Microsoft Helps Write Oklahoma's Anti-Spyware Law

groovy.ambuj writes "The Inquirer reports that Microsoft has developed Oklahoma's 'Computer Spyware protection Act'. The law will supposedly protect people from unwarranted hackers or virus attacks and can fine individuals up to $1M who are found guilty of breaking into a computer without the owners knowledge. At the same time, it also allows some of the better known capable companies to 'look' into your computer for possible virus/spyware and fix the problem without informing you. And, while these friends are doing their job, they can also take the moment to do other things. "

Be afraid...

[IamGarageGuy 2]

be very afraid

Re:Big Brother, nothing we can do?

[TomTraynor]

Unless it is written into the law that you cannot prevent them from going in then it is allowed. Hopefully someone will get the lawmakers a clue bat and let them know that a third party has complete access to all of the lawmakers private and confidential information on their computers. The third party won't even need to be security cleared, that third party can grab anything and do anything without letting the person know.

clause for defective OS liability?

[potus98]

Perhaps the Act should be expanded to include liability for companies that offer operating systems with poorly designed security that permit (some of) such problems in the first place. Sure, users are responsable when they flip their car off the road, but auto-makers are still liable when they manufacture a vehicle with inherintly weak suspension arms.

the user is protected how?

[Anonymous Coward]

If it allows any company that is given permission by the user to search the computer at will, how does this prevent adware and spyware?
Most spyware comapnies have fought for the ability to exist based on the fact that the user had to click on the link to download the software from a pop-up constitutes agreeing to the terms of the software use. I believe gator uses this argument...

Re:Hmmm... On one hand...

[PitaBred]

You know, it's nice you looked up Pavlov. If you had spent half that time actually reading the 7 (tiny!) paragraph article in question, you'd have noticed this sentence "In other words if you install Vista, Microsoft can come in, snoop around your computer see if you are doing anything illegal and delete it." and it would have confirmed that "little voice inside [your] head"

But my guess is that you're just trying to get karma [wikipedia.org] with as little work as possible.

Unusual punishment?

[ehiris]

Is this law unconstitutional? 1 Million dollars for breaking into just any computer seems pretty steep.

It should be cheaper to fend off some REAL bad people that the authorities can't get around to catch.

Re:Just great.

[timeOday]

Not exactly. From my reading of the article, this law doesn't legalize anything that's illegal today. It says, "no spying, except for these loopholes." Now, we can (and probably should) complain about the loopholes, but don't forget that right now there are no loopholes, because there is no law - whatever's in the fine print, goes. This law would prevent most companies from doing whatever they want simply by hiding legalize in the fine print, as they do now. The only catch is, certain companies (such as Microsoft, not surprisingly) can keep writing arbitrary EULAs wherein you "grant" them permission to do whatever they want.

OK

[hackstraw]

1) What does MS know about preventing spyware aside from charging extra for it in an upcoming newly released service?

2) $1mil fine is not sufficient. Its still very profitable to break into a computer and steal over a million dollars worth of information.

From the real FA [okgazette.com] that does not allow copy and pasting from their website via a DRM like mechanism, documented here:


* Disable select-text script- © Dynamic Drive (www.dynamicdrive.com)
* This notice MUST stay intact for legal use
* Visit http://www.dynamicdrive.com/ [dynamicdrive.com] for full source code
*/

I can still grab the text via the source, so here's the gem:

If you click that "accept" button on the routine user's agreement, the proposed law would allow any company from whom you bought upgradable software the freedom to come onto your computer for "detection or prevention of the unauthorized use of or fraudulent or other illegal activities in connection with a network, service, or computer software, including scanning for and removing computer software prescribed under this act."

So, all you have to do is ask the user to install spyware. Shouldn't be too tough.

Good law!

=oO=

[qeveren]

Section 6 of the act says such a prohibition "shall not apply" to "telecommunications carrier, cable operator, computer hardware or software provider or provider of information service."

So... the law doesn't even apply to spyware, since companies that produce spyware are technically "software providers or providers of information service", no?

Re:This is the problem damnit

[stinerman]

You do understand that monied interests writing the bills is tending to be the rule rather than the exception these days, right?

Skip the lobbying and move straight to legislation

[Anonymous Coward]

This is rather disturbing in that MS is able to completely skip the lobbying phase and goes straight to drafting its own legislation.

old news

[cosminn]

From TFA:

In other words if you install Vista, Microsoft can come in, snoop around your computer see if you are doing anything illegal and delete it.

This was an issue since Windows 2000 SP2 actually. This clause was removed with Windows XP due to complaints from companies and such.

Also, unless the Vista EULA includes this clause again, Oklahoma's law doesn't affect me whatsoever since I don't live there. And if more states pass laws with a similar clause, or they make it a federal law (doubtful), then companies and people will again complain and they'll take it out.

Just another conspiracy theory in the making...

Intent of a law != Content of the law

[Kadin2048]

What you just said is exactly true, however it's not the complete extent of what's allowed. There's nothing in the bill that limits what Microsoft (or Norton, or whomever) can detect and delete from your computer, provided that it's illegal. The excuse is to allow them to delete spyware, but it just as easily allows them to do you the "service" of removing any unlicensed software you have on your computer.

The intent of a law and what it actually allows are often totally separate things.

Without consequence. It's not funny.

[twitter]

FTFA:

if you have, say, a pirated copy of Excel Microsoft (or companies with similar software) can erase it, or anything else they want to erase, and not be held liable for it.

This is Bill's dream come true. They have already granted themselves this power in their EULAs. This law gives them unambiguous rights to carry out that EULA. So yes, they can "update" your boot loader, load your free software with keyloggers and spyware, wipe partitions and do what ever they want.

More ominously:

Additionally, that phrase fraudulent or other illegal activities means they can ... Let the local district attorney know ... [about whatever they find or think they find on your computer].

About the only thing worse than M$ having run of your computer would be M$ law enforcement. I predict a wave of bogus reports designed to harass people Bill does not like. We can only hope that law enforcement has the good sense to distrust such an obviously interested party.

Re:Big Brother, nothing we can do?

[surprise_audit]

If they haven't criminalized home networks and routers yet, you don't need to reverse engineer anything to keep them out. Just be careful about what you let through your firewall. Anyway, it'll probably be reverse engineered outside the USA by a bunch of folks that don't give a damn about USA laws.