Slashdot Mirror


Spy Act of 2007 = "Vendors Can Spy Act"

strick1226 writes "Ed Foster over at InfoWorld describes the Spy Act bill (H.R. 964) as having the same relation to the prevention of spyware that the CAN SPAM Act had to the prevention of spam. It allows exceptions for companies to utilize spyware for any number of reasons; if this bill had been law when Sony distributed their rootkit, they would have had perfect cover. Most troubling is that the bill would preempt all state laws, including those more focused on the privacy of people's data, and disallow individuals from bringing suit. It is expected to pass soon with 'strong bipartisan support.'"

6 of 309 comments (clear)

  1. Legal, not moral by Potor · · Score: 4, Interesting

    if this bill had been law when Sony distributed their rootkit, they would have had perfect cover.
    but the protest would have been the same - it was more of a moral outrage than a legal outrage.
    1. Re:Legal, not moral by osgeek · · Score: 4, Interesting

      I would agree with your general premise that /.ers have a skewed perspective and don't tend to realize how it explains a lot of their disconnect with what happens in reality.

      But since we're talking about technology issues, isn't the perspective of a bunch of "smarter than your average bear" (yes, I cringed when I typed that, but it's true) geeks more relevant than joe six pack's?

      What if this were a medical discussion board that tended to attract medical professionals, and we were here discussing a health issue? We would rant and rail at how the general population just doesn't understand nutrition guidelines and FDA rulings... "WHY? How could the voters and politicians let the FDA sit in the back pocket of big pharma by letting dicylatrithrithpalaphimides onto the market?", we'd bemoan.

      So, I would argue that consumers tend to not know what they want, contrary to your conclusion #2. They're ignorant of the choices that they make every day -- especially in technology areas where (believe it or not), /.ers tend to be highly educated.

      For example, my Dad knows now that he didn't want to waste the time buying a new computer or having someone fix his current one. But since he was largely ignorant of how his online behaviors (not patching Windows, running IE, opening every attachment he received, etc.) would devastate his desktop, he did all the things that he shouldn't have done. Now he knows, and he knows because he got to experience the pain of computer catastrophe and I spent a lot of "I told you so" time educating him as to what he had been doing wrong.

      As conceited as it sounds, maybe we should be a bit shocked at the technology decisions made by everyday consumers. Maybe it's justified for us to have an air of superiority when we're talking about them. Consumers don't know what rootkits are, despite the fact that they're affected by them. Look at all the people who fall for 419 scams. They're not falling victim to them because of a personal preference that relativistically is just as valid as my preference to NOT fall for them. They're doing it because they're woefully and pathetically ignorant suckers who have no clue what they're doing.

      The shittiest part is that when those woeful, pathetic suckers walk into the voting booth or spend a buck to support companies that do evil so they can get the latest ass-reamingly bad hip hop CD, their opinions count just as much as mine do. I have to suffer with their dumb consumerist, political ideologue influenced choices.

  2. Moral vs. Legal by mrbluze · · Score: 4, Interesting

    Moral desensitization leads to legal deregulation. With enough exposure and promotion, the public will accept the legalization of just about anything (as history has shown). It is in the interests of large businesses to protect their market and to discover new markets by having the upper hand in intelligence.

    The problem has become that legitimate and morally acceptable markets are generally well serviced and difficult to break into. Companies are therefore very tempted to create new markets, or break into markets which hitherto have been illegal (usually because they are viewed as immoral or socially destructive), such as porn, prostitution, addictive substances, and now privacy invasion.

    As the only way to create these kinds of markets is to change legislation, these companies are very active in infiltrating and influencing government. The US government is particularly prone to this kind of corruption.

    All of this is obvious. But the techniques used are subtle. They will try to sell the idea to make it appear to be in the public interest. Who knows, maybe we can expect to see a report of a missing child found because of spyware, or some shit like that.

    --
    Do it yourself, because no one else will do it yourself. [beta blockade 10-17 Feb]
  3. blame the OS by Grinin · · Score: 4, Interesting

    I think that software companies behind the Operating systems being used today should take full responsibility at prevention and removal of spyware/adware/malware. There should be no need for anti-virus software. Microsoft should stay ahead of virus writers in order to patch systems with vulnerabilities, and in a much better way then the present.

    This weekend, I was given a PC that needed to have viruses, spyware, malware removed... I thought it was a joke, this thing looked like a honeypot. It had every trojan known to man on it, every piece of spyware, backdoor, and virus had infected it, and no form of security (besides Service Pack 1 for XP). After 4 days straight trying to remove them (formatting not being an option, because the person was missing their OS restore cd and/or Windows XP home edition CD) I have finally gotten all of them removed... but my point, is that none of this should have ever been possible. An operating system should be designed more intelligently than those who want to exploit those same operating systems. I'm sure if they took the same amount of time they spend trying to promote new products and put it into better R&D for patching vulnerabilities, none of this would happen... but I suppose we don't know who scratches whose back in the world of Operating system / Anti-virus vendor's anymore....

  4. Re:OK, What Am I Missing? by HTH+NE1 · · Score: 5, Interesting

    Exception Relating to Security- Nothing in this Act shall apply to--

                    (1) any monitoring of, or interaction with, a subscriber's Internet or other network connection or service, or a protected computer, by a... software provider... for the detection or prevention of fraudulent activities;


    OK, your ISP can do network trouble shooting. Your HW / SW vendor can provide on-line tech support. Seems reasonable to me.

                    (2) a discrete interaction with a protected computer by a provider of computer software solely to determine whether the user of the computer is authorized to use such software, that occurs upon -- (A) initialization of the software;


    Microsoft can run their "Genuine Advantage" crap. Not thrilled about it, but not surprised.

    I don't see anything to get terribly alarmed about. What am I missing?
    You're letting intervening words distract you. See my excerpts in the quotation above.

    So even if you have never installed, for example, Adobe software, Adobe can monitor your computer to determine if you ever run an illegal installation of Photoshop. No sunset on the monitoring; they can continually probe your machine in suspicion of piracy. That'll degrade your bandwidth. And not just Adobe will be permitted to do it, but every software vendor out there. They don't have to be your provider, just a provider.

    Also "initialization" is a nebulous term. Are you sure you know how the law defines it? It could easily be phoning home with every launch, or perhaps with every forked process. A perverted vendor could treat it as initialization of any variable, constantly phoning home to make sure every thing you do does not violate their EULA.

    Meanwhile, Windows Genuine Advantage has had a not insignificant number of false detections of installations as non-genuine. A little hiccup in an algorithm and they'll cripple the software. Better hope its use wasn't essential to your business. BTW, the EULA makes it clear it should never be used for any essential purpose and disclaims any liability for failure to operate.

    Next, read the full text of the act for the prohibited behaviors and realize that with these exceptions it gives those entities license to do every one of them to you whenever and however often they'd like with impunity.
    --
    Oh, say does that Star-Spangled Banner entwine / The myrtle of Venus with Bacchus's vine?
  5. State law will still supercede it, because: by Pap22 · · Score: 4, Interesting

    When it says "Nothing in this Act shall apply to", that doesn't mean "the following is legal". It means, "Nothing is in the books about the following as far as this bill is concerned".

    So if an existing Federal or state law specifically mentions that a provider or software vendor may never access your computer under any circumstance, then that law will supercede this bill.

    Or am I missing something?