Slashdot Mirror

← Back to Stories (view on slashdot.org)

U.S. To Impose Spyware Control Laws

Posted by CowboyNeal on from the every-click-you-make dept.

ArbiterOne writes "BBC has the story: A bill has been introduced into the U.S. House of Representatives to control the proliferation of spyware and malware. The proposed bill would force programs to inform the user before installing programs, and require that spyware be easily removed. A study by EarthLink found that the average user has 28 spyware programs on their computer!"

9 of 402 comments (clear)

  1. I wonder which 28 are on my Mac? Oh wait... by Anonymous Coward · · Score: 5, Funny

    NONE!

  2. Bloody obvious by hattig · · Score: 5, Interesting

    It is a shame that things like this need to be made law.

    I expect that spyware already falls under the Computer Misuse Act 1990 in the UK regarding modification of a computer system without the user/owner being aware.

    As far as I am aware, these bits of software are viruses and should be treated as such. Including the writers of said spyware.

  3. Re:Believe it or not... by Anonymous Coward · · Score: 5, Funny

    With only 110 less they would have been 1337!!

  4. Re:I'm just a bill on... by autiger · · Score: 5, Informative


    H.R. 2929 Safeguard Against Privacy Invasions Act sponsored by Mary Bono.

  5. a lot of spyware already 'informs you'... by seibed · · Score: 5, Interesting

    a lot of spyware already 'informs you'... its just that the average public just clicks right through all of the legal stuff anyway.

  6. Re:But what about SunnComm? by dsanfte · · Score: 5, Funny

    The term "mal" is French. I cannot believe, as a patriotic citizen, that you would endorse or condone the use of language from the mouths of the Republic's enemies! Traitor! This is not the act of a respectful, honorable, patriotic citizen. You will be punished for this act of treason, let me assure you.

    --
    occultae nullus est respectus musicae - originally a Greek proverb
  7. And what will it help? by klingens · · Score: 5, Funny

    I am sure this new law will be a overwhelming success story like the recent CANSPAM act.
    And now excuse me, I need to clean my Inbox again.

  8. Removing Spyware - a Primer by Fourmica · · Score: 5, Informative

    I'm head desktop geek for a publishing company in the United States, and I spend more time dealing with this crap than any other single problem.

    I've been getting asked quite a bit lately what exactly it is I do when I clean up someone's machine. The problem is, while some of my techniques are easily documentable, alot of it comes from just eyeballing the situation and figuring out what doesn't look right.

    I watch the Slashdot threads regarding spyware often and, until recently, have merely lurked. Today I registered, so I can share this with everyone. It may be a bit off topic, but let us be real - legislation isn't going to take care of this problem anymore than it has spam. Some of you probably know all this already, but I hope that those who don't get some use out of it. Obviously I can't take any responsibility if you screw up your computer, so be careful out there!

    Note: Use Mozilla or Firefox. Not using IE will prevent 99% of all spyware infection. I highly recommend it, for yourself and your friends and family. This is the number one step you can take to prevent spyware and hijacking, as well as preventing weekend trips to the inlaws/cousins/siblings to clean up their infected machines :-)

    What is Spyware?

    Spyware, Adware, Malware, Crapware, Roachware (because just when you think you've gotten them all...); all of these terms refer to a virus-like category of software which is placed on a computer for the purpose of generating revenue, usually either by displaying popup ads, redirecting search requests from within the browser, or collecting demographic information.

    The programs themselves can end up in a number of different places:

    - As an item in the Run key in the registry (the listing of startup programs you
    see in MSConfig) - Specifically,
    HKEY_LOCAL_MACHINE\Software\Microso ft\Windows\Curr entVersion\Run or
    HKEY_CURRENT_USER\Software\Microsoft\Windows\C urre ntVersion\Run

    - As a Browser Helper Object (BHO), a class of ActiveX control originally designed for extensions to Internet Explorer, such as Toolbars. The Google Toolbar, Yahoo! Companion, and Acrobat Reader plugin are all examples of BHOs

    - As a link, EXE or DLL file which is placed in a URL, such as a default Search URL or the Home Page. IE uses a set of URLs to control its automatic search behavior. When these URLs are triggered - or the home page is opened - either the page is opened containing ads which the URL is designed to impress, or the EXE or DLL is called to generate popups, verify it is still installed, etc

    - As a registered DLL which is loaded on startup as an operating system component (Nasty!)

    For the executable files loaded on startup, these programs - in addition to their main ad generating function - will generally check to see if their components are still properly installed, and if they are not, they will reinstall themselves. This is why you will often see spyware mysteriously come back after you think you've succeeded in removing it.

    Many of these programs will also alter Home Page and Search URL strings, so that every time the browser is opened or a search takes place, an ad impression or page hit is generated by the program's controller.

    The nastiest of all these programs will have more than one process running at any given time, watching its companion processes - so that if you kill one, its partner launches itself again. It's like Whack-a-Mole, but without the cheap prizes they give you for tickets.

    Most of this stuff gets installed piggyback with things like Comet Cursor, browser "skinners", various toolbars, downloadable games, etc. The nasty ones, however, will use security holes in IE to install themselves without the user having any clue. Others act as "gateway programs" - once one of them gets on, the others get carte blanche.

    Now that you've got the basics on what this stuff is, it's time to look at removal techniques.

    --
    *** formica has quit IRC (connection reset by phear)
  9. Re:Why use legislation? by fmaxwell · · Score: 5, Insightful

    Why is legislation necessary here? this is a problem that could be solved with just a little technical nous.

    Fine. You go to 290 million people in the U.S. and educate them -- every man, woman, and child -- on how to deal-with, avoid, and remove spyware. God knows that learning about sypware should be the key goal in everyone's life. The guy investigating prostate cancer online after bad news from his doctor? He should stop what he's doing and take lessons from you about spyware.

    Next, we can get rid of laws prohibiting muggings and just teach everyone self-defense. We can make identity theft legal and just teach people how to prevent it.

    Everyone should not have to know about everything just to avoid being victimized.