A new coalition of technology companies and public interest organizations has hit some early milestones in its effort to combat spyware. On Thursday, the Anti-Spyware Coalition published two documents that the group hopes will take the computer security industry a step closer toward agreeing on a set of best practices for stopping this type of annoying and invasive software.
Coalition members have published a definition of the term "spyware" and are now seeking public comment on a "risk modeling" document that goes into technical detail about just what it is that separates spyware from any other kind of software.
Though it has taken only three months to hit these milestones, getting consensus in this area has not always been easy. A similar organization, called the Consortium of Anti-Spyware Technology Vendors, fell apart in February after 16 months of effort.
The Anti-Spyware Coalition's work ultimately will help software vendors build better products that defend against spyware in a more consistent fashion, said Vincent Weafer, senior director with Symantec's Security Response team. "When we all started looking at the spyware space . . . there was no common definition of what was spyware and what was adware," he said. "It should start to align how companies behave when they look at various types of adware and spyware programs."
Symantec has already begun applying the coalition's definitions to its own products, Weafer said.
The coalition's documents will also help educate users on the subject of spyware, said David McGuire, a spokesman for the Center for Democracy and Technology, another coalition member.
Public comment is now being solicited on the risk-modeling document, and public meetings have been scheduled for Washington, D.C., and Ottawa, Canada, next year to further discuss the spyware problem, McGuire said. "One of the ultimate goals of the coalition is to come up with industrywide best practices," he said.
Other Anti-Spyware Coalition members include Microsoft, Computer Associates International, McAfee, the National Center for Victims of Crime, and the Cyber Security Industry Alliance.
The Coalition's documents can be found here:http://www.antispywarecoalition.org/documents/index.htm