how-to block ads
|
sivran
Long Live The Suite
Premium
join:2003-09-15
Arlington, TX
clubs:
 ·RoadRunner Cable
| reply to Bobby_Peru
Re: Targeting "Greyware" - Criteria & Definitions
I think I'll propose an amendment to Bobby Peru's example myself.
quote:
4) Fails to itself contain upon initial installation, and retain until complete uninstallation, and provide ALL of the following methods of quick, easy (define?) complete uninstallation, each of which singularly must completely Uninstall the software and any other software that said software imported...., including ??? , and which must not Uninstall, or in any way damage any other software, data, O/S and/or...? of the machine:
This is fine, if you're looking at it like this: "Application A, which is supported by Adware B, must remove Adware B and all components thereof upon being uninstalled."
But, if you look at it from the other direction: "Adware B, must upon being uninstalled..." Must Adware B prompt the user with, "Hey, you, uninstalling me will break Application A. Do you wish to uninstall that as well?" However, Adware B may not be smart enough to enumerate the different applications using it, or it may remember only the last application to use it.
There should also be an entry that explicitly addresses such programs, like certain P2P apps, that install separate adware/spyware components. Such applications should be required to provide uninstallers for these *ahem* "other" components, regardless of whether doing so would break the application or not. The uninstaller would of course warn the user of this, I'm sure. 
quote:
2) Questionable Installation exploit section ---
"Uses any sort of deceit, including, but not limited to, misleading statements (in EULAs or otherwise), false statements, or omissions, to manipulate the user into installing the software."
--
TCPA - Treacherous Computing
Kerio 2.1.5 - Best damn firewall
Home licensing should be just that. | |
Blackbird
Built for Speed
Premium
join:2005-01-14
Fort Wayne, IN
 ·Verizon Online DSL
| reply to Bobby_Peru
said by Bobby_Peru  : 1) Unwanted by any user for any reason, as determined by ... I'd change this to: 1) Unwanted by any user for any reason at any time , as determined by ...
I think right up front has to be addressed (even indirectly) the issue that the user MAY have once accepted some kind of EULA or OK button, but now elects (legitimately) to revoke that choice. EULA acceptance appears to be the spearpoint of the malware litigation threats, so the concept needs to be established that anti-malware tools exist, in part, to assist a user who has changed his mind about any earlier EULA acceptance.
--
If God wanted us to work with electrons, He'd make them big enough to see... | |
Bobby_Peru
Premium
join:2003-06-16
4 edits | reply to eburger68
Eric, first thank you as always for finding/making the time to keep at this in general, and for your above gathering of definitions.
I can not read through them now, and could only spend a short time on this now, but for what little this may be worth, here's a frame work to perhaps get started. Of course avoiding the "name calling" that these miscreants seem to bring out in me, would be highly recommended. Huge holes exist at this point, but here goes...
------------------------------
Software Detection and Removal Tool Version 0.000.001--
Purpose:
This software attempts to detect other software that meet the enumerated criteria as listed below. Software is selected for testing by many means, including user suggestions and submissions.
Modification and Notice:
These criteria may be modified, altered, or otherwise changed, at any time, and with no notice.
Should any modification be made, we will provide notice, but are under no obligation to do so, other than should such a modification result, or allow for software, or recent or new versions of software to no longer be detected (less detection), we warrant that we will give clear, unambiguous prior Notice to our customers, by prior posting of any such changes and their effects on our site, on the Update Page, the Download Page, and any other applicable pages, and by providing such notice through our software's Update procedure.
(Specific NOTICE details stated- Font size, size of Notice pop-up if any, color scheme, minimum time pop-up must remain on screen, procedure required to close pop-up).
NOTE: DETECTION INDICATES ONLY MEETING ONE OR MORE OF THE BELOW CRITERIA. USERS CHOOSE WHAT DETECTED SOFTWARE THEY WANT TO REMAIN ON _THEIR_ MACHINES, AND WHAT SOFTWARE THEY WILL REMOVE. ANY SUGGESTIONS REPRESENT THE RESULTS OF OUR RESEARCH INTO USER'S OWN PREFERENCES, EXPERTS ADVICE, AS WELL AS OUR PREFERENCES. USERS ARE UNDER NO OBLIGATION TO FOLLOW ANY SUGGESTIONS.
--- CRITERIA FOR DETECTION AND USER SELECTABLE REMOVAL---
1) USER DESIRE
Unwanted by any user for any reason, at any time, as determined by ...
AND/OR
2) QUESTIONABLE INSTALLATION EXPLOITATION --- Failure to provide for express user consent to Installation, with prior presentation of clear, concise, easy to understand Notice as specified below. Use any sort of deceit, including, but not limited to, misleading statements (in EULAs or otherwise), false statements, or omissions, to manipulate the user into installing the software.
AND/OR
3) AD PRESENTATION
Displays and/or plays advertisements (?define display, plays and advertisements?).
AND/OR
4) Uninstall
At initial installation, and at all times subsequent to that, up until complete removal, Fails to itself contain upon initial installation, and retain until complete uninstallation, and provide ALL of the following methods of quick, easy (define?) complete uninstallation, each of which singularly must completely Uninstall the software and any other software that said software imported...., including ??? , and which must not Uninstall, or in any way damage any other software, data, O/S and/or...? of the machine:
A) Windows Programs Add/Remove
AND
B) Windows--> Start--> Programs
5) INFORMATION and COMMUNICATION
Monitors and/or collects, and/or detects, and/or stores, and/or transmits any information related to the use of the machine, and/or any application, and/or any user of the machine, and/or any user's use of the machine, and/or any connection, unless... (Experts must help out here to craft language to narrowly include normal o/s and application functioning, yet exclude the scumware. I know this is a tough one, but I think it can be done).
AND/OR
6) PURPORTED "EULA"/"LICENSE" SECTION #1
Contains any purported "EULA", "contract", "license", "agreement", "licensing agreement"...... that fails to provide:
a)
AND
b)
(specify presentation/display minimum characteristics: when displayed, how long it must be displayed, procedure required to "Agree", how it is displayed - Font size, color scheme, line spacing, where in "document" and where in "display" of document enumerated language must be display - first "page"..)
AND/OR
7) PURPORTED "EULA"/"LICENSE" SECTION #2
Contains any purported "EULA", "contract", "license", "agreement", "licensing agreement"...... that states, implies and/or alleges in any manner:
a)
and/or
b)
AND/OR
8) MACHINE/APPLICATION/CONNECTION PERFORMANCE
Negatively impacts the performance, use, and enjoyment of a machine(specify a range of machine characteristics), as determined by the user and/or (specify expert(s), and/or groups).
9) VISIBILITY/CONTROL/STARTUP
10) VENDOR CONTACT INFORMATION --
Fails to provide (specify how provide) ALL of the following information: Contact Info (specify: Complete physical address, phone, email, Registered Agent's contact info...)
.....
[Edit: 1st mark-up, now including said by Blackbird SR:
1) Unwanted by any user for any reason at any time , as determined by ... and said by sivran:
Uses any sort of deceit, including, but not limited to, misleading statements (in EULAs or otherwise), false statements, or omissions, to manipulate the user into installing the software. | |
|
