Security threats Toolkit

Anti-spyware group finalises detection plans

Tags:
Defence,
Rootkits,
Anti-spyware,
Spyware

Alorie Gilbert CNET News

Published: 13 Jan 2006 09:30 GMT

A coalition of software companies have agreed on standard methods for identifying and combating spyware, those unwelcome downloads that have plagued Internet users with pop-up ads and other annoyances.

The Anti-Spyware Coalition, whose members include Microsoft, Symantec, Computer Associates, McAfee, AOL and Yahoo, said on Thursday it has finalised its spyware detection guidelines. The final version takes into account public comments on a proposed version introduced in October.

Spyware and adware have become widely despised for their sneaky distribution tactics, unauthorised data gathering and tying-up of computer processing power. Although adware makers say there are legitimate uses for their programs, an entire anti-spyware market has been spawned to combat the stuff.

The Anti-Spyware Coalition's guidelines, or risk model description, aim to provide a common way to classify spyware, based on risks a piece of software poses to consumers. They also suggest ways to handle software, based on those risk levels.

Among the behaviours the group considers high-risk are programs that replicate themselves via mass emails, worms and viruses. Also, programs that install themselves without a user's permission or knowledge, via a security exploit, are also deemed high-risk, as are programs that intercept email or instant messages without user consent, transmit personally identifiable data, or change security settings.

The coalition hopes the final guidelines, which have changed little from the proposed version, will lead to better anti-spyware products. To that end, Cybertrust, through its ICSA Labs unit, is planning to certify products that meet the guidelines. Consumers should see the first products with its anti-spyware seal of approval within the next few months, the IT security and risk management company said.

The guidelines should also make it clearer when companies cross the line of what's acceptable and legal and what's not when it comes to downloads, as Sony BMG did recently with its "rootkit" programs, said Ari Schwartz, a spokesman for the Anti-Spyware Coalition. Sony recently settled a class-action lawsuit over copy-restriction software hidden on customers' computers using a rootkit, which opened those PCs up to attack. The company also recalled the CDs after a public uproar.

Yet attempts to define spyware, create guidelines and certify products are controversial. Critics fear guidelines will legitimise spyware and enable distributors to dodge blocking tools while continuing bad behaviours.

The Anti-Spyware Coalition group plans to conduct a public workshop on 9 February in Washington, DC, and is currently working on tips for consumers and businesses, Schwartz said.