Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Microsoft Helps Write Oklahoma's Anti-Spyware Law 232

Posted by ScuttleMonkey
from the things-not-to-farm-out dept.
groovy.ambuj writes "The Inquirer reports that Microsoft has developed Oklahoma's 'Computer Spyware protection Act'. The law will supposedly protect people from unwarranted hackers or virus attacks and can fine individuals up to $1M who are found guilty of breaking into a computer without the owners knowledge. At the same time, it also allows some of the better known capable companies to 'look' into your computer for possible virus/spyware and fix the problem without informing you. And, while these friends are doing their job, they can also take the moment to do other things. "
This discussion has been archived. No new comments can be posted.

Microsoft Helps Write Oklahoma's Anti-Spyware Law

Comments Filter:
  • Be afraid... (Score:5, Insightful)

    by IamGarageGuy 2 (687655) on Tuesday April 11, 2006 @01:05PM (#15107291) Journal
    be very afraid
    • by khasim (1285) <brandioch.conner@gmail.com> on Tuesday April 11, 2006 @01:15PM (#15107376)
      From TFA:
      Now because Microsoft knows that it sometimes need to get information from their users for upgrades, it has put in a clause to allow software companies to do this. Basically the Vole law demands that a software company licence agreement tells you the sort of data they are taking.

      The problem is that if you agree, you give the company you bought upgradable software the freedom to come onto your computer for "detection or prevention of the unauthorized use of or fraudulent or other illegal activities in connection with a network, service, or computer software, including scanning for and removing computer software prescribed under this act."

      In other words if you install Vista, Microsoft can come in, snoop around your computer see if you are doing anything illegal and delete it.
      That certainly sounds like people should be opposed to this "law".
      • One thing that always gets me is that they (large companies) want some legal backdoor into your computer.

        I think more people would be comfortable with it if there was a client installed that monitored the network for something comprable to Windows Update(tm) where it would let you know something is going on that is effecting the network and give you the tools (patch, instructions, etc) to get it fixed. All the while leaving your system online. As a choice the ISP could block traffic associated with th
      • That's scarey, not only will Microsoft be able to snoop inside my computer and install stuff, but those who always hack Microsoft programs will be able to do the same. Plus how will Microsoft know whats good for my computer. I'm running a certain version of Adobe Premiere on my Win2K machine. It runs fine as long as I keep it on SP2. If I upgrade the service pack, I unleash a whole new set of bugs that cause Premiere to act the fool. What if Microsoft decides it's about time I upgraded to SP4 and they scre
        • by gurumeditationerror (631201) on Tuesday April 11, 2006 @03:04PM (#15108323)

          That's scarey, not only will Microsoft be able to snoop inside my computer and install stuff, but those who always hack Microsoft programs will be able to do the same.

          Simple solution: Don't use Microsoft software.

          Plus how will Microsoft know whats good for my computer.

          Knowing what is good for your computer is not so much the concern but MS deciding what's good for your computer is.
          Again: Don't use Microsoft software.

          I'm running a certain version of Adobe Premiere on my Win2K machine. It runs fine as long as I keep it on SP2. If I upgrade the service pack, I unleash a whole new set of bugs that cause Premiere to act the fool. What if Microsoft decides it's about time I upgraded to SP4 and they screw up my stuff?

          Simple solution: Don't use Microsoft software.

      • by Anonymous Coward
        This is rather disturbing in that MS is able to completely skip the lobbying phase and goes straight to drafting its own legislation.
      • by johndiii (229824) * on Tuesday April 11, 2006 @02:31PM (#15108029) Journal
        One would think that people would oppose it (text of the bill (RTF document) [state.ok.us]). But... It has passed, or is under consideration, in other states [ncsl.org]. Microsoft is not the sole originator, but a group called the American Legislative Exchange Council [alec.org]. It supposedly "...advances the Jeffersonian principles of free markets, limited government, federalism and individual liberty...", but actually seems more interested in making corporate policy into state law.

        The Microsoft campaign contributions mentioned in the article (a slightly more readable version) [altweeklies.com] are also worth noting.
      • That certainly sounds like people should be opposed to this "law".

        Thing is, some Microsoft processes do some stuff in the background without your knowlege, some of which provides a valuable service to end users.

        It would be kinda crappy for the state to write a law that can be used against legitimate uses like Automatic updates, which I'm certain is what Microsoft is implying.
    • Remember...the State of Oklahoma was created by Congress; whereas it can't legislate to Oklahoma because it is a state already created by the people; thereby, Congress can't create a state within a state unless by Admiralty jurisidiction (libel) to say our (the people's) Oklahoma is a Territory under the US Constititution. This brings in many presumptions whereas this Oklahoma (not-confederated several states of the people) are not a part of that OKLAHOMA (a federal State upon the dejure state known as Okl
  • by fdrebin (846000) on Tuesday April 11, 2006 @01:06PM (#15107292)
    Wouldn't suprise me none...

    /F

    • Well, this is Oklahoma, and it seems that CentOS is already a virus or hacker tool of some kind there...
    • by twitter (104583) on Tuesday April 11, 2006 @03:31PM (#15108541) Homepage Journal
      FTFA:

      if you have, say, a pirated copy of Excel Microsoft (or companies with similar software) can erase it, or anything else they want to erase, and not be held liable for it.

      This is Bill's dream come true. They have already granted themselves this power in their EULAs. This law gives them unambiguous rights to carry out that EULA. So yes, they can "update" your boot loader, load your free software with keyloggers and spyware, wipe partitions and do what ever they want.

      More ominously:

      Additionally, that phrase fraudulent or other illegal activities means they can ... Let the local district attorney know ... [about whatever they find or think they find on your computer].

      About the only thing worse than M$ having run of your computer would be M$ law enforcement. I predict a wave of bogus reports designed to harass people Bill does not like. We can only hope that law enforcement has the good sense to distrust such an obviously interested party.

    • Don't know if Linux/OSX are defined as spyware, but the article says the spying can only take place after you click the "I accept" button on the (presumably antispyware) program end user license agreement.

      As at least Linux doesn't come with that kind of end user license agreement, I suppose Linux users would not be allowed to be investigated.
  • by Komarechka (967622) on Tuesday April 11, 2006 @01:06PM (#15107297) Homepage
    When then pen it into law that companies can look inside of out machine to "fix" problems, does that mean it is illegal to prevent them from doing so?
  • Just great. (Score:5, Funny)

    by Rob T Firefly (844560) on Tuesday April 11, 2006 @01:09PM (#15107325) Homepage Journal
    In other news, Charles Manson has produced a flawless plan for the public to avoid being murdered by crazed serial killers, relying heavily on letting him murder you before any "really bad people" can.
    • Re:Just great. (Score:4, Insightful)

      by timeOday (582209) on Tuesday April 11, 2006 @01:31PM (#15107504)
      Not exactly. From my reading of the article, this law doesn't legalize anything that's illegal today. It says, "no spying, except for these loopholes." Now, we can (and probably should) complain about the loopholes, but don't forget that right now there are no loopholes, because there is no law - whatever's in the fine print, goes. This law would prevent most companies from doing whatever they want simply by hiding legalize in the fine print, as they do now. The only catch is, certain companies (such as Microsoft, not surprisingly) can keep writing arbitrary EULAs wherein you "grant" them permission to do whatever they want.
      • As an Oklahoman, I can assure you that there are not nearly as many savvy users here as are needed to "complain about the loopholes". The best bet is to not run the software that allows the loopholes to be exercised. That is a choice any Oklahoman can make.

  • And this probably includes a lucrative contract to implement Microsoft' new ActiveX based anti-spyware tool...
  • by revery (456516) * <charles.cac2@net> on Tuesday April 11, 2006 @01:13PM (#15107358) Homepage
    Clippy: It looks like you are writing a state law, do you mind if I insert Microsoft-friendly boilerplate?

    [User clicks no.]

    Clippy: Congratulations, your document has been modified and submitted for sponsorship and ultimately passage by Microsoft-owned employees... err shills... err statesmen... Thank you for using Microsoft Word. (Also, we'll keep that private folder between you and me, ok? It'd be a shame for the attorney general to see that...) Have a nice day! You poor little sheep... HA HA HA HA HA!

  • by ursabear (818651) on Tuesday April 11, 2006 @01:14PM (#15107365) Homepage Journal
    My Pavlovian [wikipedia.org] reaction was, "OhhhhhhhhNNNNNNNNNNNNNNooooooooooooooooo!"

    Now that the bell has rung, my kibbles are ingested, and I feel better...
    If you were a state agency and needed security expertise, where would you go to get the information you need (to write a law/rule/proposition/etc. that is based on highly technical stuff)? Would you go to a security firm? Would you go to the local IT management firm? Would you go to a support shop like Geeks 'r' Us?

    A little voice inside my head (yes, I have those sometimes - be afraid) says that something inside the law may be done to tilt things Microsoft's way - but I don't know that Microsoft would be such a bad partner (all feelings of MSHatred(tm) aside - just looking at it as a business).
  • by Snap E Tom (128447) on Tuesday April 11, 2006 @01:14PM (#15107366)
    Heh. Because if they do, I'll bet Apache and CentOS gets listed as spyware.
    • In all fairness, the people of Tuttle don't deserve this. Taylor does certainly but not the people of Tuttle many of whom may very well have opposed him in his bid for office.

      Besides, they're already stuck with Taylor for CM. Seems they deserve a break.

  • by potus98 (741836) on Tuesday April 11, 2006 @01:15PM (#15107373) Journal

    Perhaps the Act should be expanded to include liability for companies that offer operating systems with poorly designed security that permit (some of) such problems in the first place. Sure, users are responsable when they flip their car off the road, but auto-makers are still liable when they manufacture a vehicle with inherintly weak suspension arms.

    • Think it through, if EULA dont matter, then the GNU license is well worthless. Now if people can sueing and get money for security holes, what happens to all the opensource devs.....

      Life aint that simple
  • R-Edmond?? (Score:3, Funny)

    by jomegat (706411) on Tuesday April 11, 2006 @01:15PM (#15107377)
    Clearly, Jolley is not the only legislator who could be described as "R-Edmond".
  • Why in the HELL would you let Microsoft or any other company PERIOD to write or even assist in the writing of a law like this. All Im saying is that they wrote the law to protect the computer from all illegal activites but give them and every other company free reign on your machine. Thats NEVER good! What kind of dumbass do you need to be to see this is a positive thing?
  • by rbochan (827946) on Tuesday April 11, 2006 @01:17PM (#15107403) Homepage
    A local village idiot [slashdot.org] could have written it.

  • In Oklahoma, it's a rhetorical question. [thefreedictionary.com]

  • The law will supposedly protect people from unwarranted hackers or virus attacks...

    Aside from laws being merely an extension of a socially acceptable psychological deterrent with provisions for those we deem "law enforcers" (which should have a more describing name of their true nature), laws of this type really do nothing.

    That and the fact that Microsoft has helped to write it is a step in the right direction, one of being guided by a technologically aware firm, but I don't think MS should be the ones to

  • by ehiris (214677) on Tuesday April 11, 2006 @01:29PM (#15107491) Homepage
    Is this law unconstitutional? 1 Million dollars for breaking into just any computer seems pretty steep.

    It should be cheaper to fend off some REAL bad people that the authorities can't get around to catch.
    • Too steep for an individual. Not steep enough for a company.
    • No shit. This would make it a harsher penalty for remotely peeking at your neighbor's computer over his unprotected wifi, than if you broke into his house and stole his computer.
      Hell, some people don't make a million dollars in their whole lifetime.
    • by PurPaBOO (604533)
      It's $1,000 minum per violation, up to a maximum of $1,000,000.

      From the bill at: http://tinyurl.com/elycc [tinyurl.com]

      The Attorney General for the State of Oklahoma, an Internet service provider or software company that expends resources in good faith assisting authorized users harmed by a violation of the Computer Spyware Protection Act, or a trademark owner whose mark is used to deceive authorized users in violation of this act, may bring a civil action against a person who violates any provision of this act t

  • OK (Score:4, Insightful)

    by hackstraw (262471) * on Tuesday April 11, 2006 @01:32PM (#15107510)
    1) What does MS know about preventing spyware aside from charging extra for it in an upcoming newly released service?

    2) $1mil fine is not sufficient. Its still very profitable to break into a computer and steal over a million dollars worth of information.

    From the real FA [okgazette.com] that does not allow copy and pasting from their website via a DRM like mechanism, documented here:


    * Disable select-text script- © Dynamic Drive (www.dynamicdrive.com)
    * This notice MUST stay intact for legal use
    * Visit http://www.dynamicdrive.com/ [dynamicdrive.com] for full source code
    */


    I can still grab the text via the source, so here's the gem:

    If you click that "accept" button on the routine user's agreement, the proposed law would allow any company from whom you bought upgradable software the freedom to come onto your computer for "detection or prevention of the unauthorized use of or fraudulent or other illegal activities in connection with a network, service, or computer software, including scanning for and removing computer software prescribed under this act."

    So, all you have to do is ask the user to install spyware. Shouldn't be too tough.

    Good law!

    • by pla (258480)
      From the real FA that does not allow copy and pasting from their website via a DRM like mechanism

      Wow! I've just encountered my first effective form of DRM - A thorough Slashdotting!

      Oh, damn. It loaded this time... Okay...


      Huh... Not a very effective way to block cutting-and-pasting... I don't even need to view the source or disable Javascript to do whatever I want. Apparently, "Section 6 of the act says such a prohibition ``shall not apply`` to" FireFox users.

      Actually, it did somehow stop me fr
  • Hmmm, foxes guarding hen houses comes to mind. But in all fairness, it is still a good thing that Microsoft is involved and in a way shows a sense of responsibility. I can only hope that the baser aspects of human nature won't raise their ugly heads here later.
    • From TFA:

      "It's crazy," Reynolds said of the law. "The vote was unanimous. We were in the middle of some other bill. Someone walked up to me and said, 'I thought you'd vote against that.' And I said, 'Duh.' I thought it was about spam. I didn't bother to read it to that level."

      Does this make anyone else's blood boil? From what I can tell, Reynolds is the "good guy", yet he can't even be bothered to read the law he is passing.

      I hear about this all the time. Apparently it's "standard operating procedure." Wha
      • I know I'm living in fantasy land, but I would love to see it changed to where before any vote on new legislation, all the senators or representatives are given a 10 question DMV style quiz on the bill's language. And only those that pass get to vote.

        Realistically though, very few of these people are elected based on their reading comprehension, analytic ability, or attention to detail. The only real hope I suppose is having sufficient checks in the system to keep them from running too far amuck (ala ultra
        • I know I'm living in fantasy land, but I would love to see it changed to where before any vote on new legislation, all the senators or representatives are given a 10 question DMV style quiz on the bill's language. And only those that pass get to vote.

          Heck, I'd like to see all voters have to pass a 10-question quiz before they were allowed to step into a voting booth and choose those politicians. I don't even care what the quiz was on, pull 10 questions from the back of any random 4th grade Social Studies bo
  • "This legislation is brought to you by Microsoft(TM)". Happy democracy(TM) and freedom(TM)...
  • The next thing you know, Microsoft will be writing Evolution into Oklahoma law, too. [msn.com]
    This could be the onset of a new great age of enlightenment, OK?
  • =oO= (Score:5, Insightful)

    by qeveren (318805) on Tuesday April 11, 2006 @01:42PM (#15107574)
    Section 6 of the act says such a prohibition "shall not apply" to "telecommunications carrier, cable operator, computer hardware or software provider or provider of information service."

    So... the law doesn't even apply to spyware, since companies that produce spyware are technically "software providers or providers of information service", no?
  • Oklahoma is the target of international cyberterrorist efforts--look at the heroic efforts of the brave IT Manager of Tuttle, Oklahoma, after Linux extremists took over his city website!

    http://www.tuttletimes.com/siteSearch/apstorysect i on/local_story_088201244.html [tuttletimes.com]

    Clearly, no measures are too extreme to protect the vulnerable citizens of Oklahoma from what evils lie within.

  • by Drinkgreen (964785) on Tuesday April 11, 2006 @02:08PM (#15107799)
    For those of you unaware, Oklahomans are allowed to look at "special" pornography. "Special", meaning no penetration or ejaculation in our magazines, skin-a-max, or anything. Its hard as hell to find a total nude strip club in this state. Neighboring states already know this, such as Texas. When you travel south from Oklahoma, into Texas, the first thing you see (even before the "Welcome To Texas" sign) is a little building with a giant XXX sign. We Oklahoman's know when we've left the state, because all the porno shops appear.

    I'm glad about this spyware law, but I think its just more about getting to see what's on user's computers , legally. The Anti-Spyware law is just a front. Oklahoma has been wanting to be able to monitor people for a long time. Which I understand on one hand, but also kind of sucks. I mean, our porn sucks anyway, but now we have to worry about someone watching us visit "non-Oklahoma" approved sites.
  • old news (Score:2, Insightful)

    by cosminn (889926)
    From TFA:

    In other words if you install Vista, Microsoft can come in, snoop around your computer see if you are doing anything illegal and delete it.

    This was an issue since Windows 2000 SP2 actually. This clause was removed with Windows XP due to complaints from companies and such.

    Also, unless the Vista EULA includes this clause again, Oklahoma's law doesn't affect me whatsoever since I don't live there. And if more states pass laws with a similar clause, or they make it a federal law (doubtful), then compan

  • I just have a question. If someone comes into your house to service your furnace, for example, and they 'happen' to see pot growing next to the furnace, can they call the cops? Is that admissable evidence in a court of law? Because, MS is clearly planning on doing just that.

    Of course, they don't have permission to rifle through every nook and cranny in my house just because they came in to fix the furnace...

  • Meh... (Score:3, Informative)

    by duffstone (946343) on Tuesday April 11, 2006 @02:28PM (#15108002) Homepage
    Not everyone in Oklahoma is a retard... Unfortunately the majority rules. :-\

    Hell, I'd bet that half of our politicians would pay handily to work with a corporation such as Microsoft just so they can get a nice little blurb in a national paper that they can give their grandkids... Life in rural America is uneventful at best. Something like this is what makes people feel important. Even if they don't see the greater evil in their actions... You can't blame them; they simply don't know any better...

    -Duff

    P.S. I've lived in Oklahoma my whole life so I can criticize all I want.
    • Not everyone in Oklahoma is a retard... Unfortunately the majority rules. :-\


      Heh... Truer words are rarely said- and it's why I wasn't too hurt leaving Yukon when my father got
      work down in Texas with E-Systems, Greenville Division. :-)

      I mean, I missed "home", but it was better (If only slightly...) where I went and then ended up.
  • Hmmm... the / intro says:

    "unwarranted hackers or virus attacks..."

    Are there such things as "warranted hackers or virus attacks"?
    • Are there such things as "warranted hackers or virus attacks"?

      Yes, anyone that gives M$ enough money will have access to the new Vista Total Information Awareness (VITA) system. This is what non-free is all about, sit back and enjoy it or dump the last of your second rate software.

  • Slightly OT (Score:2, Funny)

    by kiracatgirl (791797)
    A bunch of people mentioned how you can't copy/paste things off of the site, but there's a simple loophole which doesn't involve scrolling through source code.

    Just click and drag with the arrow-cursor, not the text cursor. You can start from any between-paragraphs whitespace, and it works fine. Makes the whole script thing even MORE pointless, though...

    A lot like the law being proposed, come to think of it.
  • If the bank that held your life savings was robbed, do you think you would want a say in a new law punishing bank robbers? Well, Mircosoft should probably have a say in a law that effects people who steal their software.
  • Did I miss something? Why is a company, who stands to make a lot of money by putting anti-'bad'ware companies out of business, writing the law for this type of thing? There seem to be a lot of loop holes in this law and what it allows. How are businesses to be compensated when this upgradable software deletes some of their code base on a laptop that is plugged in at home, or some other plausible situation. The assignment of rights via a single click during installation is shaky at best, and underhanded on n
  • Once you invite them in they have the right to keep coming back
  • Personally, I have no problems with writing software that allows somebody into my machine... provided:

    a) It ASKS me, at every instance, if it is OK. For example "User MS-BOB at 192.168.2.1 is requesting access to your machine, do you accept?"
    b) It shows me when they are connected, and when not
    c) Preferably, I can see what they're doing. VNC-like sessions would work well enough for this.

    Really, this would be fine by me, so long as I can see what information they're getting from me, and when. On a windo
  • I can hack as much as I want? All I gotta do is write some piece of "updateable software" and have people use it?

    Let's ignore for a fact that I'm far away from Oklahoma and most of the black hatters are even further away...
  • by Opportunist (166417) on Tuesday April 11, 2006 @03:24PM (#15108485)
    Think about it for a moment. If I got that right (a lawyer might clarify the details), when I write some software that requires "updates", I am allowed to sniff in your computer when you agreed first to use my software.

    This means, though, that if I write a, say, download manager, that installs sniffing software that phones home (hey, it's just updating itself, after all it has to update the ad-pages I pop in your face!), this actually becomes legal. I could harvest whatever information I want from your machine, and it is legal. If you should dare to install an ad-blocker, I'll remove it (legally), because it interferes with the operation of my adware ridden spyware.

    Nice to know. Time to open some software company in Oklahoma.

Modeling paged and segmented memories is tricky business. -- P.J. Denning

Working...