Kaspersky Wins Important Ruling for the Anti-Malware Industry

ABC writes "Zango sued Kaspersky Lab to force the Company to reclassify Zango's programs as nonthreatening and to prevent Kaspersky Lab's security software from blocking Zango's potentially undesirable programs. In the important ruling for the anti-malware industry, Judge Coughenour of the Western District of Washington threw out Zango's lawsuit on the grounds that Kaspersky was immune from liability under the Communications Decency Act."

this article is Kaspersky-ad

[ed.mps]

(but this is /. anyway) Ok, despite the marketing bias of the article, a decision against a malware vendor is always good, mainly if you have in mind which type of user will get these crappy things (w)installed.

Re:

[Anonymous Coward]

Can you be a f'kin idiot any more than you are now?

Kaspersky is known for not advertising. They spend more money on research than advertising dollars like Symantec, and have a much better product.

Wow, what a name...

[Anonymous Coward]

"In the important ruling for the anti-malware industry, Judge Coughenator of the Western District of Washington threw out Zango's lawsuit on the grounds that Kaspersky was immune from liability under the Communications Decency Act."

Poor guy, that Coughenator...his lungs must be shot.

Re:

[beamdriver]

He must be related to Mr Smokestoomuch [youtube.com]

Re:Wow, what a name...

[somersault]

I think they've missed a chance for major punnage..

"In a phleghmboyant ruling for the anti-malware industry, Judge Coughenator of the Western District of Washington spat out Zango's lawsuit on the grounds that Kaspersky was immune from liability under the Communications Decency Act."

In Soviet Russia...

[nstrom]

Nice decision. I thought Kaspersky was a Russian operation though, was there really standing to sue them in a US court?

Re:

[zoomshorts]

Kaspersky Labs is a Russian concern, a really nice AV product.
Eugene Kaspersky is a fantastic programmer and has always
had his hand in the business of stopping those sneaky bastards
who send us viruses and trojans and malware. :P

Re:

[Gordonjcp]

Let's see now, too fast through the pentameter, failing to stop at an enjambment, yup, I'm going to need to see your poetic licence, son.

Re:

[CrystalFalcon]

Of course. Russia is part of the US judicial system. So is the rest of the world, like Montana and Oregon.

Re:

[RAMMS+EIN]

``Of course. Russia is part of the US judicial system.''

As we _should_ all know, really. I mean, otherwise arresting Dmitry Sklyarov [wikipedia.org] would have been out of bounds. And we all know that wasn't the case; to say otherwise would be blasphemy. You can't violate the DMCA in Russia and walk free!

Re:

[RAMMS+EIN]

``Russia is part of the US judicial system. So is the rest of the world, like Montana and Oregon.''

Are you sure you aren't confusing Russia [wikipedia.org] and Georgia [wikipedia.org]? Err, I mean Georgia [wikipedia.org].

Re:In Soviet Russia...

[jonbryce]

They have offices in the US, from which they sell their software to US customers.

Wait, what?

[slughead]

OK, well on the box, why don't they just say "Removes spyware, malware, viruses... and Zango"

Wouldn't that take care of the legal problem?

Re:

[solevita]

Why bother? There is no legal problem; Kapersky won.

Re:

[Chmcginn]

And then next year it will be "Removes spyware, malware, viruses, Zango, and GAIN/Claria/whatever." Eventually the box will have to have a fold-out portion to name all of the stuff it removes if they went down that road.

Re:

[slazzy]

How about "Removes spyware, malware, viruses and other potentially unwanted programs"

Re:

[icepick72]

"Removes spyware, malware, viruses ... and may contain nuts"

Re:Wait, what?

[somersault]

Keep out of reach of malware authors.

Please note: this product is not intended as a substitute for braincells.

CDA Trumps Constitution?

[Anonymous Coward]

"the Communications Decency Act, part of which states: "No provider or user of an interactive computer service shall be held liable on account of any action voluntarily taken in good faith to restrict access to or availability of material that the provider or user considers to be obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable, whether or not such material is constitutionally protected, or any action taken to enable or make available to information content providers or others the technical means to restrict access to [such] material.""

I don't like this at all. It seems to me to indicate that my ISP can block me from p0rn, for my own good, and I have no recourse. And it doesn't matter if it is constitutionally protected material? WTF?

Re:CDA Trumps Constitution?

[garett_spencley]

IANAL but I don't think it means that you ISP could block access to material at their discretion.

"No provider or user of an interactive computer service shall be held liable on account of any action voluntarily taken in good faith to restrict access to or availability of material that the provider or user considers to be obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable, whether or not such material is constitutionally protected, or any action taken to enable or make available to information content providers or others the technical means to restrict access to [such] material."

So what I take from that is that you have to want the service to block said material AND said service must be "interactive", which I assume means that you have to run it yourself and have a direct say in what it does.

Re:

[gomiam]

I disagree. Someone (user or provider) won't be liable if that someone (user or provider, not just the user) voluntarily takes ah action in good faith to restrict access or availability to "indecent" material. As I read it, voluntarily excludes cases of negligence causing the material being unavailable or inaccessible. If the ISP willfully decided to restrict access to some "indecent" material, the user can't force the ISP to allow the user to access such material. And, unlike with antiv

Re:

[jcorno]

Your ISP is not an interactive computer service. If the filtering service were interactive, you'd be able to switch it on and off, or at least have some control over what's being filtered. If that's the case, what are you complaining about? Just turn it off. Otherwise, the law doesn't apply.

Re:

[JoelKatz]

The intent of this law was to make it possible for ISP's to offer filtered access to those who wanted it. Without this, they could be sued if some site slips through or a legitimate site gets blocked accidentally.

Your ISP has always retained the right to filter your service and most likely does so extensively. Book stores don't have to carry adult books if they don't want to -- you are free to shop elsewhere.

ISPs are providers of interactive computer services. The 'voluntarily' applies to the the ISP's deci

Re:

[enrevanche]

An ISP is not a book store. In most areas it is one of a very narrow range of choices for internet access. It is also quite different than deciding not to offer a service, it is like the post office deciding which books you can have sent to you. It has to go to great expense to deny you access. This is an insidious form of censorship disguised as the free market.

Re:

[JoelKatz]

So what do you suggest? Would you prohibit ISPs from filtering out spam and malware? Or would you hold an ISP liable for damages if it marked an unsolicited job offer as spam and someone lost the job opportunity because of it?

I do agree that some ISPs abuse this privilege. But I don't think the laws or the courts can decide what ISPs should and should not be filtering. The idea that all ISP service should be unfiltered is, unfortunately, just not reasonable. The percentage of customers who are technically q

Re:

[QMO]

An ISP is not a book store.

That's very true. There are definitely more ISP options in the small town where I live than there are bookstores. My parents live in a smaller town, that doesn't have a bookstore, but they have several choices for internet access. (Not counting the bookstores one can access through an ISP.)

Re:

[lenester]

I work at one such small-town ISP and I can say with certainty that only it's the absence of ubiquitous cable service that lets us exist. Most of our immediate area doesn't even have DSL-capable phone switches, and in fact even ISDN is unavailable here. We've got a high-bandwidth wireless service, but it's comparable to satellite in cost, and the service area is limited to those who can see the transmitters (they're on the highest peaks, but this is hill country). The vast majority of our customers are stil

Re:

[enrevanche]

Wrong

No provider or user of an interactive computer service shall be held liable on account of any action voluntarily taken in good faith to restrict access to or availability of material that the provider or user considers . . . This means that the ISP is not liable for its censorship.

No provider or user of an interactive computer service shall be held liable on account of any action voluntarily taken in good faith to restrict access to or availability of material that the provider or user considers . .

Re:

[bythescruff]

"I don't like this at all. It seems to me to indicate that my ISP can block me from p0rn, for my own good, and I have no recourse. And it doesn't matter if it is constitutionally protected material?"

No, the Constitution only says that the *government* can't prevent you from seeing such material. Your ISP can refuse to carry it, but then you can choose another ISP. Theoretically.

2257

[www.sorehands.com]

The government can't block porn, but they can make it easier for others to do it. They can also make it more difficult for companies to make it available.

The government used 18 USC 2257 for that. 2257 requires the producers of porn to get IDs for the people in porn movies. Seems sensible, right? Well, they have played with it. 1. They only permit the use of US ID if you make it film (pictures, etc) in the USA (to get on the plane you have to show government ID). That means, the I can't do movies with the S

Re:

[Artifakt]

You can choose another ISP, or use some other method, i.e. having a copy mailed to you or even sneakernet, to legally get any material that isn't legally obscene. The law doesn't count the ISP's actions as censorship, in part because of all the other legal alternatives, including alternatives that exist even in places where there is no choice of ISP.
There's a huge and increasing gap between De Facto, and De Jure here. With Copyright law and the DCMA as they are, those other alternative

yes, your ISP can

[SethJohnson]

my ISP can block me from p0rn

Your ISP can absolutely block porn. Not just technically, but legally. They mostly don't because if they were to do so, then they would become more liable for the data that's transmitted via their service.

I say mostly because many ISPs are doing packet shaping in order to protect their bandwidth from torrent abuse, etc.

Seth

Re:

[JoelKatz]

It is not longer true that by blocking porn (or trying to) they become more liable for the data that's transmitted via their service. That was the whole point of this article -- you can block in good faith without incurring liability for false positives or false negatives.

Congress feared that liability for bad blocking might discourage ISPs from providing "more child safe" services. They were concerned about services like AOL that moderate their forums and remove obviously inappropriate messages opting to n

Re:

[digitig]

I don't like this at all. It seems to me to indicate that my ISP can block me from p0rn, for my own good, and I have no recourse.

You have recourse. Change ISP.

Re:

[Tim C]

You do realise that the constitution applies to the government and government agencies and not to companies, don't you?

If your ISP is owned by the government then no, it can't block your porn access. Otherwise, it's free to block whatever it wants.

Re:

[The Warlock]

Your ISP is not the government. You have no right to tell your ISP what they can and cannot block from you other than the right that you always have to take your business elsewhere.

The First Amendment reads "Congress shall pass no law abridging" etc. etc. When the hell did your ISP become Congress?

Surprised and gratified

[golodh]

Well ... I'm surprised and gratified that in this case the law actually protects users instead of companies out to turn a buck. That isn't always the case I feel.

And yes, I think the immunity is for the right reasons: there are lots of advertisements and pieces of commercial attention-grabbing software that I don't want on my system. I don't care a hoot if that's fair or not w.r.t. whatever company thought they'd bring out such software. I just want to be able to prevent it from installing.

So any anti-virus software, anti-spyware software like Adaware is something *I* run, and what they remove or disable they do so on *my* authority.

I'm just relieved to see that not every random company out there can sue them for providing me the service I ask for on my own computer.

Re:

[RAMMS+EIN]

``I'm just relieved to see that not every random company out there can sue them for providing me the service I ask for on my own computer.''

But that's not what the law says, now, is it?

I think this law is bad. The fact that it was used to obtain an outcome that many people find desirable doesn't change that.

Good result. Questionable Logic.

[Compulawyer]

I have not read the full opinion yet, but I am at a loss to see how this fits under the CDA's definition of an "interactive computer service." I thought that Kaspersky, like most virus detection programs, ran as a process on the user's machine and only connected to a server for definitions updates. if so, I can't see how that classifies as an "interactive computer service" under the act. Then again, maybe I'm just not being creative enough in my statutory interpretation.

Re:

[CheddarHead]

In short because it contacts the Kapersky servers regularly for updates.

Re:

[Compulawyer]

I acknowledged that point - that does not mean that it qualifies as an "interactive service" as that term is used by the statute.

Re:

[CheddarHead]

Sorry, I should have been clearer. Yes, you did acknowledge the point, but that was exactly the point that the judge focused on in making the ruling. So whether or not that really makes it an interactive service, that is the thing that the judge believed made it an interactive service.

Re:

[JoelKatz]

The statute says:

"The term ''interactive computer service'' means any information service, system, or access software provider that provides or enables computer access by multiple users to a computer server, including specifically a service or system that provides access to the Internet and such systems operated or services offered by libraries or educational institutions."

So, yes, it's a bit of stretch for that to cover a piece of software that only incidentally uses a server. Oddly, the law has similar pr

Re:

[Compulawyer]

I agree that the "access software provider" sections seem to describe Kaspersky better. I am not sure that software in the form of executable code is "content" as used in the statute.

I guess I will have to spend some time this weekend going over the decision and re-reading the statute. Thanks for the citation.

Re:

[Compulawyer]

That does not seem to be enough to qualify as an "interactive service" as that term is used in the statute. Just the act of downloading updates fits a broad technical definition - but the statute is clearly focused on blogs, websites, email providers, and the like. That is what the term was intended to encompass. This seems like a stretch as far as statutory interpretation goes.

Re:

[yuna49]

The applicability of the statute to Zango itself raised eyebrows here. The article includes this text from the Act describing the content to which the statute applies: "obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable."

I take it Zango falls into the "otherwise objectionable" category? Who determines if something is "objectionable?" Isn't this term incredibly elastic? I doubt many members of Congress would have imagined the CDA covering Zango's software.

The wo

Re:

[Gnavpot]

I thought that Kaspersky, like most virus detection programs, ran as a process on the user's machine and only connected to a server for definitions updates. if so, I can't see how that classifies as an "interactive computer service" under the act.

You don't have to be an interactive computer service to get protection. Creators of utilities for this type of blocking are protected too. The utilities don't even have to be intended for use in an interactive computer service. See this part of the law text (copi

Re:

[xigxag]

The answer's in TFA, basically the entire penultimate paragraph. In part it says, "Users can adjust the settings to allow certain programs of their choice to come through at all times." That's interactivity.

Hooray!

[Toad-san]

And god damn zango!

I mean that in the nicest possible way, of course.

Oh, and god damn their lawyers too.

Remember when...

[DigitalSorceress]

I remember "back in the day" when spyware was still something you needed a separate scanner (Ad-Aware, Spybot S&D, etc..) for.

My pet theory was that since a lot of the spyware was coming from legit (but questionable) companies, the major antivirus players were afraid of touching it due to the threat of these kinds of lawsuits. Even though spyware and malware has since grown to such a pervasive problem that the big AV firms have gotten on board, I bet they were all watching the outcome of this suit. I for one am really happy that the ruling went in Kaspersky's favor, and shudder to think what would have happened if it hadn't.

Hopefully this ruling will send notice that you can't hide behind "restraint of trade" to keep antivirus / antispam programs from calling a spade a spade.

Re:

[RAMMS+EIN]

``I for one am really happy that the ruling went in Kaspersky's favor, and shudder to think what would have happened if it hadn't.''

Companies would stop detecting spyware, and people would run away from Windows, screaming in terror?

Ah...one can dream.

Re:

[Khaed]

As someone who ran away from Windows, screaming in terror, I have to say: Probably not.

I went to Linux exclusively over a year and a half ago, but I'm not about to recommend it to most non-techies I know. Even when I've cleaned all the crap off of their computers that they accumulate in the form of spyware and viruses. I have no experience with Mac or any BSD variant, so I can't recommend that, either.

Warts and all, Windows is what most people know, and most aren't interested enough to learn anything new

Re:Remember when...

[UbuntuDupe]

I remember "back in the day" when spyware was still something you needed a separate scanner (Ad-Aware, Spybot S&D, etc..) for.

Uh, someone remind me what the modern way to remove spyware is?

I still use those programs :-/

Re:

[value_added]

Uh, someone remind me what the modern way to remove spyware is? I still use those programs :-/

The programs are a convenience (friendly GUI, progress dialogs, etc.).

Determining what files are sitting on your hard drive, what settings (startup, etc.) are contained in your registry, or what programs or services are currently running on your system, etc., etc., doesn't require the installation of any these "scanner" programs. It's basic administration. Boring job, maybe, but it's a fact of life. And no more

Re:Remember when...

[UbuntuDupe]

Right, because everyone knows how to find the registry, everyone knows how to find how to find the registry, everyone knows how to interpret the registry, everyone knows how to kill programs running as "SYSTEM" and keep them from running again, and all malware is immediately obvious as being on your hard drive.

You're an idiot.

Re:

[value_added]

Right, because everyone knows how to find the registry, everyone knows how to find how to find the registry, everyone knows how to interpret the registry, everyone knows how to kill programs running as "SYSTEM" and keep them from running again, and all malware is immediately obvious as being on your hard drive.

I didn't say everyone. I implied anyone armed with the knowledge that comes from simply reading a fairly ordinary book. Again, a cursory understanding of the registry and such things startup routin

Re:

[UbuntuDupe]

Okay, which book can I pick up that shows me how to shut down an arbitrary process I see running in the task manager? Which book was I supposed to read that shows how to fix all the problems with unwanted programs, without using software specifically for that purpose? I notice that in two condescending posts, you never got to any of that. And like most elitists, you're assuming that any slowdown in someone's computers comes from a few, narrow, mind-numbingly stupid errors. If anyone's clueless here, it'

Re:

[modecx]

Yeah, but why the fuck would you do that if there's a program that does an equally good job, without any manual intervention? That's like doing a Riemann sum of a simple equation (with stupidly small slices, to boot) when you have perfectly good knowledge of calculus. I have better things to spend my time on than futzing around with the file system and windows registry trying to root out any number of garbageware programs someone else was ignorant enough to install.

Re:

[Oktober Sunset]

do you grind your own corn with two flat rocks too?

Re:

[Repossessed]

The modern way is to get a halfway decent antivirus. (I'm not going to point any fingers, but I've removed certain antiviruses, and installed others, only to be deluged with adware/virus detects). And let it do the job. (note: I have yet to see *any* antivirus vendor actually claim more than 98% detection rating. There's a decent chance you're infected regardless of what the scanners say if you run Windows).

I don't know of any antivirus vendors that don't support anti-spyware/malware functions these day

Re:

[edtech]

The modern way is to buy a Mac and use OS X. No viruses or spyware on the loose yet.

Re: "Legit but Questionable Company"

[TaoPhoenix]

So what does this mean to actions to block Microsoft's famous Windows Genuine Advantage? I have a lot of respect for judges - sometimes they can slide a ruling and paint it so perfectly for the issue at hand that everyone applauds... and then hand their superior court a precedent for their higher level case ... that earns them a standing ovation.

At what level is WGA different from Zango's claim, on the legal level?

Re:

[BillX]

Usually when their attempts at defamation / trademark infringement rulings fail, they go right for the deep end of tort law - "interference with contract" (user agreed contractually to install this trash) or "tortious interference with prospective economic advantage"...that one's a hoot.

hmmm

[g0dsp33d]

I'm as much of a fanboy of the stick it to malware developers movement, but this is kind of sets off a few flags.

Kaspersky was immune from liability under the Communications Decency Act, part of which states: "No provider or user of an interactive computer service shall be held liable on account of any action voluntarily taken in good faith to restrict access to or availability of material that the provider or user considers to be obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable, whether or not such material is constitutionally protected, or any action taken to enable or make available to information content providers or others the technical means to restrict access to [such] material."

It will be interesting to see two things: 1) how this cause stands up when something like Nortan AV "accidentally" gets blocked; 2)IANAL, but shouldn't this cover DRM? It falls under otherwise objectionable at the very least (filthy too, IMHO).

Re:

[m50d]

1) how this cause stands up when something like Nortan AV "accidentally" gets blocked

They'd have a hard time claiming that was done in "good faith".

2)IANAL, but shouldn't this cover DRM? It falls under otherwise objectionable at the very least (filthy too, IMHO)

Does it come under "material" though? It's not as if the DRM is in a few bits on the end you can knock off, you have to extract the data out of the DRMed format it's in.

Confused

[MobyDisk]

1) I'm unclear what law Kapersky violated that even allowed them to bring this suit. The closest thing I can find is "[Kapersky] has asked for unspecified monetary damages and an injunction forcing Zone Labs to cease its current classification of the products." but that's not clear enough.

2) The CDA provides protection for "any action voluntarily taken in good faith to restrict access to or availability of material that the provider or user considers to be obscene, lewd, lascivious, filthy, excessively vio

Re:

[gnasher719]

'' I'm unclear what law Kapersky violated that even allowed them to bring this suit. The closest thing I can find is "[Kapersky] has asked for unspecified monetary damages and an injunction forcing Zone Labs to cease its current classification of the products." but that's not clear enough. ''

Probably interference with business. Wait until drug dealers start suing the police for interfering with their business.

'' The CDA provides protection for "any action voluntarily taken in good faith to restrict access t

I know this here is not the US

[iminplaya]

But I want to know if Kaspersky will stop things like this [bbc.co.uk]. And what's going to happen if they do try to remove American government malware? Will they receive a "notice"?

Trivial way to solve this

[WindBourne]

Upon install, have the user OK that the program will block anything that is believes to be dangerous (as in malware, virus, etc). Once the user has given permission, it does not matter what a 3rd party wants. ABout the ONLY party who has a case is MS, or Apple, or the unix or BSD company. This would probably not be needed for any GPL OS including Linux, Minix, HURD, etc as they gave nearly all rights to the end-user.

Congratulate Zango

[Porchroof]

Using its own form, I sent a message to Zango congratulating it on losing the lawsuit.

Why don't all of you do the same?

zango.com [zango.com]

Re:

[LVSlushdat]

hehehe, Just did with the following:

I'm a computer support tech and have spent countless hours removing your ad/spyware from my clients machines, and I'd like to congratulate you on losing your lawsuit against Kaspersky Labs. May I suggest that you counsel your legal staff to let this drop, rather than wasting more of your money to appeal it. Since I use Kaspersky Labs products, and do not use yours, I'm glad a judge saw thru your arguments, and found in Kaspersky's favor. I'll now be able to continue to he

Re:

[XSforMe]

Here goes mine:

Thanks for easing my decision on which antivirus I'll be choosing. Kaspersky seems not only to be a lightweight antivirus program, but also an extremely accurate one!

Re:

[BillX]

Heh, I don't recommend clicking this link if you use IE.

Re:

[Tycho]

I would but there appears to be no way to send and detonate suitcase nukes though their form. Needless to say, I hate them and there software more than death. Zango pops up ads and, has a large memory footprint and can bring single core, midrange, Athlon 64 based computers to their knees. In the limited methods I used, using Add/Remove Programs, using their own removal app, running Spybot, running Spybot at Startup, ending the Zango process, deleting the in use Zango app, there seems to be no way to dele

Re:

[Tycho]

Yes, Yes, I know replying to my own comment, bad form. At any rate while this might or might not fix Zango I did find this which looks like an excellent tool/starting point for nuking Zango:
http://www.inside-security.de/insert_en.html [inside-security.de]

CDA

[SCHecklerX]

CDA is good? I'm confused.

Could be useful for spam, too

[eric76]

Consider all the spammers who threaten to file lawsuits against people for blocking their spam.

I've personally received several such threats myself, but nothing ever came of them.

With this to help, it would seem that the spammers couldn't possibly win a lawsuit unless it was malicious.

There have been blacklists who have blocked people they knew weren't spammers for other reasons. This obviously wouldn't shield those actions.

Zango

[Khaed]

I actually had to look up who they were, because I honestly had no idea. Not that I've never had to deal with spyware on a windows machine, just, I never paid enough attention to the names. I knew of Gator and Cool WWW Search by name before reading this.

I'm a little surprised they had the balls to bring a lawsuit about. Their hotbar apparently sends surfing habits back, they display pop ups, and it's somewhat of a bitch to uninstall -- my first question to their lawyers would be "So how are you NOT malware?"

Wonderful

[m3talocasnica]

This is, indeed, good news. I can't respect vendors who use deceptive practices, like Zango seems to do.