New Anti-Spyware Bill Won't Stop Spyware; But Will Bring Back Questionable Anti-Piracy Measures
from the that-doesn't-sound-good dept
Politicians have been pushing for an anti-spyware law for quite some time — mostly because it’s the sort of thing likely to draw headlines that make the politicians look good. However, it’s widely acknowledged that such laws aren’t at all necessary. Anti-fraud laws can mostly take care of the problem cases out there — and the market itself seems to have actually taken care of the worst offenders in the space. Plus, with such laws (witness CAN-SPAM’s failure), they tend to do little to actually stop the activity, but more to define the rules by which companies can continue to do bad things without breaking the law.
However, with the law coming up yet again, Broadband Reports points to an even scarier part of the law currently up for consideration, the Counter Spy Act, as noted by Ed Foster’s Gripe Line. Basically, in the fine print, it appears to create a nice little “exception” for software companies that spy on users for the sake of checking whether they’re using an authorized copy — including the ability to let the software provider remotely shut off the computer or internet connection of those found to be using unauthorized copies. This has many folks worried that this is an attempt to backdoor in UCITA, the awful law from a while back that would allow software companies to remotely shut down computers of those found with unauthorized software.
So we’ve got a law that is unnecessary and wouldn’t even stop the problem of spyware if it were a problem — and opens up a backdoor to allow software companies to spy on users and remotely shut down their computers. But it may pass anyway because politicians want voters to think they voted against spyware.
Filed Under: anti-piracy, anti-spyware, congress, counter spy act, politics, ucita
Comments on “New Anti-Spyware Bill Won't Stop Spyware; But Will Bring Back Questionable Anti-Piracy Measures”
Of course this is the point
Just as the point of CAN-SPAM was to provide a legal pretext for spam (much to the pleasure of pro-spam lobbying organizations like the DMA), the point of this “anti-spyware” legislation is to provide a legal pretext for the forcible hijacking of users’ computer systems.
The impact on actual spyware will of course be negligible (if any) and those responsible for the passage of this bill will trumpet their “success” at addressing the issue.
The best legislation money can buy.
Copyright Abridges Privacy Anyway
The solution is to abolish copyright, for then no-one would seek to facilitate its unethical jurisdiction of the private domain in the first place.
Re: Copyright Abridges Privacy Anyway
Every time you pop up on this blog, you say the same thing. So … abolishing copyright is the solution to all our problems, the long-awaited technical panacea?
Re: Re: Copyright Abridges Privacy Anyway
Ignorance breeds ignorance.
Re: Copyright Abridges Privacy Anyway
The solution is campaign finance reform. Then the politicians wouldn’t have to sing for their supper when it comes to this kind of double-speaking BS bill. Of course, any “campaign finance reform” bill would be written by corporate lobbyists and riddled with so many loopholes that it would make the situation worse.
Re: Re: Copyright Abridges Privacy Anyway
Yup, the solutions are easy to spot. Their adoption and implementations are tricky.
Whilst copyright abolition is the obvious solution, it won’t happen unless there’s any money in it – even if you did achieve an apparent enabling solution of campaign finance reform.
Therefore, the only viable solution in the near term is enabling people to make more money out of copyleft works than copyrighted ones.
When copyright is discovered to be commercially counter-productive it’ll be dropped as if it were a badge that said “Made by slave labour”.
Nevertheless, the ultimate solution remains the abolition of copyright.
Spyware
By looking through the law, as long as the spyware maker puts a EULA on their software making them authorized users of the computer and taking all blame away from them, its not spyware…
I also found this clause funny(about uninstallation):
requiring in an unfair or deceptive
manner the user to access the Internet to
remove the software with knowledge or
reckless disregard of the fact that the software
frequently operates in a manner that
prevents the user from accessing the Internet
It’s really funny, cuz I believe it was the FTC that said they didn’t NEED this new law in order to help in the fight against spyware. As Ed has pointed out so frequently over the many years I have followed him, enforce the existing laws, don’t create new ones just because it’s politically expedient to do so. Ah, but there’s the rub, politics.
More than campaign finance reform, we NEED term limits. There is NOTHING that more corrupts our political process than those who make a “career” out of politics.
Re: Re:
Forget term limits… Allowing a politician to have even one extra term is a powerful enough corrupting influence. There just shouldnt be possible any “re-election”. It would solve a tremendous amount of corruption.
Re: Re: Re:
Members of Congress should be chosen by lottery from the general population, and should serve for only one term. Anyone who willingly wants to run for elected office should be immediately imprisoned.
Re: Re: Re:
Forget term limits… Allowing a politician to have even one extra term is a powerful enough corrupting influence. There just shouldnt be possible any “re-election”. It would solve a tremendous amount of corruption.
On thing that it doesn’t sound like you’ve considered is the counterargument to term limits that people who are not career politicians would be susceptible to people who make politics their career. For example, if every election cycle, you had a new groups of senators coming in, they could be taken advantage of by people who have been working in Washington for decades.
I’m not saying that I totally buy into this counterargument. There’s probably a happy medium, but I personally don’t think that term limits, even one term term limits, are a magic bullet that would “solve a tremendous amount of corruption”.
“create a nice little “exception” for software companies that spy on users for the sake of checking whether they’re using an authorized copy”
So I can give out a “free” screensaver – bundle it with tons of spyware, and it’s legit? Maybe I can put in the EULA that you have to register with my service to use the software and then it’s all good.
Heck – that might lead to even more spyware – with a legal ‘ok’.
Script kiddies...
And what happens when the script kiddies and malicious “hackers” discover how to use the back door? Forget Blaster, Melissa, Storm, etc… imagine a wave of virus infections that send themselves out to your address book followed by a disconnect. You’ll never get the AV update that removes it and never get back online.
Sounds like a plan to me…
go for it, in fact, let me help you.
i love anti-piracy measures, they are expensive, intrusive, and they don’t work, just like DRM and anything else that tries to limit what you can do in a PC. the more software companies waste resources on these counter[productive]measures the more people will seek out and support open source alternatives.
here is a doomsday scenario that happened to me just yesterday:
i have a whitebox PC from a small vendor. said vendor preloads an oem version of windows xp pro. the machine is installed in an office at the university i work for and some deviant who molests farm animals peeled the certification sticker off the back of the machine.
the machine bluescreens one time too many and i reload windows, but i don’t have the key for it since i don’t realize the magic sticker is gone until AFTER i’ve formatted the hard drive. this are two very easy mistakes to make. so i use the key i have on file.
turns out i have the wrong key on file. how do i know this? i am able to install windows, but the activation screen comes up tigh after the first i can’t activate online since the activation comes up at the first login (no network card set up yet), i can’t register by phone because the registration app doesn’t give me the magically generated number i have to give the customer service rep. i try to get MS to escalate the issue, but it’s easier and faster to just use the university’s volume licensed version instead. if i were a small company with no purchasing power for VLK’s, i’d be up the proverbial creek.
this would be sad, if i didn’t know of 5 different versions of XP floating around BT with no such key problems and all the device drivers and secrity update slipstreamed in. some of them even have office and a ton of software (like office) folded in as well.
good job guys, not only did you stiff arm a paid customer, but you failed to stop any actual piracy. good thing there is no competition in your space, or you would get eaten alive.
anti-piracy software is the chief cause of software piracy.
so go ahead and change the law. put in all the anti-circumvention nonsense you want, spy on us and log our keystrokes. make sure you report our activities to the government too. the sooner you have pushed yourselves out of the market, the better off we will all be.
How to stop this bill/ law
If this bill does actually become law, it will be struck down approximately 5 seconds after a Senator’s staffer has their computer shut down because someone installed a copy of Office.
Oh, wait, that copy was perfectly legal and Microsoft sent out a “false positive” signal which shut off a paying customer’s computer? Oh, well, the law was passed, so it’s legal for them to do so. Too bad, staffer, you can’t get your work done today. Hope that Senator didn’t need the speech you were working on.
Of course this situation will only happen after hundreds or thousands of people have complained about the law and after the Senators and software companies have said “There’s no way a ‘false positive’ can occur. Paying customers have nothing to worry about.”
Pinky: What are we going to do today Brain?
Brain: Why, take over the world of course Pinky.
If people do not install the crapware, how will the plan to take over the world ever succeed ?
Spyware Malware
There is a simple solution, and I have used it successfully.
Most malware is actually advertising related. The advertising pops up without the computer user having intentionally installed anything to have that effect (apart from maybe agreeing to section 2 , paragraph 3 , line 6, microline 5 of a eula somewhere that is not immediately re-traceable back from the popup or popunder.
What you do is locate the name of the ‘service’ that is creating the popunder etc.
Then, you make it reload as many times as possible, to get the websites of as many primary advertisers as possible.
You then send them a complaint email about the ‘service’ that is set up using subterfuge, and telling them that it puts their product into disrepute, as it is their primary financing that is perpetuating the situation.
You send an email also to the perpetrating ‘service’ (that in my case was at a different URL from the supplier of the software)telling them that you intend to systematically contact every advertiser that appears in a popup window with their name on it, and inform them that their product will be boycotted due to their advertising methods in using the ‘service’ that has caused an infection to occur.
Also, if the perpetrating ‘service’ is within a so-called first world jurisdiction, you contact the Chamber of Commerce for that particular location, and inform them of the world wide spamming type activities that their town or city is involved in. You also make a complaint to the appropriate Better Business Bureau.
In my case, I received an apology email from the perpetrator, who said that it was their ‘publisher’ who had done it, and that the software involved now had a clear warning in red text that it would produce popup windows with advertising content. I checked, and indeed it now did. (in my case it was actually some script in a blog ‘widget’ on my wife’s blog page)
It was not an easy evening, in fact, it was driven by rage, but I have proven that the key to resolution is to threaten the funding supply. I had resolution within 24 hours. I then emailed all involved informing them of the resolution.
Re: Spyware Malware
Now imagine spending all day every day doing that over and over for different malwares operating under the protection of this proposed law. Not a pretty thought.
I’ve been using the internet since before it went commercial and can remember when e-mail spam first started going around when it went commercial. It was just a message or two every now and then back then yet I was complaining to a group of coworkers about the potential for spam to become a real problem when one of them made the comment “So what’s wrong with spam? All you have to do is manually delete it. Simple. Is that too hard for you?” I wonder if he goes around espousing that position. Anyway, the point I’m making is that “simple solutions” sometimes don’t scale very well when the problem grows larger.
This is just another example of the government really not understanding how to implement regulations based on software restrictions. They always dream up some solution that, like in this case, only makes it worse and allows for even more malware to make it onto systems they are trying to protect..