Week in review: The law and the Net
Legislators take note of technology--still in its early stages--meant to foil illegal file swapping. They're also out to stop the spread of computer-hijacking "spyware" and "adware."
A new political battle is brewing over Net music swapping, focusing on a company that claims to be able to automatically identify copyrighted songs on networks like Kazaa and to be able to block illegal downloads. Audible Magic has been making the rounds of Washington, D.C., legislative and regulatory offices for the past month, showing off technology it says can sit inside peer-to-peer software and automatically stop swaps of copyrighted music.
The company's technology is still being tested and could yet prove unworkable. But limited demonstrations have already turned some heads in legislative offices. And with the Recording Industry Association of America's backing, the technology has been given credibility in legislative, regulatory and educational circles.
Meanwhile, the venerable MP3 music format, the technology most widely associated with unrestricted file swapping, is getting a makeover aimed at blocking unauthorized copying. The companies that license and own the patents behind the MP3 digital music technology are in the midst of creating a new digital rights management add-on for the popular format.
Lawmakers are also seeking to stop the spread of spyware and "adware" that hijack people's computers without their consent. Late last week, three U.S. senators introduced the "Spyblock Act," aimed at controlling a common complaint of Net surfers. Among other things, the bill would require that a computer user gives consent before the software is installed and that the programs could be easily removed.
The bill comes as public awareness of the problem and of the technical headaches that surreptitious software cause is growing. Much of the outcry is coming as people increasingly use software that identifies hidden programs that produce advertisements, pop-up boxes or home page changes without permission. The digital pests often find their way onto computers by being bundled with popular free programs such as file-swapping tools.
The drive to control spyware is also spreading to state legislatures. Utah became the first state to pass a law regulating spyware and other advertising software, although the governor has yet to sign the bill. Lawmakers in Iowa and California have also introduced their own spyware control proposals in the past several weeks.
SCO takes action
The SCO Group put its Linux threats in gear this week by filing lawsuits against two companies, but it may have had another big wheel in mind when it started out.
SCO filed lawsuits against auto parts retailer AutoZone and automaker DaimlerChrysler in its continuing legal battle over the Unix and Linux operating systems.
The software company says AutoZone "violated SCO's Unix copyrights by running versions of the Linux operating system that contain code, structure, sequence and/or organization from SCO's proprietary Unix System V code in violation of SCO's copyrights." The lawsuit requests injunctive relief against AutoZone's further use or copying of any part of SCO's copyrighted materials.
Meanwhile, SCO has also filed suit against DaimlerChrysler, because the automaker did not respond to SCO's demand in December that Unix licensees certify that they haven't moved Unix technology to Linux.
Linus Torvalds, the founder and lead programmer of the Linux movement, reacted with scorn to SCO's Linux user suits. "The whole thing is just a charade to distract people from the real issue--that they (SCO) do not have a business," he said.
However, SCO may originally have had a different target in mind. A document CNET News.com has seen reveals that the Unix seller's attorneys had also prepared a complaint against Bank of America. A Microsoft Word document of SCO's suit against DaimlerChrysler originally identified Bank of America as the defendant instead of the automaker.
This revision and others in the document can be seen through powerful but often forgotten features in Microsoft Word known as invisible electronic ink. A feature in the word-processing software tracks changes to documents, who made those changes--and when they were made.
From the document, it is unclear whether SCO was serious about suing the bank, whether it still intends to, or why the bank was dropped and replaced with DaimlerChrysler. But the hidden text indicates that SCO spent considerable time building a case against the bank and that it also considered whether to extend allegations filed against IBM to Big Blue's high-profile customers--in this case, Bank of America.
Virus turf war
The authors of MyDoom and Bagle are exchanging insults with the author of NetSky, using text hidden inside their virus code, security researchers have discovered. Earlier this week, more than 10 variants of the NetSky, Bagle and MyDoom worms were discovered. Mutants have contained messages, complete with vulgar taunts, that indicate that the authors of MyDoom and Bagle have teamed up against NetSky's author, antivirus experts said.
Finnish security company F-Secure on Tuesday reported that Bagle.J contained a line of text that said, "Hey, NetSky...don't ruine our bussiness, wanna start a war?" MyDoom.G, which was released on the same day, also contained a message to NetSky's author: "to NetSky's creator(s): imho, skynet is a decentralized peer-to-peer neural network. we have seen P2P in Slapper in Sinit only. they may be called skynets, but not your...app."
Security companies have also started updating their products with more sophisticated techniques aimed at getting inside the encrypted attachments the Bagle worm has spread. Recent versions of the worm have bypassed corporate-gateway security measures, because they are distributed in password-protected Zip files, which are next to impossible for antivirus programs to scan. E-mails infected with the Bagle worm, however, contain the password required for opening the Zip file.
Antivirus vendors BitDefender and Kaspersky Labs have both launched updates enabling their software to open any encrypted attachments using the password the e-mail text contains. Once the file is decrypted, it is treated as an executable file and scanned normally.
A red-faced F-Secure added more security to its customer mailing lists, after a moderator accidentally forwarded a virus to users of the company's antivirus software. The moderator for the company's U.K. customer list forwarded an e-mail last week the virus NetSky.B generated.
The virus e-mail had been sent to the antivirus list's moderator, after a PC in the United States--with no association to F-Secure--became infected. The address for the list happened to be on the computer. When the moderator received the e-mail, he accidentally gave permission for the software to forward the message to subscribers.
Also of note
Ask Jeeves said it is buying Interactive Search Holdings, owner of several destination sites, including iWon, Excite and My Way, for about $343 million in cash and stock...Intel wants desktop PCs to double up as network hubs and video recorders, a move that could make life tough for the companies that produce those stand-alone products...In an ironic twist, Oracle is seeking information from archenemy Microsoft to buttress its defense against an antitrust lawsuit the U.S. Department of Justice filed...Electronic voting passed its first big test on Tuesday, as voters used computerized voting machines instead of paper ballots and punch cards to help choose who will be the Democratic Party's nominee for U.S. president.