Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Security The Internet

Anti-Spyware Guidelines Get Final Version 104

Ant wrote to mention a C|Net article reporting an agreement by The Anti-Spyware Coalition on some standard methods for identifying and combating spyware. From the article: "The Anti-Spyware Coalition, whose members include Microsoft, Symantec, Computer Associates, McAfee, AOL and Yahoo, said on Thursday that it has finalized its spyware detection guidelines. The final version takes into account public comments on a proposed version introduced in October ... The Anti-Spyware Coalition's guidelines, or risk model description, aim to provide a common way to classify spyware, based on risks a piece of software poses to consumers. They also suggest ways to handle software, based on those risk levels."
This discussion has been archived. No new comments can be posted.

Anti-Spyware Guidelines Get Final Version

Comments Filter:
  • by jellomizer ( 103300 ) * on Friday January 13, 2006 @01:14PM (#14465288)
    Oh yea they make secure products.
    • I came to the conclusion that this organisation is nothing more than a marketing arm of the corporations involved when I read their list of recommendations. If this body had any conscience whatsoever, the first item on the list would be:

      • Use safe software. Some operating systems and software applications are more susceptible to spyware than others. Be sure to verify that any software you run on your computer lives up to the highest security standards.

      Afterward, if the member corporations feel that the

  • by BushCheney08 ( 917605 ) on Friday January 13, 2006 @01:18PM (#14465327)
    Shouldn't Sony be included in the coalition?
  • by pieterh ( 196118 ) on Friday January 13, 2006 @01:20PM (#14465341) Homepage
    "Any software that does things we don't like, and which you have not paid us to 'certify'".

    Many of these vendors have implicitly collaborated with spyware vendors in the past, for commercial gain, and anything they say must be taken with a large pinch of salt. This is an attempt to create some teflon in view of more aggressive anti-spyware legislation.
    • Coalition for Teflon
      That's an insult to a perfectly good non-stick coating...
      • Yeah, it gives you the perfect cancer [google.com] when you burn it, too.
  • What is Spyware? (Score:3, Interesting)

    by digitaldc ( 879047 ) * on Friday January 13, 2006 @01:22PM (#14465358)
    I would say it is a hidden program that transmits your personal data that you neither want or need, yet the company who makes it wants it to secretly further their own interests and profit.

    'Don't be evil' would apply here.
  • Important work! (Score:5, Insightful)

    by hoggoth ( 414195 ) on Friday January 13, 2006 @01:22PM (#14465362) Journal
    This is very important work, because as soon as there is an 'official' set of methods for detecting spyware, the spyware authors can get to business writing spyware that avoids detection by the official methods. I'm sure spyware authors are very excited for this document.

    Then, of course, the anti-spyware consortium will have to address these new vectors and issue an updated set of anti-spyware methods. Which will, of course, spur the spyware authors to come up with new, undetectable methods. And so on...

    I'm so glad this consortium is coming up with an official list of methods to detect spyware, because once they do everything will be totally different than it is now. Kinda.

    • Re:Important work! (Score:2, Insightful)

      by drpimp ( 900837 )
      "Then, of course, the anti-spyware consortium will have to address these new vectors and issue an updated set of anti-spyware methods. Which will, of course, spur the spyware authors to come up with new, undetectable methods. And so on..."

      I concur, spyware/malware and viruses even are similar to an arms race. Bigger and better for both sides will continue to be the on going process to which the endless and vicious cycle will endure. Who usually wins this race? In most cases it's all about the more peopl
      • Re:Important work! (Score:3, Interesting)

        by HiThere ( 15173 ) *
        In a literal arms-race, you are correct. The wealthier, more committed side will usually win, but things are slightly different if you consider the virus-immune system combat. The viruses can't win, because that would kill off their prey, but the prey can't defeat the viruses because ... well, because they can't. Evolution provides viruses with such a comprehensive ability to search vulnerability space that they can't be defeated without removing all vulnerabilities, and no organism has been able to do t
    • Re:Important work! (Score:2, Informative)

      by hobbesx ( 259250 )
      I believe that 'classification' in this case is being used in the sense of sorting and labeling by property, rather than detect and identify.
    • Yes, because we can only fight spyware when nobody knows what it is...
  • Let me guess... (Score:5, Insightful)

    by ErikTheRed ( 162431 ) on Friday January 13, 2006 @01:22PM (#14465365) Homepage
    Since the guidelines themselves aren't enumerated in TFA, I'm going to hazard a guess and say that "unremoveable software installed without your permission that modifies the way your computer works and spies on you is bad if it's installed by a corporation with a net income of less than nine figures, but it's ok if it's installed by a corporation with a net income of nine figures or more, because they know more about your computer than you do, they know what's best for their customers, and they need to protect their 1920's-style business model."
  • by revery ( 456516 ) <<ten.2cac> <ta> <selrahc>> on Friday January 13, 2006 @01:23PM (#14465372) Homepage
    ...agreement by The Anti-Spyware Coalition on some standard methods for identifying and combating spyware. From the article: "The Anti-Spyware Coalition, whose members include Microsoft, Symantec, Computer Associates, McAfee, AOL and Yahoo, said on Thursday that it has finalized its spyware detection guidelines.

    I guess now we just have to wait for the Spyware Coalition to agree to the demands that they write spyware to these specifications...

  • To me, this sounds like a plot to have software companies pay this cooalition to certify their software in order for it to be available to download on Yahoo, pass over AOL's network, and work on Microsoft Windows. Sony would definitely be fined for what they have done. Intel can join in, and pretty soon, our DRM enabled Windows and Intel systems won't be able to run non-spywawre certified software. Which increases costs for everyone. Just a thought.
  • by s31523 ( 926314 )
    ... good guys, or bad guys? If the guidelines for detecting spyware are published and agreed upon, won't the spyware jockies use them to their advantage, like a slick tax accountant snaking through tax law holes?
  • by GmAz ( 916505 )
    Are one of the guidelines that if Microsoft owns the company or adds it to the list of programs not to check in their spyware software, then its not spyware?
  • by gallwapa ( 909389 ) on Friday January 13, 2006 @01:49PM (#14465574) Homepage
    ...that we even have to deal with spyware. I understand the need for user convience, but, I would reckon that it is highly INCONVIENT to have your system open enough to get spyware. As I've said on many posts, I don't *get* spyware, or viri, or anything else. And I'm not an anal linux zealot who would like to see Gates assassinated becuase Windows does or does not do this or that. Windows is what it is - but I use windows, at work, and at home - yet I fail to get spyware with simple configuration. When is the last time spyware was able to execute using Firefox with NoScript (whitelisted javascript), reading the EULA's [aka don't download 5,500 'free' games] and not installing kazaa [aka reem my computer please]? The fact of the matter is spyware is a _user_ problem. If _users_ continue to click "next next next" and don't understand what they are installing, spyware will be a major part of the future. Eventually, though, the old and illiterate will die out and the technology generation will understand (hopefully) enough to read and comprehend.
    • http://slashdot.org/it/02/12/19/1329243.shtml?tid= 128 [slashdot.org]

      not for long - the "bad guys" keep getting smarter, and the degree of error needed to get your box taken over is getting vanishingly small...
      • If you were downloading music, why didn't you check the ID3 tags first? If I were to infringe, which I really dont do a lot (if ever, anymore) I'd get 30-40 songs at once and load them into a formatter - format the id3 tags based on file names, and fix the error. And if that was a winamp specific error, dont you know about the priceless, ageless, sonique? :-)
    • by evilviper ( 135110 ) on Friday January 13, 2006 @03:11PM (#14466367) Journal
      The fact of the matter is spyware is a _user_ problem. If _users_ continue to click "next next next" and don't understand what they are installing, spyware will be a major part of the future.

      Nope and nope.

      Spyware does silently install itself thanks to Internet Explorer vulnerabilities, without the users clicking anything.

      Even on my Windows test system, which I barely use, I've found myself to end-up with spyware... There are several programs out there that include spyware, but do not make any mention of it in their EULA. And once you get one spyware program installed, it will likely download and install others on it's own.

      Spyware can not be prevented, even by the eternally vigilant, unless you have practically nothing installed on your computer. Sure, the people with 40 different "search bars" are probably not reading the EULAs, but even in that case, antivirus programs should remove it. Just because it's vaguely mentioned in an EULA doesn't make viruses legal.
    • I disagree that it's solely a user problem. There are a lot of stupid Mac and Linux users that don't get spyware, either.
    • When is the last time spyware was able to execute using Firefox with NoScript (whitelisted javascript), reading the EULA's [aka don't download 5,500 'free' games] and not installing kazaa [aka reem my computer please]?

      January 2nd?
  • Surprised... (Score:3, Insightful)

    by toupsie ( 88295 ) on Friday January 13, 2006 @01:50PM (#14465585) Homepage
    Why isn't Apple a member of this coalition? They are a major OS provider on the Intel platform.
  • Then again, I'm sure the spyware authors would love to have a reference document, detailing how not to get caught.
  • Terrorism (Score:2, Offtopic)

    by hoggoth ( 414195 )
    In exciting news, the Department of Homeland Security has announced that it will follow the lead of the anti-spyware coalition and create a comprehensive list of methods that terrorists may use to infiltrate the United States. Once the list is completed, the DHS need only secure the methods outlined in the guide to effectively halt all threat of terrorist activity on US soil.
    "We are very excited to be on the brink of winning the war on terrorism," reports one high ranking DHS official.

    Congress has announced
    • Unfortunately, since this was satire, it was not offtopic. Sure, I'll probably get modded down as flamebait or offtopic myself, but I've got a little karma to spare. It wasn't the best post, and didn't even make me smirk, but it didn't hurt me to skim it.
      • Re:Terrorism (Score:2, Informative)

        by hoggoth ( 414195 )
        Sheesh. At least SOMEONE got the analogy.

        Moderator: Um... This says terrorism; Um... The article says spyware; Um... Buzzwords don't match; Um... Must be offtopic.
  • The Anti-Spyware Coalition, whose members include Microsoft, Symantec, Computer Associates, McAfee, AOL and Yahoo, said on Thursday that it has finalized its spyware detection guidelines.

    They were quoted as saying "Any software that was not developed by us will be tagged as spyware and removed. Problem solved, nothing to see here, folks."
  • by brxndxn ( 461473 ) on Friday January 13, 2006 @02:25PM (#14465942)
    People are going about this whole 'fix the rampant spyware craze' the wrong way, IMO.

    First of all, why doesn't anyone ask why this spyware exists?
        Let's try answering that.. Microsoft, in their infinite wisdom, decided to give developers more and more control over a user's computer system over the years. This means that even websites can now install software, disable right-clicks, open larger than the actual desktop screen, hide the close button, pop up alerts with a 'click to install' button underneath, etc.
        Also, by default, Internet Explorer and Windows XP are both very insecure. Internet Explorer allows a developer to completely compromise a system with one stray click - since XP defaults to running in administrator mode. Vista, I heard, is going to fix this problem - it's about fucking time.

    Why should a typical user have to learn how to remove software on his own?
        He shouldn't be required to do this.

    Who is to blame?
        Microsoft - NOT stupid users. There will always be stupid users and Windows is supposed to be made for stupid users.

    How can Microsoft fix the spyware problem?
        - Patch quickly and often when holes are found.
        - Disable install on demand and any other intrusive ability by the developer to annoy or confuse the user in Internet Explorer.
        - Require actual acknowledgement (ie.. type admin password) when a program attempts to install. Also, alert the user (and give option to disable) whenever a software program attempts to stick itself in memory or startup, modify any files NOT in the program directory, or change the settings of other programs.
        - Do NOT allow the Windows uninstallation interface to be forced to 'rely' on the installed software. Instead, have a built-in install recorder and prompt the user if the program does not uninstall itself properly. (ie: "c:\windows\system 32\spyware.exe" has not been removed when SuperDuperSpywareRemoveproSunshineFucktheUser was uninstalled. Would you like to remove it?)

    What should the other companies (besides Microsoft) do to promote fixing the spyware problem?
        - Finish this tutorial
        - SUE MICROSOFT for allowing such irresponsible open access by default in their monopoly OS.

    What are some generalizations that Microsoft needs to change?
        - The fucking USER owns the computer; the USER should be in control - not developers.
        - Security and stability is paramount. Make things secure by default (like linux).
        - Quit letting every goddamn piece of software install itself in startup, a shortcut in every folder on the computer, and copy files to crucial system directories.
        - Promote the idea that any program should be able to run completely from the directory in which it is installed, which is controlled by the USER.

    BTW, Microsoft, if you decide to use my advice, please send me a $check.

    Seriously.. Windows XP is like if a car company decided to make locks on their cars an option and charge out the ass for it. Oh ya.. and the cars would be controlled ultimately by the corporations.. so if you intended to go to Burger King, your car would drive you to McDonald's instead.

  • Spyware is really easy to avoid.

    It usually identifies itself with some combination of the names "Windows", "antivirus", "antispyware" and "DRM".
  • I remember Gator successfully sued the antispyware product companies to identify its software as spyware. And More and more spyware is taking aid of this term. Will it attck this issue as well?
  • Spyware: Collects informaton about user and cannot be uninstalled through add/remove programs
    Malware: Forces information onto the user and cannot be uninstalled through add/remove programs

    What is so hard about that? It doesn't take a team of multimillion dollar contractors to figure that out.
  • Is spyware still a 'big issue' these days?

    I bought a shiney new laptop in September last year. Yesterday I finally downloaded MS AntiSpyware and ran it *for the first time*.

    For the last 4 months or so, I've been casually browsing the internet, downloading at a whim etc, and all I've had between me and 'the bad guys' is:
    - Service Pack 2 which came pre-installed,
    - Symantec AntiVirus,
    - D-Link router.

    In these 4 months I've had
    - no viruses *successfully* installed,
    - no spyware installed,
    - no browser hijacking/a
    • people in offices where the company can't afford the latest upgrades to get bug fixes.
      Lots of people who paid for windows 98 are still using it , there must also be a fair
      few XP users on dial up who still haven't got SP2 yet . Some people also disable the
      security to enable $app to work faster and forget to reanable.
    • Even bootleg xp's can install sp2 via an sp2 iso found on the internet or from a friend, which leads to the cd (which could also be found through a friend) or by turning on automatic updates. Microsoft decided to deny non critical updates, but imho it was out of fear of backlash and criticism that they still allow the bootlegs to get updates that patch critical vulnerabilities.
    • The average person has no idea that opening an email attachment from an unknown sender is bad, or that installing COOL FREE GIZMO from CLICK YES TO INSTALL isn't a good idea. This is why my former company installs Firefox on everything; don't even give the user a choice to install the crap.
  • by mephinet ( 181586 ) on Friday January 13, 2006 @02:50PM (#14466177)
    The risk model [antispywarecoalition.org] seems like a good idea to me, summing up what we generally consider as ad- or spyware.
    One point makes me wonder, though:
    • Program generates serial numbers/registration keys. Medium

    What has s/n generation to do with spyware? It does not reduce the system's security, does not reveil private data, and is probably installed on the machine because the user wants to generate a serial number!
    Looks a bit as if the companies in the coalition are having trouble in keeping apart the PC owner's goals with their own...
    • I'm thinking they mean programs which "can uniquely identify users of the program", rather than programs which "can be used to avoid paying for software". Consider what would happen if, say, Firefox "generate[d] serial numbers" on every install and these were passed on the outbound stream on a regular basis (say, in the HTTP request for websites, or via a "phone home" to Mozilla.org which relayed the last five URLs you visited and the unique ID) -- you could, without doing anything nasty *inside* the targe
  • From their FAQ, every member will have veto power and they aren't even going to certify software. So, they won't do anything that is relevant from a technical standpoint.

    It seems their goal is simply to define what spyware is. Even though the whole thing is mostly for marketing purposes, there are lots of uneducated users who could benefit from a better definition of spyware. Once those users are edumacated, they'll know that they need to buy some anti-spyware tools.

    On the positive side, since some of

  • The Coalition should be organized like the CTU off of "24". They ID spammers, Spyware and Virus authors... then send in a guy like Jack Bauer to just kill everyone in the office, then track down the guys that called in sick. /feeling a little bitter.
  • Why are the people who are known for their anti-spyware and been doing it for years invited? You know, like spybot and ad-aware. Not even trend micro who bought CWShreder and has had it's own anti-spyware product is listed.

    I even went to their website [ http://www.antispywarecoalition.org/ [antispywarecoalition.org] ] and couldn't find anything about the members to confirm it.

    If you do not have the experts of anty-spyware involved, what good is this one?
  • Looking at that website, there are only two companies on their members list- Lavasoft and Safer Networking, Ltd- whose anti-spyware products I would actually be willing to use on any computer. I'm vaguely surprised that they're on the list, but I guess the ASC has to bring in credibility from somewhere.
  • I always thought AOL itself *was* malware....
  • I think we can all agree that the average /. reader has been familiar with spyware for a lot longer than the average person. Right? Right.

    As someone who was in the room for most of the ASC's work, I can assure you, we weren't spending a lot of time thinking "What will /. readers think?" (Except for each other. I'd guess that most of the people who were in those rooms are /. readers. Hi gang!)

    Instead, these documents were written to try to explain to your parents, your elected officials, and your local newsp
    • I, for one, welcome our antispyware overlords!

      But seriously folks....
      Thanks for the explanation. I thought as much. Coalitions like this do tend to operate on defining policy first (as is my experience). Hopefully if the coalition continues beyond its original brief, then the 'think tank' should include other players.
  • Because it easily morphs (if it hasn't already) into a group that gov't can "trust" to advise them how to write legislation, tell them what corp's feel should be in related legislation and more dark and dangerous things.

    Let's assume that this federation is around for a little while. Sooner rather than later, it's not just about spyware.

    Trusted Computing + DRM + "spyware federation" - net anonymity = sh*t pipe into your home.
  • Full list of Members (Score:2, Informative)

    by Blazeix ( 924805 )
    From there website, here is a list of members of the AntiSpyware Coalition
    • Aluria, a division of Earthlink
    • AOL
    • Blue Coat Systems
    • Canadian Coalition Against Unsolicited Commercial Email
    • Canadian Internet Policy and Public Interest Clinic
    • Center for Democracy & Technology
    • CNET Download.com
    • Computer Associates
    • Cyber Security Industry Alliance
    • Dell, Inc.
    • Eset
    • F-Secure Corporation
    • Grisoft
    • HP
    • ICSA Labs
    • Internet Education Foundation
    • LANDesk
  • And the # 1 Spyware Guideline: Does it only run in Windows?
  • This sounds like a complete waste of time to me. So someone appointed a committee to decide what was 'untrusted' on our machines. This includes big corporate types who, of course, wont list their products on these lists. Here is my definitive and final list of unsafe & untrusted software products: Microsoft Windows v.[insert version here] Kill the hydra at the source, don't try to keep killing its heads.
  • "Software updates automatically Medium"

    Well look at that...

Put your Nose to the Grindstone! -- Amalgamated Plastic Surgeons and Toolmakers, Ltd.

Working...