Author Topic: Why do the USA and other states not follow this example?  (Read 3134 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33895
  • malware fighter
Why do the USA and other states not follow this example?
« on: January 18, 2015, 03:37:01 PM »
Protecting Canadian Consumers from Malware, Spyware and Unauthorized Installations  ;D
A very welcome law, read : http://news.gc.ca/web/article-en.do?nid=921449

Goodbye to software bundlers and crapware dealers. Go and make their business illegal!
Unwanted extensions in browsers that become subtly changed so the crap will stay on forever
and cannot be uninstalled in a normal way,
Methods to earn cheap money at the expense of the unaware end-user,
but performed in such an unethical way it borders on being cybercrime.

polonus

Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Secondmineboy

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3645
Re: Why do the USA and other states not follow this example?
« Reply #1 on: January 18, 2015, 03:49:06 PM »
We should have this worldwide :)
Windows 10 1909, 4 GB DDR3 RAM, 500 GB 5400 RPM HDD, 1366 by 768 LCD Screen, Intel Core i3 5010U Dual Core, Intel HD Graphics 5500
HUAWEI P30 Pro. Android 10

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48541
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Why do the USA and other states not follow this example?
« Reply #2 on: January 18, 2015, 04:09:38 PM »
Unfortunately this has enough loopholes that you can drive a truck through them.
"the installation of apps by Canadians onto their own smartphones and tablets is not regulated by CASL"
It's apparently designed to prevent third part installation of Crap-ware.
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33895
  • malware fighter
Re: Why do the USA and other states not follow this example?
« Reply #3 on: January 18, 2015, 04:25:18 PM »
Hi bob3160,

The line here is whether you download crap knowingly or not? So when you cannot opt out or only uninstall/cleanse with a lot of difficulty such downloads should be illegal and those that provide them should come under prosecution. And they know it because why a lot of these crap dealers have such a large judiciary staff to work against anyone that calls a spade a spade? Now we have malcreants and pseudo-malcreants that abuse the loop-holes that were created for them.
But there is an (after)effect they have to consider and also for instance  Verizon knows that with their zombie cookie  header injection, continuing with their unethical methods when found out may backfire big time and then they can only say: "Was it worth doing it in the first place?".

Damian
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48541
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Why do the USA and other states not follow this example?
« Reply #4 on: January 18, 2015, 04:33:32 PM »
Damien,
We all know what should be done. That doesn't mean that not doing it is illegal.
This law, even if it were universal, would not prevent installation of crap onto your system when you start the
download of software that will reside on your own system.
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33895
  • malware fighter
Re: Why do the USA and other states not follow this example?
« Reply #5 on: January 18, 2015, 04:41:25 PM »
Hi bob3160,

I am realistic enough to know that there is a big gap between an ideal world and everyday's reality.
But we have to start somewhere, crap that changes files in your computer browser to be able to stay on forever is where the bundler's are crossing a line, especially when these goodies are being dealt out unsollicited. When they can close down piratebay, why cannot they terminate  such clown's crap spreading? Double standards maybe?

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48541
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Why do the USA and other states not follow this example?
« Reply #6 on: January 18, 2015, 04:53:41 PM »
Hi bob3160,

I am realistic enough to know that there is a big gap between an ideal world and everyday's reality.
But we have to start somewhere, crap that changes files in your computer browser to be able to stay on forever is where the bundler's are crossing a line, especially when these goodies are being dealt out unsollicited. When they can close down piratebay, why cannot they terminate  such clown's crap spreading? Double standards maybe?

polonus
Simple answer: MONEY
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Why do the USA and other states not follow this example?
« Reply #7 on: January 19, 2015, 05:30:35 PM »
An interesting write up here with a little taster in the quote

http://betanews.com/2015/01/19/easy-disk-drive-repair-is-not-what-it-seems/
Quote
To get a clearer view, we launched Process Hacker, found EasyDiskDriveRepair.exe in the list, double-clicked it and selected Memory > Strings. This displays more text strings the program might be using, and once more the very first page displayed something dubious: "HKCU\Software\Microsoft\Windows\CurrentVersion\DirectManipulation", something which could be used as part of an attempt to get more direct control over our Registry.

Another string showed a dubious Registry query: "C:\Windows\system32\cmd.exe" /c reg query HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f "*chrome*" /d > c:\windows\temp.txt -- searching for Chrome being launched when Windows starts, and saving any hits to a temporary file.

Why Chrome? Clicking Filter in the bottom-left of the Strings box allowed us to search for Chrome references, and sure enough the program was trying to use sqlite3 to directly modify Chrome’s database: "sqlite3.exe “C:\Users\mikew_000\AppData\Local\Google\Chrome\User Data\Default\Web Data" "update keywords set url = url || ‘&tag=chrome20-20′ where url like '%amazon%' and url not like ‘%&tag=chrome20-20′;"

It doesn’t take any great expertise to realize that this looks very bad, but we wanted to complete the picture by running a complete scan with "Easy Disk Drive Repair" and using Sysinternals Process Monitor to capture what it did.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33895
  • malware fighter
Re: Why do the USA and other states not follow this example?
« Reply #8 on: January 20, 2015, 12:41:59 AM »
Hi essexboy,

If anyone here knows where it is heading and how it is being performed, it is you.
They can work all these devious malcode manipulation tricks almost unhindered
and no one blocks them in their ways or seem to stir or even raise a finger,
so it is going from bad to worse. Crap starts to rule.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Why do the USA and other states not follow this example?
« Reply #9 on: January 20, 2015, 03:55:29 PM »
Some of these bundled softwares also change chrome if it is present to the developer build.  This means that any add on can be installed from anywhere with no security check on it