Feeds

Industry coalition takes stab at defining spyware

Grappling with semantics

  • alert
  • submit to reddit

Next gen security for virtualised datacentres

Technology companies have formed an alliance with public interest groups to tackle spyware. Membership of the Anti-Spyware Coalition (here) includes large software developers, anti-spyware companies and others. Current members include AOL, Computer Associates, EarthLink, HP, Lavasoft, McAfee, Microsoft, PC Tools, Symantec, Trend Micro, Yahoo!, UC Berkeley, the Business Software Alliance and the Cyber Security Industry Alliance.

ASC has ventured where angels fear to tread in drafting a definition for "spyware" (below), which it's offering up for public debate. Comments (to ASC not El Reg, thank you) are invited until 12 August after which ASC will formulate a "final definition" for spyware which it promises will incorporate the best recommendations for the public at large.

Spyware and other potentially unwanted technologies are those that "impair users' control over material changes that affect their user experience, privacy, or system security; use of their system resources, including what programs are installed on their computers; or collection, use, and distribution of their personal or otherwise sensitive information."

That's a bit of a mouthful but ASC hopes its definition will settle a few pub arguments and allow vendors to concentrate on weightier matters, such as fighting the growth of spyware. "One of the biggest challenges we've had with spyware has been agreeing on what it is," said Ari Schwartz, Associate Director of the Center for Democracy and Technology, which has led the work of the group. "The anti-spyware community needs a way to quickly and decisively categorize the new programs spawning at exponential rates across the Internet. The definitions will serve as a foundation for all future efforts to help users make more informed decisions about which programs to keep and which to delete."

To help consumers, the coalition has drafted an extensive glossary of terms like adware, port scanner, screen scraper, and others commonly associated with unwanted programs. If they get around to defining virus, worm, Trojan and root kit then we'd really be onto something.

The ASC has also outlined common procedures for dispute resolution for vendors who believe their software has been unfairly flagged by an anti-spyware company as part of its efforts to make the practices of anti-spyware companies more transparent.The organisation is also offering consumers tips on how to stay clear of spyware infestation here. ®

Related stories

Vendors exit anti-spyware group (COAST)
Anti-spyware group collapses
Adware firm 180solutions in image makeover
MS downgrades Claria adware detection
Judge bans company's deceptive anti-spyware claims
UK preps major security awareness campaign
US moves towards anti-spyware law

The essential guide to IT transformation

More from The Register

next story
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
Chinese hackers spied on investigators of Flight MH370 - report
Classified data on flight's disappearance pinched
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
prev story

Whitepapers

Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up distributed data
Eliminating the redundant use of bandwidth and storage capacity and application consolidation in the modern data center.
The essential guide to IT transformation
ServiceNow discusses three IT transformations that can help CIOs automate IT services to transform IT and the enterprise
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.