Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
The Internet United States

House Passes Another Spyware Bill 285

SkippyTPE writes "The AP reports that the US House of Representatives has unanimously passed a law criminalizing Spyware. This is the second such bill in two days (the first imposing civil penalties, whereas this bill imposes criminal penalties). Information on the bills (HR2929 and HR4661) can be found here and here respectively."
This discussion has been archived. No new comments can be posted.

House Passes Another Spyware Bill

Comments Filter:
  • by stecoop ( 759508 ) on Thursday October 07, 2004 @03:22PM (#10463513) Journal
    Let's think about these laws before we cheer - say to yourself will the world be a better place with yet another law. I applaud the efforts of the government protecting the people but marketing comes has to come from somewhere; like Nielsen rating system by which advertisers use to by spots on TV, somewhere there has to be a way to understand what works on the internet. The law bill clearly states that installing tracking devices on someone else computer will be punishable by imprisonment - you will no longer to be able to track logins via cookies or be running a risk from court interpretations of the law.

    As for the second part of the law, phishing:
    Zoe Lofgren D-Calif. - cited estimates that up to 90 percent of computers contain some forms of spyware. Lofgren said her daughter was recently victimized by electronic thieves in a phishing scam
    It is good thing that 10% of the market is either running an alternative browser and/or operating system preventing those infections. But being victimized via email I tend to say that email isn't secure therefore nothing in email can be trusted - thus let the buyer (user) beware. Over the long haul, Darwinism will balance things out and the law will be just a hoop and dance show for elections.
    • by Trigun ( 685027 ) <evil@evilempireP ... cx minus painter> on Thursday October 07, 2004 @03:25PM (#10463567)
      There is a difference in unnecessary laws, and establishing laws to prevent unethical business practices. Would you like to be egregiously harmed only to be told that, although it should be illegal, nobody has got around to writing a law against what has happened to you, so you might want to go cry somewhere else.

      Good Riddance Gator/Claria. The world will truly be a better place, even if our computer clocs are out of date by a couple minutes, or we don't know what the weather is like in Yemen.
      • by grumpygrodyguy ( 603716 ) on Thursday October 07, 2004 @05:01PM (#10464628)
        Good Riddance Gator/Claria. The world will truly be a better place

        Yes, but these kinds of laws set a very dangerous precedent for all of us. Putting people in jail for distributing spyware is very irresponsible. Fine them to death so they can't make payroll, whatever, but jail time?

        What if the next law throws you in jail for trading music? Or for selling software that conflicts with someone else's very dubious software patent?

        Time and again congress has demostrated that it is completely incompetant with regard to information technology. They are ill informed, have no expertise or training with technology, and seem only interested in extending the paradigm of centralized control into the internet. Which is exactly the opposite of what makes the internet great.

        The last thing I want to do is defend spyware vendors, but going from discussing a bill to imposing jail sentences in less than a week is scary. These people just seem to love sending people to jail. America has the highest number of citizens in jail per-capita of any country in the world. Applauding moronic laws like this is just giving them permission to raise that statistic even higher.
    • by glrotate ( 300695 ) on Thursday October 07, 2004 @03:26PM (#10463580) Homepage
      Spyware installs surreptitiously and degrades you performance.

      What spyware outfit do you work for?
    • by dewke ( 44893 ) on Thursday October 07, 2004 @03:26PM (#10463583)
      You do realize that to be a "Nielson" household you have to volunteer. It's one thing to volunteer to have your browsing habits monitored, and something else to have crap like gator shoved onto your pc because you don't know any better.
      • You do realize that to be a "Nielson" household you have to volunteer. It's one thing to volunteer to have your browsing habits monitored, and something else to have crap like gator shoved onto your pc because you don't know any better.

        "Volunteer" may not be the proper term. I've done it twice. They solicited me, I didn't go to them and "volunteer". I did willing agree to fill out their survey form. And a survey form is really all it is. Your supposed to write the shows down as you watch them, but we

    • Tracking login via cookie is stupid anyway- far more efficient to track login via mac address in a database on server side.
    • Sure it is. The first one made it a civil matter, this makes it a crimal one.

      The government does not want any competition in the wiretap, etc business.
    • I'm sorry to ask a personal question, but are you nuts?

      Dissection:

      • say to yourself will the world be a better place with yet another law
        Are you saying that we should add no more laws, simply because we have too many, regardless of that law's merits?
      • like Nielsen rating system by which advertisers use to by spots on TV, somewhere there has to be a way to understand what works on the internet.
        Someone else covered this already, but Nielsen pays you, in an arrangement made in the clear and with your permissi
    • What is not clear is what can s/w do before it is spyware as defined by the law? As reported on Yahoo, "changing security settings" is pretty vague. It the program just reports home on activity and does not send credit card numbers, etc. would this be considered spyware? I suspect not.

      Lofgren said her daughter was recently victimized by electronic thieves in a phishing scam

      Suggestion on how to get a new law passed: target close relative of Senator/Congressperson in legal but repugnant manner, sit back

    • US government is the people banding together to protect ourselves under justice - when practiced correctly. Over the long haul, we're 1> all dead, and 2> a feudal/tribal species constantly wasting our lives in war and depradation. We celebrate the momentary anomalies like American democracy and Congress keeping up with crimes by minimuzing them with regulations tied into the existing enforcement infrastructure. Let's get rid of some of these old laws, like subsidies for political campaigns and their c
    • by brianosaurus ( 48471 ) on Thursday October 07, 2004 @05:12PM (#10464734) Homepage
      Its unfortunate that there is another law, but its even more unfortunate that it got to the point of NEEDING another law.

      Its unlike the controversial DMCA and INDUCE Acts, which are pre-emptive strikes from a huge lobby, establishing laws before there is a problem. Spayware is a problem, amd its becoming more of a problem every day.

      Sure everyone knows its "wrong", but its not yet illegal so unethical types will exploit it. Of course we're now exposed to the unethical types who will exploit certain interpretations of the law, but hopefully the Justice Department can do something about them.

      Laws don't make things right or wrong, they just make things illegal. The behavior was wrong/right before the law eas enacted, but the community was, apparently, powerless to do anything.

      Perhaps Microsoft (for example, since approximately 100% of the spyware I know of is for Windows) could have come up with a technical solution to the problem, but they didn't so now its a law.
  • and so... (Score:5, Funny)

    by scaaven ( 783465 ) on Thursday October 07, 2004 @03:22PM (#10463520)
    And so marks the end of Real.

    evil empire...

    • Yeah, lets hope [buffering...] so, eh?
    • Re:and so... (Score:2, Interesting)

      by trogdor8667 ( 817114 )
      In all seriousness though, what will happen to Microsoft now? Doesn't their EULA give them permission to access your computer and gain administrative rights? Won't this bill make that provision null and void?
      • If they are using that access to spam your computer yes - if not, no. Then again, if the law is not a dummy law (non-waivable) then by agreeing to the EULA you must accept the terms
        Also, some of the tracking features can be disabeled - and if I remember correctly - spyware makers just need to ask for your permission. So if you consent to it then you are free game :D
        • Re:and so... (Score:3, Insightful)

          They spam computers.

          'Setup your MSN Passport'

          'Click here for MSN messenger'

          'Use this wizard to sign up for MSN internet service'

          Blah, Blah, Blah.
  • been there (Score:5, Insightful)

    by GerbilSocks ( 713781 ) on Thursday October 07, 2004 @03:23PM (#10463535)
    Spyware will just move offshore. More governmental bullshit.
  • Loophole City (Score:5, Insightful)

    by American AC in Paris ( 230456 ) * on Thursday October 07, 2004 @03:24PM (#10463544) Homepage
    From the Yahoo! blurb:

    It would add penalties of up to five years in prison for people convicted of installing such programs without a computer user's permission.

    If this is really the case, this law isn't going to do a damn thing--all it means is that spyware developers will need to put a sufficiently dense bunch of legalease on page eight of the EULA. (It was noted somewhere--NPR, I think--that the typical EULA is measurably longer than the Constitution of the United States...)

    "From time to time, Awesomeness2004!!! Pro may gather usage statistics and other information and transmit this information to the ShadyCorp central server."

    "By clicking 'I Agree', you grant ShadyCorp permission to install Awesomeness2004!!! Pro. To take advantage of certain advanced features, Awesomeness 2004!!! Pro requires SnifferExeDllBuddy. SnifferExeDllBuddy may track and report usage statistics and other information."

    "ShadyCorps is concerned about your privacy. Your personal information will only be made available to ShadyCorp and approved ShadyCorp partners."

    Forget teeth--this law'll be lucky if it can manage to gum hungrily at the bastards' ankles. How about a law that renders post-POS EULAs null and void?

    • But then again, EULA's haven't been proven to be enforceable, correct?

      Blake
    • Now this brings up again the legality of EULAs.

      What if they just put in the EULA, "By clicking Yes, you agree to let us do what we want with your computer and any information passing through it which will be determined by us unbeknown to you at any time"? Of course it will have much more legalese in it and be on at least page 8 of the legalese.

      Also, there is no law that says that one must be above the age of 18 to install software, but there is a law that noone under 18 can sign a legally binding contra
    • Re:Loophole City (Score:3, Informative)

      by choprboy ( 155926 )
      It was noted somewhere--NPR, I think--that the typical EULA is measurably longer than the Constitution of the United States...

      It was on NPR, yesterday I believe (but I can't find the link at the moment). The company in question was Gator (AKA Claria), which has a EULA longer than the constitution.

      However, it should be noted (as stated in the interview) that nthis law is completely useless anyways do to the "EULA permission" exception. Two of the biggest proponents of the legislation are WhenU and 1800So
  • sorta OT (Score:5, Interesting)

    by Lxy ( 80823 ) on Thursday October 07, 2004 @03:27PM (#10463589) Journal
    Is there a good HOWTO on cleaning up a Windoze box from spyware and keeping it clean? I use the following method:

    Install Ad-aware, update, clean, reboot, clean
    Install Spybot S&D, update, clean, reboot, clean
    Install Spywareblaster, update, enable protection

    This method has worked pretty well in the past. In the last couple days, I've gotten infected by some browser hijackers and no amount of cleaning and resetting things will delete the %$#@$$#%ers. Is there a better method?
    • Re:sorta OT (Score:2, Insightful)

      by scaaven ( 783465 )
      install Firefox [mozilla.org].

      seriously, I used IE for a while and got fed up with closing pop-ups and saying NO to installing INTERNET GAMBLING.EXE or PORNVIEWER.EXE. firefox is a breath of fresh air.

    • 4) Install AVG or some other Anti-Virus if not there already.

      5) Collect funds or some compensation for cleaning lusers computer

      6) Profit
    • http://www.informationr.us/ - on my website (link not clickable on purpose, it's hosted on a DSL line) I have a downloadable zip I call my Anticyberterrorism toolkit. In there is a neat, but potentially dangerous, little program called HijackThis! which is the best way I know of to get rid of crap that loads at startup. The dangerous part? It also flags valid programs, drivers from your hardware, pieces of Windows itself, as potential spyware- so be carefull deleting. However, it will get every damed BH
      • HijackThis isn't anything more than a glorified msconfig is it? (Serious question, I used it maybe once, and couldn't see much difference)
        • It's actually a bit worse than msconfig- more dangerous, there are certain things that msconfig won't let you delete that are necessary for the well being of your operating system. Simpler too- it just grabs all of the registry keys and shortcuts that get loaded at startup of Windows and IE and lets you sort them out (msconfig gives you a nice tabbed interface).

          However, it's simplicity is it's strength- and msconfig wasn't available on Windows 2000, so for those machines you need a third party tool. Brow
        • Re:sorta OT (Score:3, Interesting)

          by Artifakt ( 700173 )
          The biggest advantage for the non technical user is that they can take the finished list it produces and submit it for inspection by others, via the website. A user could probably make notes of what lines MSCONFIG shows and google for each one they had doubts about, but that's likely to be more time consuming than the single list, and depending on the user, less productive.
          Also, clicking on the "Info on Selected item..." button in HijackThis gets a pop-up explanation of the selected line in the list.
    • Re:sorta OT (Score:4, Informative)

      by NeoSkandranon ( 515696 ) on Thursday October 07, 2004 @03:32PM (#10463682)
      I use Spybot and Spysweeper, as Ad Aware typically only finds trackng cookies and such like as opposed to spyware (in my experience anyway)

      I also make sure to use Spybot's TeaTimer and ActiveX blocker.

      Installing Firefox is a good way to keep it clean ;-) If it's an option at all on the computers you work on, go for it. It also tends to render a LOT of browser hijackers totally irrelevant.

      As for cleaning the hijackers themselves, I'd reccomend googling for the process name if you know it, odds are you'll stumble on an info site with detailed removal instructions
    • Re:sorta OT (Score:3, Insightful)

      by Celt ( 125318 )
      Yes!
      Stop using IE = problem solved :)
      www.mozilla.org

      --
    • Re:sorta OT (Score:2, Interesting)

      by vespazzari ( 141683 )
      It seems to me that a browser hijacker is alot like a virus- especially if you cannot get rid of it. So why are the antivirus companies not addressing this with there AV software?
    • Re:sorta OT (Score:3, Informative)

      by Greyfox ( 87712 )
      Try:

      Unplug network cable, install windows, install SP2 from CD, plug in network cable, install your favorite firewall (I like zonealarm), install firefox, install thunderbird.

      That shoud give you a reasonably tight platform to add other spyware detection and cleaning tools. I like to disable several javascript features in firefox too (No popups et al.)

      I don't actually do Windows, but it seems like I've been setting it up for friends a lot lately...

      • plug in network cable, install your favorite firewall

        This is backwards

        Also, stromngly consider a hardware firewall/NAT router.

        • You can put it on CD I suppose, SP2 provides some firewall functionality and closes up all of the known holes that you have to worry about when connecting a computer to the Internet. Now that you mention it, though, go ahead and put the zone alarm, firefox and thunderbird executables on the same CD with SP2 and you won't have to plug your network cable in until the very end :-)
    • Re:sorta OT (Score:5, Funny)

      by Lord_Slepnir ( 585350 ) on Thursday October 07, 2004 @03:37PM (#10463735) Journal
      the best way I found was:

      c:\>format c: /y

      or, if you want your system to boot up afterwards:

      c:\>format c: /y /s

      Works every time

    • I use spybot to do the grunt work. The thinking work is done using Mike Lin's Startup Control Panel. My systems have the control panel version installed, and I use the standalone for repairing systems at work. Spybot and Ad-Aware together do not catch many pieces of malware which I have had to remove by hand. Startup Control Panel examines all the registry locations which start programs, not just a couple of them like MSCONFIG. It won't help if you don't know what you're doing, though.
      • Mike Lin has a companion program that I also recommend, StartupMonitor. It keeps track of any attempt to add a new item to your startup lists and it pops up and asks you if you really want "evil_gambling_plugin.exe" to run at startup.

        It's kind of like ZoneAlarm, but for your startup processes.

        You can get this and other utilities at his website [mlin.net]
    • This method has worked pretty well in the past. In the last couple days, I've gotten infected by some browser hijackers and no amount of cleaning and resetting things will delete the %$#@$$#%ers. Is there a better method?

      1. Dump IE and use Firefox/Mozilla instead.

      2. If you can identify the program that is causing the problem, boot from CD using a Knoppix disk, mount the hard drive and delete the offending files.

      • ....except Knoppix (at least the one I DL'ed a month ago) still refuses to write to an NTFS partition.

        MOST machines users end up with nowdays are NTFS.

        Knoppix works great for FAT32 drives though.
    • I find HijackThis to be pretty effective at removing browser helper objects. Just add that to your other utilities.

      I'd also recommend you use firefox or opera if you're not already, thus removing one main infection vector.
    • Is there a good HOWTO on cleaning up a Windoze box from spyware and keeping it clean? I use the following method:

      Install Ad-aware, update, clean, reboot, clean
      Install Spybot S&D, update, clean, reboot, clean
      Install Spywareblaster, update, enable protection


      Format? Reinstall? Be very careful how you use your computer and who you let use it?

      Works for me.

      I'm not going to offer any anti-Windows babble, because that's not a true solution. But if you are going to use Windows, you have to know what it is
    • Definetly, DEFINETLY try all of the above mentioned things first and as directed AND THEN if you *STILL* can't get it off (and are sick of my all caps), THEN:

      1)Select one of the following spyware removal discussion boards

      http://www.wilderssecurity.com/ [wilderssecurity.com]
      http://forums.spywareinfo.com/ [spywareinfo.com]
      http://forums.net-integration.net/ [net-integration.net]
      http://www.computercops.biz/forums.html [computercops.biz]

      2)READ THEIR FAQS THOUROUGHLY

      3)Create an account and post your story along with supporting documents outlined in their FAQ to their board.

      4)Wait
  • Double edged sword (Score:4, Insightful)

    by rhsanborn ( 773855 ) on Thursday October 07, 2004 @03:27PM (#10463597)
    Well, I really would like to see the death penalty brought in as punishment for spammers and distributors of viruses and spyware, but I also think that the expansion of law in this area has the potential for being over-broad and being abused. We need to take a long hard look at these solutions and decide whether we want to let the government try and take care of this, or let industry try to weed it out.

    The government can't enforce a large portion of the laws it already has enacted. So they sit there helping no one, all the while they are waiting to be used in ways they were never designed for. I'm just real uncomfortable with it.

    How about we educate users on good internet habits, and let the industry develop better ways to eliminate spyware.
  • From the summary of the first bill:

    Makes it unlawful for any person who is not the owner or authorized user (user) of a protected computer (a computer exclusively for the use of a financial institution or the U.S. Government, or a computer used in interstate or foreign commerce or communication) to engage in deceptive acts [etc etc]

    I don't know about you, but my home machine isn't used exclusively by a financial institution or the US government.

    The other option is using my computer for interstate comme
    • interstate or foreign ... communication)

      Think e-Mail and surfing web pages from out of state servers.
    • Please reread the text you quoted. A computer used in interstate communication qualifies. Since basically any use of the web is going to be interstate because some of your traffic is going to go that way (DNS, windows update checks, whatever) essentially every internet-connected computer is covered.
    • "..or a computer used in interstate or foreign commerce or communication) to engage in deceptive acts [etc etc].." I don't know about you, but my home machine isn't used exclusively by a financial institution or the US government.

      This is proper for the US congress. "A computer used in interstate commerce" includes just about everybody-- whenever you buy something off the web from a company in a different state or even use eBay.* The Congress is allowed only to write laws that affect "interstate comme

    • or a computer used in interstate or foreign commerce
      or communication

      Have you never visited a web site outside your home state?

  • RTFS... (Score:5, Informative)

    by plover ( 150551 ) * on Thursday October 07, 2004 @03:28PM (#10463601) Homepage Journal
    The AP reports that the US House of Representatives has unanimously passed a law

    No, the AP correctly reported that the house passed a BILL. A BILL is not a LAW until it passes through the entire congress and the president signs it. (Remember the Schoolhouse Rock song, "I'm just a Bill"?)

  • Spyware law... (Score:2, Interesting)

    by jskline ( 301574 )
    What about Microsoft?? What about Real.com, and all these others that require you to license their wares, and these wares send user metadata back to the mother ship! what about all this???

    I bet because of all the Micro$oft(tm) money(tm) floating round in Washington, this will never ever get addressed!!!

    Yup. Another pointless law just to fill lawmakers time up before holiday.

    • I'm going to install my licenced version of MechWarrior IV tonight, then email MS asking for a cheque to settle the unauthorized C-Dilla spyware install out-of-court.

      It might actually end up being a good birthday present after all.
  • by lukewarmfusion ( 726141 ) on Thursday October 07, 2004 @03:30PM (#10463634) Homepage Journal
    "...has unanimously passed a law..."

    How come they never pass any laws posthumously?
  • GREAT (Score:3, Insightful)

    by Exmet Paff Daxx ( 535601 ) on Thursday October 07, 2004 @03:31PM (#10463659) Homepage Journal
    They just legalised adware:

    (a) Prohibition- It is unlawful for any person, who is not the owner or authorized user of a protected computer, to engage in deceptive acts or practices that involve any of the following conduct with respect to the protected computer: ...

    (E) delivering advertisements that a user of the computer cannot close without turning off the computer or closing all sessions of the Internet browser for the computer.


    Which means, by inference, that you can spam as many ads as you want onto a victim box, provided they are able to close each of the ads by clicking on them. Note that this does not prevent an infinite number of closable ads, just as an infinite number of copyright extension laws is still not infinite copyright.

    Note also -and this is important- that they've made no distinction between a program which resides on the box (actual intrusion) and Javascript. This means that Last Measure and other browser shock sites are illegal. Think about it.
  • Wrong Solution (Score:3, Insightful)

    by fdiskne1 ( 219834 ) on Thursday October 07, 2004 @03:31PM (#10463666)

    With all the articles I've read recently, I'm thinking we are going about this all wrong. While I don't disagree with making this illegal, I believe the laws will be near impossible to enforce and overlook those ultimately responsible.

    M$ makes Internet Explorer and Windows to be inherently insecure making spyware and viruses possible. I nearly choked when I saw that M$ may be getting into the antivirus business. If they wanted to do that, all they'd have to do is make their product more secure. About the only reason there is an antivirus and anti-spyware market and a spyware law is because M$ makes them possible.

    No, I'm not a karma whore. I'm just stating what I believe.

  • Does this mean???? (Score:3, Interesting)

    by GReaToaK_2000 ( 217386 ) on Thursday October 07, 2004 @03:32PM (#10463676)
    Does this mean that the software that the FBI uses to track email in an effort "to fight terrorism" falls under the "spyware" law?

    ~G
  • by blankman ( 94269 ) <blankman42@[ ]il.com ['gma' in gap]> on Thursday October 07, 2004 @03:33PM (#10463691) Homepage
    If this becomes law, and a piece of spyware is found to be illegal, who exactly goes to jail? The programmers who wrote it? The stockholders of the company that paid the programmers to write it? The owners of the web site from which a user unwittingly downloaded and installed it? Suppose I determine that I got a piece of spyware from IP address X... is the ISP on the hook for criminal charges too?

    Give Congress credit for trying, but I don't see you can realistically make installing spyware a jailable offense.
    • I agree; it seems very difficult to determine who is at fault. It won't be the stockholders, though. Can you imagine the effects on investment if stockholders might be held responsible for a company's wrongdoings? The cigarette companies, among others, would be very hard hit if limited liability protection were removed.

      Also, IANAL, but would spyware that's already been developed and installed be exempt from the law as it can't apply ex post facto? I think you'd have to prove that the company developing
    • "who exactly goes to jail?"

      This is the perennial problem of the corporation.

      Since the corporation is a legal person, 'it' might be responsible, but then how do you send a corporation to jail?

      Personally I think that the 'corporation as a legal person' is one of the great lies of our time; it seriously fucks the law right up.
  • by RealProgrammer ( 723725 ) on Thursday October 07, 2004 @03:34PM (#10463704) Homepage Journal
    Rep. Zoe Lofgren [...], D-Calif., said spyware was "quickly becoming one of the biggest threats to consumers on the Internet." She cited estimates that up to 90 percent of computers contain some forms of spyware. Lofgren said her daughter was recently victimized by electronic thieves in a phishing scam, persuading her in a forged e-mail to disclose personal information.

    90%, huh? That seems awfully high. People always say 90% of computers are running Windows, too. No, wait -- you don't think those figures could be related, do you?

    And I thought the CAN-SPAM Act was supposed to fix all of these email forgery problems.

    It's a good thing Congress is on top of it. At least they are when it affects their kids.

    • Barton acknowledged that experts had recently found more than 60 varieties of spyware installed on the panel's own computers. He said all the spyware programs had been installed without the permission of computer users.

      I thought those machines were pretty clean for windows computers that were actualy used and cleaned for the first time. I suppose that it wouldn't be too had to write code to spare machines running on the .gov TLD from the plague that most endure.
  • by Jakhel ( 808204 ) on Thursday October 07, 2004 @03:36PM (#10463725)
    Seriously, I'm all for anti spyware and anti scam measures, but is this really going to address the core issue? That is, people aren't educated enough to NOT fall for scams? And if they AREN'T educated enough to not fall for it in the first place, what good will the law do?

    A current example may be those "multi level marketing schemes" like Vector or Pre paid legal (they are really just pyramids in disguise). We've got laws against pyramid schemes, and yet these companies are still around (they call themselves multi level marketing in most cases, just to avoid the legal hassels). The people who actually get caught up in the schemes are those who are a) to stupid or b) to greedy to not realize what's going on; and by the time the person has found out that they have been duped, the perp (I've been watching law and order :D ) is long gone. Incidentally those people who would be fooled by spyware are more than likely those who wouldn't know how to deal with it in the first place (spybot, adaware, or cleaning the system registry manually).

    And then there's the question of how many people will actually actively pursue a lawsuit against spyware companies. I'm willing to bet that most people will say, "spyware is against the law, the companies can't do that and if they install it on my computer I'll write a nasty letter to them" instead of "spyware? time to sue". Almost like what's going on with spam..

  • by farzadb82 ( 735100 ) on Thursday October 07, 2004 @03:39PM (#10463750)
    Internet Spyware (I-SPY) Prevention Act of 2004 - Amends the Federal criminal code to prohibit intentionally accessing a protected computer without authorization, or exceeding authorized access, by causing a computer program or code to be copied onto the protected computer, and intentionally using that program or code: (1) in furtherance of another Federal criminal offense; (2) to obtain or transmit personal information with intent to defraud or injure a person or cause damage to a protected computer; or (3) to impair the security protection of that computer.

    Does this mean that having a software application that automatically updates itself with a newer version that has bugs that compromise the security of the computer and all information within can now be considered a criminal offence for the software developer ?

    • If you're running as Administrator, it doesn't matter, since by definition, that's complete and total access to the machine - and it's _authorized_, since all code is trusted.
  • by Weaselmancer ( 533834 ) on Thursday October 07, 2004 @03:40PM (#10463765)

    Because if not, every worm writing script kiddie is probably crapping a load right now. The law goes into effect today. If your worm infects someone tomorrow, even if you wrote it years ago, you're hosed.

    I hope.

  • by SamSeaborn ( 724276 ) on Thursday October 07, 2004 @03:41PM (#10463774)
    If the law prevents others from installing stuff on my computer I didn't ask for and don't want then it sounds good to me.

    Many spywares I've seen are in Windows directories. This may be old hat, but can't Windows do a simple hash or cert check on a file going into c:/Windows or c:/Windows/System to see if it's an "official" or "authorized" file?

    A simple message like "Application X is trying to put a file called NOTEPAD.EXE in your Windows/system directory -- this is not a Microsoft file, do you want to allow this?" would suit me.

    Goodness knows Windows nags me about a million other things on a daily basis ("Updates ... get your updates!").

    Sam

    • Because lots of stuff messes with the Windows director and MS would catch shit for it. I mean people got all up in arms about driver certification. Basically Windows will by default whine if you try to install a driver not blessed by MS. People got all up in arms that MS was trying to control the hardware market and force people out and so on and so forth.

      They'd catch even mroe shit for this since it would bitch basically every time you isntalled an app, and few people take the time and money to get their
  • by Anonymous Coward
    Whew!! Now no more Spyware!!!

    Taken care of just like they did when they made SPAM illegal!!

    I was glad to get rid of that...

    er..

    desiv :-)
  • Coolwebsearch and browser hijackers?

    The bill doesn't touch them. I really don't think that they care, since CWS's browser-hijacking "affiliates" are mostly Russian-based.
  • no unanimous (Score:2, Interesting)

    by minus_273 ( 174041 )
    one republican member from texas opposed it on the grounds that any govenment control of the internet is wrong check this article [bbc.co.uk]
    The fellow's name is Ron Paul [house.gov]. He has an interesting position. Though they may not agree with apyware, i think it is a position that i think many here would agree with.

    Maybe we should interview him on this site. :)
  • Ron Paul (Score:3, Interesting)

    by Brandybuck ( 704397 ) on Thursday October 07, 2004 @04:00PM (#10463975) Homepage Journal
    Ron Paul (L-Texas) voted for this bill but he was the lone dissenter in the last spyware bill. It would be interesting to find out what was different about this bill (or what poison pill was in the last one).
  • How about rewards for helping in identifying spyware makers - that aught to spur people into action (i.e. disgrunteled mail clerk rats out his company who is built on creating spyware)
  • by C_Kode ( 102755 ) on Thursday October 07, 2004 @05:58PM (#10465237) Journal
    While I don't disagree with this, I also thing this is nothing more than a bandaid. The seive that is Internet Explorer is what makes most of this possible. IE gets hijacked and tons of spyway/virus type crap gets installed. I have been banning the use of it at work, but there are some users I just cannot prevent from using it. (my CFO refuses to stop using it?!?!?!?!) When companies are caught doing illegal things, they fine the companies till that *fix* the problem. Well, it's been almost 10 years, and IE has gotten worse not better. The more Microsoft embeds IE into Windows, the more disruptive these virus writers become. They need to mandate MS to separate IE from Windows, and curb it's *automatic usability* features. Fine them till they do it, or force them to remove IE all together and not allow them to make a web browser anymore. (wow wouldn't that break 30 million websites that are IE only hah)

    anyway, I'm just ranting because I have to deal with this epidemic daily at work... :(
  • by Animats ( 122034 ) on Thursday October 07, 2004 @06:57PM (#10465754) Homepage
    This is a pro-spyware bill, just like the CAN-SPAM act is a pro-spam bill. As with the CAN-SPAM act, it preempts state law, invalidating Utah's strong anti-spyware law. As with the CAN-SPAM act, it prohibits private lawsuits. Only the FTC can enforce this act, and they're a weak agency under the current administration.

    This is the bill Philip Corwin, Kazaa's lobbyist [hillnews.com], wanted.

"I never let my schooling get in the way of my education." -- Mark Twain

Working...