Print this article | E-mail this article | Comment on this article

Coalition Offers Definition for 'Spyware'

By Nate Mook, BetaNews

July 12, 2005, 12:56 PM

As Internet users become increasingly threatened with spyware and adware attempting to infect their machines, software vendors and consumers groups have been struggling to answer a critical question: What is spyware? A coalition is now attempting to draw a line between acceptable and invasive advertising.

The Anti-Spyware Coalition, headed by the Center for Democracy & Technology with support from industry giants AOL, Earthlink, Microsoft, and Yahoo among others, has released the first draft of a 13-page document designed to establish definitions that will bring clarity to anti-spyware vendors.

Such classification of spyware and adware would make it easier for companies to improve their detection and removal products, and better educate customers of the risks associated with spyware. In addition, anti-spyware software vendors could avoid lawsuits from ad companies who claim their software is unfairly targeted.

Microsoft muddied the waters last week when it redefined adware company Claria's software as "Ignore" rather than "Quarantine," much to the chagrin of security experts. Microsoft publicly responded to the criticism saying the new classification came after a standard review process.

Microsoft also posted the criteria it uses when defining potential threats, which include deceptive behaviors, privacy, security, performance impact, and industry and consumer opinion of the product.

Likewise, the Anti-Spyware Coalition has defined "potential threats" -- a term that includes spyware, adware, cookies and hijackers -- as programs that: impair users' control over their systems, including privacy and security; impair the use of system resources, including what programs are installed on their computers; or collect, use and distribute personal or otherwise sensitive information.

The coalition will be accepting public comments on the draft proposal until August 12, and a final document is expected by the fall. However, the definitions are not likely to lessen the amount of spyware plaguing computer users as advertisers continue their aggressive practices.

The document will also not answer a key question of what consent advertisers should obtain from users before installing such software. Currently, spyware vendors often tack their terms onto the end of long license agreements that consumers rarely read.

Nonetheless, the definitions are a necessary first step the coalition's backers say.

"The establishment of the Anti-Spyware Coalition is an important step in deterring malicious software," said Mike Nash, Corporate Vice President of the Security Business & Technology Unit at Microsoft.

"As a founding member, we are excited to be part of the coalition because clarifying definitions and setting best practices in this space will help software developers avoid the risk of writing deceptive software, and will help Microsoft and our partners enable customers to identify and stop spyware and other unwanted technologies."

Add a Comment (9 Comments)

BetaNews reserves the right to remove any comment at any time for any reason. Please keep your responses appropriate and on topic. Foul language and personal attacks will not be tolerated.

By Aires

posted Jul 13, 2005 - 7:44 AM

I will stick with Spybot Search & Destroy thanks.

Unfortunately a lot of mainstream users will stick with Microsoft as they don't know any better. Shame on Microsoft for muddying the issue.

Score: 0

By athome

edited Jul 13, 2005 - 12:17 PM

This has very little to do with MS as a whole. I still use and enjoy their product(s). You are simply attacking MS as if it is their fault that we have spyware/adware. You should look at your definitions from the 1st spybot and the last. Each update, look at the defintions and look for the ones that are set to ignore by default. This is a game that is being played by all of them.

You think you are safe is what they want. Just because you work on PC's doesn't mean that you know everything. I can bet that you didn't even know until you read these articles. You only have more tricks up your sleeve, which the average joe does not have. Do not rely on one program to remove spyware/adware from your computer - use several. Why is it each program removes something different? That is what the real issue is here. MS didn't muddy it, they just brought it to light; not by wanting to help us, but to utilize the avenue that they claimed to protect us by.

This coalition is nothing more than a bunch of adware/spyware companies getting together to develop a set of standards on the methods used to get into your PC. MS is there because they want to supply them also, and to help them achieve their goal(now more efficiently). It is like the politicians that vote on their own pay raises, or make up the laws guiding their activities. It is a smoke screen!

from their website (Composed of anti-spyware software companies, academics, and consumer groups, the ASC seeks to bring together a diverse array of perspective on the problem of controlling spyware and other potentially unwanted technologies.) BS - PHD from where and in what field and what qualifications to decide what goes on my PC; consumer groups from what group and background, and what makes them qualified on my PC. Am I the only one that has issues with this?

How can they decide what they want to put on MY PC! (what is acceptable and what is not) I should be the one to decide. These "giants" are the enemy to begin with. The Coalition is a group that know that they will be out of business if we are able to remove all spyware/adware from our computers. They want to have "acceptable guidelines."

IMO, there are no acceptable guidelines. I do not want to be in a board presentation and have an ad popup(about anything) right in the middle of it. In a perfect world, I shouldn't even have to worry that this would be a problem.

Ads should be left within the webpage being viewed. No popup, no additional program or active content. I can either look at it or not. I decide! But, if I have to close the window in order to see what I want, which is now in the background, this is violating my rights. Truly, this is not in my best interest. They are creating an industry for themselves at our expense. I paid way too much for my PC to become a billboard. What next, my car, my home.

My PC is private property and if someone comes onto my property, do I not have the legal right to remove them. If they are there to hurt me, then I can take evasive action to protect what is mine. Not exactly the same extreme, but the concept is there - the legal justification is there. I do not want them there or have asked them to come there, and they are costing me money for being there.

Corporate America is destorying America, and they are too stupid to even see it. They are greedy people that will stop at nothing - creating and changing laws to suit their devious and often illegal activities. We sit back and watch it unfold in the media(often a TV mini series called ABC/NBC/CBS/CNN News) When will it end!

Score: 0

By rustik_one

posted Jul 12, 2005 - 9:54 PM

I agree with px208. Unfortunately, the sooner that clear and legally accepted definitions for "spyware" and "adware" are established, the advertising moguls will begin crafting ways for their products to dodge the labels by not meeting the legally defined criteria.

How `bout a new term? SHATWARE - "Any software, code, or other information stored either temporarily or permanently on my pc, that for any reason accesses, (or facilitates the access of), my pc to the internet, or uses any of my system's resources for ANY purposes OTHER THAN per-use, user-initiated actions, and not to excede the scope or duration of the task initiated for any reason other than user pre-authorized software updates to the specific applications in question, with no exceptions!"

Score: 0

By px208

posted Jul 12, 2005 - 11:06 PM

Thanks rustik_one. I am glad you got the point.

Score: 0

By px208

posted Jul 12, 2005 - 2:51 PM

Read this for another perspective. http://sunbeltblog.blogs...ispyware-coalition.html

Score: 0

By athome

edited Jul 13, 2005 - 12:16 PM

Why don't all the Terrorists get together and define the methods they will use in their next attacks, and for those they plan and have not yet planned in the future. A code of ethics! What makes up a Terrorist Group; or how many members there should be before it can be classified as a group or terrorist! Do they attack people or buildings!

Idiots!! I can't believe that they even are shoveling this stuff to the public.

Score: 0

By bourgeoisdude

posted Jul 12, 2005 - 1:13 PM

Very needed move. If no definition is in place, I can call betanews spyware as it has tracking cookies from doubleclick.net, atdmt.com, adtech.de, smarttargetting.net, vibrantmedia.com, altfarm.mediaplex.com, netshelter.com, etc. Does that make them spyware? Do they directly put anything on your pc? Or are the vendors themselves responsible? Is advertising spyware? Are tracking cookies truly a threat, as they can only be most harmful when used in conjunction with malicious programs?

We need a dictionary definition to, if nothing else, shut those @#$%s up who say "Me? Spyware maker? No, I only use programs for "Research" and "marketing"'.

Score: 0

By morriscox

posted Jul 13, 2005 - 1:09 AM

Tracking cookies don't need to be paired with a malicious program to be dangerous. If a company has enough popular websites you go to, they can track you at any of the websites that they have a presence on that you visit and compile that information for a profile. Next time you might get targetted ads or if you have given them any information (like name, address, phone #, email address, maybe even a Social Security # or the equivalent), they can use that for their own purposes or even sell the information.

Score: 0

By Kramy

posted Jul 12, 2005 - 2:46 PM

I agree.

On the note of Betanews though, I'm happy to report it doesn't put tracking cookies on my system. :D

Score: 0

Dec 1 - 9:34 PM ET Alltel breaks in a mobile wallet with mFoundry

Dec 1 - 7:38 PM ET Intel tries to turn the tables on AMD in document discovery dispute

Dec 1 - 6:59 PM ET Palm to restructure yet again, may cut more jobs

Dec 1 - 4:58 PM ET Blockbuster downloads headed for more devices via Live Mesh

Dec 1 - 4:55 PM ET AOL's PlaySavvy speaks to game-shy parental units

Dec 1 - 4:41 PM ET Less bad news than anticipated for the semiconductor industry in 2008

Dec 1 - 3:51 PM ET 'Xohm' makes way for 'Clear,' as Sprint/Clearwire merger moves ahead

Dec 1 - 2:01 PM ET Chasing down the latest Cyber Monday tech deals

Dec 1 - 12:50 PM ET Will 'Cyber Monday' fare better than a weak 'Black Friday?'

Dec 1 - 12:38 PM ET Microsoft Cashback goes offline to Black Friday shoppers