Australian parliament fights spyware outbreak

Australian Democrat Senator Brian Greig is drafting legislation which aims to better define, and in some cases outlaw spyware and adware, after his office found the computers on the parliamentary system had been compromised by more than 50 different Internet-borne pests.

According to the Senator, the parliamentary computer system lacked even basic defences against spyware. The standard operating environment based on Microsoft XP and Internet Explorer 6, regularly resets the browser default to a low security environment which accept cookies and other forms of browser surveillance.

The senator's office ran three anti-spyware packages; Spybot, Ad-Aware and Pest Patrol, and while most of the breaches were fairly innocuous, they also located three malicious pests.

Peter Ward, group assistant secretary for Parliamentary Services, denies claims that spyware is in any way rampant in the Australian Parliament House, and says it is not burdening the system in anyway.

"It is burdening the individual users, some people get adware more than others and find it annoying," said Ward. "We are responding to the problem, and we are looking at better mitigation tools at the moment, and are currently talking with some software providers about their solutions."

According to Ward, the Parliamentary Services office responded by sending around a memo warning parliamentarians and their staff to take more responsibility for their surfing habits, and not to agree to downloading software unless they were fully aware of the terms of the usage and the consequences.

"We are starting by educating people and if we can do more about it in terms of software we will," Ward said.

However, Senator Greig's office is concerned that these measures have not gone far enough, and is calling for the IE6 defaults to be changed. Democrat staffer and IT advisor Keith McKenzie, believes the parliamentary network is totally compromised, and rejects assertions that the level of spyware and adware on the system is not affecting overall performance.

"Imagine that a parliamentarian is going to a Web site they are not supposed to, and the only people that know about it is a US-based spyware company who are against certain legislation going ahead," McKenzie offered.

According to Senator Greig, the anti-spyware bill currently being drafted aims to clearly define what surveillance can and can't be carried out, force opt-in clauses on spyware and adware, and educate the community about the problem.

"In the past the government has taken a ham-fisted, clumsy approach to Internet regulation," claimed Senator Greig. "They seem to think the Internet is like publishing or printing where you can just ban certain material. We want to provide greater user control over these mechanisms, and that needs a legislative as well as and educative approach."

Barring an early election, Senator Greig hopes to present his anti-spyware bill to the August sitting of Parliament.

ZDNet Australia's Jeanne-Vida Douglas reported from Sydney. For more coverage from ZDNet Australia, click here.