Slashdot Mirror

← Back to Stories (view on slashdot.org)

Anti-Spyware Guidelines Get Final Version

Posted by Zonk on from the we-have-an-anti-spyware-coalition? dept.

Ant wrote to mention a C|Net article reporting an agreement by The Anti-Spyware Coalition on some standard methods for identifying and combating spyware. From the article: "The Anti-Spyware Coalition, whose members include Microsoft, Symantec, Computer Associates, McAfee, AOL and Yahoo, said on Thursday that it has finalized its spyware detection guidelines. The final version takes into account public comments on a proposed version introduced in October ... The Anti-Spyware Coalition's guidelines, or risk model description, aim to provide a common way to classify spyware, based on risks a piece of software poses to consumers. They also suggest ways to handle software, based on those risk levels."

104 comments

  1. Why aren't others involved. by jellomizer · · Score: 3, Funny

    Oh yea they make secure products.

    --
    If something is so important that you feel the need to post it on the internet... It probably isn't that important.
    1. Re:Why aren't others involved. by grcumb · · Score: 2, Interesting

      I came to the conclusion that this organisation is nothing more than a marketing arm of the corporations involved when I read their list of recommendations. If this body had any conscience whatsoever, the first item on the list would be:

      • Use safe software. Some operating systems and software applications are more susceptible to spyware than others. Be sure to verify that any software you run on your computer lives up to the highest security standards.

      Afterward, if the member corporations feel that they can make the case for their safety, more power to them. But to ignore this fundamental step is disingenuous and arguably deceptive.

      --
      Crumb's Corollary: Never bring a knife to a bun fight.
  2. In other news, Foxes hired to guard henhouse... by wagadog · · Score: 0, Redundant
    Anti-Spyware Coalition, whose members include Microsoft, Symantec...
    This is a joke, right?
    1. Re:In other news, Foxes hired to guard henhouse... by The+Lerneaen+Hydra · · Score: 1

      That it's posted on Cnet makes it even more fitting.

    2. Re:In other news, Foxes hired to guard henhouse... by catahoula10 · · Score: 1

      It should be named the Coalition of the Blind leading the Blind considering many of the security holes come from the coalition.

      OTOH, At least they know how to create a need for themselves.

      --
      This has been another valuable and informative opinion from:
      Catahoula!
    3. Re:In other news, Foxes hired to guard henhouse... by zootm · · Score: 1

      When have Microsoft made Spyware, exactly?

    4. Re:In other news, Foxes hired to guard henhouse... by grcumb · · Score: 1

      "When have Microsoft made Spyware, exactly?"

      Since Windows 2000, apparently. 8^)

      --
      Crumb's Corollary: Never bring a knife to a bun fight.
    5. Re:In other news, Foxes hired to guard henhouse... by zootm · · Score: 1

      To be fair, that article completely missed the fact that the WMF vulnerability was a known feature of the file format since times ancient. It's just something people (stupidly) forgot about when security became an issue.

    6. Re:In other news, Foxes hired to guard henhouse... by grcumb · · Score: 1

      "To be fair, that article completely missed the fact that the WMF vulnerability was a known feature of the file format since times ancient."

      That issue is irrelevant to the argument that the author was making, which was that the function itself did not behave the way it would reasonably be expected to, and that the observed behaviour was highly suspicious at best.

      Again, the source article was an analysis of the function, not of the exploit per se.

      --
      Crumb's Corollary: Never bring a knife to a bun fight.
    7. Re:In other news, Foxes hired to guard henhouse... by zootm · · Score: 1

      Well, yes, but the function was a known, specified function, was it not? I just saw stupidity, rather than foul play, when I read about that one. I'll maybe give it another look though, now that you've mentioned it. I've not been looking at much of anything in any depth recently.

  3. missing member? by BushCheney08 · · Score: 2, Funny

    Shouldn't Sony be included in the coalition?

    --
    Be a real patriot: Question authority. Think for yourself. Formulate your own conclusions.
    1. Re:missing member? by Billosaur · · Score: 1
      Shouldn't Sony be included in the coalition?

      No. After all, they make products that break other people's products. Besides I believe they're already part of the Malware Coalition.

      --
      GetOuttaMySpace - The Anti-Social Network
    2. Re:missing member? by BushCheney08 · · Score: 1

      Ahhh. I wasn't aware of the Malware Coalition.

      --
      Be a real patriot: Question authority. Think for yourself. Formulate your own conclusions.
  4. Coalition for Teflon by pieterh · · Score: 4, Insightful

    "Any software that does things we don't like, and which you have not paid us to 'certify'".

    Many of these vendors have implicitly collaborated with spyware vendors in the past, for commercial gain, and anything they say must be taken with a large pinch of salt. This is an attempt to create some teflon in view of more aggressive anti-spyware legislation.

    --
    My blog
    1. Re:Coalition for Teflon by ErikTheRed · · Score: 1
      Coalition for Teflon
      That's an insult to a perfectly good non-stick coating...
      --

      Help save the critically endangered Blue Iguana
    2. Re:Coalition for Teflon by drinkypoo · · Score: 0, Offtopic

      Yeah, it gives you the perfect cancer when you burn it, too.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    3. Re:Coalition for Teflon by Anonymous Coward · · Score: 0

      Two words: Bull. Shit.

      And a critical analysis of the methodology behind the study that started this fearmongering here.

    4. Re:Coalition for Teflon by drinkypoo · · Score: 1

      Two words: Bull. Shit.

      The funny thing is that I'm not even talking about PFOA. You know how we used to lower canaries into mines to check for gas? Well, fumes from scorched teflon can kill birds, and frequently do. You think that shit is good for you? Granted, birds have a very low threshold of respiratory distress but anything that will kill them in a day can kill you, too, with repeated exposure.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    5. Re:Coalition for Teflon by Anonymous Coward · · Score: 0

      1) The study suggesting Teflon in cookware is harmful to humans was based on PFOA.
      2) Scorched fumes from pans without teflon (but with traces of cooking oil, food residue, etc) also kill birds.
      3) People are not birds. Birds are extremely vulnerable to resperatory problems. People are more durable.
      4) There is no evidence whatsoever that people suffer any ill effects (other than psychosomatic) or the specific resperatory maladies caused to birds by overheated teflon (and other fumes) at the doses in question.
      5) Canaries were used in mines to detect excessive levels of carbon monoxide and carbon dioxide. Which has nothing to do with this.
      6) Toxicidity is about the dosage (sometimes dosage per kilogram of the test subject) for a particualar substance - not the substance itself. Everything is toxic at a high enough dose. Drinking too much water over a short period of time will kill you. Excessively high doses of Oxygen will kill you. A better example is Tylenol - reasonably harmless at the recommended dosage, but spectacularly fatal at about 8 times that. That doesn't mean we should ban Tylenol. What it does mean is that what will kill a bird in a day won't kill you, too - in fact, it will probably have no measurable effect whatsoever - unless you manage to worry yourself to death.

      So, I repeat: Bull. Shit.

    6. Re:Coalition for Teflon by drinkypoo · · Score: 1

      1. The study suggesting Teflon in cookware is harmful to humans was based on PFOA.
        No, but nice try. There have been teflon cancer scares that had nothing to do with PFOA since teflon started being made into consumer products. One of these resurgencies occurred in the 1980s, which was what made me aware of the issue in the first place. As a kid.
      2. Scorched fumes from pans without teflon (but with traces of cooking oil, food residue, etc) also kill birds.
        True. They are also not good for humans to breathe.
      3. People are not birds. Birds are extremely vulnerable to resperatory problems. People are more durable.
        However, our historical use of birds as signifiers of atmospheres dangerous to humans suggest that there is in fact some useful overlap.
      4. There is no evidence whatsoever that people suffer any ill effects (other than psychosomatic) or the specific resperatory maladies caused to birds by overheated teflon (and other fumes) at the doses in question.
        A quick google search turns up some of the evidence in question:

        "At 554 degrees Fahrenheit," said Houlihan, "studies show ultrafine particles start coming off the pan. These are tiny little particles that can embed deeply into the lungs."

        The hotter the pan gets, the more chemicals are released. "At 680, toxic gases can begin to come off of heated Teflon," Houlihan said.

        It turns out, DuPont has known about the "Teflon flu" for years.

        "You get some fumes, yes," said Chowdhry, "and you get a flu-like symptom, which is reversible." Chowdhry said the flu is temporary and lasts at most for a couple of days. She also added that a warning about the flu, while not on the pans themselves, is on the DuPont Web site.

        In the demonstration for 20/20, a piece of bacon was just getting crisp when the Teflon pan went beyond the initial warning point of 500 degrees.

        "I've never cooked bacon," said Chowdhry. "I can't comment."

        (http://www.mindfully.org/Plastic/Teflon/Non-Stick -Sick14nov03.htm)

      5. Canaries were used in mines to detect excessive levels of carbon monoxide and carbon dioxide. Which has nothing to do with this.
        Canaries were chosen because they have a delicate respiratory system in general, meaning they will succumb to any particular respiratory distress quickly, which makes them useful as a signifier.
      6. Toxicidity is about the dosage (sometimes dosage per kilogram of the test subject) for a particualar substance - not the substance itself.
        Very true. From the same article linked above:

        Now the unexpected discovery of the almost universal contamination of Americans' blood from C-8, combined with worrisome laboratory studies, has led to a high priority investigation by the EPA of the chemical's risks.

        "It's a potential threat," said Houlihan. "And the EPA's moving fast in studying this. Human blood levels are too close to the levels that harm lab animals. That's why they're moving too fast."


        (here is another story with the same significant content.)

      Got any arguments I can't poke holes in, Coward? I suggest you quit your job at Dupont as a corporate shill before you, too, suffer genetic damage due to toxic chemicals. Er, before you suffer more damage.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  5. What is Spyware? by digitaldc · · Score: 2, Interesting

    I would say it is a hidden program that transmits your personal data that you neither want or need, yet the company who makes it wants it to secretly further their own interests and profit.

    'Don't be evil' would apply here.

    --
    He who knows best knows how little he knows. - Thomas Jefferson
  6. Important work! by hoggoth · · Score: 4, Insightful

    This is very important work, because as soon as there is an 'official' set of methods for detecting spyware, the spyware authors can get to business writing spyware that avoids detection by the official methods. I'm sure spyware authors are very excited for this document.

    Then, of course, the anti-spyware consortium will have to address these new vectors and issue an updated set of anti-spyware methods. Which will, of course, spur the spyware authors to come up with new, undetectable methods. And so on...

    I'm so glad this consortium is coming up with an official list of methods to detect spyware, because once they do everything will be totally different than it is now. Kinda.

    --
    - For the complete works of Shakespeare: cat /dev/random (may take some time)
    1. Re:Important work! by drpimp · · Score: 2, Insightful

      "Then, of course, the anti-spyware consortium will have to address these new vectors and issue an updated set of anti-spyware methods. Which will, of course, spur the spyware authors to come up with new, undetectable methods. And so on..."

      I concur, spyware/malware and viruses even are similar to an arms race. Bigger and better for both sides will continue to be the on going process to which the endless and vicious cycle will endure. Who usually wins this race? In most cases it's all about the more people and more $$$$ a side has, now to say which side will have more and if that will matter for this scenario, remains to be seen.

      --
      -- Brought to you by Carl's JR
    2. Re:Important work! by hobbesx · · Score: 2, Informative

      I believe that 'classification' in this case is being used in the sense of sorting and labeling by property, rather than detect and identify.

      --
      This rating is Unfair ( ) ( ) Fair (*) Funny
      Sigh... If only. Modding would be so much more fun.
    3. Re:Important work! by HiThere · · Score: 2, Interesting

      In a literal arms-race, you are correct. The wealthier, more committed side will usually win, but things are slightly different if you consider the virus-immune system combat. The viruses can't win, because that would kill off their prey, but the prey can't defeat the viruses because ... well, because they can't. Evolution provides viruses with such a comprehensive ability to search vulnerability space that they can't be defeated without removing all vulnerabilities, and no organism has been able to do that. One could argue that the larger organisms are wealthier (they control more calories and more minerals), but they still can't eliminate all vulnerabilities.

      Virus authors may need to turn to evolutionary algorithms to create new versions...but there's nothing inherently difficult, or even implausible, about that. It's not something that you'd do in your spare time, but it's not breaking new ground, either. Alternatively, they could start allowing the viruses that they create to have a mutation rate (and simultaneously be more prolific). This could be quite dangerous, but people searching for economic advantage aren't know for being wise and weighing the delayed costs of their actions.

      --

      I think we've pushed this "anyone can grow up to be president" thing too far.
    4. Re:Important work! by FreakyLefty · · Score: 2, Funny

      Yes, because we can only fight spyware when nobody knows what it is...

      --
      Strength through redundancy and over-design
  7. No its not a joke by Tezkah · · Score: 3, Insightful
    Anti-Spyware Coalition, whose members include Microsoft, Symantec...

    This is a joke, right?


    Now if Sony and Claria were involved, then we would have a REAL anti-spyware coalition. You should write them a letter, as the people who know most about spyware should be involved in defining it. Well, you can probably leave Sony out, as they already have Symantec, which is also a company that installs rootkits on people's computer.

    Norton Antivirus 2006: Pay for malware that you can get it for free!
    1. Re:No its not a joke by Anonymous Coward · · Score: 5, Interesting

      The very fact that Symantec is in the group means they are just a sham. Symantec's Norton Antivirus classifies Spybot S&D as a virus (HUH?). Then, when they were forced to admit it wasn't, the excuse becamse "Norton Ghost won't work if Spybot S&D is installed" (HUH?). Just the usual tactic to push competitors (especially free competitors) out of the market.

    2. Re:No its not a joke by Afrosheen · · Score: 3, Informative

      I wonder what versions of NAV do this. I've used both versions 8 and 10 of NAV Corporate on many machines and have never once seen NAV identify Spybot S&D as spyware, malware, or anything else. It even skips past Ardamax Keylogger.

    3. Re:No its not a joke by drakaan · · Score: 1
      And to boot, their definitions (at least the brief version outlined in TFA), seem to be mainly about malware and viruses.

      They would classify the Sony rootkit (*ROOTKIT*!!!) as spyware, rather than malware or a virus, and "programs that install themselves without a user's permission or knowledge, via a security exploit" as spyware.

      Great. So if a program installs itself without my permission or knowledge, but not via a security exploit, it's okay?

      I have serious problems with their definitions...it sounds as if "spyware" means "malware, viruses, and worms that are less damaging than they could be".

      --
      "Murphy was an optimist" - O'Toole's commentary on Murphy's Law
    4. Re:No its not a joke by harlows_monkeys · · Score: 1
      The very fact that Symantec is in the group means they are just a sham. Symantec's Norton Antivirus classifies Spybot S&D as a virus (HUH?). Then, when they were forced to admit it wasn't, the excuse becamse "Norton Ghost won't work if Spybot S&D is installed" (HUH?). Just the usual tactic to push competitors (especially free competitors) out of the market

      Spybot does exactly the same thing. I've seen them classify competing programs as malware, and not correct their mistake when informed of it. If you want a good free anti-spyware tool, use Microsoft's. It's way better than Spybot when it comes to accuracy, has a better interface, is not plagued with the screwups to updates that Spybot regularly experiences, and they do a much better job at correcting things when they do make a mistake.

      (Even better...get Linux or a Mac!)

      Spybot deserves accolades for being a pioneer, and at one time, when the spyware problem was much smaller, it was the best out there. Those days are past.

    5. Re:No its not a joke by SamAMac · · Score: 1

      I think that Norton Antivirus is spyware, or malware, or whatever. All I know is that I have on several occasions had to get the "Norton Removal Tool" to get NAV off when it totally hoses a machine. If I need a separate program to remove your program, that fits my definition of "software where the authors need to be beaten with a stick."

    6. Re:No its not a joke by Anonymous Coward · · Score: 0

      funny that.. symantec ghost works fine with spybot installed.

    7. Re:No its not a joke by The+Angry+Mick · · Score: 1
      It even skips past Ardamax Keylogger.

      Can someone to explain to me why NAV, or any antivirus product, for that matter, would ignore a keylogger?

      --

      I'm not tense. I'm just terribly, terribly, alert.

    8. Re:No its not a joke by vishbar · · Score: 1
      Can someone to explain to me why NAV, or any antivirus product, for that matter, would ignore a keylogger?
      Because it's bad at its job.
      --
      Ride the skies
    9. Re:No its not a joke by Blazeix · · Score: 1

      Spybot S&D finds a lot of things that MS antispyware beta doesn't find, at least on the three computers i've tested. The objects are bona fide spyware programs, too, not just little tracking cookies.

    10. Re:No its not a joke by Anonymous Coward · · Score: 0
      Symantec, which is also a company that installs rootkits on people's computer
      It doesn't "install rootkits on people's computer", you raging moron, and the problem was already patched.
    11. Re:No its not a joke by The+Angry+Mick · · Score: 1
      Because it's bad at its job.

      Regardless of how bad it was, it was still a keylogger. I can't begin to count the number of folks I know and work with who don't even know what that means, let alone understand why it's a bad thing.

      If people are going to rely on a product like Norton to keep them safe, then Norton has a responsibility to be a thorough as possible, regardless of how crappy the keylogger, or the latest virus may have been written. Remember that "Navidad" was a broken virus, but end users still got infected due to their own ignorance.

      --

      I'm not tense. I'm just terribly, terribly, alert.

    12. Re:No its not a joke by vishbar · · Score: 1

      I wasn't talking about the keylogger ;).

      --
      Ride the skies
    13. Re:No its not a joke by rob_squared · · Score: 1

      "It even skips past Ardamax Keylogger."

      It doesn't for me, which is very annoying. I like having that functionality there to see if someone is using my PC.

      I also use it on my parents machines so I know what websites that they go to (in case one of them FUBARs their PC).

      --
      I don't get it.
    14. Re:No its not a joke by Anonymous Coward · · Score: 0

      People do *actually* install a keylogger on their own box for a reason you know...

    15. Re:No its not a joke by Afrosheen · · Score: 1

      After I thought about it a little, I think that Corporate adheres to a different standard than home editions do. It makes sense that it would ignore a known, boxed and sold keylogger like Ardamax for the reason you stated. I use it on a few boxen to keep them safe...they tell me everything I typed and if someone sat down at my machine while I was gone, it captures that as well. Sometimes it's useful for hunting down websites I forgot about, and the rest of the time I can see if someone borrowed my machine while I was at lunch.

    16. Re:No its not a joke by cbell-bell · · Score: 1

      Someone say Claria?

      may not be on the list, but Microsoft is enough to cause concerns.

      http://www.clickz.com/news/article.php/3519521

    17. Re:No its not a joke by The+Angry+Mick · · Score: 1

      Doah! My bad. ;-)

      --

      I'm not tense. I'm just terribly, terribly, alert.

    18. Re:No its not a joke by rob_squared · · Score: 1

      Exactly. Oh, by the way I found a way to add it to a list of exceptions. On the left panel of Norton I think its under view, and it gives you a list of realtime protections like virus and one of them is spyware. You can exclude ardamax from the list of spyware programs. There's 2 signatures, one for the free one and one with .b at the end for the full version.

      --
      I don't get it.
  8. Let me guess... by ErikTheRed · · Score: 5, Insightful

    Since the guidelines themselves aren't enumerated in TFA, I'm going to hazard a guess and say that "unremoveable software installed without your permission that modifies the way your computer works and spies on you is bad if it's installed by a corporation with a net income of less than nine figures, but it's ok if it's installed by a corporation with a net income of nine figures or more, because they know more about your computer than you do, they know what's best for their customers, and they need to protect their 1920's-style business model."

    --

    Help save the critically endangered Blue Iguana
  9. I guess now we just have to wait.... by revery · · Score: 3, Funny

    ...agreement by The Anti-Spyware Coalition on some standard methods for identifying and combating spyware. From the article: "The Anti-Spyware Coalition, whose members include Microsoft, Symantec, Computer Associates, McAfee, AOL and Yahoo, said on Thursday that it has finalized its spyware detection guidelines.

    I guess now we just have to wait for the Spyware Coalition to agree to the demands that they write spyware to these specifications...

  10. Here is what I think by oc-beta · · Score: 1

    To me, this sounds like a plot to have software companies pay this cooalition to certify their software in order for it to be available to download on Yahoo, pass over AOL's network, and work on Microsoft Windows. Sony would definitely be fined for what they have done. Intel can join in, and pretty soon, our DRM enabled Windows and Intel systems won't be able to run non-spywawre certified software. Which increases costs for everyone. Just a thought.

  11. Fox Guarding the Hen House by Avohir · · Score: 0, Redundant

    this is beautiful for AOL, now they can define spyware in a way that makes bundling viewpoint without notification or possibility of independant removal legal.

    --
    To err is human, to really foul up requires a computer
  12. One for the, uhhhh.... by s31523 · · Score: 2, Insightful

    ... good guys, or bad guys? If the guidelines for detecting spyware are published and agreed upon, won't the spyware jockies use them to their advantage, like a slick tax accountant snaking through tax law holes?

  13. Hmmm by GmAz · · Score: 1

    Are one of the guidelines that if Microsoft owns the company or adds it to the list of programs not to check in their spyware software, then its not spyware?

    --
    Click Click Bloody Click PANCAKES!
    1. Re:Hmmm by EvilEddie · · Score: 0

      And for a small fee you can be added to this list of programs.....but of course you must only run on windows.

  14. It is an interesting idea... by gallwapa · · Score: 4, Insightful

    ...that we even have to deal with spyware. I understand the need for user convience, but, I would reckon that it is highly INCONVIENT to have your system open enough to get spyware. As I've said on many posts, I don't *get* spyware, or viri, or anything else. And I'm not an anal linux zealot who would like to see Gates assassinated becuase Windows does or does not do this or that. Windows is what it is - but I use windows, at work, and at home - yet I fail to get spyware with simple configuration. When is the last time spyware was able to execute using Firefox with NoScript (whitelisted javascript), reading the EULA's [aka don't download 5,500 'free' games] and not installing kazaa [aka reem my computer please]? The fact of the matter is spyware is a _user_ problem. If _users_ continue to click "next next next" and don't understand what they are installing, spyware will be a major part of the future. Eventually, though, the old and illiterate will die out and the technology generation will understand (hopefully) enough to read and comprehend.

    1. Re:It is an interesting idea... by evilviper · · Score: 3, Insightful
      The fact of the matter is spyware is a _user_ problem. If _users_ continue to click "next next next" and don't understand what they are installing, spyware will be a major part of the future.

      Nope and nope.

      Spyware does silently install itself thanks to Internet Explorer vulnerabilities, without the users clicking anything.

      Even on my Windows test system, which I barely use, I've found myself to end-up with spyware... There are several programs out there that include spyware, but do not make any mention of it in their EULA. And once you get one spyware program installed, it will likely download and install others on it's own.

      Spyware can not be prevented, even by the eternally vigilant, unless you have practically nothing installed on your computer. Sure, the people with 40 different "search bars" are probably not reading the EULAs, but even in that case, antivirus programs should remove it. Just because it's vaguely mentioned in an EULA doesn't make viruses legal.
      --
      Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
    2. Re:It is an interesting idea... by Daedala · · Score: 1

      I disagree that it's solely a user problem. There are a lot of stupid Mac and Linux users that don't get spyware, either.

      --
      What I say does not represent the views of my employers, my friends, my cats, or myself.
    3. Re:It is an interesting idea... by Anonymous Coward · · Score: 0

      If _users_ continue to click "next next next" and don't understand what they are installing, spyware will be a major part of the future.

      I understand that I'm installing something that will help me look at pr0n, and that's all I need to know...

    4. Re:It is an interesting idea... by iabervon · · Score: 1

      When is the last time spyware was able to execute using Firefox with NoScript (whitelisted javascript), reading the EULA's [aka don't download 5,500 'free' games] and not installing kazaa [aka reem my computer please]?

      January 2nd?

    5. Re:It is an interesting idea... by gallwapa · · Score: 1

      Did you miss my 'firefox + Noscript' sentence?

    6. Re:It is an interesting idea... by Anonymous Coward · · Score: 0

      maybe you are simply unaware of the spyware, adware, malware that happens to be there, due to your unsecure(simple configuration) machine.

    7. Re:It is an interesting idea... by evilviper · · Score: 1

      Did you miss my "do not make any mention of it in their EULA" sentence?

      --
      Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
  15. Surprised... by toupsie · · Score: 2, Insightful

    Why isn't Apple a member of this coalition? They are a major OS provider on the Intel platform.

    --
    Strange women lying in ponds distributing swords is no basis for a system of government.
    1. Re:Surprised... by Anonymous Coward · · Score: 0

      Apples OSes have one whole spyware scanning program http://macscan.securemac.com/. I'm not too sure if it actaully does anything.

  16. Standards -- just what we DON"T need here by thePowerOfGrayskull · · Score: 2, Insightful

    Then again, I'm sure the spyware authors would love to have a reference document, detailing how not to get caught.

  17. Terrorism by hoggoth · · Score: 1, Offtopic

    In exciting news, the Department of Homeland Security has announced that it will follow the lead of the anti-spyware coalition and create a comprehensive list of methods that terrorists may use to infiltrate the United States. Once the list is completed, the DHS need only secure the methods outlined in the guide to effectively halt all threat of terrorist activity on US soil.
    "We are very excited to be on the brink of winning the war on terrorism," reports one high ranking DHS official.

    Congress has announced it will be introducing new legislation to make it illegal for terrorists to use methods not outlined in the DHS guidelines. The new bill will also have provisions for new highway projects, stricter anti-piracy regulations, and a term extension for members of congress.

    --
    - For the complete works of Shakespeare: cat /dev/random (may take some time)
    1. Re:Terrorism by seramar · · Score: 1

      Unfortunately, since this was satire, it was not offtopic. Sure, I'll probably get modded down as flamebait or offtopic myself, but I've got a little karma to spare. It wasn't the best post, and didn't even make me smirk, but it didn't hurt me to skim it.

      --
      australian project gutenberg is better than the original.
    2. Re:Terrorism by hoggoth · · Score: 2, Informative

      Sheesh. At least SOMEONE got the analogy.

      Moderator: Um... This says terrorism; Um... The article says spyware; Um... Buzzwords don't match; Um... Must be offtopic.

      --
      - For the complete works of Shakespeare: cat /dev/random (may take some time)
  18. The guidelines by timothykaine · · Score: 1

    The Anti-Spyware Coalition, whose members include Microsoft, Symantec, Computer Associates, McAfee, AOL and Yahoo, said on Thursday that it has finalized its spyware detection guidelines.

    They were quoted as saying "Any software that was not developed by us will be tagged as spyware and removed. Problem solved, nothing to see here, folks."

  19. Easy formula by Anonymous Coward · · Score: 0

    Why complicate things?

    Spyware = bad = delete

  20. This is a bunch of band-aids.. READ: Stupid by brxndxn · · Score: 3, Insightful

    People are going about this whole 'fix the rampant spyware craze' the wrong way, IMO.

    First of all, why doesn't anyone ask why this spyware exists?
        Let's try answering that.. Microsoft, in their infinite wisdom, decided to give developers more and more control over a user's computer system over the years. This means that even websites can now install software, disable right-clicks, open larger than the actual desktop screen, hide the close button, pop up alerts with a 'click to install' button underneath, etc.
        Also, by default, Internet Explorer and Windows XP are both very insecure. Internet Explorer allows a developer to completely compromise a system with one stray click - since XP defaults to running in administrator mode. Vista, I heard, is going to fix this problem - it's about fucking time.

    Why should a typical user have to learn how to remove software on his own?
        He shouldn't be required to do this.

    Who is to blame?
        Microsoft - NOT stupid users. There will always be stupid users and Windows is supposed to be made for stupid users.

    How can Microsoft fix the spyware problem?
        - Patch quickly and often when holes are found.
        - Disable install on demand and any other intrusive ability by the developer to annoy or confuse the user in Internet Explorer.
        - Require actual acknowledgement (ie.. type admin password) when a program attempts to install. Also, alert the user (and give option to disable) whenever a software program attempts to stick itself in memory or startup, modify any files NOT in the program directory, or change the settings of other programs.
        - Do NOT allow the Windows uninstallation interface to be forced to 'rely' on the installed software. Instead, have a built-in install recorder and prompt the user if the program does not uninstall itself properly. (ie: "c:\windows\system 32\spyware.exe" has not been removed when SuperDuperSpywareRemoveproSunshineFucktheUser was uninstalled. Would you like to remove it?)

    What should the other companies (besides Microsoft) do to promote fixing the spyware problem?
        - Finish this tutorial
        - SUE MICROSOFT for allowing such irresponsible open access by default in their monopoly OS.

    What are some generalizations that Microsoft needs to change?
        - The fucking USER owns the computer; the USER should be in control - not developers.
        - Security and stability is paramount. Make things secure by default (like linux).
        - Quit letting every goddamn piece of software install itself in startup, a shortcut in every folder on the computer, and copy files to crucial system directories.
        - Promote the idea that any program should be able to run completely from the directory in which it is installed, which is controlled by the USER.

    BTW, Microsoft, if you decide to use my advice, please send me a $check.

    Seriously.. Windows XP is like if a car company decided to make locks on their cars an option and charge out the ass for it. Oh ya.. and the cars would be controlled ultimately by the corporations.. so if you intended to go to Burger King, your car would drive you to McDonald's instead.

    --
    --- We need more Ron Paul!
  21. Easy to spot by SnarfQuest · · Score: 1

    Spyware is really easy to avoid.

    It usually identifies itself with some combination of the names "Windows", "antivirus", "antispyware" and "DRM".

    --
    Who would win this election: Andrew Weiner vs Andrew Weiner's weiner.
  22. Spyware vs Adware by poeidon1 · · Score: 1

    I remember Gator successfully sued the antispyware product companies to identify its software as spyware. And More and more spyware is taking aid of this term. Will it attck this issue as well?

    --
    They called me mad, and I called them mad, and damn them, they outvoted me. -Nathaniel Lee
  23. Spyware and Malware definitions by vertinox · · Score: 1

    Spyware: Collects informaton about user and cannot be uninstalled through add/remove programs
    Malware: Forces information onto the user and cannot be uninstalled through add/remove programs

    What is so hard about that? It doesn't take a team of multimillion dollar contractors to figure that out.

    --
    "I am the king of the Romans, and am superior to rules of grammar!"
    -Sigismund, Holy Roman Emperor (1368-1437)
    1. Re:Spyware and Malware definitions by Anonymous Coward · · Score: 0

      What??

      Spyware - software that spies.
      Malware - software that's bad.

      Hence, spyware is malware.

      It doesn't take a team of lexicographers to figure that out.

  24. Is spyware still a 'big issue'? by ben_1432 · · Score: 2, Interesting

    Is spyware still a 'big issue' these days?

    I bought a shiney new laptop in September last year. Yesterday I finally downloaded MS AntiSpyware and ran it *for the first time*.

    For the last 4 months or so, I've been casually browsing the internet, downloading at a whim etc, and all I've had between me and 'the bad guys' is:
    - Service Pack 2 which came pre-installed,
    - Symantec AntiVirus,
    - D-Link router.

    In these 4 months I've had
    - no viruses *successfully* installed,
    - no spyware installed,
    - no browser hijacking/adware/whatever.

    I'm using the computer with an Administrator account, and all the update/security settings are what XP recommended the first time I turned it on.

    So I'm out and about browsing all over the web for the last 4 months and nothing's "got me". Who is still being "got" by spyware? The ones with bootleg XP's that can't install SP2?

    1. Re:Is spyware still a 'big issue'? by amias · · Score: 1

      people in offices where the company can't afford the latest upgrades to get bug fixes.
      Lots of people who paid for windows 98 are still using it , there must also be a fair
      few XP users on dial up who still haven't got SP2 yet . Some people also disable the
      security to enable $app to work faster and forget to reanable.

      --
      [site]
    2. Re:Is spyware still a 'big issue'? by ben_1432 · · Score: 0

      Very good points amias.

      Those people are going to be getting less every year though. I think eventually a critical mass will be reached in the next 1 - 2 years where it stops being "worth" writing spy/adware because the numbers susceptible will just be too small.

    3. Re:Is spyware still a 'big issue'? by seramar · · Score: 1

      Even bootleg xp's can install sp2 via an sp2 iso found on the internet or from a friend, which leads to the cd (which could also be found through a friend) or by turning on automatic updates. Microsoft decided to deny non critical updates, but imho it was out of fear of backlash and criticism that they still allow the bootlegs to get updates that patch critical vulnerabilities.

      --
      australian project gutenberg is better than the original.
    4. Re:Is spyware still a 'big issue'? by ScottCooperDotNet · · Score: 1

      The average person has no idea that opening an email attachment from an unknown sender is bad, or that installing COOL FREE GIZMO from CLICK YES TO INSTALL isn't a good idea. This is why my former company installs Firefox on everything; don't even give the user a choice to install the crap.

  25. serial number generator == spyware??? by mephinet · · Score: 4, Insightful
    The risk model seems like a good idea to me, summing up what we generally consider as ad- or spyware.
    One point makes me wonder, though:
    • Program generates serial numbers/registration keys. Medium

    What has s/n generation to do with spyware? It does not reduce the system's security, does not reveil private data, and is probably installed on the machine because the user wants to generate a serial number!
    Looks a bit as if the companies in the coalition are having trouble in keeping apart the PC owner's goals with their own...
    --
    Use the source, Luke!
    1. Re:serial number generator == spyware??? by ben_1432 · · Score: 0

      There's probably a whole lot of keygen.zip's out there that contain all kinds of dodgy stuff including virus's and ad/spyware.

      (Some) people will download "crack.zip" and then run "crack.exe" without even thinking.

    2. Re:serial number generator == spyware??? by Anonymous Coward · · Score: 0

      Generating a unique identifier (serial number or any other similar thing) on my machine means that you can track me via the serial number...

      So, for example, if I buy piece of software A, it installs and records a serial number, which it reports when I register it, then I buy piece of software B, it can scan, note the installation of A and its serial number, and say "Hey, even if the info in my registration doesn't match, this is clearly the same guy who registered A last week".

      This could be good or bad -- it means that the company might now have a more recent address for me, which could be good, or it means the company can do more datamining about my habits without telling me, because it now links the two purchases, even if I paid cash, lied on the reg form, etc.

      In the range of evil things software can do, this is pretty damn low, however. I'd rate this behavior as "annoying".

    3. Re:serial number generator == spyware??? by Anonymous Coward · · Score: 0

      I doubt that listing something as a risk means they're going to want to block it by default. At least, I'm pretty sure most of the corps in the consortium wouldn't have put this in if that were the case:
      - Software updates automatically (Medium)

      If they can detect when a piece of software is doing that and pop up a detailed confirmation (possibly on install!), I'd appreciate it. If I can turn off portions of their checks or personalize the severity categories, kind of like IE security zones, I'd appreciate it more.

        -- dut

    4. Re:serial number generator == spyware??? by patio11 · · Score: 1
      I'm thinking they mean programs which "can uniquely identify users of the program", rather than programs which "can be used to avoid paying for software". Consider what would happen if, say, Firefox "generate[d] serial numbers" on every install and these were passed on the outbound stream on a regular basis (say, in the HTTP request for websites, or via a "phone home" to Mozilla.org which relayed the last five URLs you visited and the unique ID) -- you could, without doing anything nasty *inside* the target's computer, greviously compromise their privacy just by building up a profile of their activities.

      Obviously, on the scale of spyware nastiness, this doesn't rate much more than a medium. Heck, for some applications I just don't care if you know if my unique identity is using it or not (say, a freeware thing that kept my system clock on-time back in the days when my Dell's BIOS clock would drift on a daily basis -- doesn't matter to me at all that you can build up a profile of my clock-synching activities).

      --
      Help poke pirates in the eyepatch, arr.
  26. Not that bad of an idea...but useless for /.-ers by bp+m_i_k_e · · Score: 1

    From their FAQ, every member will have veto power and they aren't even going to certify software. So, they won't do anything that is relevant from a technical standpoint.

    It seems their goal is simply to define what spyware is. Even though the whole thing is mostly for marketing purposes, there are lots of uneducated users who could benefit from a better definition of spyware. Once those users are edumacated, they'll know that they need to buy some anti-spyware tools.

    On the positive side, since some of those veto-wielding members are public interest groups, there is hope that they won't produce a sleazy definition of spyware...like one with small print that excludes any DRM spyware.

    Of course, the AMC (Anti-Malware Consortium) will be created in the future and, by definition, will include & supercede all previous efforts by the ASC.

  27. The 24 Solution by Mad+Ogre · · Score: 1

    The Coalition should be organized like the CTU off of "24". They ID spammers, Spyware and Virus authors... then send in a guy like Jack Bauer to just kill everyone in the office, then track down the guys that called in sick. /feeling a little bitter.

    --
    MadOgre.com
  28. Careful helps, but... by QuaintRealist · · Score: 1

    http://slashdot.org/it/02/12/19/1329243.shtml?tid= 128

    not for long - the "bad guys" keep getting smarter, and the degree of error needed to get your box taken over is getting vanishingly small...

    --
    Using plain ol' text since 1968
    1. Re:Careful helps, but... by gallwapa · · Score: 1

      If you were downloading music, why didn't you check the ID3 tags first? If I were to infringe, which I really dont do a lot (if ever, anymore) I'd get 30-40 songs at once and load them into a formatter - format the id3 tags based on file names, and fix the error. And if that was a winamp specific error, dont you know about the priceless, ageless, sonique? :-)

  29. I am sure everyone is already thinking this but by G00F · · Score: 1

    Why are the people who are known for their anti-spyware and been doing it for years invited? You know, like spybot and ad-aware. Not even trend micro who bought CWShreder and has had it's own anti-spyware product is listed.

    I even went to their website [ http://www.antispywarecoalition.org/ ] and couldn't find anything about the members to confirm it.

    If you do not have the experts of anty-spyware involved, what good is this one?

    --
    The spirit of resistance to government is so valuable on certain occasions that I wish it to be always kept alive
    1. Re:I am sure everyone is already thinking this but by Anonymous Coward · · Score: 0

      http://www.antispywarecoalition.org/about/index.ht m lists the members and includes "safer networking ltd." this is spybot search & destroys parent company. also on the list is lavasoft, who makes ad aware

    2. Re:I am sure everyone is already thinking this but by G00F · · Score: 1

      Well, you know I stand corrected. However, I did look at all over the site, including the page earlier and I sware I didn;t see this., so I looked at when that page was modified "Friday, January 13, 2006 1:29:49 PM", so maybe they added it after I looked at it.

      But good to see the real anti-spyware people making the list, not just a club.

      --
      The spirit of resistance to government is so valuable on certain occasions that I wish it to be always kept alive
  30. Funny by FuturePastNow · · Score: 1

    Looking at that website, there are only two companies on their members list- Lavasoft and Safer Networking, Ltd- whose anti-spyware products I would actually be willing to use on any computer. I'm vaguely surprised that they're on the list, but I guess the ASC has to bring in credibility from somewhere.

    --
    Give a man fire, and you warm him for the night. Set a man on fire, and you warm him for the rest of his life.
  31. AOL...... by garyozzy · · Score: 1

    I always thought AOL itself *was* malware....

  32. I Was There. We Weren't Writing for /. by Liza · · Score: 1

    I think we can all agree that the average /. reader has been familiar with spyware for a lot longer than the average person. Right? Right.

    As someone who was in the room for most of the ASC's work, I can assure you, we weren't spending a lot of time thinking "What will /. readers think?" (Except for each other. I'd guess that most of the people who were in those rooms are /. readers. Hi gang!)

    Instead, these documents were written to try to explain to your parents, your elected officials, and your local newspaper reporters what "spyware" means, and to what degree they should be concerned about it.

    As an added bonus, they help members of the anti-spyware industry communicate more effectively with one another.

    So to reassure the /. readership, not that you're likely to be reassured, these guidelines DON'T prevent an anti-spyware software company from listing or removing a spyware product that works in some new and yet unimagined way. They don't give any of the member companies a free pass to avoid detection by each other's products.

    What the guidelines do is provide a common vocabulary so we can help ORDINARY PEOPLE understand what the heck we're talking about when we talk about spyware in the media, and so it's harder for spyware vendors to play anti-spyware companies off of one another by claiming that "Foo Co. says we aren't spyware, so you should de-list us too."

    Coming to a general industry agreement on how to define spyware, and what the relative risk of various software "features" that may be part of privacy-compromising malicious code is a challenging task. Especially when you consider that nearly every member of the group wants to make sure that it's products aren't disadvantaged by the definitions.

    Of course anyone -- especially any /. reader -- can take issue with some member or some specific point in one or more of these documents. But overall, I think the ASC has done some great work and that it will help improve the media's understanding of spyware, and help policy makers do a better job of trying to deal with the problem of spyware.

    If other anti-spyware companies want to join the group, contact info is on the web site, and you should go to the Public Workshop in Washington DC on 2/9. /. readers are also welcome to come to the workshop.

    Oh yes, and even more than usual, these opinions are my own.

    Liza

    --
    These opinions are my own. My employer is not aware of them, does not endorse them, and is not responsible for them.
    1. Re:I Was There. We Weren't Writing for /. by Whiteox · · Score: 1

      I, for one, welcome our antispyware overlords!

      But seriously folks....
      Thanks for the explanation. I thought as much. Coalitions like this do tend to operate on defining policy first (as is my experience). Hopefully if the coalition continues beyond its original brief, then the 'think tank' should include other players.

      --
      Don't be apathetic. Procrastinate!
  33. Politically, Extremely Dangerous Though... by mpapet · · Score: 1

    Because it easily morphs (if it hasn't already) into a group that gov't can "trust" to advise them how to write legislation, tell them what corp's feel should be in related legislation and more dark and dangerous things.

    Let's assume that this federation is around for a little while. Sooner rather than later, it's not just about spyware.

    Trusted Computing + DRM + "spyware federation" - net anonymity = sh*t pipe into your home.

    --
    http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
  34. Full list of Members by Blazeix · · Score: 2, Informative
    From there website, here is a list of members of the AntiSpyware Coalition
    • Aluria, a division of Earthlink
    • AOL
    • Blue Coat Systems
    • Canadian Coalition Against Unsolicited Commercial Email
    • Canadian Internet Policy and Public Interest Clinic
    • Center for Democracy & Technology
    • CNET Download.com
    • Computer Associates
    • Cyber Security Industry Alliance
    • Dell, Inc.
    • Eset
    • F-Secure Corporation
    • Grisoft
    • HP
    • ICSA Labs
    • Internet Education Foundation
    • LANDesk
    • Lavasoft
    • McAfee Inc.
    • Mi5 Networks
    • Microsoft
    • National Center for Victims of Crime
    • National Cyber Security Alliance
    • National Network to End Domestic Violence
    • Panda Software
    • PC Tools
    • Safer-Networking Ltd.
    • Samuelson Law, Technology & Public Policy Clinic at Boalt Hall,
    • UC Berkeley School of Law
    • Sophos
    • SurfControl
    • Symantec
    • Tenebril
    • Trend Micro
    • Webroot Software
    • Websense
    • Yahoo! Inc.
  35. No, they've been caught. (n/t) by HiThere · · Score: 1

    No, they've been caught.

    --

    I think we've pushed this "anyone can grow up to be president" thing too far.
  36. Spyware Guildelines by CFrankBernard · · Score: 1

    And the # 1 Spyware Guideline: Does it only run in Windows?

  37. Waste of time by kuyaedz · · Score: 1

    This sounds like a complete waste of time to me. So someone appointed a committee to decide what was 'untrusted' on our machines. This includes big corporate types who, of course, wont list their products on these lists. Here is my definitive and final list of unsafe & untrusted software products: Microsoft Windows v.[insert version here] Kill the hydra at the source, don't try to keep killing its heads.

  38. Windows XP is Spyware! by cibyr · · Score: 1
    "Software updates automatically Medium"

    Well look at that...

    --
    It's not exactly rocket surgery.