Posted on 20-4-2004
'Spyware' Latest Online Threat
Reuters, 19.04.2004
Internet users have learned to keep an eye out for viruses,
worms and
"spam" e-mail. Add another online hazard to the list:
spyware. Programs
that hide in users' computers and secretly monitor their activities
are
emerging as the next high-tech plague, experts say.
Spyware can sap computing power, crash machines and bury users
under a
blizzard of unwanted ads. It can capture passwords, credit-card
numbers
and other sensitive data. Spyware has even begun to burrow into
popular
culture. "I was watching a soap opera the other day, and
two characters
were saying, 'Did you install that spyware in that person's
machine?'"
said Mozelle Thompson, a commissioner with the Federal Trade
Commission.
On Monday, Thompson and other FTC officials will bring together
policymakers, industry experts and consumer advocates to discuss
the
problem. Educating consumers may be tricky because spyware is
less visible
than other online threats, experts say. "Spam wants to
be seen. Spyware
doesn't want to be seen," said Dave Baker, vice president
of law and
public policy at internet provider EarthLink Inc.
The first step is defining the problem. Some programs that have
been
labelled as spyware can be harmless, even helpful. Many popular
programs
such as Kazaa and Morpheus that allow users to copy music and
movies from
each other's hard drives come bundled with applications that
serve up
pop-up ads or other marketing tools as a way to subsidise costs.
"Adware"
programs like WhenU do not collect personal information from
consumers,
several peer-to-peer executives said, and users can easily remove
them if
they wish. "The adware guys realise they're being lumped
in as spyware,
and I think they're cleaning up their act a lot," said
Wayne Rosso, chief
executive of Optisoft SL, which makes the Blubster file-sharing
application.
CREATE A PROBLEM, OFFER A FIX
Other programs are clearly more malevolent. Some spyware has
been known to
disable a victim's computer and then advertise software to fix
the
problem. Keystroke loggers, often distributed by e-mail viruses,
allow
identity thieves to capture bank-account numbers and other sensitive
information. An EarthLink scan of 1.1 million computers released
last week
turned up more than 300,000 malevolent programs.
The Center for Democracy and Technology on Friday proposed one
way to
separate the illegal from the merely annoying. Software that
"hijacks" Web
traffic, tracks internet users without their knowledge, or does
not
provide an easy way to be removed should be considered spyware,
the
non-profit consumer group said in a draft letter also signed
by high-tech
firms and industry groups.
Legislatures have begun to turn their attention to the problem.
Utah has
already passed one law banning spyware. WhenU, which would be
prevented
from serving its pop-up ads to Utah residents, has sued to block
the law.
Other tech companies say the Utah law is too broad and could
inadvertently
outlaw legitimate activities such as content filtering and technical
support.
Two bills are pending in Congress to ban spyware, but observers
say action
is unlikely in this election year. Lawmakers should consider
broad online
privacy protections against spyware and other online threats,
said Ari
Schwartz, an associate director at the Center for Democracy
and
Technology. "If you keep trying to aim at the technology
rather than the
privacy issue, you're going to keep coming up with new issues
to deal with
every two years," Schwartz said.
|