I have spent countless hours this past week trying to remove layer after layer of adware/spyware/crapware from a few PCs as a favor to friends, and some of this stuff is unbelievably tenacious in trying to keep itself from being removed, even afer scouring with spybot and adaware etc. Some of these nasty little POS are almost virus like in the way that they seemingly offer you the option to install, but when you kill the applet or decline, it throws you in some confusing full screen mode where you have to press the button it wants you to press to get back, and this of course loads the shitware it wants to deliver. If I didn't know to kill these things with ALT-CTRL-DEL task manager I be up the creek.

Anyway, my question is, should programming this type of manipulative fakeout install behavior into software be considered illegal in any way? It's certainly manipulative and deceitful and makes me want to chainsaw off the fingers of the coders and programmers that do this crap, but should it be illegal?

I dont think it should be illegal to make said software. I think it should be illegal for them to leave trash behind it after uninstall and/or dodge anti junk scanners such as Spybot and Adaware. Some of them even kill Spybot and Adaware on site. That is intrusive behaviour that should be made illegal, yesterday.

It should be illegal for any software program that installs itself on your computer without your permission for whatever reason.

I paid for this computer and I have should have the right not to allow something I don't want on my hard drive using up space that is mine.

Is it ok for someone to come into your house uninvited?

I wish it were illegal. They're altering my property without my consent, and they do it in a way obviously designed to make it difficult to remove. I hate the people that do this with a passion.

Considering 95% of this garbage comes from installing silly things like Kazaa I've always considered it poetic justice :D

Why should it be illegal? All it is doing is something your OS and software are built to do. The software can only do what your system lets it. Sure someone can't come in to your house uninvited, but what we are seeing here is people actually inviting everybody and their buddy in without really checking up on them.

The moral of the story is, it shouldn't be the Government's responsibilty to make unexploitable OSes, browsers, and email clients and it darn sure shouldn't be their responsibilty to make you think twice when you click 'Yes'.

Originally posted by astro
chainsaw off the fingers of the coders and programmers that do this crap

Come now.
One must have some standards.

Use a ball-peen hammer.

Originally posted by LostOne
Considering 95% of this garbage comes from installing silly things like Kazaa I've always considered it poetic justice :D

Why should it be illegal? All it is doing is something your OS and software are built to do. The software can only do what your system lets it. Sure someone can't come in to your house uninvited, but what we are seeing here is people actually inviting everybody and their buddy in without really checking up on them.

The moral of the story is, it shouldn't be the Government's responsibilty to make unexploitable OSes, browsers, and email clients and it darn sure shouldn't be their responsibilty to make you think twice when you click 'Yes'.

My point is that people are not clicking "yes". They are clicking "no" and then the install applet pulls some stunt where "no" means "yes", or it bursts you into a semi-locked up state (unless you use alt-ctrl-del) where you have to press the button it wants you to in order to move on. It's insidious and it's not just on Kazaa. Lots of web pages have this nonsense.

Considering 95% of this garbage comes from installing silly things like Kazaa I've always considered it poetic justice

Why should it be illegal? All it is doing is something your OS and software are built to do. The software can only do what your system lets it. Sure someone can't come in to your house uninvited, but what we are seeing here is people actually inviting everybody and their buddy in without really checking up on them.

The moral of the story is, it shouldn't be the Government's responsibilty to make unexploitable OSes, browsers, and email clients and it darn sure shouldn't be their responsibilty to make you think twice when you click 'Yes'.


It's actually more like you invited a certain someone over to your house, and they promptly invited a few people themselves. (people that you don't like and want gone) You should have the right to refuse them entry, and not have them breaking into your house.

It's actually more like you invited a certain someone over to your house, and they promptly invited a few people themselves. (people that you don't like and want gone) You should have the right to refuse them entry, and not have them breaking into your house.

It's a bit more like someone sneaking in and then setting up shop, and refusing to leave. If viruses are illegal, this type of spyware should be too.

While surfing the Web the other day, my wife got one of these things on her computer. She didn't have a chance--a dialog popped up, asking "Install Crapware 2.1?" (It wasn't called "Crapware 2.1," but let's use that name for now.) There was no way to close the dialog except by clicking one of two buttons: a Yes button and an OK button. Without a No button and with no other way to close the box, she tried the OK button.

And without wanting to, installed Crapware 2.1.

We managed to get rid of it all, though it took some doing. The handy uninstall function that was a part of the installation left traces of it in various places. Windows' "Add/Remove Programs" function got rid of a few more. For the final bits, a Google search on Crapware led us to a site (can't remember it now) that told of experiences of others with this insidious software, and what they did to get rid of all of it, which was a big help. This thing was sneaky, I must say.

Should this be illegal? I dunno. It's certainly what I'd call unethical--it would seem to me that if you want to sell your software, you'd likely get more buyers if you didn't anger them by forcing an installation of your software then making it damn near impossible to remove. Still, I'd have no problem (well, not much of one anyway) if the dialog offered a Yes and a No button, and the No button actually did refuse the installation. And if by chance the user did press Yes, and then changed his or her mind, the uninstall function should uninstall all of it, not leave bits behind.

The Counterexploitation site has information about spyware, spam, privacy, and other internet concerns.
http://www.cexx.org

On a related note:
Shouldn't spam designed to bypass spam filters be illegal? (http://boards.straightdope.com/sdmb/showthread.php?s=&threadid=228675)

Originally posted by LostOne
Considering 95% of this garbage comes from installing silly things like Kazaa I've always considered it poetic justice :D

I don't use Kazaa, I don't download silly toolbars or messengers, I don't try to hit the monkey, I don't do any of it and still I get this stuff.

The moral of the story is, it shouldn't be the Government's responsibilty to make unexploitable OSes, browsers, and email clients and it darn sure shouldn't be their responsibilty to make you think twice when you click 'Yes'.

Some of these programs don't ask you "Yes" or "No," even with privacy settings cranked all the way up. Some of them never even tell you that they're putting themselves on your computer. These are the ones I object to. I don't want the government to make an unexploitable OS, I want them to make programs that maliciously exploit my OS without my consent illegal.

I'd be for the restriction of this type of software if I wasn't making so much $ from the removal of it... it's amazing what an hour of downloading/scanning can cost my customers though.

When these get really bad, they can bring the PC to a crawl, isn't this in effect a Denial of Service????

-Butler

It is a drastic step and you will live in a sterile vacuum, computer wise.

The advantage will be no more rogue programs.

The disadvantage is you will become antisocial!



Beware of the Cog!

Originally posted by LostOne
Considering 95% of this garbage comes from installing silly things like Kazaa I've always considered it poetic justice :DOkay mr high and mighty. Download Spybot Search and Destroy (http://www.safer-networking.org/) (3.5 MB), install it (very quick and truly harmless), and visit: CNN (http://www.cnn.com/) in IE or Netscape. What does Spybot say they kept from installing on your computer? A piece of spyware called Avenue A, Inc!!!!

You would think that a reputable website like
CNN wouldn't distribute spyware, but they do. They themselve don't necessarily but they support advertisers who do. So it's not just the scumbags that get spied on.Why should it be illegal? All it is doing is something your OS and software are built to do.Hackers that exploit weaknesses in security aren't telling the hardware and OS to do anything they weren't built to do either. But their activity is quite illegal. You want to make that argument, then you have to make hacking legal too.

Originally posted by Spoons
While surfing the Web the other day, my wife got one of these things on her computer. She didn't have a chance--a dialog popped up, asking "Install Crapware 2.1?" (It wasn't called "Crapware 2.1," but let's use that name for now.) There was no way to close the dialog except by clicking one of two buttons: a Yes button and an OK button. Without a No button and with no other way to close the box, she tried the OK button.
Next time that happens hit CTRL+W(preferred) or ALT+F4(last resort). CTRL+W will close that window. ALT+F4 will close your browser. If that doesn't work use the task manager to end task. Of course that WILL most definately close your browser. So you'll lose back button history, other windows open, etc. Of course if you used Opera (http://www.opera.com) then you wouldn't have to worry about that. Opera saves windows and back button history when you close the program. Plus it has certain capabilities that other browsers don't have specifically designed to thwart spyware and malicious websites.

Originally posted by AtomicBanana
Some of these programs don't ask you "Yes" or "No," even with privacy settings cranked all the way up. Some of them never even tell you that they're putting themselves on your computer. These are the ones I object to. I don't want the government to make an unexploitable OS, I want them to make programs that maliciously exploit my OS without my consent illegal. Well then.. this is exactly what I'm saying. If your OS/browser allows programs to be installed without a Yes/No then maybe you should look into THAT. Because THAT is the problem. These people are using workable legal options to install programs without your consent. If you aren't happy with that maybe you should change your computer configuration to something that gives you a bit more power.

You folks wish to make this illegal, I'd prefer to make it impossible. I'm not even going to get into silly garbage about use this or block that... if the program is broke fix it. Because THAT is the solution. Making it illegal will just move them overseas.. will that help?

So to sum up my unpopular points into something perhaps a bit more palatable:
a) If programs can be installed on your software without your knowledge and approval clearly there is a flaw in the software which should be addressed in a timely manner. Placing the blame elsewhere is pointless, this type of thing just shouldn't be possible.

b) Making it illegal is a flawed solution that won't stop it from occuring in the slighest. If anything it would give folks a sense of safety before they realized that US law means about as much as my post if you cross a few imaginary lines.


prisoner6655321.. I'm going to ignore you high and mighty comment because you have a point. Almost. While cracking/exploiting seems the same at first there is a huge difference. When cracking you are effecting another computer.. you are trespassing. Not so in this case. In this case I CHOOSE to view cnn.com in the way that my browser is designed to. The choice is the key, I go to the site the site doesn't come to me. I don't like it either, but I still say making it illegal is the wrong option.. fixing the browsers is the right one.

I'd rather do it your way as well LostOne, but I don't think it's that easy to do. There are plenty of companies out there that make software that stops things like this, but then the people who make the malicious programs just find a way around it. When the antivirus/web browser people patch those holes up, people find new holes. You're constantly playing catch-up, and during those times when browser protection lags behind, you pick up more of this nasty software.

And as far as it being my choice to pick up these programs, I don't see how that's the case. If I visit CNN.com, I'm going there to read CNN.com. At no point have I agreed to let them or their advertisers alter my computer. Just because I drive my car to Wal-Mart doesn't mean they're allowed to spraypaint 'Discount City" all over my hood while I'm inside.

Originally posted by spingears
The disadvantage is you will become antisocial!
Don't be silly. If I choose one person for a friend and reject or ignore others I'm not being antisocial. I'm just being selective.

I'm afraid LostOne is right. Making it illegal won't stop it. I've already had one offshore "company" charge long-distance connections to Nuaru. I got the phone company to remove them, but it was a hassle. I kinda like the chain saw idea. ;)

I don't like laws in cyberspace because I don't see how they can be enforced without a shitload of money and government interference.

And face it, the government sucks at computer security (http://reform.house.gov/TIPRC/Hearings/EventSingle.aspx?EventID=652) right now. Microsoft sucks at computer security, and they can probably buy the United States if they wished.

I can't help feeling like we're sitting on the proverbial powderkeg. Right now we're dealing with the anarchists (http://memory.loc.gov/mbrs/lcmp001/m1b38298.mpg) in our own propagandistic ways, and sure they're getting their shots in every now and then, but we own the twentieth-century dog and pony show.

What happens when it turns into real war?

Making it illegal doesn't mean that the government has to put roadblocks on the internet. All they need to do is say "this is illegal", then, if a person gets hit at a site, they report said site, police check site, if they get hit, they take action.

Just like, if I am robbed, I call the cops and they check it out. The difference being, checking a reported site to see if it drops spy/ad ware is much easier.

I don't want the government telling software companies how to build their software. The software is fine, it's the people using it in a way it shouldn't. Just like, the door to my house works fine, but that doesn't mean some criminal can't abuse the fact that locks are pickable and enter without my knowledge. Blaming the OS companies is like blaming your car manufacturer if someone steals it. They can't make it an impregnable fortress.

Software will NEVER be hackproof, so long as it allows you to actually go places and do things.

Don't pass the buck. The Ad/Spy ware guys are at fault. It is they who are putting this stuff on your machine, and then manipulating said machine.

Yes, it should be illegal.
And also all the hidden things buried in the "privacy policy" page.
You don't realize without reading that and all it's tricky sup-links that you are installing Mozilla or GatorSpy and your name will be sold to anyone for 2cents/name.
The term "privacy policy" should be illegal to discribe things making your info less private.

I'd also outlaw anything AOL invents, like AOL-ad popups when you open your mail. Everything bad on the web seems to have been invented by them first. Hard to uninstall software, software that disables your other software, software that bypasses standard system protections,...

Originally posted by LostOne
Well then.. this is exactly what I'm saying. If your OS/browser allows programs to be installed without a Yes/No then maybe you should look into THAT. Because THAT is the problem. . Who knows what code lives behind those Yes or No buttons. A unscrupulous developer could have “No” install the same stuff as “Yes”. How is your browser going to catch that?

Making it illegal will just move them overseas.. will that help? Well, yeah, that would be a start.

Making it illegal is a flawed solution that won't stop it from occuring in the slighest. If anything it would give folks a sense of safety before they realized that US law means about as much as my post if you cross a few imaginary lines. Well now you’re just being ridiculous. You’re expressing the same kind of fatalism that I discussed over in prisoner6655321’s thread Shouldn't spam designed to bypass spam filters be illegal? (http://boards.straightdope.com/sdmb/showthread.php?threadid=228675)While there is no magic bullet to rid us of these problems, there are plenty of things that can be done to control Internet abuses.

We need to get over the notion that the Internet has some sort of unique, untouchable qualities. It has become a major part of our society and needs to be treated as such.

I am highly skeptical that any spyware/adware exists that installs itself without prompting (when prompting is enabled) or allowing you to decline installation in some manner. While what to do may be confusing, users with average computer knowledge will be able to cancel installation of everything but the already illegal software that exploits Internet Explorer bugs to install itself. That software can be blocked by running Windows Update or by not using IE.

Originally posted by Alereon
I am highly skeptical that any spyware/adware exists that installs itself without prompting (when prompting is enabled) or allowing you to decline installation in some manner.Sorry, but it's true. Visit CNN or MSNBC and you will never know that they install Avenue A, unless your spyware program tells you, like Spybot does for me.

I am highly skeptical that any spyware/adware exists that installs itself without prompting (when prompting is enabled) or allowing you to decline installation in some manner. While what to do may be confusing, users with average computer knowledge will be able to cancel installation of everything but the already illegal software that exploits Internet Explorer bugs to install itself. That software can be blocked by running Windows Update or by not using IE.

It's good that you've come here, Alereon, so that your ignorance may be dispelled. There is a metric buttload of exactly such software floating out on the internet. If you truly believe that it's always a matter of choice, I invite you to activate what filters you may and browse some of the seedier porn link farms.

Originally posted by prisoner6655321
CNN install Avenue A,
I use CNN periodically and didn't find Avenue A. I did find value click, so thanks! :)
What is Avenue A?

I do wonder how two of my users became inundated with this junk, but they always lie about this sort of thing, so I didn't bother to ask.

Originally posted by Alereon
I am highly skeptical that any spyware/adware exists that installs itself without prompting (when prompting is enabled) or allowing you to decline installation in some manner.Sorry, but it's true. Visit CNN or MSNBC and you will never know that they install Avenue A, unless your spyware program tells you, like Spybot does for me.Originally posted by carnivorousplant
I use CNN periodically and didn't find Avenue A. I did find value click, so thanks! :)
What is Avenue A?It doesn't try to install every time. I believe it might be linked to ad banners or pop up windows that don't always appear. But don't think that just because CNN isn't itself trying to spy on you means they aren't guilty. They ARE supporting spyware tactics by allowing such behaviour on their website. And they do know that their advertisers are using spyware.
Avenue A is a tracking cookie.

The analogy I would choose is: "A door-to-door salesman shows up at my door, and I make a special point of not inviting him in, but he tricks me in such a way that he can snake-hip my computer to provide him with information I did not want him to have, nor did I invite him to partake of."

Spam is a pain in the ass, but spyware and adware is a screaming friggin' nightmare that takes up resources on my computer and violates my privacy.

It's also a pretty safe way to get me to MAKE A POINT of never buying your friggin' product. A sales pitch is one thing, but jackin' my computer around is quite another.

Try again. Cookies are not spyware, adware, or in any way malicious. Software installation via Internet Explorer are how you get malicious software, and those always present an ActiveX security prompt or "Open from this location?" prompt before they are installed (unless you've disabled such prompts). The only exception is software that exploits an IE security vulnerability, which is illegal already. Software like this usually does that lovely switch-your-dialup-number-to-a-1-900-# thing.

Originally posted by prisoner6655321
Sorry, but it's true. Visit CNN or MSNBC and you will never know that they install Avenue A, unless your spyware program tells you, like Spybot does for me.It doesn't try to install every time. I believe it might be linked to ad banners or pop up windows that don't always appear. But don't think that just because CNN isn't itself trying to spy on you means they aren't guilty. They ARE supporting spyware tactics by allowing such behaviour on their website. And they do know that their advertisers are using spyware.
Avenue A is a tracking cookie.

Find me a large-scale, commercial website that doesn't use a company like Avenue A or Doubleclick for its ad system.

A cookie from an ad company is a far cry from Bonzi Buddy. Somewhat invasive, yes, but they're what pays for all that great, free content you find online. If you've got a problem with it, you have the option of visiting sites that don't have advertising.

The problem with the spyware detection programs is that they get a lot of people really freaked out over privacy violations that are pretty harmless. More on Avenue A:

http://www.pestpatrol.com/PestInfo/a/avenuea_com.asp

Anyway, on the question of whether spyware should be illegal, well, it depends. I'm in favor of a standard that outlaws the truly duplicitous stuff while still placing some responsibility on the consumer to avoid being a frickin' idiot. It's called assumption of risk, and it seems to work pretty well for regulating most other things.

If the gas tank in your car blows up under normal driving conditions, the carmaker is at fault. If it blows up after you get drunk and wrap your car around a telephone pole at 80mph, you've got nobody to blame but yourself.

I minimize my own risk by using a browser and operating system that are relatively secure compared to IE and Windows. Hell, most people don't even need to change their OS; just stop using IE.

I'd be pretty steamed if the government decided to regulate the net based on the lowest common denominator of consumer ignorance and gullibility.

Originally posted by black455


I minimize my own risk by using a browser and operating system that are relatively secure compared to IE and Windows. Hell, most people don't even need to change their OS; just stop using IE.


What do you use instead of IE?
The latest Netscape provides individual files and folders, per user, not PC, and email that I don't want our users messing with.
I like Opera, but unless the new version is vastly improved, it's not smooth enough for the users.

Thanks

Originally posted by black455
Find me a large-scale, commercial website that doesn't use a company like Avenue A or Doubleclick for its ad system.Okay. Yahoo or Amazon big enough for you?I'd be pretty steamed if the government decided to regulate the net based on the lowest common denominator of consumer ignorance and gullibility. Yeah that would suck. Imagine the government requiring everybody use AOL.

I am an IT guy for a company. Just recently we went to a web based Database that forced us to fully enable Active X. Since then, some of more ardent surfers are getting upwards of 100+ peices of ad/spy ware a week (not including cookies). Some of these Take over your browser, and even forceably open you CD ROM drive. None of the users have installed anything (I check), and they claim to never have been prompted for anything.

So, for those of you that don't believe that Spy/Adware is so bad, they why do you care if it is illegal. If it is so minor, it won't affect you much. But for those of us that deal with it constantly, we would prefer it go away.

sghoul: Either the users are installing the software, it's set to install automatically without prompting (IE security options), or the software is exploiting security vulnurabilities in IE. You should, of course, have all of your systems patched to the latest version of IE with all security updates. It's possible for the admin to approve ActiveX only for that one site, disabling it for all others.

Who would make it illegal? Who would enforce said laws? Who in actuality governs the World Wide Web? Where does it actually exist?

Originally posted by prisoner6655321
Okay. Yahoo or Amazon big enough for you? Yeah that would suck. [/b][/b]

Wrong. A quick look at the source for Yahoo's front page reveals they use ads served by Doubleclick. Dunno about Amazon, I didn't look, but since their primary purpose is not to serve free content, I don't think they count.

As for carnivorouseseses question about what browser I use, well, Firebird on Linux. There's also a version for Windows; it's essentially the browser component of Mozilla/Netscape stripped of all the other clients:

http://www.mozilla.org/projects/firebird/

Though such tactics are morally reprehensible, your complaint should not be with the scoundrels who take advantage of exploits to install programs on your computer but the scoundrels who leave the exploits there in the first place.

In essence, get a better operating system.

Originally posted by InquisitiveIdiot
In essence, get a better operating system. Yeah, that's easy to say if all you do is surf and write and create webpages. When they start making 3D Studio, Maya, AutoCAD, and ArchiCAD for Linux (or even Mac) I'll switch over. Right now, security isn't my top priority. Doing Architecture is.

I do wish there were other choices though. I hate M$.

Originally posted by black455
Wrong. A quick look at the source for Yahoo's front page reveals they use ads served by Doubleclick.Hmmm... I looked. I don't see that. And anyway, they don't install doubleclick cookies.

Cookies do steal bandwidth, by the way. Sure it's slight and I have broadband but it's enough to turn me off. Think about how much bandwidth all of the spyware in the world steals every day (tracking and downloading and reporting). The internet traffic would probably be 10% lighter without it. Alright maybe I'm being pessimistic, but it sure does seem that way. They sure don't help matters.

Maya is already available for Linux, and LinuxCAD claims to be a complete replacement for AutoCAD.

Originally posted by InquisitiveIdiot
In essence, get a better operating system. The OP asked if spyware and its ilk should be illegal. Whether or not you happen to have an operating system and browser that is able to keep each and every one of those programs from installing on your system - a claim that I am highly skeptical of, by the way - is moot. I may live in a walled complex with night watchmen, bars on my windows and own nothing worth stealing, but that doesn't mean that I think that burglary should be legal. It’s not just a question of whether or not I am personally at risk but whether there is a risk to the population as a whole.

Those who I think that their operating system will forever keep out all the bad programs are just as naive as those who think their burglar bars and security alarms will forever keep out the bad guys. Security always has been and always will be a compromise between the security measures themselves and the convenience and cost to the one being protected. No matter how high you jack up your security, there will be someone who will figure out a way to break it.

Originally posted by Mr2001
Maya is already available for Linux, and LinuxCAD claims to be a complete replacement for AutoCAD. Oh, is Maya available for Linux? Yeah, I guess so. It doesn't suprise me. I doubt anything that claims to be a complete replacement for AutoCAD is as good as AutoCAD. I use a lot of the secret hidden not too well known features.

And 3D studio will NEVER be available for Linux. Not until Linux is more widely accepted.

The fact of the matter is, Linux is not useful for the Architectural field. I haven't tried this LinuxCAD, but I doubt it's the same. You may be able to design a building with it, but I can design a building with paint for goodness sake. But that doesn't mean I want to. AutoCAD has the most superior CAD tools on the planet. And it's only truly available on Windows. Mac only has ArchiCAD, which sucks a$$ totally. I've never seen a more buggy piece of crap software. Open source software written by thousands of people, like Mozilla, is more consistent in its features than ArchiCAD.

Mac might be great for 2D presentations. Linux is certainly great for web and servers. But for 3D work, especially drafting, that's Window's domain. It sucks, but I have to live with it, along with all it's blasted spyware.

When they start making 3D Studio, Maya, AutoCAD, and ArchiCAD for Linux (or even Mac) I'll switch over.So set up a dual-boot system, and do your web surfing on Linux and your work on 2000.

Of course, installing Ad Aware or Spybot is another (already mentioned) option, but if you refuse to go that route switching OSs is the best alternative solution.

Whether or not you happen to have an operating system and browser that is able to keep each and every one of those programs from installing on your system - a claim that I am highly skeptical of, by the way - is moot. I may live in a walled complex with night watchmen, bars on my windows and own nothing worth stealing, but that doesn't mean that I think that burglary should be legal.I'd trust Linux far more than MS when it comes to fixing security holes that are merely annoying, not glaringly destructive. But that's a whole other kettle of fish.

Your analogy is incorrect. A better situation would be a world where this thread is asking if the governemnt should be installing ID chips in every citizen simply because the average shmuck is too much of a dumbass to lock his door when he leaves. Because that's essentially what it'll take to enforce a law outlawing spyware.

Originally posted by InquisitiveIdiot
So set up a dual-boot system, and do your web surfing on Linux and your work on 2000. No way is this a realistic solution to spyware. I'm not about to switch back and forth between friggin' operating systems just to surf the Net. Not many others will do that either.
Originally posted by InquisitiveIdiot
Your analogy is incorrect. A better situation would be a world where this thread is asking if the governemnt should be installing ID chips in every citizen simply because the average shmuck is too much of a dumbass to lock his door when he leaves. Because that's essentially what it'll take to enforce a law outlawing spyware. I'm afraid your analogy makes no sense at all. But let's not get into an analogy-off. Instead explain to us how laws against spyware would be unenforceable.

I'll shoot: because it's damn difficult to stamp out illegal activities on the internet. It doesn't take much to stick a malicious program on a server in Russia and lure thousands of American rubes with the promise of free porn. Note that writing and releasing viruses and worms has been illegal for quite some time, yet we still have people writing them, and causing millions (if not billions) of dollars in damage every year. How many people are victims of fraud on Ebay every day? And fraud was illegal even before ENIAC.

I'm all in favor of prosecuting those who deliberately use malicious code to invade the privacy of others, to the best extent that law enforcement is able to. I am not in favor of coddling those who are too stupid, naive, or illiterate to read a privacy policy or patch their operating system.

Originally posted by black455
I'll shoot: because it's damn difficult to stamp out illegal activities on the internet. So what? It’s damn difficult to stamp out illegal activities outside of the Internet, also. I’m sure that there are several burglaries going on in my town right this very minute. Does that mean we just throw up our hands and say it’s OK to burgle? No. We say that it’s a crime, and we prosecute when we can, always realizing that we won’t get them all.

We all understand the international aspect of the Internet, but many other problems are international in scope, so we’ve come up with international laws, treaties and organizations to cope with them.

I am not in favor of coddling those who are too stupid, naive, or illiterate to read a privacy policy or patch their operating system. Again let’s use a conventional crime as an analogy. Let’s say someone leaves their car unlocked and someone simply opens the door and steals their CD collection. Is it suddenly not a crime because the owner of the car didn’t take adequate security measures? Nope, it’s still a crime. The person may or may not have been a fool for leaving their car unlocked, but that doesn’t make it any less of a crime.

So what? It’s damn difficult to stamp out illegal activities outside of the Internet, also. I’m sure that there are several burglaries going on in my town right this very minute. Does that mean we just throw up our hands and say it’s OK to burgle? No. We say that it’s a crime, and we prosecute when we can, always realizing that we won’t get them all.

You orginally asked:


Instead explain to us how laws against spyware would be unenforceable.


And I answered your question. Note that I have yet to argue that we should not make software that invades the privacy of a user without the user's express permission illegal. In fact, I've explicitly stated quite the opposite. It just won't do a whole helluva lot of good.


Again let’s use a conventional crime as an analogy. Let’s say someone leaves their car unlocked and someone simply opens the door and steals their CD collection. Is it suddenly not a crime because the owner of the car didn’t take adequate security measures? Nope, it’s still a crime. The person may or may not have been a fool for leaving their car unlocked, but that doesn’t make it any less of a crime.

Your analogy doesn't wash. The vast majority of spyware is installed with the express permission of the user. When you install Kazaa, you also agree to install the latest steaming pile of crap that they bundle with it. It says so right there in the license agreement. It's more like inviting somebody in to your car, asking them to break your windows, piss on the upholstery, slash your tires, put sugar in the gas tank, and then giving them your CD collection as a gift.

It's no secret that most commercial entities who offer something for free on the Internet make ends meet by collecting personal information about their "customers" to sell to marketing companies. If a user can't be bothered to read the fine print, well, tough shit.

I guess I should probably note that I shouldn't have included "not patching your operating system" as an example of a "tought shit" situation a couple of posts ago. That could imply that a malicious exploit doesn't fall under the umbrella of things I think should be illegal, which I did not intend to convey. Sorry for any misunderstandings.

Though I am a bit mystified at people who choose the product of a Certain Company as their operating system of choice, but don't trust that Certain Company to provide security fixes through Certain Company Update.

Originally posted by black455
The vast majority of spyware is installed with the express permission of the user.No. That is just plain not true. This is the point we are all making and you guys are not listening. It is EASY to get spyware. You don't have to install it yourself. It installs itself. And if it doesn't install itself then we aren't talking about that kind of spyware. That is the whole point of the OP. If it didn't trick you into loading, then it doesn't belong in this discussion. Stay on topic please. We are talking about spyware that tricks you into loading it, not the spyware that asks for permission. The OP isn't about how to prevent it, or what OS you should be using. It's about whether it should be illegal to trick people into installing spyware. Stay. On. Topic.

prisoner, in looking over this thread it looks like you have a pretty clear consensus on the question asked in the OP: Should spyware/adware/crapware that tricks you into loading it be illegal? The answer is yes, it should be illegal.

The question of how difficuilt it will be to enforce such laws probably deserves its own thread. (http://boards.straightdope.com/sdmb/showthread.php?threadid=230068)