Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

RetroCoder Threatens Security Vendors

ScuttleMonkey posted more than 8 years ago | from the blustering-stuffed-shirts dept.

Security 157

john83 writes "RetroCoder the company that brings you SpyMon, a commercial keylogger is trying to stop vendors of security software from looking at their software. RetroCoder uses a EULA that prohibits anti-spyware publishers / software houses from downloading, running or examining the software in any way. Essentially, they're trying to hide a key logger behind copyright law." While they are certainly not the first to do so, it is interesting that companies still take this approach.

cancel ×

157 comments

Sorry! There are no comments related to the filter you selected.

Dupe... (3, Informative)

zenmojodaddy (754377) | more than 8 years ago | (#14033629)

... from 11th November.

Re:Dupe... (-1, Offtopic)

zenmojodaddy (754377) | more than 8 years ago | (#14033718)

For crap's sake. The one time I get first post, it's on a dupe. That's just taking the piss...

Sorry! (4, Funny)

jolyonr (560227) | more than 8 years ago | (#14033798)

I think you'll find, if you read the slashdot EULA, you are NOT ALLOWED to check for dupe articles.

Lawers will be contacting YOU!

Jolyon

Re:Sorry! (0)

m94mni (541438) | more than 8 years ago | (#14033871)

In Sovjet Russia, YOU sue Lawyers!

Re:Sorry! (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#14034125)

In Korea, only old people use lawyers!

Re:Sorry! (0)

Anonymous Coward | more than 8 years ago | (#14034280)

I for one welcome our new, old-people-using, self-sueing, lawyer overlords.

Re:Dupe... (1)

sgt scrub (869860) | more than 8 years ago | (#14034381)

I beleive it is called prior art. This article is null and void!

YAD (2, Informative)

Hieronymus Howard (215725) | more than 8 years ago | (#14033631)

Yet Another Dupe

This is why I let my subscription lapse. I was sick of paying for duplicate articles:
http://yro.slashdot.org/article.pl?sid=05/11/11/06 8222&tid=123&tid=172&tid=17 [slashdot.org]

As a VA Software Corp stockholder... (2, Insightful)

Anonymous Coward | more than 8 years ago | (#14033661)

I'd like to congratulate you on your schemes to increase pageviews. The advertising money is just rolling in! Your dupe strategy has been a remarkable success. But I agree with your assessment that it needs to be replaced, the backlash is getting too great and some people are on to the plot.
Your new strategy of having a continuing thread (the Intelligent Design flood), is even better! You just throw up 1 new piece of news and there is a whole new rehash of the same posts. It's the same crap over and over again, without any new ideas or originality but it's a guaranteed 1,000 posts and multiple thousand pageviews.

Keep up the good work whoring out your site!

Slashdot is owned by the OSTG which is a wholly-owned subsidiary of VA Software Corporation (NASDAQ: LNUX)

By the way, the last few stories had a low number of posts. Consider Intelligent Design for your next topic.

_parent is a cut+paste from an earlier article. (0)

KitesWorld (901626) | more than 8 years ago | (#14033996)

It's just another troll. We all know slashhash's love for duping - that's half of what makes it fun. :D

Re:YAD (0)

leuk_he (194174) | more than 8 years ago | (#14033807)

You should read the slashdot "EULA" [slashdot.org] before complaining about duplicates. (this page is linked from the subscribtion page) And you knew beforehand that slashdot contains duplcates. why keep complaining.

By the way: you are not the first duplicate to complaing about a dupe 8). That makes your dupe complaining a dupe.

Re:YAD (0, Offtopic)

ysegalov (849765) | more than 8 years ago | (#14033913)

Win XP was a dup of Win 2000 and no one seems to complain.
G.W.Bush is a dup of G.Bush and no one seems to complain.

Or do they?

Re:YAD (0)

hatrisc (555862) | more than 8 years ago | (#14034174)

YAD - Yad Another Dupe. Geesh, make your acronyms recursive. Especially in this case, where it'd be duplicating...

first post (-1, Offtopic)

MagicAnthraxNinja (803721) | more than 8 years ago | (#14033632)

first post ... finally

Re:first post (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#14033639)

yes, and this wasn't a dupe...

Re:first post (-1, Offtopic)

jlebrech (810586) | more than 8 years ago | (#14033644)

no! .. lmao

Re:first post (0)

Anonymous Coward | more than 8 years ago | (#14033649)

Nope, sorry but you have failed again. Better luck next time.

Re:first post (-1)

Anonymous Coward | more than 8 years ago | (#14033659)

No. And even TAHT was a dupe :-P

Forget the software... (3, Interesting)

Anonymous Coward | more than 8 years ago | (#14033634)

..... just go hardware...

http://www.thinkgeek.com/gadgets/electronic/5a05/ [thinkgeek.com]

k thx gg

Re:Forget the software... (0)

SenFo (761716) | more than 8 years ago | (#14033788)

Cool! And if somebody installed that on my PC, I could actually have the satisfaction of smashing it instead of just uninstalling it.

Re:Forget the software... (1)

Firethorn (177587) | more than 8 years ago | (#14033829)

You'd have to notice it first. There's also versions that can go inside the keyboard.

Again? Only happened 4 days ago... (2, Informative)

Haydn Fenton (752330) | more than 8 years ago | (#14033637)

Dupe [slashdot.org] . Funny how fresh, new and on topic submissions get rejected whilst the same old junk (and sometimes dupes too) get through.

Re:Again? Only happened 4 days ago... (2, Funny)

ObsessiveMathsFreak (773371) | more than 8 years ago | (#14033734)

Funny how fresh, new and on topic submissions get rejected whilst the same old junk (and sometimes dupes too) get through.

Nonsense. The Slashdot Random Story Submission Selection System is completely fair and without bias.

It just needs a shuffle feature so that tracks^H^Hstories arne't repeated so often.

Re:Again? Only happened 4 days ago... (1)

strider44 (650833) | more than 8 years ago | (#14033780)

The only thing about this site that annoys me more than the "same old junk" is that whenever there's a post on the front page that's even slightly on the same topic or story there's at least twenty people replying in the comments saying "It's a dupe!!!!" taking space away from people who might actually have something relevant to say.

Re:Again? Only happened 4 days ago... (0)

Anonymous Coward | more than 8 years ago | (#14033812)

would that include posts like yours? or does your post happen to fall under the "people who might actually have something relevant to say". I wouldn't want to have to call you a hypocrite, you know.

Re:Again? Only happened 4 days ago... (-1, Flamebait)

user102 (931176) | more than 8 years ago | (#14033816)

How do these fscking moderators choose one comment that says that the post is Dupe as Informative +5 out of the 100 posts that say that the story is dupe? [Me too]This story is a Dupe[/Me Too]

Re:Again? Only happened 4 days ago... (2, Insightful)

Homology (639438) | more than 8 years ago | (#14033844)

How do these fscking moderators choose one comment that says that the post is Dupe as Informative +5 out of the 100 posts that say that the story is dupe? [Me too]This story is a Dupe[/Me Too]

Meta-moderate that as "unfair", like I do.

Re:Again? Only happened 4 days ago... (0, Offtopic)

pocopoco (624442) | more than 8 years ago | (#14034340)

That's bad meta moderation. The proper moderation is for the first one to be modded up and any following ones modded redundant. An additional problem with meta moderating unfair is that it even punishes people who did the moderation before the later posts showed up.

Re:Again? Only happened 4 days ago... (0)

Anonymous Coward | more than 8 years ago | (#14034356)

Hey, it could be worse. It could have been another over-hyped AJAX article.

What we need.. (2, Interesting)

Ckwop (707653) | more than 8 years ago | (#14033638)

What we need is a law that makes research a defence to copyright infringement. It's important that malware authors can't use the force of the law to hide. Hopefully a judge will do the right thing an establish case law in this area that defends us from this scum.

Simon.

Re:What we need.. (1)

Patrik_AKA_RedX (624423) | more than 8 years ago | (#14033715)

hmmmm. <Renames folder "mp3s" to "research data">
Just to be on the save side.

Re:What we need.. (1)

Shakrai (717556) | more than 8 years ago | (#14033781)

What we need is a law that makes research a defence to copyright infringement. It's important that malware authors can't use the force of the law to hide. Hopefully a judge will do the right thing an establish case law in this area that defends us from this scum.

Why should we change the law? If an EULA is truly enforceable like this then I should be able to trade all the mp3s I want by modifying my p2p software to send an EULA to anybody who downloads from me. Recall the old days of the BBS movement when warez BBSes had MOTDs prohibiting law enforcement officers from connecting?

Bet big business would think twice about it if they looked at it that way.

Re:What we need.. (1)

DaHat (247651) | more than 8 years ago | (#14033811)

Recall the old days of the BBS movement when warez BBSes had MOTDs prohibiting law enforcement officers from connecting?

Because such a post of course prevents such activity, not unlike a drug dealer asking someone who is buying "Hey man, are you a cop" or putting a sign that reads "officers of the law and all those reporting to them are bared from buying here" above a crack house.

Re:What we need.. (1)

Dashing Leech (688077) | more than 8 years ago | (#14033782)

I would have thought this falls under fair use. Looking at the four factors [stanford.edu] for fair use, it isn't entirely clear if this meets them. It seems very obvious to me that it should be fair use and there's substantial argument for it, but as the above reference points out, it's open to interpretation.

Four (five?) factors:

1. The purpose and character of your use. Since this is done to help protect people, it seems this is a slam dunk. And since the Supreme Court indicated in 1994 that this is the "primary indicator of fair use", I suspect it is enough.

2. The nature of the copyrighted work. Again, considering the spyware issue, this seems a slam dunk for fair use.

3. The amount and substantiality of the portion taken. In this case they took the whole thing, but that only makes sense in this context. You can't take part of a program very easily. This factor probably has less meaning in electronic formats. You can, for instance, copy only a page of a PDF from a website if the PDF the supply is a whole book. Similar with software. It's generally all or nothing.

4. The effect on the use upon the potential market. Well, I guess that's the point here. This might actually act against the use of it, but it's a "bad" market, so this probably won't play up well. Which leads to the fifth unnoficial factor.

(5.) Are you good or bad? (Not a real factor, but often used to rationalize decisions.) This one speaks for itself. Given the judges discretion, I'd hope this one is obvious to them.

Re:What we need.. (1)

ajs318 (655362) | more than 8 years ago | (#14033851)

There is already such a law. Research and study are protected fair use.

That would be perfect. (0)

tgd (2822) | more than 8 years ago | (#14034229)

I have a lot of music and movies I'd like to research.

Re:What we need.. (1)

sgt scrub (869860) | more than 8 years ago | (#14034423)

Will the research tools include stream decoders, decompilers, stack tracers, and windows updates?

Do editors (-1)

Anonymous Coward | more than 8 years ago | (#14033640)

... even read their own website? Seriously!

Re:Do editors (1)

maxwell demon (590494) | more than 8 years ago | (#14033787)

No, they edit it. If they would read it, they would be called readers.

Since this is a dupe... (3, Funny)

TheShadowHawk (789754) | more than 8 years ago | (#14033646)

lets dupe the comments as well.. :P

"Ah. the popular "Bend Over" EULA."

So let them (3, Funny)

Jaseoldboss (650728) | more than 8 years ago | (#14033648)

They're way off track with this one. It should be the responsibility of the person monitoring their PC to ensure that no Anti-Spyware programs are installed. If they can't do this they obviously don't have the authority to deploy a keylogger.

Anti-Spyware companies are only doing their job.

Dear god Why? Why? Why? (3, Funny)

martinmcc (214402) | more than 8 years ago | (#14033660)

Oh woe is me! A dupe. my eyes, my eyes!

I must purge myself of this evil by adding to the multitute of wailing about duplicate postings, and add some extra comments about how much slashdot sucks, the only reason I come to it is to feel superior.

It burn, oh how it burns!
 

Re:Dear god Why? Why? Why? (-1)

Anonymous Coward | more than 8 years ago | (#14033847)

Ok so, In future we'll just not post that it's a dupe, then the mods will wonder why and not realise that it's a dupe because the one person that said it will be drowned out in the other posts.

Eventually, the numbers of visitors that get sick of the dupes will increase and number of visitors to the site will drop off, and none of the editors will know why....

Get over it. Complaining is one way to get things improved, although with the editors reading neither the summaries, nor the articles, nevermind the posts, it's possible no one will ever see them....

Re:Dear god Why? Why? Why? (1)

grimJester (890090) | more than 8 years ago | (#14033858)

Luckily I don't fall to pieces over dupes. I'm just going to write something sarcastic.

Commercial as in installed on your work computer? (2, Insightful)

hattig (47930) | more than 8 years ago | (#14033663)

By your boss to see what you are typing?

Or commercial as in installed by a dodgy person at work who gains access to the boss' or sysadmin's workstation for a few minutes?

Or commercial as in bundled with shitty software and then sends out what you type to criminals?

First one - legal, if unethical.
Second one - this type of installation should be removed by Spyware removers.
Third one - the writers of the software should be castrated.

Well, I must say (3, Funny)

kmmatthews (779425) | more than 8 years ago | (#14033665)

RETROCODER WRITES SPYWARE!!

There, come sue me now you silly fucks.

Summary is a wee bit off.... (5, Insightful)

Rude Turnip (49495) | more than 8 years ago | (#14033673)

"Essentially, they're trying to hide a key logger behind copyright law."

Copyright law doesn't have provisions for EULAs. They are using faulty contract law logic to harass security vendors. I honestly think people only think an unsigned, after-the-fact EULA means anything because they've been conditioned throughout their lives to blindingly accept authority, whether real or perceived.

Parent is exactly right. (1)

Rocketship Underpant (804162) | more than 8 years ago | (#14033760)

In addition to posting a duplicate, the Slashdot editor "ScuttleMonkey" seems to have some funny ideas about what copyright is. Perhaps it would be good to know something about the subject before posting Slashdot articles.

Re:Summary is a wee bit off.... (1)

MartinG (52587) | more than 8 years ago | (#14033827)

I think I agree, but how do you answer this:

In order to install the software you have to make a copy of it (either copy from the cd to hard drive, or copy from internet page to hard drive) but before you can copy you need a copyright license. What gives you that license if not the EULA?

Re:Summary is a wee bit off.... (3, Informative)

ajs318 (655362) | more than 8 years ago | (#14033862)

In order to install the software you have to make a copy of it (either copy from the cd to hard drive, or copy from internet page to hard drive) but before you can copy you need a copyright license. What gives you that license if not the EULA?
Copyright law gives you that licence. Making a copy in the memory of your computer is a necessary step in making use of software, therefore it's protected fair use.

Re:Summary is a wee bit off.... (2, Informative)

Anonymous Coward | more than 8 years ago | (#14033899)

Copyright law is even explicit in that regard:
http://www.copyright.gov/title17/92chap1.html#117 [copyright.gov]

Re:Summary is a wee bit off.... (3, Insightful)

jrumney (197329) | more than 8 years ago | (#14033891)

In order to install the software you have to make a copy of it (either copy from the cd to hard drive, or copy from internet page to hard drive) but before you can copy you need a copyright license. What gives you that license if not the EULA?

The doctine of fair use. If, in order to use a product which you've purchased you need to make a temporary or permanent copy of it, then that use must by definition be fair.

Perhaps, but you're way off. (1)

node 3 (115640) | more than 8 years ago | (#14033916)

Copyright law doesn't have provisions for EULAs.

Of course it does. The right to copy something (ie: copyright) can be Licensed to another party (say, an End User), who would have to accept the Agreement in order to receive the copyright license.

I honestly think people only think an unsigned, after-the-fact EULA means anything because they've been conditioned throughout their lives to blindingly accept authority, whether real or perceived.

Due to the faulty (IMO) notion that running a program is "copying" it in such a manner as to involve copyright law, merely running a program requires a license to use a copyrighted work. That's the foundation of the GPL (for example), as well as all your standard EULAs. Your license depends on you agreeing to the EULA. If you don't agree (or break the agreement) your license is revoked.

If the EULA means nothing, then every copyrighted program you are running that isn't licensed to you via other means is, legally, a copyright violation.

Re:Perhaps, but you're way off. (1)

Tim C (15259) | more than 8 years ago | (#14033940)

The right to copy something (ie: copyright) can be Licensed to another party (say, an End User), who would have to accept the Agreement in order to receive the copyright license.

But the question of whether or not a given clause in the licence is enforcable falls within the scope of contract law, not copyright law. They are hiding behind contract law by including that clause, and then saying "as you broke the agreement, you have no licence, and so are violating copyright law".

Re:Perhaps, but you're way off. (1)

Loonacy (459630) | more than 8 years ago | (#14034001)

Copyright law already includes Fair Use provisions.
When I buy a painting and display it on the wall, I don't need any sort of EULA. When I buy a program and run it, I don't need an EULA either. Copyright law works fine in both cases. In fact, there is no law anywhere that says I have to agree to the EULA in order to use the software. I bought it, I don't agree with the EULA, therefore the EULA is not binding. The purchase is then covered under basic copyright law, which means I bought it, I can use it how I want.
The difference between EULAs and the GPL (or other Open Source licenses) is that EULAs restrict rights you already have, and OSS licenses grant rights you don't already have. Get rid of either the EULA or the OSS license and you fall back on standard copyright law. In the case of the EULA, that means if I don't agree, I have MORE rights than if I did agree. With OSS, I have LESS rights than if I agreed.

Re:Perhaps, but you're way off. (1)

orkysoft (93727) | more than 8 years ago | (#14034251)

The GPL isn't an EULA. The fact that many Windows ports and programs that have the GPL licence display it in the form of an EULA, is caused by (1) misunderstanding by the authors (2) the installer template which has a window to display an EULA in it.

But that still doesn't make it an EULA.

Re:Summary is a wee bit off.... (1)

Jeff DeMaagd (2015) | more than 8 years ago | (#14034005)

I honestly think people only think an unsigned, after-the-fact EULA means anything because they've been conditioned throughout their lives to blindingly accept authority, whether real or perceived.

Probably, I don't know. I really don't believe authority is morally given or waived behind obfuscation like a typical EULA, regardless of alleged legality.

Dupe is cool (0, Redundant)

TFGeditor (737839) | more than 8 years ago | (#14033682)

It's dupe, dupe, dupe, dupeilicious!

Fine (3, Funny)

Peregr1n (904456) | more than 8 years ago | (#14033683)

If every piece of spyware presented me with an EULA to agree to before installing itself I'd be much happier!

EULA shouldn't be used against people (1)

Kranfer (620510) | more than 8 years ago | (#14033684)

Wasn't this duped from the other day? Even so I didn't get a chance to comment on it... so...

While I do read most EULAs that I get with my software, software like this that has no purpose on my machine is something I want to have removed. What gives them the right to say "While this has been installed on your machine (probably without your consent), you cannot have anything remove it from you system.

I picture a small bald guy sitting in the background rubbing his hands together and cackling madly thinking he will get away with this. If you intend on breaking the security on my system, damn straight I will find a way to remove it. Stop whining about how your EULA supposedly gives you legal rights to keylog people. Blah.

Re:EULA shouldn't be used against people (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#14033879)

Oh, how Dungeon Master has fallen.

What an idiot (-1, Troll)

doofusclam (528746) | more than 8 years ago | (#14033693)

Hey, I did a little digging and it seems this idiot is from my hometown - Preston, England.

Give him hell :)

http://www.download-by.net/company/retrocoder-limi ted.html [download-by.net]

Address: 329 Preston Road
Grimsargh
Preston
Lancashire
Zip/postal code: PR2 5JT

A little more information about his company (0)

Anonymous Coward | more than 8 years ago | (#14033733)

You can find more about his company here:

http://www.doubledutchdesigns.co.uk/ [doubledutchdesigns.co.uk]

http://www.doubledutchdesigns.co.uk/about.htm [doubledutchdesigns.co.uk]

output from 'whois spymon.com':

Registrant:
  Double Dutch Designs Limited
  329 Preston Road
  Grimsargh
  Preston, Lancashire PR2 5JT
  GB

  Domain name: SPYMON.COM

  Administrative Contact:
        Ball, Anthony anthony@doubledutchdesigns.co.uk
        329 Preston Road
        Grimsargh
        Preston, Lancashire PR2 5JT
        GB
        +44.8701217399
  Technical Contact:
        Ball, Anthony anthony@doubledutchdesigns.co.uk
        329 Preston Road
        Grimsargh
        Preston, Lancashire PR2 5JT
        GB
        +44.8701217399

  Registration Service Provider:
        UK Reg, domains@fasthosts.co.uk
        +44 1452 541252
        +44 1452 538485 (fax)
        http://www.ukreg.com/ [ukreg.com]

Re:A little more information about his company (0)

Anonymous Coward | more than 8 years ago | (#14033921)

More information

http://spymon.com/images/creator.gif [spymon.com]

$ host spymon.suroot.com
spymon.suroot.com A 212.159.100.19

$ whois 212.159.100.19
inetnum 212.159.64.0 - 212.159.127.255
netname PLUSNET-DIAL-ADSL
descr PlusNet Technologies Ltd
country GB
admin-c PLUS1-RIPE
tech-c PNET2-RIPE
status ASSIGNED PA
mnt-by MAINT-AS6871
source RIPE # Filtered

copyright law (1)

Ender Ryan (79406) | more than 8 years ago | (#14033719)

From the summary: While they are certainly not the first to do so, it is interesting that companies still take this approach.

That's what you get when copyright laws are as draconian as they have become. Technically, they have every right to prevent others from examining their software.

Re:copyright law (1)

Budenny (888916) | more than 8 years ago | (#14033772)

Its not copyright, as I am sure was pointed out the last time this story was posted. Copyright protects in a rather restricted way against unauthorised copying and dissemination. Copyright could not protect against assessing or even decompiling software.

This is about Eulas. Now, the question of whether the Eula is valid and binding depends on two issues. First, can Eulas be binding? The answer is yes, depending on what the conditions are. The second is, will this particualr Eula be binding? I suspect no, since it will probably fall foul of consumer protection legislation and competition law. It is not cut and dried, and a case would be interesting, but probably most of the kind of testing that is being forbidden falls under the category of fair use.

Consider for instance a Eula that forbad you to test parts to destruction to determine whether they were actually meeting your quality standards. It would not hold up. Isn't this fairly similar?

Re:copyright law (1)

Ender Ryan (79406) | more than 8 years ago | (#14034196)

My mistake. I was thinking that the DMCA or similar overreaching legislation might apply, but I see this is really just about their EULA.

EULAs are a whole other can of worms. Obviously, EULAs should not be able to stop you from exercising fair use, but EULAs are still on shaky enough legal ground that anything could happen in court.

Re:copyright law (1)

trollable (928694) | more than 8 years ago | (#14033795)

Technically, they have every right to prevent others from examining their software.

I disagree. As far as I know, retroengineering is allowed by law in the US and in most countries in Europe. At least for ensuring interoperability. So they can not prevent me to examine their software if it is running on my computer.

Re:copyright law (1)

ajs318 (655362) | more than 8 years ago | (#14033881)

Technically, they have every right to prevent others from examining their software.
No they don't. That would abridge Freedom Number One. See here [gnu.org] . I will live to see this made law, or die trying.

Simple Solution (2)

gone.fishing (213219) | more than 8 years ago | (#14033722)

Use their ELUA agianst them; list any "application" that prohibits anti-spy/anti-virus/anti-threat software from "testing, accessing, or evaluating the software" as a threat. Publish a policy that simply tells these vendors that if they want to be removed from the list they have two choices. They can either have the restricting statement(s) removed from the EULA or, they can provide the vendor with written permission granting them an exception, allowing them to access, test, and evaluate - making an independant decision on the status of the software.


In otherwords, make it policy to call this crap a threat until it can be proven otherwise. This isn't "innocent until proven guilty" time.

Couldn't emule & gang use the same defense? (5, Interesting)

Qa1 (592969) | more than 8 years ago | (#14033726)

It is a well known fact that several p2p programs were attacked by the minions of various **AA, injecting malicious pseudo-clients into the essentially closed networks. Those attacks wouldn't have been possible without extensive technical analysis of the modus operandi of those networks. At least in most of those cases, it is pretty appearant that the attack was accomplished by downloading and examining the official client for that network.

Couldn't those p2p networks utilize the same defense? I.e. establish in their EULA that their code and protocol may not be examined for the purpose of a malicious sabotage in their operation?

I seem to recall that some p2p EULAs actually had such a clause. Was it ignored with no consequnces?

Re:Couldn't emule & gang use the same defense? (1)

leuk_he (194174) | more than 8 years ago | (#14034456)

Changing the licence of a gpl project is only possible if you track down all the contributors and ask for their approval. VERY HARD. and even then hte old software is still available under the GPL. so even if it was possible and effective and acceptable, it is practically impossible.

And don't forget emule was reversed engineered from edonkey to start with.

On the topic of disclaimers (0)

Anonymous Coward | more than 8 years ago | (#14033727)

I got an email once (as the right recipient, unfortunately!) that had something along the lines of this disclaimer at the bottom:

"If you are not the intended recipient of this email you are forbidden to read, retain, disseminate, distribute or integrate in any medium it and/or its contents. You must immediately delete it from your system and notify the sender."

I got a compelling desire to forward it to random people, and then say "Well, I started reading at the bottom of it, and once I got to the part that says I couldn't read I had to stop reading, but I forwarded it so that other people could see that I am popular at least".

What If... (0)

Anonymous Coward | more than 8 years ago | (#14033730)

..someone else downloads the software and lets you use it? The EULA applies to them, not to you, right? Sure, the EULA can say that you can't let someone use the software, but that would have no binding effect on the person who uses it and does research on it.

What am I missing?

Re:What If... (1)

JavaBear (9872) | more than 8 years ago | (#14033875)

> "What am I missing"

Probably not much. It seems to me that the SpyMon EULA don't ask if the user agree to the text, just if they understand it...

It is entirely possible to understand a text and still disagree with it :-)

Law (0)

Anonymous Coward | more than 8 years ago | (#14033736)

It's not copyright but contract law they're relying on.

My computer has a software TNC!! (2, Interesting)

knopf (894888) | more than 8 years ago | (#14033744)

In Germany, it's normal that any company has some terms & conditions (TNC) to which other businesses have to agree, if they do business with them.

It's time that end users also create a software TNC for their computer. If your software runs on my computer, using my resources, then it will have to comply to the following rules:

- It has to use the resources to my direct(!) benefit.
- It has to give me full control over it's behavior (e.g., uninstall possible)

That's all. Simple, but powerful.

It would be interesting to really put this in a written legal letter and send it to the businesses. Then *I* could sue the spyware companies.

Go submitter... (0)

Anonymous Coward | more than 8 years ago | (#14033746)

EULAs != copyright law -> true

They won't win (1, Interesting)

Anonymous Coward | more than 8 years ago | (#14033756)

This kind of thing is not likely to stand up in court. Spyware has been proven to be a malicious type of software that voilates one's privacy, therefore I would be shocked if the courts find in favor of the spyware maker. The spyware maker might have thought it was clever adding that clause in their EULA, but essentially what they've stipulated was people cannot investigate how their software works in order to prevent it's unwanted installation on to one's system. Not likely to stand up in court.

FESPatHHRiO (1)

shanen (462549) | more than 8 years ago | (#14033768)

I don't want to give away the first word, but the rest of it is "Each Spyware Programmer and the Horse He (or sHe) Rode in On".

Anyway, it's a totally worthless approach. The anti-spyware programmers could handle it in at least three ways.

  1. By doing business from a country with reasonable laws. (Putting this first because I think it is already true for some of them, so it really means they don't have to do anything.)
  2. Creating some tool that allows users to validate spyware and send them the signatures without having to be directly involved.
  3. Get slightly unethical about it and "forget" where the sigs came from. (Putting this one last because fighting fire with fire is basically bad.)

Re:FESPatHHRiO (1)

ScouseMouse (690083) | more than 8 years ago | (#14034200)

1 By doing business from a country with reasonable laws. (Putting this first because I think it is already true for some of them, so it really means they don't have to do anything.)



I would include the country the scumware manafacturers reside in as well. If they think the UK courts will allow this, they are in for a bit of a shock. (Even though apparently the Sony DRM thing would probably be legal in the UK) As this would be a Civil issue, the benefit to the public good would be taken into account, and I think they would have trouble arguing the public good wouldnt be harmed.

However IANAL.

nothing to dupe here, move along (-1, Troll)

panic_smooth (679365) | more than 8 years ago | (#14033794)

thanks /. you just gave me the impetus to cancel my subscription.

my EULA (-1)

Anonymous Coward | more than 8 years ago | (#14033814)

(1) By reading this you agree not to post "dupes".
(2) If you fail to honor (1), I demand the sum... OF 1 MILLION DOLLARS... and a shark with a lazer.

Who would you pay for keylogger? (0)

Anonymous Coward | more than 8 years ago | (#14033825)

I mean there is no way one can use that legally?

If you are employer and monitoring your employees, you are violating law about privacy in workplace.

If you are monitoring your wife/hiusband then you are quilty of
secret listening.

If you are law enforcement you can install a keyboard bug based on "pakkokeinolaki". ... and if you using it illegally why would you pay for it anyway, to have
you r credit card linked with illict activity, if you can copy it illegally and not link your credit card.

Re:Who would you pay for keylogger? (1)

Sesticulus (544932) | more than 8 years ago | (#14034382)

You can certainly use it legally. You just have to tell your wife or kids before hand that anything they type on the machine is being logged. It's then not secret listening.

Now if you still have that wife after you've basically told her you don't trust her, that might be a different issue. I see it being quite handy for keeping an eye on the kids, though I'm more in the mindset of keep all the kids computers in the public area so I can just look at them and see if they are arranging a rendevous with the internet pedaphile.

RetroCoder (1)

FudRucker (866063) | more than 8 years ago | (#14033836)

fsck em & feed em fishheads, their product is easily used for malicious purposes such as stealing creditcard numbers & identity theft, and i would imagine anyone clever enough could take their product and make it even worse in any number of ways & methods...

Wow (0)

kurbchekt (890891) | more than 8 years ago | (#14033873)

In my country, keys log you!

This is analogous to... (1)

elgee (308600) | more than 8 years ago | (#14033876)

I see copyrighting a keylogger as similar to patenting "breaking and entering."

It is too damn early to have a beer...

It's people like this (1)

Tim C (15259) | more than 8 years ago | (#14033877)

With EULAs like thisthat give the rest of us who still support copyright (at least in principle) a bad name.

I hope Sunbelt have the courage and money to stand up to this in court. EULAs that attempt to impose restrictions such as this on end users are morally wrong and need to be declared unenforcable. I have no problem with the usual "no warranty, no guarantee, you're not allowed to copy this and give it to your friends, etc" sort of stuff, but this is bullshit.

ECLA? (2, Interesting)

Scrameustache (459504) | more than 8 years ago | (#14033895)

how about we make our own End Computer Liscense Agreement:
By installing your software on this computer you, the software maker, agree that no spyware, adware, or any other malware is contained within, included, or linked to by your software, under penalty of catapult. RANDOM BIT ALL IN CAPS ABOUT WAVING LIABILITIES FAR BEYOND WHAT THE LAW ALLOWS.

The company behind RetroCoder (0)

Anonymous Coward | more than 8 years ago | (#14034002)

The 'company' behind RetroCoder Ltd. appears to be Double Dutch Designs Limited.

http://www.doubledutchdesigns.co.uk/ [doubledutchdesigns.co.uk]

whois spymon.com:

Registrant:
  Double Dutch Designs Limited
  329 Preston Road
  Grimsargh
  Preston, Lancashire PR2 5JT
  GB

  Domain name: SPYMON.COM

  Administrative Contact:
        Ball, Anthony anthony@doubledutchdesigns.co.uk
        329 Preston Road
        Grimsargh
        Preston, Lancashire PR2 5JT
        GB
        +44.8701217399
  Technical Contact:
        Ball, Anthony anthony@doubledutchdesigns.co.uk
        329 Preston Road
        Grimsargh
        Preston, Lancashire PR2 5JT
        GB
        +44.8701217399

Re:The company behind RetroCoder (1)

sharopolis (819353) | more than 8 years ago | (#14034181)

I live round this area. If anyone needs directions drop me a line.

The funny thing is, (4, Interesting)

jasen666 (88727) | more than 8 years ago | (#14034164)

they're tying to enforce a EULA on 3rd and 4th parties. Who the hell installs keyloggers on their own computer? Obviously, the "user" of the software is installing this discretely on someone else's computer. So the EULA is trying to prevent this 3rd party from scanning and removing the illicitely installed software, and trying to prevent the 4th party (anti-spyware/virus vendors) from facilitating the 3rd party in keeping their machine clean.
And if a piece of software is installed without my permission on my own computer, I'm sure as hell not bound by any EULA's. This is really a moronic attempt to legitimize their malware.

The next trend in internet worms: hidden EULA's to prevent AV software from removing them?

Mandating the second EULA screen (4, Interesting)

interstellar_donkey (200782) | more than 8 years ago | (#14034178)

The standard EULA is long, dull, and filled with legalese. The problem, as I see it, is that this gives software vendors the chance to hide malicious intent deep withen the contents of the EULA which customers can not reasonabily be expected to read.

I'd like to see law be written that requires a second part of the EULA, in it's own sepearte 'click yes to continue' box that outlines anything the software or service does that users may find questionable. It should be written in plain, simple words that outlines the potential for more malicious uses, and requires a user to click a 'yes I understand' next to each item.

For example:

EULA PART II:
THIS SOFTWARE MAY/WILL DO THE FOLLOWING.
PUT AN 'X' NEXT TO EACH BULLET STATING YOU UNDERSTAND THE INTENT BEFORE CONTINUING

[ ] o This software will collect personally identifible information and send it to third parties
[ ] o This software will access your email contact lists and send them to third parties
[ ] o This software will log your keystrokes and sufring habits and send them to third parties
[ ] o This software does not have an easy 'uninstall' feature
[ ] o This software will destroy data on your hdd
[ ] o This software will install additional programs on your computer that has nothing to do with this software

PUT AN 'X' IN THE BOX NEXT TO EACH STATEMENT STATING YOU UNDERSTAND AND CLICK YES TO CONTINUE BEFORE SOFTWARE IS INSTALLED.

It won't happen, but it'd be nice.

Pfffft. (1)

ColaMan (37550) | more than 8 years ago | (#14034213)

So their EULA prevents you from investigating it. Big fucking deal.

Get Joe Random User to install it and agree to EULA.
Get Joe Random User to agree to let *you* inspect his PC.
You did not install the software or read the EULA, so you do whatever you feel like, and proceed to tell the world.

Tada! Obnoxious EULA bypassed.

Let them try and stop someone (2, Interesting)

Billosaur (927319) | more than 8 years ago | (#14034390)

RetroCoder can't stop anyone from examining their code, unless they're going to encrypt it somehow. If it winds up on someone's machine, and that someone happens to work for a software security company, and he/she is an industrious hacker with the time and patience, they'll rip open the pathetic key-logging code, figure out its secrets at home on their PC, then bring the knowledge to work and poof -- key-logger neutralized. What's RetroCoder going to do, hire spys to follow everyone who works for all the software security firms (would like to see that happen - fastest way to put them out of business)?

The idea of patenting and protecting software from infringement is absurd. Open source is a natural extension of programming. You make a bit of useful code, you share that code with others so a lot of reinventing-the-wheel doesn't take place. You find out that a piece of software does something malicious and you tell everyone else. Let's face it: there are enough programmers out there with time on their hands and mad hacking skills to make the idea of "protected software" a fantasy.

Feedback (4, Interesting)

xor.pt (882444) | more than 8 years ago | (#14034424)

I just got some feedback from Spymom.

We are not suing SunBelt - SlashDot got it wrong!

From Sunbelt themselves:
http://yro.slashdot.org/comments.pl?sid=167981&thr eshold=1&commentsort=5&tid=123&mode=thread&cid=140 09674 [slashdot.org]

The original article:
http://news.zdnet.com/2100-1009_22-5944208.html [zdnet.com]

If you read the text on SlashDot linked to above you will see that we are not unreasonable, we just don't want our app that people have bought to be deleted without the owners permission or knowledge - as has happened with numerous "big" companies.

When contacting these "big" companies - including Symantec about the problem they simply refuse to reply - we initially tried to contact them all about 9 months ago in order to bring about some kind of cooperative agreement, with information about detecting out program as a commercial keylogger and about uninstalling our program safely (if the user decided to do so).

Our point is that commercial programs are different that trojans written by criminals. It is fair that they are pointed out by the anti-virus/trojan program, but not fair that they are automatically deleted. The user should be told that they are a commercial keylogger or similar and the default action should be to not delete. AVG by comparison deleted them without informing the user.

We are open about what ports are being used and we do not try to bypass firewalls or shutdown anti-virus programs. All are easily possible as you probably well know and we feel that comparing it to programs written by criminals is unfair.

We, as a company, are very easy to contact - if we had been contacted/replied to by the anti-virus companies (initially - before we had to put the download notice up) we would have told them how to safely uninstall the client program, and we would have also told them of a special flag - that if present would stop the client from installing again in the future. They would also have been given information that would have told the user WHO was attempting to spy on them! The condition would have been as above - that the user be informed that it was a commercial program and the default action would have been not to uninstall.

Sunbelt will soon be given this information in the hope that other companies will follow in the way they list the program (if detected).

Best regards,
  Anthony

Re:Feedback (1)

xor.pt (882444) | more than 8 years ago | (#14034467)

Please redirect any comments to my freudian misspelling to /dev/null. =)

Security Vendors (2, Insightful)

PhYrE2k2 (806396) | more than 8 years ago | (#14034429)

I'm really sick of this hiding behind licenses. Spyware makers claiming that by downloading, looking at, thinking of, pissing on, or whatnot you can't create a signature or identify it in any way. There are a ton of stories like this, but it's rediculous.

It's up to the consumer to decide what goes on their computer, and if an anti-spyware maker wants to warn users of the threats, they have every right to. Otherwise, they're not doing the service THEY are promissing the customer, by identifying those things that spy on them. It really does perplex me how much people try and push with flawed licenses and poor IP laws. If there's any sign it needs to be revamped, this is it.

-M
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>