Slashdot Mirror

← Back to Stories (view on slashdot.org)

Congress Debates Anti-Spyware Bill

Posted by timothy on from the officialization-has-a-downside dept.

Spy der Mann writes "An anti-spyware bill could clear the U.S. House of Representatives as early as next week, but there are disagreements on how to define the term 'spyware.' A wrong decision could end up in two opposite directions: Either a law too restrictive for legitimate companies, or a "safe harbor" for some malicious spyware distributors. Could this become another CAN-SPAM?"

6 of 180 comments (clear)

  1. Re:It's like porn.... by m50d · · Score: 2, Informative

    Porn has a very clear definition - material where the primary purpose is erotic i.e. arousing the viewer.

    --
    I am trolling
  2. Re:proper definition... by John+Seminal · · Score: 2, Informative
    Any third party product that is not functionally necessary for the application a user believes they are installing should be legally required to be a separable item in the installation process that you must opt-in, not opt-out, from.

    I like this! And while we are at it, have every peice of software have some easy way of unistalling it and every component. Most of the worst spyware is hidden, and difficult to remove. I had a friend with a registry setting to reset his browser to go to www.imakemoney.com or something like that. You find the program, delete it, but forget there is a setting in the registry which brings it back.

    A friend installed AOL on their computer. While AOL was installing, so did Real Player. I thought WTF is this, where did it come from. So I uninstalled it. The next time I went to his house, there it was again, Real Player. So I uninstalled it again, and watched as he logged back in. As soon as he was done, and disconnected from AOL, he got "Please wait... we are installing an important upgrade".

    --

    Rosco: "If brains were gunpowder, Enos couldn't blow his nose."

  3. Re:Legitimate companies? by Anonymous Coward · · Score: 1, Informative

    "Well, video codex come to my mind, they are stealthily downloaded and installed by the media player"

    uhm not by Windows Media player, it will ask permission to install any codecs it wants via a signed by MS ActiveX dialog

  4. Re:It's like porn.... by jimmyCarter · · Score: 2, Informative

    Porn has a very clear definition - material where the primary purpose is erotic i.e. arousing the viewer.

    The parent was actually a reference to Supreme Court Justic Potter Stewart's quote from the obscenity case of Jacobellis v. Ohio.

    --

    -- jimmycarter
  5. Re:whisky tango foxtrot by Anonymous Coward · · Score: 5, Informative
    its real easy to see what auto starts, 2 registry keys and one folder in the start menu

    Um, no:

    Some info from http://www.nohack.net/methods.htm


    1. Start Menu\Programs\StartUp {English}
      The Shell=Explorer.exe line in system.ini
      The load= line in win.ini Under the [windows] section.
      The run= line in win.ini Under the [windows] section.
      Hkey_Local_Machine\Software\Microsoft\Wi ndows\Curr entVersion\Run
      Hkey_Local_Machine\Software\Micros oft\Windows\Curr entVersion\RunOnce
      Hkey_Local_Machine\Software\Mi crosoft\Windows\Curr entVersion\RunOnceEx
      Hkey_Local_Machine\Software\ Microsoft\Windows\Curr entVersion\RunServices
      Hkey_Local_Machine\Softwar e\Microsoft\Windows\Curr entVersion\RunServicesOnce
      Hkey_Local_Machine\Sof tware\\Microsoft\Windows\Cur rentVersion\RunOnceEx\000x "RunMyApp"="||notepad.exe"
      Hkey_Current_User\Soft ware\Microsoft\Windows\Curre ntVersion\Run
      Hkey_Current_User\Software\Microsof t\Windows\Curre ntVersion\RunOnce
      Hkey_Current_User\Software\Micr osoft\Windows\Curre ntVersion\RunServies
      The [386enh] section of system.ini (this includes the scrnsave.exe= line in system.ini which can be used to run things on your system.
      The [boot] section of system.ini (this includes the scrnsave.exe= line in system.ini which can be used to run things on your system
      The IOSUBSYS folder (drivers load automatically)
      The VMM32 folder (drivers that take precedence over those built into vmm32.vxd)
      config.sys
      autoexec.bat
      winstart.bat
      wininit.ini

    That's 20(!), and I havent' even gotten into stuff like this:

    [HKEY_CLASSES_ROOT\exefile\shell\open\command] @="\"%1\" %*"
    The key should have a value of Value "%1 %*".
    Backdoor example:
    [HKEY_CLASSES_ROOT\exefile\shell\open\co mmand] @="\"trojan.exe %1\" %*"

    With such registry entries, the trojan.exe is executed each time an *.exe is executed. /blockquote .. and there are versions of that for .com, .bat, .hta, .pif.

    And of course, "If a trojan installs itself as c:\explorer no run keys or other start-up entries are needed."

    So, quit the BS about " 2 registry keys and one folder".

  6. Or just take the route we did in the UK by NoMercy · · Score: 2, Informative

    Dataprotection act means anyone who takes information off you must inform you before you hand over data as to what the'll be doing with it along with many other restrictions, it means spyware is illegal by default (unless they come with data protection statements for you to read though and ok first, doubt it :)