Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spy Act of 2007 = "Vendors Can Spy Act"

Posted by kdawson on from the legalizing-spyware dept.

strick1226 writes "Ed Foster over at InfoWorld describes the Spy Act bill (H.R. 964) as having the same relation to the prevention of spyware that the CAN SPAM Act had to the prevention of spam. It allows exceptions for companies to utilize spyware for any number of reasons; if this bill had been law when Sony distributed their rootkit, they would have had perfect cover. Most troubling is that the bill would preempt all state laws, including those more focused on the privacy of people's data, and disallow individuals from bringing suit. It is expected to pass soon with 'strong bipartisan support.'"

9 of 309 comments (clear)

  1. Since no one here uses windows by Anonymous Coward · · Score: 5, Funny

    I don't see who this will be a problem.

    1. Re:Since no one here uses windows by TheGratefulNet · · Score: 5, Insightful

      this is actually way beyond windows.

      it SEEMS that this bill gives vendor-tunnels the OK. and also it notes that they can be stealth. you know, like the sneak and peek procedures we have today.

      yes, this is the electronic form of sneak and peek.

      and that is why you should be afraid of this. it gives remote 'special parties', well special priviledges on YOUR BOX.

      this is such a bad idea, it must have come from congress and/or special interests.

      this surely has NO benefit to We, The People ;(

      --

      --
      "It is now safe to switch off your computer."
  2. Look! Rights go down the hole... by Marrshu · · Score: 5, Insightful

    ... there go more of our personal rights simply to support the big business and such. Who wants to guess how long it'll take Sony to restart their whole rootkit campaign? Can't forget Microsoft and all those ISPs that want to spy on you. Big Brother is watching you after all

  3. Re:Legal, not moral by csmacd · · Score: 5, Insightful

    Yes, organizations that distribute spyware care.

    >sarcasm off

    When organizations have the legal cover to do junk like this, they will. No amount of moral outrage is going to stop them, unless they monitor and report some random elected official's illegal activities.

    --
    Don't pick up the pho*(@)$*@&@!@ NO CARRIER
  4. Di not use Vista and other DRM enabled tech by roman_mir · · Score: 5, Insightful

    We had this discussion before. The law will make it perfectly legal to spy on you, and you new shiny OS will make it perfectly impossible (well, as long as DRM works) for you to prevent this by technical means.

    People who say that it doesn't matter to them, whether Vista has DRM or not as long as they can play their games, maybe surprised to find out that the DRM may make it impossible for them to enjoy their games through enabling the spying and whatever other active measures that can be taken by spying software. Do you like modifying your games in any way? It may become impossible if you are on a DRM platform and you are spied upon. Of-course there are those, who would rely on the DRM to be broken but this is not a very good practice to rely on that, I mean there are so many problems with that, for example why would you trust a 'DRM removing patch' from someone to be spyware/rootkit free? It is better to avoid such products altogether. Avoid DRM products, avoid spyware infected products, that's the only way to really stay in the clear. Besides, isn't it illegal to remove 'security protection' under DMCA anyway?

    Free Software becomes more and more attractive in this culture of customer spying and DRM locking every day.

    --
    You can't handle the truth.
  5. Re:OK, What Am I Missing? by powerpants · · Score: 5, Insightful

    I don't see anything to get terribly alarmed about. What am I missing? The bandwagon.
  6. Re:OK, What Am I Missing? by HTH+NE1 · · Score: 5, Interesting

    Exception Relating to Security- Nothing in this Act shall apply to--

                    (1) any monitoring of, or interaction with, a subscriber's Internet or other network connection or service, or a protected computer, by a... software provider... for the detection or prevention of fraudulent activities;

    OK, your ISP can do network trouble shooting. Your HW / SW vendor can provide on-line tech support. Seems reasonable to me.

                    (2) a discrete interaction with a protected computer by a provider of computer software solely to determine whether the user of the computer is authorized to use such software, that occurs upon -- (A) initialization of the software;

    Microsoft can run their "Genuine Advantage" crap. Not thrilled about it, but not surprised.

    I don't see anything to get terribly alarmed about. What am I missing?
    You're letting intervening words distract you. See my excerpts in the quotation above.

    So even if you have never installed, for example, Adobe software, Adobe can monitor your computer to determine if you ever run an illegal installation of Photoshop. No sunset on the monitoring; they can continually probe your machine in suspicion of piracy. That'll degrade your bandwidth. And not just Adobe will be permitted to do it, but every software vendor out there. They don't have to be your provider, just a provider.

    Also "initialization" is a nebulous term. Are you sure you know how the law defines it? It could easily be phoning home with every launch, or perhaps with every forked process. A perverted vendor could treat it as initialization of any variable, constantly phoning home to make sure every thing you do does not violate their EULA.

    Meanwhile, Windows Genuine Advantage has had a not insignificant number of false detections of installations as non-genuine. A little hiccup in an algorithm and they'll cripple the software. Better hope its use wasn't essential to your business. BTW, the EULA makes it clear it should never be used for any essential purpose and disclaims any liability for failure to operate.

    Next, read the full text of the act for the prohibited behaviors and realize that with these exceptions it gives those entities license to do every one of them to you whenever and however often they'd like with impunity.
    --
    Oh, say does that Star-Spangled Banner entwine / The myrtle of Venus with Bacchus's vine?
  7. Re:Legal, not moral by TechnicalFool · · Score: 5, Informative

    As far as I'm aware, organisations always have had the legal cover (if just barely) to distribute spyware, as long as they say it's being installed in the EULA. If not, CoolWebSearch et all would have been sued out of business a long while ago. According to the article, and if I read it correctly, this seems to be more about giving large companies the legal arse-covering required to hack into your computer "just to check" if you've got, say, a dodgy copy of Autodesk Inventor.

    What I'd be interested in is how this and other such spyware could be subverted, possibly with some false (and FOSS, naturally) piece of software that sends ridiculous junk to the remote servers. Sort of an anti-spyware, if you will. The best analogy I can think of off-hand would be programs like the fake SubSeven servers, that as I recall made your computer pretend to be infected with the SubSeven trojan. If you got someone connecting, you could give them a false directory tree, or press a button to blast their computer with a gazillion windows in their SubSeven client.

    I think maybe a little hacktivism is called for, although naturally I would not advocate breaking any laws in the process! Oh no, sir!

    --
    09F9 1102 9D74 E35B D841 56C5 6356 88C0
  8. Re:Legal, not moral by cbiltcliffe · · Score: 5, Insightful

    They do have good understanding of wallet vote, though.
    Yes. Unfortunately, consumers don't.
    --
    "City hall" in German is "Rathaus" Kinda explains a few things......