Congress Debates Anti-Spyware Bill

Spy der Mann writes "An anti-spyware bill could clear the U.S. House of Representatives as early as next week, but there are disagreements on how to define the term 'spyware.' A wrong decision could end up in two opposite directions: Either a law too restrictive for legitimate companies, or a "safe harbor" for some malicious spyware distributors. Could this become another CAN-SPAM?"

It's like porn....

Spam and Spyware are like Porn - Hard to define, but you know it when you see it.

Re:whisky tango foxtrot

[Rosco+P.+Coltrane]

And they plan to enforce this... how?

One effective way to enforce this would be to render Windows illegal to use across the nation...

Wow!

[janek78]

From TFA: The average "infected" computer had more than 90 spyware and adware programs.

I doubt I have that many legitimate programs installed in my computer and I don't think these guys have either. The thought that their computers contain more spyware than software is scary.

I don't believe that a law can change this though. It might decrease the number of US based spyware companies, but I doubt the effect will be noticeable.

More secure browsers and user education seem like a better solution.

Would this be...

[Radar|TGS]

the CAN-SPY act?

Computers appliances

[magarity]

This article is just begging for a slightly condecending comment about how computers are not yet plug-n-go appliances that the public should be allowed to own without training and/or licensing. But where to point the blame... consumers, most of whom don't know how to change their car's oil or other equvalent activities to computer preventive maintenance? Microsoft ( the slashdot favorite whipping boy) for making it easy to use a computer without knowing anything more than 'click the E for internet'? Dell, for making computers as cheap as appliances? Lawmakers, who think they can wave a legislative wand and make internet miscreants (spammers, bot networkers, spyware writers) behave?

Re:Legitimate companies?

[TekGoNos]

"Spyware is a catchall term used to describe programs that stealthily install themselves on computers."

What legitimate use has software that doesn't inform about it presence -- let alone hides it?

Well, video codex come to my mind, they are stealthily downloaded and installed by the media player.

And most spyware doesnt install so stealthily, at one point the user has to click yes on a dialog (a very obscure dialog it is). So a lawyer could always argue that the installation wasnt stealthy and that the product therefor isnt spyware.

Re:whisky tango foxtrot

[Rosco+P.+Coltrane]

It's not windows fault that there is spyware.

Yes. Most other OSes generally don't let foreign programs run willy-nilly and do things behind users' backs.

It's idiots who buy products that are being advertised. If you stop buying penis enlargement pills, etc. Spam would stop.

Spam != spyware.

The final solution

[archevis]

Could somebody please patent spyware/adware and start suing...?

If you do bussiness in the US

[Sycraft-fu]

You are subject to US law. Now at some point, these people probably have a US stopping point. Maybe the authors are entirely foriegn, but the ad companies that pay them to make it probably aren't. What good does an ad do if it's for something you can't buy in that country? I'm betting somewhere along the chain, there are people in the US that can be held responsable. In most cases, I'm betting the companies are US based.

It's also possible the US could seek extradition over this. You can't run to a foriegn country and hide, if those countries have extradition treaties. I'm not sure they'd bother for something like this, and the other nations might refuse to extradite if it wasn't against their own laws, but it's also a possibility.

Re:Will this change things much?

[Anne+Thwacks]

All the money, from all spam and spyware. everywhere, is collected through US owned credit card companies.

If the credit card companies were threatened with a charge of conspiracy to promote spam/spyware/all the other immoral or illegal acts commited for money via the itnernet, it would stop overnight.

It exits because the credit card companies profit from it. Take the profit from the credit card companies, and it would not exist.

Nothing in the above statement should be taken to imply that I do not support cruel and inhuman torture and/or death for anyone connected with the promotion/distribution of Spam/Spyware.

Re:whisky tango foxtrot

its real easy to see what auto starts, 2 registry keys and one folder in the start menu

Um, no:

Some info from http://www.nohack.net/methods.htm

1. 
   Start Menu\Programs\StartUp {English}
   The Shell=Explorer.exe line in system.ini
   The load= line in win.ini Under the [windows] section.
   The run= line in win.ini Under the [windows] section.
   Hkey_Local_Machine\Software\Microsoft\Wi ndows\Curr entVersion\Run
   Hkey_Local_Machine\Software\Micros oft\Windows\Curr entVersion\RunOnce
   Hkey_Local_Machine\Software\Mi crosoft\Windows\Curr entVersion\RunOnceEx
   Hkey_Local_Machine\Software\ Microsoft\Windows\Curr entVersion\RunServices
   Hkey_Local_Machine\Softwar e\Microsoft\Windows\Curr entVersion\RunServicesOnce
   Hkey_Local_Machine\Sof tware\\Microsoft\Windows\Cur rentVersion\RunOnceEx\000x "RunMyApp"="||notepad.exe"
   Hkey_Current_User\Soft ware\Microsoft\Windows\Curre ntVersion\Run
   Hkey_Current_User\Software\Microsof t\Windows\Curre ntVersion\RunOnce
   Hkey_Current_User\Software\Micr osoft\Windows\Curre ntVersion\RunServies
   The [386enh] section of system.ini (this includes the scrnsave.exe= line in system.ini which can be used to run things on your system.
   The [boot] section of system.ini (this includes the scrnsave.exe= line in system.ini which can be used to run things on your system
   The IOSUBSYS folder (drivers load automatically)
   The VMM32 folder (drivers that take precedence over those built into vmm32.vxd)
   config.sys
   autoexec.bat
   winstart.bat
   wininit.ini
   

That's 20(!), and I havent' even gotten into stuff like this:

[HKEY_CLASSES_ROOT\exefile\shell\open\command] @="\"%1\" %*"
The key should have a value of Value "%1 %*".
Backdoor example:
[HKEY_CLASSES_ROOT\exefile\shell\open\co mmand] @="\"trojan.exe %1\" %*"

With such registry entries, the trojan.exe is executed each time an *.exe is executed. /blockquote .. and there are versions of that for .com, .bat, .hta, .pif.

And of course, "If a trojan installs itself as c:\explorer no run keys or other start-up entries are needed."

So, quit the BS about " 2 registry keys and one folder".

Re:whisky tango foxtrot

[Dolda2000]

Most other OSes generally don't let foreign programs run willy-nilly and do things behind users' backs.

What OS(es) would that be? GNU/Linux/UNIX? Just place your spyware in the user's ~/.profile.

Of course, there are many spyware programs that make their way into users' computers through holes in IE/DCOM/SMB/ActiveX/what have you, but the fact of the matter is that the majority of spyware comes with other programs, like Kazaa. That means that the user is willfully installing it. Sure, they may not know about it, but that doesn't mean they're not installing it by their own decision. There's nothing in any other OS that would prevent the user from doing that.

The reason why there's no spyware on Linux is not primarily that Linux isn't yet as popular as Windows, as many others suggest. The reason why there's no spyware on Linux (yet) is that most people run free software on their Linux systems, and free software developers... well, don't normally bundle spyware with their programs. If or when proprietary software ever gets popular with Linux, I'll assure you that you'll see an increase in spyware for Linux.

However, mind you that there's nothing inherent in Linux itself to stop it. Any such thing would just prevent the user from doing stuff, and would therefore be hindering users.

Autopackage has a lot of text on this.