January 12, 2006 2:52 PM PST

Anti-spyware guidelines get final version

A coalition of software companies have agreed on standard methods for identifying and combating spyware, those unwelcome downloads that have plagued Internet users with pop-up ads and other annoyances.

The Anti-Spyware Coalition, whose members include Microsoft, Symantec, Computer Associates, McAfee, AOL and Yahoo, said on Thursday that it has finalized its spyware detection guidelines. The final version takes into account public comments on a proposed version introduced in October.

Spyware and adware have become widely despised for their sneaky distribution tactics, unauthorized data gathering and tying-up of computer processing power. Although adware makers say there are legitimate uses for their programs, an entire anti-spyware market has been spawned to combat the stuff.

The Anti-Spyware Coalition's guidelines, or risk model description, aim to provide a common way to classify spyware, based on risks a piece of software poses to consumers. They also suggest ways to handle software, based on those risk levels.

Among the behaviors the group considers high-risk are programs that replicate themselves via mass e-mails, worms and viruses. Also, programs that install themselves without a user's permission or knowledge, via a security exploit, are also deemed high-risk, as are programs that intercept e-mail or instant messages without user consent, transmit personally identifiable data, or change security settings.

The coalition hopes the final guidelines, which have changed little from the proposed version, will lead to better anti-spyware products. To that end, Cybertrust, through its ICSA Labs unit, is planning to certify products that meet the guidelines. Consumers should see the first products with its anti-spyware seal of approval within the next few months, the IT security and risk management company said.

The guidelines should also make it clearer when companies cross the line of what's acceptable and legal and what's not when it comes to downloads, as Sony BMG did recently with its "rootkit" programs, said Ari Schwartz, a spokesman for the Anti-Spyware Coalition. Sony recently settled a class-action lawsuit over copy-restriction software hidden on customers' computers using a rootkit, which opened those PCs up to attack. The company also recalled the CDs after a public uproar.

Yet attempts to define spyware, create guidelines and certify products are controversial. Critics fear guidelines will legitimize spyware and enable distributors to dodge blocking tools while continuing bad behaviors.

The Anti-Spyware Coalition group plans to conduct a public workshop on Feb. 9 in Washington, D.C., and is currently working on tips for consumers, including teens and parents, and businesses, Schwartz said.

5 comments

Join the conversation!
Add your comment
But
Did the spyware and adware authors agree to only create spyware and adware within the guidelines the coalition of wishful thinkers thought up?
Posted by ben_ (5 comments )
Reply Link Flag
Only tip of the iceburg
I do not see this battle going away anytime soon. In fact this is only the beginning in an effort to standardize the approach to fight - but it will not put an end to - those annoying pop-ups...
Posted by (9 comments )
Reply Link Flag
Anti-spyware
Although, I suspect spyware issues will remain as issues for a the next while, it's not about to disappear anytime soon. But the anti-spyware side is

definitely putting up a good fight. Not too long ago, there was an article on how the anti-spyware market can not keep up with the latest threats. I've seen improvements among various products since then, and these guidelines are part those improvements.
__________________________________
R.K.
<a class="jive-link-external" href="http://www.Remove-All-Spyware.com/" target="_newWindow">http://www.Remove-All-Spyware.com/</a>
Posted by Roman12 (214 comments )
Reply Link Flag
The anti-spyware market
It's important for the anti-spyware market to stay one step BEHIND the spyware/adware developers.

This is because it creates and reinforces the need for their anti-spyware software. If they put themselves ahead of 'the game' then spyware developers would stop, it'd be pointless ... having an 'in' that's blocked within minutes is worth $0 to them.

That's my $0.02 anyway.
___________________________________________
<a class="jive-link-external" href="http://www.foradware.com" target="_newWindow">http://www.foradware.com</a>
Posted by ben_ (5 comments )
Reply Link Flag
I am sure everyone is already thinking this but
Why are the people who are known for their anti-spyware and been doing it for years invited? You know, like spybot and ad-aware. Not even trend micro who bought CWShreder and has had it's own anti-spyware product is listed.

I even went to their website [ <a class="jive-link-external" href="http://www.antispywarecoalition.org/" target="_newWindow">http://www.antispywarecoalition.org/</a> [http://antispywarecoalition.org] |http://antispywarecoalition.org] ] and couldn't find anything about the members to confirm it.

If you do not have the experts of anty-spyware involved, what good is this one? I think it means they didn't create this coalition with the benefit of the end user(me and you) in mind.
Posted by G00F (1 comment )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.