Comments on: Net firms lose in House spyware vote

House votes for a supposed "antispyware" bill that opponents say will imperil legitimate Web sites too.

[NewsReader_]

Legislation won't address this problem

This particular bill is flawed because it does not address 'social engineering' attacks which are becoming the most prevalent. If you can trick the end-user into consenting to install the software, are you guilty? Probably not if you can afford a good lawyer.

No laws can replace common sense. Stop treating internet users like idiots and put more emphasis on educating them. Why is it that people think it is funny to depict some Homer clicking away at links in spam mail? It is hard to be a cyber criminal when there are no victims to exploit.

[Anon-Y-mous]

Most ARE idiots!

The thing is---MOST internet, neigh, computer users ARE Homers.

You obviously haven't had to support a building full of people all using computers with internet access, or support aged family or even friends of friends.

Most people DO click links and then ask you "why does ebay want me to change my password again?" after the fact.

No amount of teaching can break through the skulls of many non techie people, and they're the ones the internet explosion has caught since 2000. Prior to 2000, more people (except AOL users primarily) were more tech savvy.

Social engineering has been around long before the internet. Your grandparents were likely engineered over the phone to donate to worthy causes or beleived everything they read in the National Enquirer.

[gggg sssss]

sounds good to me

if a few of the drive by installer scum spend a week with Paris in the Century Hilton, that would be a start. If the whole interactive by stealth industry were put out of business tomorrow, starting with the fine folk at gator (whatever they are called now), it would not be soon enough. If the slimeball purveyours of "your computer is at risk" popups where sent to work on a chain gang that would be great. Add in the people who made those Apple vs PC commercials as well for good measure.

[cidman2001]

The Tubes are Full

These bozos scare me. I cringe everytime I read that a new tech law comes up. The rules are being made by clueless old dudes who have no idea what any of this means. So they rely on their old friends the lobbyists to "educate" them. Remember, Orrin Hatch wants to let the RIAA "blow up" your computer for file sharing. The tubes are full alright...full of (expletive). And it all seems to eminate from Washington.

[inachu]

Legit websites?

What legit website will force themselves to install a program without proper consent?

[alarmlv]

Kill the cash cow and let's have some steaks

Opposition to this spyware act by net companies is clearly fueled by their desire to protect their cash cow of selling your accumulated data to others. There is no legimate reason for ANY website to install cookies to monitor your web surfing habits. Any cookie that monitors or tracks anything should be illegal. Only cookies which enhance the web site visit and user experience are acceptable. The new act could be further enhanced by requiring that all cookies installed during a visit be removed from a consumers computer during log-out from that site with an exemption that would allow for cookies to remain that assist with faster reconnection to that site. Perhaps we could offer to the executives of the companies who take issue with this act, to install wireless web cams with GPS in their cars so that consumers can track THEIR location visits and activities.

[shanedr]

Sounds great - almost!

Other then the "notice and consent" it will dramatically improve my Internet experience. The problem is tracking cookies - which never help the surfer - they only help those who track Internet usage. Unfortunately with notice and consent, inexperienced users - as stated - will tend to authorize any type of them. Notice and consent is fine for normal cookies; but with tracking cookies and other malware it needs an absolute "its illegal", including prohibiting any site from reporting which users visited it; reporting how many would be acceptable.

The real problem are the various operating systems which permit modifications without user consent. I wouldn't mind clicking okay to a cookie the first time I visited a site I liked so it would recognize me when I arrived back at that site. The other side of the coin are tracking cookies which "phone home" no matter where you go.

Stricter controls on all modifications to the OS could - if done right - eliminate viruses and other malware. The best way would be for the OS to prevent any site from installing anything other than an "I'm here" type cookie. Anything else needs to be software that has to be installed and would always show up in the installed programs menu.

[wbenton]

Sounds Good... Problems easily solved

At present, all that is required is a click to get cookies on your PC which monitor you. And that in itself is part of the problem.

People unknowingly click on so many things that it's hard to really bind them by law for clicking on something (even if accidental).

However, a better approach would be to offer an Opt-In E-mail to the user for them to verify that it's OK for that site to track their visits. (* CHUCKLE *)

It will:

#1. Show the user exactly who's tracking them.

#2. Resolve the accidental clicking as now they must reply via E-mail to Opt in to allow that site to track them.

Advertisers and web site owners around the world will be up in arms over the matter, but it will show the user who's trying to track them. And if any non-opted in cookies are found on a person's PC, they should be able to sue the tracking company. (* GRIN *)

Yea... sounds like a winner to me. I mean, we're talking about spyware right? Many cookie setters are performing spyware-like activities... so hopefully this will bring them out of the woodworks.

Walt