Slashdot Mirror

← Back to Stories (view on slashdot.org)

Australia Says No To Spyware

Posted by Zonk on from the sanity-down-under dept.

PrivateDonut writes "Australian parliament introduced a bill on Thursday that would 'make it illegal for anyone to install a program without informed approval and attract a fine of $10,000.' Is this doomed to fail as many other anti-spam/spyware bills have failed? Or has Australia finally hit the mark?"

17 of 195 comments (clear)

  1. So? ...without international agreement? by beh · · Score: 5, Insightful

    I think, this proposal is a bit of a lame duck - much like other laws.

    If I am under the danger having to face $10.000 for installing spyware on a PC in my own country - then I'll do it in another country. Do you really think there will be extradition for installing Spyware?

    As long as I am willing NOT to visit the country where I hijacked some PCs, where's the problem? I can still do an awful lot of damage anyway...

    I think, such laws will only become effective, once we will have international agreement on such laws to make them easily punishable across country borders. Internet criminals have the big advantage that they can BE in a non-extradition country even at the time they commit the crime in an entirely different country.

  2. Traceback by fembots · · Score: 4, Insightful

    Is it correct that spyware works for its master? So at some stage it must try to communicate with its master to relay any information back right?

    I believe if a lab (open, sponsored or even MS) can do the traceback and tie every spyware to its owner, then it'll be easier for those who want to take action to do whatever the law allows.

    For example, if credit card numbers or PayPal logins are purposely fed to the spyware, and whoever uses that information will be linked directly to the spyware.

    --
    Rock that crushes, Paper & Scissors that don't matter.
    1. Re:Traceback by benjamindees · · Score: 4, Insightful

      Yeah, but that would require "police work". It's much easier to just write broad, vague all-encompassing laws so that the party in power can use them against their enemies.

      --
      "I assumed blithely that there were no elves out there in the darkness"
  3. Hmm... by Kufat · · Score: 5, Insightful

    Seems like most spyware has the same level of "informed approval" that store-bought commercial software does: An EULA that nobody reads.

    It's a feel-good law.

  4. Problem by mboverload · · Score: 4, Insightful

    The problem is that most spyware IS INSTALLED BY THE USER. Users are idiot!

  5. Informed Concent..... by Manip · · Score: 5, Insightful

    A lot of spyware (via the licence agreement) *do inform the user that they are about to be installed. Even those that install themselves via an ActiveX control do so... So this new law will help very little in this war against spyware.

    On that note, look how much good the anti-virus laws have done in cutting them down (nothing). We need to find technical solutions to technical problems, not social solutions to technical problems.

    1. Re:Informed Concent..... by Hockney+Twang · · Score: 3, Insightful

      I don't see it as an overtly technical issue. There is a technical solution to most spyware, don't install it. Of course there are some really sneaky bastards, and you can use anti-spyware progs for them. These are solutions that exist in the technical realm.

      The problem really arises from users who are unaware of how to make proper use of their computers, or who are unaware that by purchasing the products that popup on their screen, they're making the problem worse. This requires social remedy. We need to promote education about how to avoid spyware, then it will become less useful to marketers, and eventually decrease to a mostly harmless level.

      However, the idea that we could litigate spyware out of existence is ridiculous. Laws in this vein are ultimately unenforcable in the real world.

    2. Re:Informed Concent..... by Greg@UF · · Score: 3, Insightful

      Most non-geeks will install just about anything with the hope that some program they're trying to install will work ok. It's hardly informed consent.

      On the other hand, I'm just as bad. When, for example, Debian's Apt tells me to install package "Email" I also need to install library "meaningless letters" and package "obscure joke reference" and 20 other weird libraries, I don't go look up every one of those, and their dependencies. Who's got the time for that? Even if you do, half the time the package description makes no sense to me.

      --
      -- You can't give it, you can't even buy it, and you just don't get it!
    3. Re:Informed Concent..... by Ponzicar · · Score: 3, Insightful

      The amount of deception and misinformation in those license agreements is astounding. Some of them have 54 screens of legalese in a tiny box. Others bring up the activeX install box saying "hit yes to install critical media player 9 update". Others are on sites for children, who are too young to legally enter a contract: http://www.benedelman.org/spyware/installations/ez one-claria/details.html#1c Quite frankly, if someone were making contracts like these for real life goods and services, lawyers would be brought in in nanoseconds. Plus there's the fact that quite a lot of them *don't* ask for consent, and install via one of the many IE exploits.

  6. The old bullet versus armour story by Anonymous Coward · · Score: 5, Insightful

    Although I applaude the efforts of the ozzie goverment, I can't help but wonder how many hours it will take a lawyer to find the first loophole. Thus placing the advantage back in the malware authors hands.

  7. Re:So? ...without international agreement? by Hockney+Twang · · Score: 5, Insightful

    I think the idea of a worldwide anti-spyware alliance is more than a little silly. In fact, I shy away from any push for international policy beyond the protection of basic human rights.

    The solution to spyware problems is either technological(although I have no idea how, using an non-Widnows OS isn't really "the answer") or social(teach people how to 1. Avoid spyware and 2. Avoid giving any kind of financial incentive to any company associated with spyware).

  8. Re:So? ...without international agreement? by fm6 · · Score: 3, Insightful

    If writing spyware is illegal in the country you live in, then it doesn't matter where your victims live. Prosecutors just have to show that your software is designed to invade people's computers.

  9. Funny? by Anonymous Coward · · Score: 4, Insightful

    Not all spyware is installed directly by the users, but I've seen it happen in many cases, and sometimes even PAY for it (eAnthology stuff and the like).

    I've seen people who had a completely crashed PC every week, were told that spyware (lots of-) was the cause, were explained everything, but didn't mind if their daughter was going to reinstall spyware-infested kazaa on it again, and kept using IE anyways.

    A lot of people don't care, and some even pay for the previlege of having more spyware on their PCs. Users ARE idiots! It's insightful - not funny!

  10. Informed approval... by Francis85 · · Score: 5, Insightful

    As long as people won't read disclaimers, they'll end up installing lots of spyware "legally". w00t for 250 pages disclaimers!

  11. Re:So? ...without international agreement? by Farmer+Tim · · Score: 5, Insightful

    "...(teach people how to 1. Avoid spyware and 2. Avoid giving any kind of financial incentive to any company associated with spyware)"

    That's on the list, right after we teach people the following:

    1) MS Word is a word processor, not an operating system;
    2) Nobody in Nigeria really wants to give them $millions;
    3) Their bank hasn't really lost their details, and they don't need to go to a website to re-enter them;
    4) Passwords shouldn't be something as blindingly obvious as the name of their cat/favourite band/significant other; ...and so on. A strategy that involves educating everyone is doomed because not everyone is willing to be educated (sad but true).

    --
    Blank until /. makes another boneheaded UI decision.
  12. Re:So? ...without international agreement? by Draknor · · Score: 5, Insightful

    Spyware, like viruses, are not solved by simply moving to a different platform. Once enough people migrate then malware writers will start to include that platform.

    Will other platforms have a better security model then Windows? Sure.

    Will other platforms still have security vulnerabilities? Yes.

    Will malware writers do everything they can think of to get a user to install their software (so-called "social engineering")? You bet.

    The user is the weak link in the chain, and I think user education is the only real way to solve that problem in the long run. IE/ActiveX have really brought the problem to the public consciousness and made it easier for malware to get installed & propagate much faster than ever before. But fixing Windows (or moving away from it) won't eliminate malware.

  13. No, legislation does help by MikShapi · · Score: 3, Insightful

    It puts yet another country off-limits for ad-scum, not only to operate from, but even to live there while operating an ad company in zimbabwe.

    It's not a silver bullet and shouldn't be treated as such. It won't make adware vanish. But if more and more counties say "NOT ON OUR SOIL" to this (and same goes for anything from child porn, to snuff films, to terrorist camps), it make it harder for said scum to operate (especially when they live in those counties and are subject to being sued). Consider this - some of the people who live in those countries, do this and do not look to relocating will look away from such practice (same as they do from, say, theft), thus such legislation *will* decrease the scale of the problem.

    They're correct by looking at it as any other form of crime, assuming that completely killing it is not within our means, but instead looking at mitigating it through legislation.

    --
    -