' computing.

    Further, there are several games that ship with Microsoft DirectX. That modifies your operating system. The program's package can't be labelled without the (wrench icon), unless it comes with installation instructinos about how and where to download the required ActiveX features.

    In otherwords, sometimes the labelling will simply get in the way of the whole truth.

    --
    Kinetic stupidity has a new brand leader: Allen Zadr.
    1. Re:Labels - but not. by The_K4 · · Score: 4, Insightful

      Which also brings up the point of software you download...no packaging! Do they need to put the icons on the linking page? All linking pages? On the google search replies? MOST spy-ware/ad-ware software isn't purchsed or packaged!

  8. Re:Finally by ThisIsFred · · Score: 4, Insightful

    Spyware is a big problem which isn't Window's fault. Because windows is the biggest, it gets targetted by spyware.

    Sorry, but that's complete and utter bullshit. My tech team spends too much time cleaning up after malware. I made the mistake of switching our organization over to IE several years ago, mainly due to complaints about compatibility. The majority of these nasty malware programs take advantage of design flaws in IE to enter the system and remain there.

    I'm now testing Netscape 7 as a standard browser. It cannot be modified, or accessed through the operating system as can IE. Therefore, most of the loading schemes used by malware do not work. So IE is definitely part of the problem. IE is part of Windows, so it is Windows' fault. Malware programs modify Windows so that they can run as extensions to the operating system, and no actually up as a process in the process list.

    --
    Fred

    "A fool and his freedom are soon parted"
    -RMS
  9. Re:Like requiring thieves to pay taxes on thier lo by kawika · · Score: 4, Insightful

    You're talking about viruses, and of course anyone who wants to break the law can do so. Right now though, there is a large class of software created by companies that say what they are doing is perfectly legal. They claim that by having a user click OK on a dialog box they can do pretty much anything they want on that user's PC. And they are doing this brazenly, out in the open, and in the clear view of the governing agencies. LOP.COM is one of the most-despised pieces of spyware around and still the guy from C2/LOP has the ballz to file a comment for the upcoming FTC spyware conference saying LOP is the future of Internet advertising!

    Most spyware/adware makers feel the same way, they don't have to hide because they are not breaking any laws. And if you download the software directly from their web sites you will be presented with various screens and buttons you have to click to agree. However, the details of what you are agreeing to is anything but clear. The Claria license is 20 pages for example, and to paraphrase: "Once you click YES we can automatically download and install new software, even new versions of other vendor's software like Media Player or Flash if we need it to display ads. We can even send back an list of all the software installed on your system."

    Should it be legal to bury that in a 20-page document and then say that clicking YES on a dialog box is legally binding?

  10. Re:The 'Evil' Bit by MoonBuggy · · Score: 4, Insightful

    This will help with the companies like Limewire who are pretty much legit but morally questionable, which is good.

    Unfortunately, however, the worst spyware/malware I've seen, the stuff that really grinds computers into the ground and makes people call me to fix their computer that 'just broke' is porn browser bars, porn autodialers etc. These are the kind of companies who are just below the bar of complying to the law but still a little way above outright theft. The legislation is a good idea, but what it'll mean is that there's less spyware out there and what does stay active will be all the worse and better hidden too.

  11. Re:The 'Evil' Bit by SnappleMaster · · Score: 4, Insightful

    Yeah this is stupid. Basically people who write this crap-ware would have to have a label that says, in effect: "This software will do something you do not want it to. It will annoy you and may expose personal information. Do yourself a favor and do not install it."

    Plus this is yet another American idea. The Internet is bigger than America. American laws would only protect people from software written in America. What about all the crap-ware that gets written elsewhere?

    Bottom line: I give this idea 9.5 out of 10 stupids.

    --
    Be happy. Nothing else matters.