Already, the definitions can be attacked. First, it is possible to find legitimate uses for mal-spyware. For example, covertly monitoring children’s Internet activity, remote administration of networked PCs are legitimate uses for software that could be used to serious criminal effect.
Second, in looking at adware, badly written software in this category could lead to security vulnerabilities and lead indirectly to a security compromise. The dividing line becomes blurred, particularly when some of the code in question may not even be an application.
Finally, there is a third category of software on the very edges of spyware. Specific functionality within legitimate applications may send data off remotely to third parties without users realising they have enabled this feature. One example of this was a feature of RealJukeBox software that sent music track details back to RealNetworks. Many applications (antivirus software being a good example) do contact remote hosts, but make it very clear to users what they are doing. This issue is outside the scope of this article, but there are other well-known examples suggesting this topic should not be ignored.
Outside the law?
Before looking at legislation to regulate spyware, it is worth considering the litigation on the fringes of this issue. First, lawsuits have been brought in the US by software developers who claim their products have been wrongly labelled as spyware. In the ecommerce arena, many on-line merchants are also threatening action because spyware can distort their ability to track where site visitors came from (which may have an impact on payment of commission to affiliates) and can be used to serve up competitive adverts and divert visitors from their sites.
The growing awareness of the scale of the problem, supported as usual by a tide of industry surveys, has led to calls for legislation to help users tackle the problem. As with many Internet issues, some of the best practical solutions are technical. However, because the problem affects many home users, who struggle to get to grips with basic antivirus precautions, let alone spyware, the law does have a role to play. At the time of writing, it is the US legislators that are making the headlines.
US legislation
There are currently three spyware pieces of legislation being developed at federal level in the US.
These are the Internet Spyware Prevention Act of 2004 (the "I-SPY Act"), the Securely Protect Yourself Against Cyber Trespass Act (the "SPY Act") and the snappily titled Software Principles Yielding Better Levels of Computer Knowledge Act (or "SPY BLOCK Act"). The purpose of these bills includes targeting the unauthorised installation of computer software (with a corresponding focus on disclosure of information to users) and protecting users from unknowing transmission of personal information over the Internet. It is likely there will be some consolidation of these bills.
Talkback
I use anit virus software,have a firewall and have installed spy-bot. I keep my antivirus sw updated and have installed all the windows patches, including SP2. Spy-bot tells me when I am likely to download a threat, but I find that some of these threats are attached to websites that I could really not do without. For the time being, therefore, I monitor but do not remove, because I am not sure of the possible result. I think I am a reasonably well informed amateur/business user, but no expert. What I need to know, more than the name of the threat, is the type of problem that it may pose, so that I can make an informed decision. How can I find this out?
You have just asked the $64,000 question. Unfortunately, it's extremely difficult to answer.
I would assume that the sites you refer to would not intentionally be spreading malware. However, there is no guarantee that a cracker cannot compromise a site to have it start doing this. The Web server and operating system used by a site can affect its vulnerability. See the "What's that site running" feature on www.netcraft.com to get details. The Apache Web server running on Linux or one of the various flavors of Unix (Solaris, HP-UX, AIX, SunOS, BSD-OS, FreeBSD, NetBSD, and especially OpenBSD) has been more secure than Microsoft IIS running on Windows.
Adware can slow down your system or reduce your operating stability. The article also pointed out that a cracker may be able to compromise an adware program and therefore gain access to your system. Of course, an adware producer is unlikely to call attention to security concerns in a program.
If you have access to a "clean" machine, install your firewall and Spybot on it and go to one of your "must have" Web sites. Tell Spybot and/or your firewall not to allow anything to be downloaded or installed. See if you can still access what you want to on the site. However, I can't guarantee that if your clean machine accesses the site fine without the spyware, you will be able to remove the spyware on your production machine and not have that mess up something else.
I don't know if Spybot tells you what spyware may be installed. If not, try AdAware to find out what is on your machine. Then off to Google to look up program or file names.
Sorry about all the "weasel wording," but there are simply too many relevant things that I do not know. That's the big problem with spyware - not knowing (does it cause problems, is it hostile, is it secure, can I safely remove it, etc.).