Problem With The Spyware Concept
In early 2000, Steve Gibson formulated the first description of spyware after realizing software that stole his personal information had been installed on his computer (Gibson Research Corporation). His definition reads as follows:
| “ | Spyware is any software which employs a user’s Internet connection in the background (the so-called ‘backchannel’) without their knowledge or explicit permission. | ” |
This definition was valid in the beginning of the spyware evolution. However, as the spyware concept evolved over the years it attracted new kinds of behaviours. As these behaviours grew both in number and in diversity, the term spyware became hollowed out. This evolution resulted in that a great number of synonyms sprang up, e.g. thiefware, scumware, trackware, and badware. We believe that the lack of a single standard definition of spyware depends on the diversity in all these different views on what really should be included, or as Aaron Weiss put it (Weiss 2005):
| “ | What the old-school intruders have going for them is that they are relatively straightforward to define. Spyware, in its broadest sense, is harder to pin down. Yet many feel, as the late Supreme Court Justice Potter Stewart once said, ‘I know it when I see it.’. | ” |
Despite this vague comprehension of the essence in spyware, all descriptions include two central aspects. The degree of associated user consent, and the level of negative impact they impair on the user and their computer system (further discussed in Section 2.3 and Section 2.5 in (Boldt 2007a)). Because of the diffuse understanding in the spyware concept, recent attempts to define it have been forced into compromises. The Anti-Spyware Coalition (ASC) which is constituted by public interest groups, trade associations, and anti-spyware companies, have come to the conclusion that the term spyware should be used at two different abstraction levels (Anti-Spyware Coalition). At the low level they use the following definition, which is similar to Steve Gibson’s original one:
| “ | In its narrow sense, Spyware is a term for tracking software deployed without adequate notice, consent, or control for the user. | ” |
However, since this definition does not capture all the different types of spyware available they also provide a wider definition, which is more abstract in its appearance:
| “ | In its broader sense, spyware is used as a synonym for what the ASC calls ‘Spyware (and Other Potentially Unwanted Technologies)’. Technologies deployed without appropriate user consent and/or implemented in ways that impair user control over:
1) Material changes that affect their user experience, privacy, or system security; |
” |
Difficulties in defining spyware, forced the ASC to define what they call Spyware (and Other Potentially Unwanted Technologies) instead. In this term they include any software that does not have the users’ appropriate consent for running on their computers. Another group that has tried to define spyware is a group called StopBadware.org, which consists of actors such as Harvard Law School, Oxford University, Google, Lenovo, and Sun Microsystems (StopBadware.org). Their result is that they do not use the term spyware at all, but instead introduce the term badware. Their definition thereof span over seven pages, but the essence looks as follows (StopBadware.org Guidelines):
| “ | An application is badware in one of two cases:
1) If the application acts deceptively or irreversibly. |
” |
Both definitions from ASC and StopBadware.org show the difficulty with defining spyware. We therefore regard the term spyware at two different abstraction levels. On the lower level it can be defined according to Steve Gibsons original definition. However, in its broader and in a more abstract sense the term spyware is hard to properly define, as concluded above.
Read more about this topic: Privacy-invasive Software
Famous quotes containing the words problem with, problem and/or concept:
“The general public is easy. You don’t have to answer to anyone; and as long as you follow the rules of your profession, you needn’t worry about the consequences. But the problem with the powerful and rich is that when they are sick, they really want their doctors to cure them.”
—Molière [Jean Baptiste Poquelin] (1622–1673)
“My problem lies in reconciling my gross habits with my net income.”
—Errol Flynn (1909–1959)
“I think that Richard Nixon will go down in history as a true folk hero, who struck a vital blow to the whole diseased concept of the revered image and gave the American virtue of irreverence and skepticism back to the people.”
—William Burroughs (b. 1914)