Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISN] Anti-spyware guidelines get final version

from [InfoSec News] Network Security [Permanent Link]
Subject: [ISN] Anti-spyware guidelines get final version
Date: Fri, 13 Jan 2006 04:19:41 -0600 (CST) 
http://news.com.com/Anti-spyware+guidelines+get+final+version/2100-7349_3-6026632.html

By Alorie Gilbert
Jan. 12, 2006

A coalition of software companies have agreed on standard methods for
identifying and combating spyware, those unwelcome downloads that have
plagued Internet users with pop-up ads and other annoyances.

The Anti-Spyware Coalition, whose members include Microsoft, Symantec,
Computer Associates, McAfee, AOL and Yahoo, said on Thursday that it
has finalized its spyware detection guidelines. The final version
takes into account public comments on a proposed version introduced in
October.

Spyware and adware have become widely despised for their sneaky
distribution tactics, unauthorized data gathering and tying-up of
computer processing power. Although adware makers say there are
legitimate uses for their programs, an entire anti-spyware market has
been spawned to combat the stuff.

The Anti-Spyware Coalition's guidelines, or risk model description,
aim to provide a common way to classify spyware, based on risks a
piece of software poses to consumers. They also suggest ways to handle
software, based on those risk levels.

Among the behaviors the group considers high-risk are programs that
replicate themselves via mass e-mails, worms and viruses. Also,
programs that install themselves without a user's permission or
knowledge, via a security exploit, are also deemed high-risk, as are
programs that intercept e-mail or instant messages without user
consent, transmit personally identifiable data, or change security
settings.

The coalition hopes the final guidelines, which have changed little
from the proposed version, will lead to better anti-spyware products.
To that end, Cybertrust, through its ICSA Labs unit, is planning to
certify products that meet the guidelines. Consumers should see the
first products with its anti-spyware seal of approval within the next
few months, the IT security and risk management company said.

The guidelines should also make it clearer when companies cross the
line of what's acceptable and legal and what's not when it comes to
downloads, as Sony BMG did recently with its "rootkit" programs, said
Ari Schwartz, a spokesman for the Anti-Spyware Coalition. Sony
recently settled a class-action lawsuit over copy-restriction software
hidden on customers' computers using a rootkit, which opened those PCs
up to attack. The company also recalled the CDs after a public uproar.

Yet attempts to define spyware, create guidelines and certify products
are controversial. Critics fear guidelines will legitimize spyware and
enable distributors to dodge blocking tools while continuing bad
behaviors.

The Anti-Spyware Coalition group plans to conduct a public workshop on
Feb. 9 in Washington, D.C., and is currently working on tips for
consumers, including teens and parents, and businesses, Schwartz said.

Copyright ©1995-2006 CNET Networks, Inc. All rights reserved.



_________________________________
InfoSec News v2.0 - Coming Soon! 
http://www.infosecnews.org
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISN] Anti-spyware guidelines get final version, InfoSec News <=
Previous by Date:  [ISN] Gov't Cyber-sleuths Focusing on Linux, iPod, Xbox, InfoSec News
Next by Date:  [ISN] Defense lab accredited in computer forensics, InfoSec News
Previous by Thread:  [ISN] Gov't Cyber-sleuths Focusing on Linux, iPod, Xbox, InfoSec News
Next by Thread:  [ISN] Defense lab accredited in computer forensics, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]