The Anti-Spyware Coalition (ASC) yesterday announced several breakthroughs in the fight against its nemesis.
The alliance of technology companies and public interest groups has decided on a definition for the unwanted and often dangerous spyware infesting computers, and has created a risk modeling document that outlines objective criteria for anti-spyware vendors. The coalition also announced its first-ever public educational meeting.
Ari Schwartz, associate director of the Center for Democracy and Technology, which has led the group’s work, said the commitment of ASC members has allowed the organization to accomplish a great deal in a short amount of time.
“The spyware definitions give those of us united in the battle against spyware a common language, while the risk-modeling document clearly lays out the behaviors that make certain software dangerous,” Schwartz said. “These developments move us closer to a world in which consumers have the upper hand over those who create malicious, unwanted technology.”
As Cyber-Security month draws to a close, ASC unveiled its final, consensus definition of spyware, which was developed by coalition members including major anti-spyware companies, software developers and public interest groups.
Almost 400 comments submitted by organizations and individuals also helped shape the definitions. The final document will serve as the foundation for all of the coalition’s future anti-spyware efforts.
The need to identify and eradicate spyware programs will drive anti-spyware software revenues from US$12 million in 2003 to $305 million in 2008, according to IDC.
Modeling Spyware Risks
In a second initiative, the new ASC risk modeling document outlines the objective criteria anti-spyware vendors use to determine whether to identify a piece of software as “spyware.”
The document goes into technical detail about the specific behaviors that make certain technologies risky. ASC said it will help users better understand how the products that protect their computers work, as well as offering anti-spyware companies guidelines for their own proprietary rating processes, but still keeping a robust marketplace for anti-spyware technologies.
Just as the spyware definition laid the groundwork for the risk modeling document, the ASC said the risk modeling document itself sets the stage for the eventual development of industry-wide best practices.
As was the case with the definitions document, the risk modeling language will be open for public comment until November 27, 2005 on the ASC Web site.
With all the initiatives underway the Anti-Spyware Coalition has at least partially fulfilled its mission to build a consensus about definitions and best practices in the debate surrounding spyware and other potentially unwanted technologies.
The question is, will the efforts help curb spyware? Basix CEO and Chief Analyst Jonathan Spira told TechNewsWorld that it is a move in the right direction.
“The risks associated with spyware are significant, as such malware can increase a company’s exposure with respect to regulatory and compliance issues as well as IT support issues,” Spira said. “Any industry-wide movement towards defining and combatting the problem of spyware and other malware benefits all users.”