Executives at leading online marketing companies said their affiliate agreements prohibit drive-by downloads or installations that arent specifically user-authorized. "I can tell you we have a strict set of rules [about disclosure], and were removing distributors who are found to not be in compliance with our policies," said Direct Revenues Maheu. Direct Revenue said it has terminated contracts with six distributor partners in the last 12 months, but it declined to name the partners, citing "legal reasons." 180Solutions is policing its network of 7,000 to 10,000 affiliate sites, according to Dan Todd, 180s president and co-founder, although the company declined to list specific actions it has taken, aside from a single July 2004 lawsuit against Aztec Marketing Solutions Ltd., which accused the affiliate of using drive-by downloads.Other players in the adware and spyware food chain are also taking steps to cut down on the prevalence of the programs. Commission Junction Inc., a 70,000-member Web site affiliate network based in Santa Barbara, Calif., recently banned 180Solutions affiliates from its network and told members they could not distribute third-party software without explicit approval from Commission Junction, according to company officials. LinkShare Corp., another affiliate marketing network, is also asking affiliates to reapply so that their sites can be vetted, said Shawn Collins of Summit, N.J., an authority on affiliate networking. Still, IT administrators are skeptical that new laws and pressure from advertisers will make much of a difference when it comes to ending the spyware and adware problem. "As with spam, a lot of this stuff comes from overseas," said Family Credits Beard. "You cant really legislate whats going on." For insights on security coverage around the Web, check out eWEEK.com Security Center Editor Larry Seltzers Weblog. Administrators are looking to other means, such as anti-spyware software and switching from such vulnerable platforms as Windows and IE. At the University of Toledo, in Ohio, for example, administrators are encouraging use of browsers other than IE and are evaluating Apple Computer Inc.s new Apple Mini for no other reason than to end spyware infections, said Joe Sawasky, interim CIO at the university. Beard said he is exploring the use of the Firefox browser at his organization. "I dont really know if theres a big fix. As long as people keep writing software to get around whats out there trying to block it, there will always be new problems," he said. Check out eWEEK.coms for the latest security news, reviews and analysis.
But pressure from outside the adware industry is the most likely agent of change in the spyware business. Two federal anti-spyware bills covering certain installation, removal and monitoring behaviors, as well as disclosure requirements, recently passed the U.S. House of Representatives, and lawmakers are optimistic that some anti-spyware legislation may be signed into law by years end, according to Rep. Mary Bono, R-Calif., who co-authored HR 29, also called the Spy Act.