Slashdot Mirror
U.S. To Impose Spyware Control Laws
ArbiterOne writes "BBC has the story: A bill has been introduced into the U.S. House of Representatives to control the proliferation of spyware and malware. The proposed bill would force programs to inform the user before installing programs, and require that spyware be easily removed. A study by EarthLink found that the average user has 28 spyware programs on their computer!"
H.R. 2929 Safeguard Against Privacy Invasions Act sponsored by Mary Bono.
It's been on Slashdot mentioned before, but a good starting point for this kind of legislation is Google's Proposed Software Principles defining what honest programs should be doing.
Actually, it's Latin. The French (along with the other Latin-based languages) just inherited it.
The prefix 'mal' means 'bad'. I'm sure the RIAA would try to argue that their copy protection is good, not bad.
It'd be interesting to see how the Congress handles that issue.
Earthlink offers a spyware blocking program to its customers and also a free web-based version. I assume they can glean some survey information from the users of these tools.
I don't even think they need to change anything they're doing, since Gator at least requires an affirmative confirmation to install and politely cleans up when asked to. As bad as they are, at least they're playing by the proposed rules already.
PC makers hate spyware because of all the tech calls "why is my PC so slow?"
This is only been proposed in one of the two US legistlatures. There are a few hurdles to pass before it becomes law, if ever.
It looks like this bill is only designed to protect banks and their own boxes. Better luck next time Average Joe American.
Steal This Sig
OK, I found some links to back up my claims. First, here is the initial BBC article mis-characterizing Earthlink's study. Here's a guy who did some shoe-leather work to point out the falsehood in Earthlink's study, along with some more helpful links. Enjoy.
Sorry to keep replying to myself. But I would be remiss if I didn't point out that Earthlink intentionally tried to mislead the press & the public when they trumpeted their results by creating their own definitition of spyware. Only 0.35 real spyware programs er computer, by the way. Here's Earthlink's original press release, and the actual report. I still blame the press for dropping the ball, anyone who bothered to read the actual report would know that the press release & headline is a bunch of hot air.
First, the BBC doesn't have a scoop. I've been reading about the story for days. This piece is almost certainly a pickup from Reuters or another agency. (If it was a Beeb piece, the story would have a Beeb byline.)
Second, you haven't seen it on the evening TV news because it isn't that much of a story. The bill, one of several on the same issue, made it through one House subcommittee. If it passes and is signed into law, then it might merit mentioning on "major US media outlets?.
If spyware wasn't in the news this week, you'd likely not be seeing this story get any play at all. The story is, in fact, getting play because it make a nice sidebar for the other story this week about most PC's being infested with dozens of spyware programs.
-- Slashdot: When Public Access TV Says "No"
I'm head desktop geek for a publishing company in the United States, and I spend more time dealing with this crap than any other single problem.
:-)
I've been getting asked quite a bit lately what exactly it is I do when I clean up someone's machine. The problem is, while some of my techniques are easily documentable, alot of it comes from just eyeballing the situation and figuring out what doesn't look right.
I watch the Slashdot threads regarding spyware often and, until recently, have merely lurked. Today I registered, so I can share this with everyone. It may be a bit off topic, but let us be real - legislation isn't going to take care of this problem anymore than it has spam. Some of you probably know all this already, but I hope that those who don't get some use out of it. Obviously I can't take any responsibility if you screw up your computer, so be careful out there!
Note: Use Mozilla or Firefox. Not using IE will prevent 99% of all spyware infection. I highly recommend it, for yourself and your friends and family. This is the number one step you can take to prevent spyware and hijacking, as well as preventing weekend trips to the inlaws/cousins/siblings to clean up their infected machines
What is Spyware?
Spyware, Adware, Malware, Crapware, Roachware (because just when you think you've gotten them all...); all of these terms refer to a virus-like category of software which is placed on a computer for the purpose of generating revenue, usually either by displaying popup ads, redirecting search requests from within the browser, or collecting demographic information.
The programs themselves can end up in a number of different places:
- As an item in the Run key in the registry (the listing of startup programs you
see in MSConfig) - Specifically,
HKEY_LOCAL_MACHINE\Software\Microso ft\Windows\Curr entVersion\Run or
HKEY_CURRENT_USER\Software\Microsoft\Windows\C urre ntVersion\Run
- As a Browser Helper Object (BHO), a class of ActiveX control originally designed for extensions to Internet Explorer, such as Toolbars. The Google Toolbar, Yahoo! Companion, and Acrobat Reader plugin are all examples of BHOs
- As a link, EXE or DLL file which is placed in a URL, such as a default Search URL or the Home Page. IE uses a set of URLs to control its automatic search behavior. When these URLs are triggered - or the home page is opened - either the page is opened containing ads which the URL is designed to impress, or the EXE or DLL is called to generate popups, verify it is still installed, etc
- As a registered DLL which is loaded on startup as an operating system component (Nasty!)
For the executable files loaded on startup, these programs - in addition to their main ad generating function - will generally check to see if their components are still properly installed, and if they are not, they will reinstall themselves. This is why you will often see spyware mysteriously come back after you think you've succeeded in removing it.
Many of these programs will also alter Home Page and Search URL strings, so that every time the browser is opened or a search takes place, an ad impression or page hit is generated by the program's controller.
The nastiest of all these programs will have more than one process running at any given time, watching its companion processes - so that if you kill one, its partner launches itself again. It's like Whack-a-Mole, but without the cheap prizes they give you for tickets.
Most of this stuff gets installed piggyback with things like Comet Cursor, browser "skinners", various toolbars, downloadable games, etc. The nasty ones, however, will use security holes in IE to install themselves without the user having any clue. Others act as "gateway programs" - once one of them gets on, the others get carte blanche.
Now that you've got the basics on what this stuff is, it's time to look at removal techniques.
*** formica has quit IRC (connection reset by phear)
The common user never imagines that just clicking on a pop-up window, hoping that will make it go away gives someone the right to take over their computer. They don't "get it" that kazaa is bundled with spyware either.
As for EULAs, even if people did read those things, they are in legalese jargon. No one understands that gabbledegook, so no one can possibly give informed consent to it.
I see a lot of brand new computers running like a 386 trying to use Windows XP because of spyware. I am surprised more people haven't given up on computers completely. If this new law is as full of loopholes as it seems, then people swearing off computers is still the inevitable result of spyware.
How ya like dat?
It's not IE's fault - it's the fault of stupid users.
If you believe that, you are no further ahead than the people you reference.
An analysis of the 180 Solutions Trojan.
A NTBugtraq post with info.
There are many many other sources of info that describe how software and malware get onto your computer using combinations of holes in Windows and IE that does not present the user an acceptance screen. The links referenced are just a sample of what is out in the wild, they are not exceptions, they are the norm.
The only way this will stop is by educating users
I hear ya..
Bad boys rape our young girls but Violet gives willingly.
Ad-Aware
Spybot-S&D
Every Windows PC needs these installed, updated, and run at least once a week. You need both: sometimes one will catch something that the other won't. Even then you are not 100% safe. For really nasty Spyware:
HijackThis!
Note that HijackThis! is NOT for joe user! Removing the wrong entry can disable legitimate apps. Also, for IE users:
You could set up tighter ActiveX permissions than this, but doing so would disable Windows Update, which is just as dangerous.
Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is a well-armed lamb contesting the vote.