WASHINGTON — The U.S. House on Thursday passed the second bill in three days that would outlaw “spyware,” irritating software that quietly monitors the activities of Internet users.
It would add penalties of up to five years in prison for people convicted of installing such programs without a computer user’s permission.
The bill, known as the “Internet Spyware Prevention Act,” passed 415-0. It would give the Justice Department $10-million (U.S.) to crack down on companies and others that secretly install spyware and those who attempt to trick victims into disclosing personal details and financial information in e-mail scams popularly known as “phishing.”
The bill’s sponsor, Rep. Bob Goodlatte, R-Va., said such problems were growing and serious. Offenders under his bill would be sentenced for up to five years for secretly installing spyware to break into someone’s computer and committing another federal crime.
Anyone caught installing spyware to change a computer’s security settings or steal a victim’s personal information — such as an e-mail address, telephone number or bank account number — could be sentenced up to two years in prison.
Well, about time. Problem is: what is spyware? If you ask the Kazaa guys, they insist they don’t have spyware, but the software definitely installs something that acts in a very similar fashion.
I hope the bill contains a clear-cut definition, else $10 million won’t be enough for all the complciated court cases.
Some Anti-spyware methods illegal when self proclaimed good guys employ sleazeware methods!
Read on!
DiamondCS is a reputable software firm that developed one of the best Anti-tojan applications I have seen, TDS-3. Unfortunately, DCS employs a hardcode technique that redirects the user to its site with numeric IP 64.91.255.87 upon pressing the F5 function key. Of course there is nothing wrong with this process. This fact could have remained unnoticed had it not been for a spate of really nasty IGN/CWS infections that showed the DCS redirects along with the nasties in hijacked Host files and shown below:
O1 – Hosts: 69.20.16.183 auto.search.msn.com
O1 – Hosts: 69.20.16.183 search.netscape.com
O1 – Hosts: 69.20.16.183 ieautosearch
O1 – Hosts: 69.20.16.183 ieautosearch
O1 – Hosts: 69.20.16.183 ieautosearch
O1 – Hosts: 69.20.16.183 ieautosearch
O1 – Hosts: 64.91.255.87 http://www.dcsresearch.com
O1 – Hosts: 69.20.16.183 ieautosearch
O1 – Hosts: 69.20.16.183 ieautosearch
A quick google search of “O1 – Hosts: 64.91.255.87 http://www.dcsresearch.com” will provide at least 1,500 links (Yup! that many!). It should be noted that an HJT 01 entry will only appear if a Hostfile hijack is involved. Redirecting to the local host to will not appear in the HJT log. When asked about this, representatives of DCS at Wilders Security Forum replied that this is perfectly normal since it simply redirects from an alleged “bad site” to the legitimate DCS IP.
If such were the intention, a simple redirect to the local host would have sufficed as this blocking technique is acceptable. However, redirecting to a preferred website is in any laguage, a hijack. This type of redirect is the method used by hijackers with the same objectives: redirecting to the chosen website. DCS
cannot claim that since they are reputable, a redirect to their site is acceptable. No one has nor can give them that privilege/status. A hijack is a hijack is a hijack…. The method is absolutely wrong!
Now comes an interesting scenario.
Quote:
“It’s becoming such a sizeable problem in the US that the Government voted unanimously in Spring 2004 to approve the first-ever anti-spyware bill. The Securely Protect Yourself Against Cyber Trespass (Spy Act), approved by the US House of Representatives, would levy fines up to $3 million for those who illegally collect personal information, change a browser’s default home page or bookmarks, log keystrokes, or steal identities”
Quoted from http://www.net-security.org/article.php?id=746
Do you realize that if I invested in TDS3, bookmarked http://www.dcsresearch.com or set my homepage to http://www.dcsresearch.com, the chances are I will be redirected to DiamondCS? This can be documented and I can then sue DCS for illegally redirecting my browser, right? And all because DiamondCS has chosen to adopt a Trojan method instead of a Hostfile block or Help update? Think about it.
Too, what are the chances of a crazy picking up this post and doing exactly the above? This is a possibility they brought upon themselves for insisting that what they were doing was simply protecting their interests. They chose the
expedient/easier route now they are susceptible to legal issues…. Sooner or later, this will happen….
Your thoughts?
John, I have been following your writing since 1984 or so, and have consistently found your observations and proclamations to be outright enjoyable, and certainly of value when I cast my eyes over the landscape of our industry and try to determine where I ought to step next in providing solutions for my industry of choice (auto dealerships). Thank you for your powerful insights, and sharing them with our fellow geeks.
Gil
bollocks