Digital Convergence Changes EULA, and Gets Cracked

mfdii writes "Apparently Digital Convergence has changed their EULA. This EULA has been modified to include the CueCat reader in an attempt to shutdown those tinkering with their cats. The old EULA can be seen here." Meanwhile a dozen or so really excellent programs utilize the childishly simple protocol (or, if you're DC, their "Intellectual Property")... and as if that isn't enough, apparently their service was cracked. Anyone who used DCs CueCat software has had their information stolen from the DC servers! This comes from an e-mail being sent in by zillions of people warning them (and also apologizing by giving a $10 gift certificate).

Re:Digitalconvergence.com Patent

[M.+Silver]

unless you link it to a database that contains what you're looking for.

You know, as I was scanning my book collection and using Amazon to match up titles/authors to the barcodes (and, incidentally, realizing just how large a percentage of my collection is out of print OR too old to even have a barcode), I was thinking that that's exactly what I needed... a CDDB-style database for bar codes.

My husband, meanwhile, is bemoaning the fact that he stuck our "From the music collection of..." stickers over the barcodes on our CD cases ("That's the one thing on the label we'll never need, right?")

Re:No shrinkwrap

[lizrd]

Yeah, I was kind of miffed about this. I received one in the mail from Wired Mag. (Note, I didn't ask for this but it arrived in my mailbox. Therefore it is a gift) Having previously seen discussion of IP issues regarding this device on /. I carefully inspected everything that came in the box. There is no notice of copyright/EULA printed on the device itself. There is no legal warning on the enclosed audio cable (BTW, has anyone figured out how that thing works. Seems kind of cool). There is no notice or warning or printed copy of the EULA on the instruction sheets. However there is a notice on the unsealed cardboard sleeve that the software CD comes in saying that by opening the CD package you must agree to the EULA contained on the disk. Somehow I would imagine that this is unenforcable since you are unable to read the contract until you have taken an action that is specified to constitute acceptance. Hell you really can't avoid it even if you tried, my CD fell out of the sleeve when I dumped the contents of the box onto the kitchen table. Oh well, that's enough ranting for the day.
________________
They're - They are
Their - Belonging to them

Re:Changing EULA after-the-fact?

[Torin_1]

If you look in that EULA, im sure you'll find the good ol line that says the EULA can be changed or modified at any time, its a pretty standard thing in a EULA... Funny thing is, i never remember having to agree to that at all when I got mine, i opened the bag, my cd fell out and i can't find it =P

Re:/dev/scanners/cuecat

[mfdii]

catnip, a decoder for windows can be found at http://s1066194.umsl.edu/cuecrap/ or at www.wizkid.org/cuecat

Accountability!!

[oni]

When will companies start being held legally accountable for these types of inexcusable security oversights?

Where the hell do they get off throwing lawyers at innocent people for violating their "property" and then making no effort what so ever to protect my property (specifically, my personal information)?

How about if I make DC sign an EULA that says "if you lose positive control of this information (last name, first name, address) then you owe me $10K for every piece of junk mail I get as a result"

Re:Accountability!!

[zurab]

How about if I make DC sign an EULA that says "if you lose positive control of this information (last name, first name, address) then you owe me $10K for every piece of junk mail I get as a result"

No, you don't have to make them sign it, agree to it, or even let them know that such terms exist. As with their EULA, you can just print out your own terms, make sure you have it in your pocket when you get the scanner, and then assume that since they gave you the scanner, they automatically agreed to those terms.

As a second option, if you already have a scanner but forgot to define your terms at the time of transaction, you can just e-mail them a link to a downloadable version. Also, make sure they are in a linux executable all in binary format. Let them figure out how they want to run it, whether to accept it, etc.

IANAL, but aparently that's all it takes to make an agreement nowadays.

Re:Accountability!!

[zakezuke]

In the state of Washington, there are laws regarding spam. $500 per spam :) WOO WOO.

Re:Accountability!!

[NeuroManson]

Which is why you send the e-mail with a receipt mail tag... They cannot open said e-mail without sending back a message recieved notice... THEN you put your EULA into the text of the e-mail sent with the stipulation "By viewing this e-mail and sending back the receipt therein (which of course they have to do *before* reading it), it will be assumed that you have (a) read the requirements of the end-user's EULA and (b) agree to same... I'm sure this can be done at least a few times before they notice and start cancelling those messages...

The first ones to do it will be rich *really* soon...;)

Re:Accountability!!

[yositune]

To actually pursue a claim against CC, there actually have to be people who suffered injury.

Did anyone actually post their real info off and could substantiate that they were possible harmed?

I'd be interested in looking into what possible claims might flow from CC's "negligent" posting publishing of personal info on the web site.

Perhaps we can pull this dicussion over to opencode or elsewhere... drop me some email..

IANAL, but I hope to be in two more years...

Do they think were stupid?

[Oliver+Wendell+Jones]

Did anyone besides me notice the fact that in order to get your 'free' $10 RadShack gift certificate, you have to go to the DC site and provide them with your NAME, ADDRESS, ETC, far more personal information than they orginally asked for...

Think about it, the reason they are offering the free certificate is BECAUSE SOMEONE CRACKED THEIR SYSTEM AND STOLE OUR PERSONAL INFO... and now they want us to go back and GIVE THEM MORE?

Huh? I never made the connection....

Re:Do they think were stupid?

[connah]

Not a chance man! This is data we're talking about. You don't "steal" anything for keeps. You just take a copy of it. They still have all that data somewhere.

Connah

No shrinkwrap

[sulli]

There wasn't any on the CueCat box. It did not even have a seal. Whoops, DC, try again.

sulli

Re:No shrinkwrap

[sulli]

Yeah, I was kind of miffed about this.

I was pretty pleased about it! It meant I didn't have to worry about any license crapola.

OT: Hey, are you the lizrd I think you are?

sulli

Re:No shrinkwrap

[Sehnsucht]

Saturday I started hearing ads on the radio here in Dallas, TX, about how the local station was gonna start having Cue ads. it works by having a Cue appear on the screen (so you know its happening) and then there's this BLEEP followed I think (guessing here) by some static-sounding coded data that's equivalent to a bar code. You stick the 1/8" jack into the line in or whatever, and you plug the RCA jacks between the left channel on your VCR/tuner/etc and your TV (or off the TV's outputs, or whatever)

The ads are talking about how you now have more control over how info is sent to you.. huh? Now its forced to you, if you install this and their software! It'd just force you to see the websites, instead of letting you choose! Granted, if you DID want to see the site, it'd be easier, but I wouldn't want my computer randomly hopping onto god knows what website.

And my Cue came in a box too, from wired. I haven't taken the CD outta its lil paper holder, but the holder ain't even sealed so they couldn't prove if I did. But I just tossed catnip on my 'doze partition and started playing with it.. neat. useless for me, but neat.

catnip.zip for windows.. intercepts the cue data and decodes, has many options for how it does it..

Re:No shrinkwrap

[lizrd]

I don't think that I am the lizard of whom you speak. Sorry.

The thing that bothers me about this is that the software came in an opened state and "By opening this software you agree to the terms of the EULA" or some such nonsense. It was unpossible to not open the software since it was open upon receipt. Not that it really matters, I hashed my windows partition back in march and haven't used it since. I'm not likely to ever use the software that came with the cuecat anyway.
________________
They're - They are
Their - Belonging to them

Re:No shrinkwrap

[Negadecimal]

the CueCat software's gotta suck up a lot of CPU cycles to monitor the audio input channel... anyone notice performance hits?

Re:Postal Regulations vs. EULA

[Frac]

Your understanding is wrong. The issue with Digital Convergence here is that they WANT you to use their software, and by using your own software with the Cuecat you're infringing on their IP (or so they claim). It's the hardware that they have an issue with.

How do I disagree with the EULA?

[raygundan]

I have a cuecat. It was handed to me at radio shack with no mention of a license agreement, and in fact, the salesman said they were "giving them away for free". I have not installed the software, or even taken the software out of its sleeve. I wrote a javascript decoder for it. I can just as easily write the decoder without having a cuecat, so I want to tell digital convergence i do not accept their EULA. How does one officially do this? Mail it back? Take it back to the RS I got it at?

Re:How do I disagree with the EULA?

[zakezuke]

http://www.sec.gov/Archives/edgar/data/1083392/000 0912057-00-020438-index.html

MANUFACTURING AND MARKETING AGREEMENT between DIGITALCONVERGENCE.COM INC. and TANDY CORPORATION 3.9. END USER RETURNS. Tandy shall exchange any malfunctioning :CAT Product distributed by Tandy that is brought by a customer to the store from which it was distributed. Tandy may require the customer to return the defective :CAT Product in order to receive a replacement. Digital Convergence shall be entitled to receive, and Tandy shall provide, a credit on all sums due under this Agreement for each :CAT Product returned by an end-user within one hundred twenty (120) days from the date of Delivery due to a defect in workmanship or materials, or a failure to properly operate, provided that the total number of such returned products exceeds three (3%) of the applicable Order (as measured by the number of returned :CAT Products during a twelve (12)-month period compared to the total number of :CAT Products distributed by Tandy during the same period). 4.9. END USER LICENSE. Digital Convergence shall provide Tandy with an end-user license to be included in or on the packaging for the Products. Tandy will only distribute Products to end users.

So under the terms of the contract between Tandy Corperation and Digital Convergence Page 11 sub section 4.9, only end users are authorized to receive said product. Please goto your local Radio Shack with "Unauthorized developer" statement, and force them to accept a return of the cuecat based under the statement, "I am not authorized to receive this product, and to do so violates your contract. Or just a signed statement witnessed by the staff at Radio Shack, "I reject the EULA" will do. READ THE CONTRACT

Not "hacked!"

[1010011010]

Their registration "database" was actually a plain text file published on their webserver! No hacking involved. Just type a URL into netscape, and viola, there's the "database." Digital Convergence isn't staffed by geniuses.

---- ----

Re:Not "hacked!"

[1010011010]

See also http://www.flyingbuttmonkeys.c om/media/newsradio.mp3 for a phone interview with me from this morning.

(I would like to thank slashcode for inserting the space in the url).

---- ----

Re:Not "hacked!"

[CapeDoryBob]

" Their registration "database" was actually a plain text file published on their webserver! No hacking involved. Just type a URL into netscape."

What URL? All us apammers want to know! Gee what a great source of leads! Thanks DC!

( I am not a spammer, so hold your fire, please.)

Re:My thoughts exactly. They're CONFIRMING their s

[alhaz]

No, they were really cracked. I've seen the data. It was posted to a publically accessable web server for quite some time.

DC submitted their press release on the issue at 10pm friday night, probably in hopes that nobody would care about it by monday. (Tried and true technique, release bad news friday night and it has less impact. Unless nobody hears about it until /. posts it on monday)

I read their press release on Yahoo's news site saturday. It's probably not there anymore, news gets turned over pretty quickly.

The $10 certificate is probably their way of saying "Please don't sue us for mishandling all that information you gave us."

Why not run the software?

[twitter]

If I got a book in the mail, I could read it if I wanted to. I could not publish it, but it is still mine, mine all mine.

If MS or one of their vendors decided to send me MS Word, I could use it all I wanted. I would feel even less constrained than I do by their stupid shrink wrap liscence that tells me not to install it on more than one of my machines. The CD in question, of course, would make a better coaster.

Talk about a grab

[SpacePunk]

"The software, documentation and any fonts accompanying this License whether on disk, in read only memory, on any other media or in any other form (the ":CRQ software") are licensed to you by Digital :Convergence. The :CRQ software and any copies made and/or distributed under this License are subject to this License."

Seems they are even claiming to own the font in your machine that you used to view this EULA with. What a bunch of graby fuckers.

Re:Disagree With License?

[drwiii]

It gets worse.. If any of his friends take it out of his closet after October 28th, DC can sue them for anti-circumvention under the DMCA.

Mac drivers?

[sulli]

Hey, did anyone write a Mac driver? I got a cuecat and can't do a damn thing with it as I have a Macintosh.

Yeah, I know, gotta get linux. Working on it.

sulli

Re:Mac drivers?

[A+Crunchy+Zephyr]

the one I got uses a PC serial connector.

I just said "no usb?" shrugged and went on with my life. I suppose you could get an adapter of some kind.

Re:Mac drivers?

[sulli]

I already have a usb adapter for my Palm. Not that this matters in the slightest, as I have no use for a Cuecat, but I'm curious.

Maybe I should sell it on ebay. I'll throw away the cd, so no EULA issues will be involved.

sulli

Re:Mac drivers?

[ilbrec]

If you have a PS/2 to ADB adapter, it actually works fine. I got it scan easily on my Mac at work.

Re:Postal Regulations vs. EULA

[cpt+kangarooski]

IANAL, but copyright prohibits you from copying that code. It doesn't prohibit you from using it. And since they gave it to him before there could be even any pretense at mutual agreement to a license (which is dubious legally anyway - the courts are still hashing it out) they really haven't got a leg to stand on.

Ah well...

The FCC Declaration of Conformity

[mfdii]

On line 19 of the FCC Declaration of Conformity it states "Changes of modifications not expressly approved by RadioShack may cause interference and void the user's authority to operate the equipment". What exactly does this mean? And who is to inforce it? The FCC or DC or RadioShack? People violate these FCC things all the time. Like operating you computer without a case...

Re:The FCC Declaration of Conformity

[zakezuke]

It means if you break it while fucking with it, it's your own damn fault, we didn't tell you to do this anyway. Fuck you.

Also, if you violate FCC regulations fucking with your shit, ain't the fault of Radio Shack, your own fucking fault.

Further, if you fuck up someone else's ablity to use their electronic equipment (TV, Radio, whatever) by fucking with your device, then you have lost the right to use your fucking device.

Re:Abusing the good will of companies

[substrate]

Err... I said that I don't see how prohibitions on reverse engineering can be justified. Try reading is fundamental, maybe it will help.

I've used the AMD/Cyrix, or predating that, Phoenix and BIOS, cleanroom argument many many times as examples of how to legally do reverse engineering without poisoning the results.

Re:Shrink-wrap license.

[cpt+kangarooski]

Honestly, there have only been AFAIK a handful of cases with regards to this issue. And they're split between camp A (If the box says that you're bound by a document stored in a basement beyond a sign saying 'beware of the tiger' then you are, buddy) and camp B (you've got to be joking - software licenses are stupid, violating, as they do, long held principles of contract law)

Last I heard the B side was edging into the lead, but I don't expect to see a resolution on this for a while.

Re:Hee Hee!

[RobM9999]

I too have thought about this...But prior to mailing it I am going to do a little disassembly of the hardware...with a very large hammer!

Re:$10 Gift Certificate - Invasion of Privacy

[nospoon]

Except it's only good at radio shack.
Besides my privacy is worth more than $10,

Re:Any clean Windows driver?

[fprefect]

Because it only takes 30 seconds to ask if someone else had done it already.

Re:How can you license a gift?

[puppet10]

You're absolutely correct. Any unsolicited merchandise you recieve is yours to keep without charge to do with what you will.

Here is the Postal Service guide to preventing mail fraud in PDF format (it doesn't say much about this other than anything sent to you unsolicited is yours to keep).

Wow.

[pb]

I don't even know what that agreement is for, or what it would give me if I agreed to it, but since I don't have one of their cheap scanners, I can be bound to it by pressing the 'Agree' button.

So where's the 'Agree' button?

Also, my name is not "Your Signature". Sorry, try again... Could they at least have you fill out a form to generate something official-looking with the right name on it? Sheesh.
---
pb Reply or e-mail; don't vaguely moderate.

Re:Wow.

[mazur]

So where's the 'Agree' button?

Also, my name is not "Your Signature". Sorry, try again...

You haven't read the DMCA very well, did you? And you know, that by law you are required to _know_ the law. But obviously you've missed two of the minor points of the DMCA: requiring everybody with a computer to legally change their name to "Your Signature", and replace their keyboard with the new RIAA approved keyboard with the large, friendly greed^Hn "I agree." button. Better fix that right away, because now you're liable to be taken to court pretty damn quickly, since you've admitted to those crimes in public.

Stefan.
It takes a lot of brains to enjoy satire, humor and wit-

Re:Wow.

[Scrag]

I know I didn't click an agreement... They didn't even get my address.

You can read about all my experiences in getting the CueCat here.
Warning: Pictures may load slowly on non-broadband connection

Re:Wow.

[jjoyce]

No, sir! Apparently you have not read the DMCA very well! By the very DMCA itself, you are not allowed to know the law. Knowing the law is storing the law in your memory - a violation of the law itself. You can be imprisoned and/or fined up to $500,000.00 for storing such IP on your grey drive.

--
You don't become a failure until you are content with being one.

Re:Abusing the good will of companies

[Panaflex]

You mean like making it a federal crime to buy more than 50$ of prescription medicine in Canada and bringing it into the States? (5000$ fine)

Since when has the US been protecting bad business plans?

*urghh*

Pan

Dumbest startup ever

[hatless]

The CueCat is the product of what might just be the dumbest startup ever. I'm not sure who's going to be made to suffer for the error: the engineers or the investors.

The thing spits out whatever barcode it reads, massaged for easy merging into a URL by a logical XOR on the number 67 followed by a pass of Base64 encoding, not unlike what happens when you attach a file to e-mail. In nontechnical terms, this is "encryption" weaker than passing something through a Flash Gordon decoder ring, then passing the result through a Lone Ranger decoder ring.

The "intellectual property" Digital Convergence is trying to protect can be expressed in 3 lines of very basic Perl or a flowchart sketched inside a matchbook. I wish them luck.

As a result, I've seen a quickie book database someone slapped together: it grabs the ISBN and fetches book info from Amazon. Anonymously. Without having to pass a thing to Digital Convergence, makers of the scanner, and without passing a cookie or any other form of ID to Amazon. I've never been consumed with an urge to catalog my books or CDs on my computer, but the CueCat makes it surprisingly convenient. It took me about ten minutes to feed in about 60 books. The ones without barcodes are still a problem, but this certainly takes much of the bite out of the process. Nearly all CDs, on the other hand, have barcodes.

Another little perl script floating around lets you scan anything the Digital Convergence folks have catalogued on their servers groceries, radio shack catalog items, magazine articles) and jump to the product's site or web page.. again without passing so much as a user ID or cookie to them. The servers are wide open and will return the product URL for a given barcode regardless of whether or not you're a registered, cookied user of their official software. Whoops!

Since it's easy to distinguish between the barcodes on books, CDs and grocery items, the same three lines of perl could be used as the basis for a five-line program to put products in a shopping cart on your favorite web grocery store, again without involving the CueCat folks.

You'd think in the four years this was in development someone would have wondered why no other company had ever tried to build a tight marketing database around cheap barcode scanners given away at a loss.

It's not because it hasn't occurred to thousands of entrepreneurs since cheap barcode wands first appeared 15 or so years ago. It's because until the dunderheads behind the CueCat came along, all the other peopole who had the same dream realized that even a kinda-sorta lockable barcode scanner would cost too much to give away for free. And then with that Big Idea out of the way they went and did something productive, like wash some dishes or eat a Popsicle.

So simple, so early-80s is the CueCat's design that those Linux drivers probably took someone half an hour to write while watching TV and feeding the dog. Especially given the dozen or so little shell scripts and perl programs that have since popped up, all of them ramshackle "baby's first program"-caliber triumphs. I can't wait to see what online music, grocery and book stores do with this.

If any license agreement short of requiring a signature before receiving a security-free scanner like this holds up in court, it would open the way for hand-tool makers to require people to buy separate "screwdrivers" and "paint-can openers".

I wonder if Digital Convergence is publicly held.

Re:Dumbest startup ever

[CharlieDee]

Can you put up a link to the book database and lookup system you mentioned? I have a pretty huge book collection that I would love to catalog without typing in tons of information. Thanks a lot.

Re:Dumbest startup ever

[TimToady]

Especially given the dozen or so little shell scripts and perl programs that have since popped up, all of them ramshackle "baby's first program"-caliber triumphs.

Oh, not all of them are entirely ramshackle. Here's a Perl version suitable for framing:

#!/usr/bin/perl -n

printf "Serial: %sType: %sCode: %s\n",
map {
tr/a-zA-Z0-9+-/ -_/;
$_ = unpack 'u', chr(32 + length()*3/4) . $_;
s/\0+$//;
$_ ^= "C" x length;
} /\.([^.]+)/g;

Digital:Convergence Screws Up While Apologizing

[connah]

I had an interest in the hardware they put out so I signed up for one.
I got an email this morning stating, "[a] security breach in our system may have exposed certain members' names and email addresses."

Here's the kicker: "As a result of this breach, unauthorized third parties may have been able to gather your name and email address."

So what do I see in the headers of my email? They CC'ed their users instead of BCCing! I can see all their email addresses!

Geez DC...Get with it.



Connah

InterNet News Interview

[1010011010]

InterNet News Radio ran an interview with me this morning about the CueCat. I have it mirrored
here. It runs today, Sept 18, 2000, so you'll have to look for it in their archives starting tomorrow. However, I'll keep the mirror at my site.



---- ----

Re:Is this just the setup? $10/client="damages"?

[zakezuke]

The boneheads put their registered file in a public directory. http://net.c-me-register.com/Registrations/registr ations.txt The server was not hacked as their claim, but their net admin's were morons. The problem with putting up a server on the net, the world doesn't know what's private or public unless the server setup. A public anonymous ftp might setup to permit anonymous upload from the outside looks like a fine place to exchange files. From the inside, "Why is our DDS line so slow". Try an FTP search at ftpsearch.lycos.com and ask your self how many of these people know their server is being used by the public. Fact, if you set your directories to be public, then the public can access them. Don't blame the users for not having your secure information SECURE! Don't blame the theif if you neglected to lock your door.

Re:Shrink-wrap license.

[aufait]

I don't think you accurately depicted the two camps. ProCD is the case most cited upholding "shrinkwrap" licenses. However, the holding was based on the premiss that you could return the software for a refund if you did not agree with the license.

Actually, the term shrinkwrap is nowdays amibiguous. Initially, it meant those little stickers on the outside of the box telling you that there was a licnese inside the box and you agreed to it by opening the shrinkwrap. These types of licenses have never been upheld in court since they violate the "knowing consent" principle of contract law.

Later, the companies change the practice to either having the license printed on the seal saying that if you break the seal you agree to the license. Or they use "click-wrap". Those little license screens that make you click "I agree".

The original version of shrinkwrap licenses have never been upheld. The later ones are the ones currently being debated in the courtrooms.

Re:Postal Regulations vs. EULA

[sethg]

...you do not own the software on the CD

Clarification: you do not own the copyright to the software on the CD.

For example, if the software contains an EULA saying "you may not reverse-engineer this software", and you never accept the EULA, then you have every right to reverse-engineer the software.

However, you don't have the right to burn copies of the CD and pass them out (except of course as permitted by "fair use"), because even without accepting an EULA, you are still bound by copyright law. (By the same token, if you get a copy of Newsweek in the mail, you can give it to a friend, but you can't distribute a zillion copies of the articles in it -- you own the physical magazine, but Newsweek's publisher owns the copyright.

Getting back to the CueCat: Whether or not you've consented to the ULA, the firmware inside the CueCat is protected by copyright law, and you can't, say, download the object code and then burn it onto chips at your own bar-code-reader factory. However, reverse engineering is not forbidden by copyright law, so if you don't consent to the ULA, you can reverse-engineer the CueCat protocol.

IANAL, of course, and I am ignoring the whole question about whether shrink-wrap licenses are ever enforceable.
--

Re:What reason do they have to lie?

[zakezuke]

They have every reason to lie.

Their server wasn't hacked, they just left all registrations in a public directory! No hack, stupid.

A hack implys an active attempt to get access to personal information.

Fact, they just left all their user information on their server for the public to access.

Re:Licence a piece of hardware?

[cpt+kangarooski]

I don't recall when it was passed, but 17 USC 117 pretty clearly states that it's legal to copy computer software into other parts of a computer (e.g. from a CD to a HD to RAM to Cache etc) if it's a necessary step in utilizing it.

Provided that you legally own a copy of the software anyway (not the copyright - just own a copy)

Re:/dev/scanners/cuecat

[Sygnus]

Or someone can click on "cancel" at the login prompt.

Welcome to Linux 2.2.17.

Cherokee login: root

Password:

WHAT "cancel" at the login prompt?
/me takes your crackpipe away

Re:Postal Regulations vs. EULA

[Pope+Slackman]

It's kinda the same thing. I don't own the software on the the CC's microcontroller, but I do own the hardware (I have a reciept), so I can, say, take it apart, or analyze it's output, without ever caring about the software burned into it's ROM.

Of course, assuming I *did* want to read the uC's ROM, I prolly wouldn't be able to. Many microcontrollers are read-protected so people can't look at the ROM.

--K

---

Re: Toaster EULA

[gluke]

Haha! Nice reference to "Red Dwarf". Smeggin' hell!

Re:/dev/scanners/cuecat

[Sygnus]

I hope you left single mode intact on your boot options,

Nope. Don't need to - not when my Slackware CD serves as an emergency bootdisk :)

CueCat Mailing List

[coryking]

I've set up a mailing list for CueCat related issues, legal discussions, and development work.

You can join by sending a message to majordomo@azalea.com with the body of
subscribe qlist

While your at it, my company is giving away a font package to let you make CueCat barcodes
check it out: AzaleaQTools

--
Cory R. King
Azalea Software, Inc

Re:CueCat Mailing List

[coryking]

Nope, they developed it on their own based on Code 128 (an existing, widely popular barcode symbology)
For more information on it, see: http://www.fluent-access.co m/wtpapers/cuecat/index.html

Re:Postal Regulations vs. EULA

[nospoon]

I was thinking that the cuecat would be good for making your login password harder to hack and still easy to enter. Pick a barcode and carry a copy in your wallet - then enter a shorter password + the scan of the barcode as your password. As long as someone didn't know where the barcode came from and your shorter password at the start they couldn't hack into your account. just a thought Just a thought.

Re:Postal Regulations vs. EULA

[TheTomcat]

I'm not talking about the software on the CD or floppy. I'm talking about the software withing the cuecat that turns a bunch of lines into a bunch of alphanumerics.

Re:Abusing the good will of companies

[Trekologer]

Companies don't have good will. Every move that they make is one that (they hope) will bring them more money.
<br><br>
Using the scanner for something other than what DC intended is just like throwing it out. DC must have realized that a good number of people who got a Cue Cat would just throw it out (or not use it). If they didn't, then they are stupid.

Re:Licence a piece of hardware?

[interiot]

Nobody viewed, copied, reverse engineered, or emulated any part of the firmware in the CueCat. Period.

Except for emulation, the same goes for the PC software. DigitalConvergence can't protect against emulation unless they get a patent on some crucial part of the decoding process.
--

OK... bad wording.

[yerricde]

Try this: "In opening this bag, you agree to the EULA on the enclosed software package."
<O
( \
XGNOME vs. KDE: the game!

Re:It does work in hardware..

[Fitascious]

Of course you can, for instance, remember the person who sued McDonalds after he spilled a cup of McCoffee?
In this analogy, sadly enough, Software is considered a good that can be purchased, boxed, patented. Why couldn't you sue Microsoft if they sold a product, like outlook, that when used in the method it wasn't designed for (i.e. running rouge VB scripts) that causes lots of $$$$ worth of damage? Makes sense to me

Re:Abusing the good will of companies

[spudnic]

yes. this is what we (or at least, I) want. I want after-sale business models to FAIL

You mean like Helixcode and Eazel? Isn't this exactly what their entire marketing plan revolves around?

Does the same hold true for them? Does the /. community in general want them to fail? Once they do start offering value-added services for a fee, are we going to see everyone here coming up with ways to get around paying? Gnome-warez sites popping up everywhere? People bad mouthing them for trying to make some money for the valuable additions they have made to Gnome?

Re:Changing EULA

[flieghund]

IIRC, most EULAs allow the software maker (but not the user) to change the terms of the license, subject to agreement by only one of the two parties. So, the company lawyer says, "Sure, I agree to that change," and there you go: the EULA has changed, and you are still bound by it.

Of course, this assumes that click-/shrink-wrap licenses are binding, which will become law when UCITA gets passed. (And don't fret, it will, just like the DMCA did. You don't have enough money to brib... er, donate to your elected representatives.)

Re:Tatle-tale

[Craig+Maloney]

I think we have notified Digital Convergence of the information we've derived from the CueCat...

It's all covered under the GPL.

DC/Cue Cat infomercial

[Kit+Cosper]

Saturday morning here in the Bay Area Digital Convergence ran an infmercial on the Cue Cat and
their software. (I can't remember where to put the annoying ":"'s nor the name of the software.)
Anyway, the infomercial was in a classroom setting of the future with a cheesy (but not unattractive)
teacher telling the class how the world changed after "Convergence" took place. It seems that DC
is going to change the world with their service and we'll never understand how we limped along
in the current world of the internet.

Annoying infomercial aside, the function that their software has been designed for is pretty neat.
Anyone can register (buy? license?) a 'Cue' (personalized barcode) that is encoded to a specific web page.
The uses for this are pretty much limitless, and in most instances quite useful. Read an article in a magazine
and zap a code to see a page of links to the products mentioned, or a group of related recipies, or a list of
vendors, you get the idea. You can even get a personal 'Cue' that you could print on business cards,
greeting cards, a resume, etc.

In short, it seems to be a fairly neat way to accelerate the movement of information.

So why don't these clueless people focus on selling 'Cues' to every business on the planet?
It's obvious that's where the revenue lies. Forget the specific demographics that they will be denied by
all but the lemmings. Just track the hits generated by each 'Cue' and use that to make their customers
swoon. Otherwise they're just going to end up with a lot of John Does living at 123 Anystreet using their service.

I think we all have a good idea of how far that will take them.

--Kit
Speaking only for myself at the moment but employed by:

Re:Huh?

[Eponymous,+Showered]

When I got my 3 cuecats - one for each of my PCs - I cut a small corner off the unmarked bag that it came in. I slid the scanner out of the hole. The software and whatever other agreements/crap are still in the bag. This way, I can prove in court I never even opened the shrinkwrap for the software - it's still in there and can't get out.

Re:take the high road.

[cetan]

I think the point is to appear to be the good guys on this issue. Yes they don't have a clue with their business plan, but they'll point to the "hacking" community as the reason their business failed, not to that plan. If people take the high road then I think they would be left naked with a crappy business plan and no one to blame but themselves.

What about the :Convergence :Cable???

[big.ears]

In the cue cat box I swiped from my neighbor's mailbox (thank-you :Forbes :Magazine), there also was a neat 8-foot long connector thing called a :Convergence :Cable (tm). It has a 1/8th inch stereo plug on one end and a :male and a :female RCA jack on the other. It looks like the thing I need to hook up my TV audio to my computer.

This cable is supposed to capture special bookmarks embedded within TV ads and forward you to the web site of their choice. It saves a lot of hassle, because you no longer have to type in "http://www.forbes.com" just to order an official :Forbes :Magazine :Golf :Shirt. Surely, this is also part of their :Intellectual :Property and took up some of their five years of engineering and development.

Why aren't they coming after people who are reverse engineering the :Convergence :Cable, those who circumvent their EULA by using it to make .ogg files out of their ":South :Park" video tape collection? Maybe somebody should put up a "How to :Reverse :Engineer the :Convergence :Cable" :web :site.

Could someone please tell me what the difference is between the :Cue :Cat and the :Convergence :Cable?

Re:What about the :Convergence :Cable???

[interiot]

The :Convergence:Cable uses audio "barcodes", and its software (and maybe the cable too) is covered by a patent because it's possible novel and nonobvious. The :Cue:Cat uses visual barcodes and isn't covered by any patent because it's been done a million times before.
--

DC Webpages contradict Policies

[vinay]

check out the cuecat.com webpage by digital convergence:

they say: "We've made it super easy to get your new :CRQ system, including the :CueCat reader, absolutely FREE"

Even Digital Convergence's own page says "Digital:Convergence will distribute more than 10 million of its new :CueCat(TM) devices and :CRQ(TM) software free to consumers by the end of this year."

Even more interesting is who runs Digital Convergence (see link above): "The company's management team includes a roster of industry veterans from Time Warner, AT&T, GE, ING Barings and Disney."

It would seem that they're not idiots. They're just dumb

-V

Re:Postal Regulations vs. EULA

[Soupwizard]

>Of course, assuming I *did* want to read the uC's ROM, I prolly wouldn't be able to.
>Many microcontrollers are read-protected so people can't look at the ROM.

Ah, the infamous WOM - Write Only Memory.

Re:Shrink-wrap license.

[cpt+kangarooski]

ProCD involved IIRC an incredibly abridged version of the license (basically indicating that the 'Compleate Licfence Agreemente' was within.

I don't think that anyone ever cared in the ProCD case about the terms of the license; it was whether or not you were stuck with it. The judge (stupidly) ruled that unless the contract violated the law or was unconscionable you didn't have to even see it to agree to it if you bought the software (because it's expected that your purchase is conditional on the acceptance of the license)

Weirdly enough though, this was determined to only govern the software in the result of commercial transactions. If you find a random copy of software on the street, you're NOT bound by the license.

Personally I've always prefered the idea of writing 3rd party installer programs that can be used to install software (by reading through the script that the original installer has) w/o even seeing a license agreement, much less being forced to agree to it to use software that you already paid for.

Re:$10 Gift Certificate - Invasion of Privacy

[Daunting*Alligheri]

What I find is so funny,is this is in a response to a 'We've been hacked' letter. THeir system is ALREADY insecure, and they want more information from users? Yes! Lets just give the script children more info and more email addies to spam! Yay!

I have to admit, the first time I saw the email, I thought it was a hack. There have been numerous occasions when hackers have sent out security bulletins saying a system of victim company has been compromised, and asking or verifying that email addresses, passwords, credit card information, etc. be given. Most notably, Blizzard comes to mind as an example of this.

I think, just for giggles and shits, i'll install one of the renegade copies of software, and tell DC about it. I want to see if they really will 'recall' or unloan my cuecat, as they say they will in the EULA. Give me a break.

-BB

Correct me if I'm wrong...

[discHead]

It appears that the new EULA forbids me from reverse-engineering the protocol myself, but still does not forbid me from using third-party software with the CueCat even if it was derived from reverse-engineering.

Who cares about the eula....

[umask077]

the only place you have to acknoledge the eula is in the software correct? I do not agree, then use the hardware. Your not obligated if you didnt agree to the eula.

Re:Postal Regulations vs. EULA

[discHead]

"I received a CueCat in the mail. Apparently because I am a subscriber to Wired."

Perhaps because they want to try something like that Digimarc MediaBridge joke they tried to foist on us a few months back?

Windows :CueCat Software on eBay.

[Nipok+Nek]

Now, I know all the arguments for reverse engineering the :CueCat hardware, and all that, but I think this guy is just asking for a lawsuit.

http://cgi.ebay.com/aw-cgi/eBayISAPI.dll?ViewItem& item=439351024

NipokNek

Re:Windows :CueCat Software on eBay.

[zakezuke]

No doubt, along with www.readerware.com. Though, wether a lawsuit has merit or not is a good question. Clearly someone wrote a package to use the free bar code readers. Great, now someone is trying to profit from it. Great! Is Digital Convergence's IP being violated. NO. Bar Codes are NOT their property.

Re:How can you license a gift?

[spudnic]

You know that they conspired with Wired to create a database that cross references your Wired subscription information with the electronic ID in the cuecat that they sent you, right?

</paranoia>

Re:It does work in hardware..

[Fesh]

Yeah, but I think that's so somebody can't sue the makers of Lysol (tm) after you spray it in their eyes. I may be mistaken about that though...

--Fesh
"Citizens have rights. Consumers only have wallets." - gilroy

Re:$10 Gift Certificate - Invasion of Privacy

[connah]

Question is though, can DC afford to spend $10 for every person on their mailing list? That's quite a bit of cash...Just a thought.

Connah

Re:Disagree With License?

[spudnic]

How about all the great /.ers out there who have picked up 20 or so of these from Radio Shack all decide to reject the EULA and ship them back to DC... postage due.

If they refuse to pay postage for you to return them, does that imply that they don't want them and you are no longer held to the EULA?

Either way, it would be a sight to see!

Re:Huh?

[bmacy]

I can't image there is any sort of legal thing to bind you. I got a CueCat 1-2weeks ago and I didn't even know there was a license to the thing until now. I didn't even see a "you agree to the license by opening the package" notice.

I opened it up (I did, not my dog this time:), tossed the software aside, plugged it into my Linux box, and grabbed the Perl translation scripts to have fun with.

Brian Macy

Re:Um, Okay.

[Col.+Klink+(retired)]

Don't know why this was marked as a troll, but anyways... For confirmation:

http://x64.deja.com/=dnc/[ST_rn=ps]/getdoc.xp?AN =669719818&CONTEXT=969293000.49807373&hitn um=59

The site was not "cracked". They simply left the registration file as a plain .txt file globally readable via http:.

Re:Postal Regulations vs. EULA

[Frac]

I'm not talking about the software on the CD or floppy. I'm talking about the software withing the cuecat that turns a bunch of lines into a bunch of alphanumerics.

Ahh, I see what you mean. I guess they need to put the EULA inside the microcode on the Cuecat in the next revision? ;)

Re:/dev/scanners/cuecat

[outlier]

And since each cuecat has its own ID code that it passes with each scan, you have to use my cuecat with my barcode in order to log into my box.

So let me get this straight, you have a barcode printed on your security badge, and this is your password....

If I can determine what the barcode is (either because the digits are below the bars, or I scan your bar code on my computer with my cuecat, or I interpret the bars myself [1]), and I use your barcode reader to do something (e.g., scan a coke UPC code and send it in an email), I can login as you.

Since the :C:C just passes a bunch of keyboard stuff, I can sit down and log in as you by typing the first part of your code (the :C:C serial number that I got from the coke) and the uuencoded+Xor67 version of your barcode. A long password, yes; but a secure solution, no.

[1] As I remember, when some high school forced students to wear visible ID badges with their SSNs barcoded on the front, some kids taught themselves to decode the barcodes at a reasonable distance. (I'm sure the school blamed the no good student "hackers" for breaking their "encryption")

Re:Postal Regulations vs. EULA

[interiot]

Nobody viewed, copied, reverse engineered, or emulated any part of the firmware in the CueCat, so there couldn't be a problem with that.
--

Re:Licence a piece of hardware?

[kd5biv]

How can you "loan" me something if you a) don't know who I am, b) don't bother to record who I am, c) don't ask for any collateral or specify any terms/conditions/length for the loan, and d) retroactively declare it was a loan?

I was just gonna say .. ;-)

It does sort of sound like they're looking for a way to yank back any :C's that have been played with -- mainly a way to hassle and harass people who post details of how to take them apart, etc. on the Web.

I agree though -- since I make a habit of not revealing who I am to Radio Shack unless there's a warranty involved (c'mon, guys, do you really need my phone number and address when I buy a fscking pack of resistors?) and DC would have absolutely no clue that I had one of their kitties. Not that it's a particularly good implementation of a barcode scanner, you understand, but as long as it's free .. oh, and there's *no* chance of my running or even opening the software, since my home machine is a Macintosh .. ;-)

Re:/dev/scanners/cuecat (Offtopic)

[leperjuice]

Remember, some laptops have integrated Winmodems. Just saying "Get a Real Modem" usually isn't sufficient.
I'm lucky, though, as my laptop has a Lucent winmodem which has a driver (so to speak). Go see www.linmodems.org for more info.

Re:Postal Regulations vs. EULA

[RelliK]

Dunno. I use mine as a cup coaster. I got their platinum version right now, but I really liked the gold one. It blends in with the furniture.
;-)

___

But you opened the bag.

[yerricde]

The bag is presumably sealed: "if you open this bag you agree to the EULA."
<O
( \
XGNOME vs. KDE: the game!

What reason do they have to lie?

[connah]

Let's think about the issue of the crack/hack for a moment. Let's assume that it's a fake just to get you to sign up for a $10 gift certificate. Why would they fake it? Claiming to be hacked creates a bad atmosphere with their current customers. The customers will wonder, "Is this going to happen again? Should I give them my data again? They hackers will know where I live!" If they want to verify your mailing info, why not just send out a mass email and say, "You're our favorite customer! Please accept our gift of $10...go sign up here now!"

Now, let's assume they did get hacked. Why in the WORLD would they want to admit that?! Sure, if their users got spam, they would be mad. But we all get enough spam as it is, how would we know it's DC's fault to blame them?

It just doesn't make sense either way. But given that they CC'ed they users on the email so everyone could see the addresses, maybe they ARE that dumb. Thoughts?


Connah

Re:How can you license a gift?

[MostlyHarmless]

Here is the Postal Service guide to preventing mail fraud in PDF format

Funny, my mail fraud is all on paper. I haven't seen any "make money fast" schemes in PDF format.

;-)

--

Re:My thoughts exactly. They're CONFIRMING their s

[igneous+polenta]

Yep. The fact that they can verify your info is just icing on the cake. I set up an account on my home box specifically for an event like this, or in case hey started sending me spam. No problems, I fill it out with a fake name and my real address (note to self, put fake name in mailbox so I can receive the cert..) and then delete that user after I receive it. No harm no foul. Pick up a new cuecat when I spend my $10 at the shack.

Re:I call double bullshit.

[rigorist]

To start - what DC is trying to create is a bailment. A bailment is A delivery of goods or personal property, by one person (bailor) to another (bailee), in trust for execution of a special object upon or in relation to such goods, beneficial either to the bailor or bailee or both, and upon a contract, express or implied, to perform the trust and carry out such object, and thereupon either to redeliver the goods to the bailor or otherwise dispose of the same in conformity with the purposes of the trust. Black's Law Dictionary, 6th ed. All that verbaiage is the attempt to legally describe all the ways you can lend things to other people without transferring title. As DC says in its EULA, The :CueCat reader is only on loan to you from Digital:Convergence and may be recalled at any time. Without limiting the foregoing, your possession or control of the :CueCat reader does not transfer any right, title or interest to you in the :CueCat reader.
The most important thing is that a bailment is not an absolute transfer. The bailor (in this case DC) retains title to the chattel property (CueCat).
Problem is, DC goes on to contradict its bailment agreement as follows:
1. The warranty recital.
The DC warranty disclaimer says, YOU ASSUME FULL RESPONSIBILITY FOR THE SELECTION OF THE :CUECAT READER TO ACHIEVE YOUR INTENDED RESULTS, AND FOR THE INSTALLATION AND USE OF THE :CUECAT READER. This is pretty standard sales warranty disclaimer language. DC states that the user has chosen CueCat. While this may be true for those folks who got it at RS, it is not true for those who received it unsolicited in the mail.
2. The warranty disclaimer.
The DC warranty disclaimer goes on: THE :CUECAT READER IS PROVIDED "AS IS" AND WITHOUT WARRANTY OF ANY KIND. DIGITAL:CONVERGENCE EXPRESSLY DISCLAIMS ALL WARRANTIES AND/OR CONDITIONS, EXPRESS OR IMPLIED, INCLUDED, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES AND/OR CONDITIONS OF MERCHANTABILITY OR SATISFACTORY QUALITY AND FITNESS FOR A PARTICULAR PURPOSE The disclaimed warranties are all sales warranties. The especially damning one is the disclaimer of warranty of fitness for a particular purpose. First, DC says you can only use it for a particular purpose, and then says it is not warranted to actually serve that purpose. The fitness warranty applies where you get specific help or guidance in selecting a product for a particular use. DC wants it both ways - they want to force you into their particular use, but say that they did not so they can disclaim the warranty.
3. Integration clause
The integration clause says, No amendment to or modification of this License will be binding unless in writing and signed by Digital:Convergence. . Hey, where's the signature?
For further entertainment, check out http://www.digitalconvergence.com/legal.html, which contains the absolutely laughable statement, The materials ("Materials") contained in Digital:Convergence Corporation ("Digital:Convergence") Web site are provided for informational purposes only. Ah, its just info, not a real contract.
Geez, these guys are fools. Bankruptcy or buyout in 12 months.

Re:Postal Regulations vs. EULA

[Pope+Slackman]

Ah, the infamous WOM - Write Only Memory.

It's not as stupid as it sounds.
The ROM and processor are on the same die,
so the ROM is readable by the processor core, but not externally.

--K
But you probably knew that already.
---

Re:/dev/scanners/cuecat

[Black+Parrot]

> if you'd sooner have your cat on /dev/scanners/cuecat

So, when you get ready to use it do you type

% cat /dev/scanners/cuecat

?
--

Re:Postal Regulations vs. EULA

[Black+Parrot]

> Dunno. I use mine as a cup coaster.

You'll probably get busted for that. That's not what they wanted you to do with it.

--

Re:Abusing the good will of companies

[Black+Parrot]

> "Now that we've concluded our contract, here are some extra terms that we'd like to add."

No problem. Just add your own unilateral terms on top of that:

I am free to ignore any terms and conditions of use that I do not loke. Moreover, Digital Convergence agrees to pay me $10.00 each time I use their scanner.

--

Re:Java CueCat App

[voidptr]

I guess I will sit around and wait for my subpoena.

Good luck. I put a C version up on my page and on Freshmeat over a week and a half ago, and still haven't gotten a letter.

Has anyone gotten a cease-and-desist letter from these clowns after the first wave?

Re:take the high road.

[StoryMan]

Hey don't underestimate the power of a "you suck" note.

A lot of companies do suck -- DC is certainly one of them -- and they often need to be reminded that they do, in fact, suck.

Everyone tries to be nice-nice. "Dear Sir, It has come to my attention that your bar code device... blah blah blah"

Just tell them they suck and be done with it.

People underestimate the power of simple, honest language. Everybody tries to throw in 10-cent words when a few, choice 5-cent words will do just fine.

Besides, I'm tired of all these companies talking at my head. "You can do this, you can do that, you can't do this, blah blah blah."

It's high time consumers -- or whomever -- just dispense with the niceities and get down to brass tacks: more and more corporations suck, period.

Corporations want to fuck us over, take our money, and move on to the next sucker, er, consumer at our expense.

That *does* suck. And the corporations that do this *do* suck. And no amount of "pretty" language (or professional) will hide this. I'm tired of being a "nice" consumer when these not-so-nice corporations want to order me around, and spit me out for dead when they feel like it.

I'm sick and tired of it.

DC sucks. And their stupid bar code reader sucks.

Couple of good points:

[kd5biv]

1) If you don't know a license agreement exists, you can't agree to it. If someone gives me a piece of hardware free, and I don't see any reference to a license on the package, I'm going to assume it's a gift and the device belongs to me. IANAL, but any lawyer could make a really solid case out of this.

2) If someone loans you something, it's their responsibility to know they loaned it to you and keep track of what you do with it. How does DC know I have one of their units, especially if I never opened the software package and never even *saw* the license agreement? Can you prove I have one? If I lost it, or it "accidentally" got run over by the car, or what have you, do I now owe them some exorbitant abuse and damage fee?

My opinion on this whole thing is that DC should just admit the obvious and declare Chapter 11 now, while they still have enough money to pay off the board's golden parachutes. They've made it clear that they don't have a clue how the real market works and deserve to be driven out of business ..

Re:Shrink-wrap license.

:Personally I've always prefered the idea of writing 3rd party installer programs that can be used to install
:software (by reading through the script that the original installer has) w/o even seeing a license agreement,
:much less being forced to agree to it to use software that you already paid for.

Wouldn't that violate the DMCA, the original binary installer + script being the "copyright protection device"? Hmm.

Free scanner and $10 gift from RadioShack!

[mrob]

DC seems to have realized the potential liability you just implied, and has sent email to every registered luser offering them a $10 RadioShack gift certificate to make it up to them. Probably, most of their normal users will take the offer.

What's their cost per user now? How many clickthroughs (scanthroughs?) do they need before it starts to pay back? Their financial statement for FY 2000 is looking redder and redder. Digital Convergence, meet fuckedcompany.com!

Re:Abusing the good will of companies

[Lullabye]

Look, no one is "ripping off" cue:cat. You have every right to modify a piece of equipmaent you own. If you want to use a pot in your kitchen as a hat, it's your damn right, and it's not the pot manufacturer's right to say otherwise. They're not trying to get a free service here, they simply wish to modify whatever the hell they please if it's theirs, the problem stems from DC claiming that in doing so they are revealing IP. This is a load of crap b/c nayone with half a brain can figure out how this thing codes info.

Ooh!

[Greyfox]

I like the way you think :-)

Re:Companies Don't Have Inherrent Right To Profits

[zakezuke]

Diffrence being the 3 year ISP contract in exchange for $500 is just that, a written contract the user enters into out of their own free will. $500 now in exchange for about $800 in 3 years isn't a bad deal, and you are not obligated to sign in. If you like Compuserve or MSN great. Deals are still around, I was rather hoping though that there were some deals like that for DSL.

The :CueCat device "Is free", and no contract is disclosed when you get it from Rat Shack, and they come free in the mail.

DC's business plan is perfectly acceptable. They plan to corner the market on imbedded information. :Cues on TV and Radio, as well as paper :Cues, where you must pay DC a fee to get a code issued, and further get information from Digital Demographics.

Now their plan is hopeless as digital media already has imbedded information, the only thing missing is the little cable between your TV and computer, though that is not too far off. And their hope to corner the market on bar codes is just a little too late by about 20 years. I'd rather have ethernet or even USB over a 1 way audio connection. Given the audio cue technology is the only one actually with a pattent, I'd say good luck guys, see you with your chapter-22 in under 2 years.

Re:Postal Regulations vs. EULA

[OverCode@work]

I requested mine from Rat Shack. They rang it up like a sale, for $0, and explicitly said that they were free. I never agreed to an EULA of any kind (damn, I hate that 4-letter word). I plugged it into my Linux box, downloaded the Linux software, and scanned a few barcodes for fun. I think I'll even put my root login on a keycard (with the CODE128 barcode format) so I can just scan it in rather than typing it each time. I never in any way consented to a contract of any sort with DC, and I was never informed that I was leasing the unit rather than buying it. It appears that this CueCat is now MINE.

I suspect that sometime in the not-so-distant future everything, even things of trivial value, will be "leased" and not "sold". I also suspect nobody except the aware few won't care. It's a sad fact of the IP climate in the world, with everyone trying to stomp out everyone else and prevent them from profitting from their ideas. But until the courts actually allow that to happen, DC can fuck off. Thanks for the nifty barcode reader, btw.

That said, DC has a really good idea, and I hope they succeed. I actually think the idea of embedding product links in a catalog with barcodes is a GREAT idea, and I might actually use them (with Linux software, of course). I do buy a lot of stuff from Rat Shack.

-John

Re:Licence a piece of hardware?

[Monte]

Nobody viewed, copied, reverse engineered, or emulated any part of the firmware in the CueCat. Period.

That can't be right - the firmware encodes the barcode, right? And those clever hackers figured out how to decode it, so doesn't that count as reverse engineering?

Not that there's anything wrong with that you understand...

Re:Shrink-wrap license.

[imp]

There was no shirnk wrap to break. No license agreement to agree to. I *NEVER* installed their software, so their new EULA is just as unenforcible as their old one and will get the same response from my atterney: Get Bent.

Re:Abusing the good will of companies

[september]

Their service wasn't hacked into... They allowed their data to be plainly viewed with a URL (see comp.security.misc for detials).

Re:Abusing the good will of companies

[roman_mir]

This company was doomed from the start and it is a good thing since the next company that decides to use similar business practices will take CueCat's mistakes into consideration. Not a single user is at fault here. Just like when you are paying taxes. I read a book that teaches how to minimize tax payments, it started with a disclaimer stating that nobody should pay more than is required by the law. So, if the CueCat did not understand this simple concept - user will not pay more than is required by the law, and did not encorporate this idea into their product, it's their own mistake and they will pay for it. The bar code reader maybe good due to excellent engineering (I don't have one, since they are not distributed in Canada) but CueCat's business model is flawed and that is due to poor business management (who the hell sponsored these guys anyway?)

Re:Um, Okay.

[Tackhead]

> You may receive unsolicited emails (a.k.a. spam) from unrecognized sources.

Is it just me, or is that a little too specific? When was the last time you saw this kind of language when other "e-commerce" sites got cracked?

I mean, I'm not accusing DC of doing this, but if I were a marketing company, and my product was based on being able to track who scanned what ad, and I were to sell my database to mainsleaze spammers (e.g. MessageMedia, m0.net, and other "legit" spam-for-hire outfits, as opposed to the MLM and MMF pyramid/quack-medicine/pr0n scammers), this is exactly how I'd do it.

Those of you who gave DC a "spamtrap" address - say, a dc-spam-12345@yahoo.com type of thing, to trace the spam you got from DC and to not be detectable with a traditional dictionary attack on Yahoo - keep an eye on your headers.

If the spam's from a random dialup IP, it's probably a dictionary attack or maybe, in 3-6 months, if there was a cracker, then maybe the addresses did get resold.

But if it comes from a "mainstream" spam-for-hire company with real money behind it, and advertises real products, you just might want to suspect that DC themselves sold the data to the mainsleazer.

Hell, I'll bet it's even in their "privacy policy" that they have the right to do so. So blaming an imaginary "Hacker X" shouldn't be necessary in the first place. Again, I'm not accusing them, and I have no evidence that this is the case, but I must confess I'm just a little bit suspicious that maybe there's more to "Hacker X" than meets the eye.

Licence a piece of hardware?

[funkman]

Imagine if this worked in all hardware:

EULA for ACME Toothbrush. By opening the packaging for this toothbrush, you acknowledge that this device will only be used orally. This device may only be used to brush teeth, dentures, or anything as approved by the ADA.

Improper uses unclude:

Pets

Shoes

Computer parts

Silverware or any other dishes

Any other device where the object where the cleaning agent is not toothpaste.

Our lawyers will attack if this agreement is breached.

Re:Licence a piece of hardware?

[orabidoo]

well if that is true, then it's *incredibly good news*, since it would mean that all restrictive software EULA-ing would become invalid (find itself without any legal foundation), except of course for those licenses that cover copying only (so the GPL is actually safe).

Re:Licence a piece of hardware?

[outlier]

they are perfectly within their rights in having a license for the use of the CueCat.

However, unless you install their software, you never actually see the EULA. So, the question is, how can someone be bound by an agreement that they never even see?

Re:Licence a piece of hardware?

[cpt+kangarooski]

Well that's the trick - EULAs haven't been tested very much in the courts, and opinions are divided.

IMHO software licenses that force you to agree to use the software after you've purchased it are invalid because:
1) You own the copy, and you're free to use it as you please so long as you don't violate copyright laws (copyright laws that prohibit usage are pretty evidently unconstitutional, and are likely to get overturned...)
2) All the license can offer is a right that you already have - to use the software you paid for. How can that be valid.

Software companies don't _need_ licenses. They're already protected by copyright law. The GPL is one of the handful that recognize this. It's not as though it would be legal to hawk homemade copies of Windows on the streets if they got rid of the EULA.

Re:Licence a piece of hardware?

[ottffssent]

Nope. If 'those clever hackers' figured out HOW the barcode is encoded, and did it themselves, that would be reverse-engineering. Nothing (IMHO) was reverse-engineered. The hardware takes input (the barcode) and creates output (the base-64 stuff XORed with 63, etc...). Nobody cares how that was done. Nobody cares how their software turns that into something useful. All that was done was to interpret the output, using no knowledge of either the hardware, firmware, software, or other -ware belonging to DC.

Re:Licence a piece of hardware?

[Snard]

Mind you, I doh't agree with their marketing plan and whatnot...

But in a way, they are perfectly within their rights in having a license for the use of the CueCat. Why? Because it does have software in it... so they are effectively licensing your use of the built-in firmware that they developed (or paid to have developed).

Of course, the fact that there are dozens of appliances and gizmos in my house, all that have some sort of firmware in them, makes me wonder how long it will be until I'm faced with a licensing agreement for my Talky Toaster.

Re:Licence a piece of hardware?

Mine isn't on loan. Mine was free. I even asked the radio shack salesman, and he assured me that it was free. I looked in the catalog, and the reader was described as "free."

I started to install the software, but the EULA was so obnoxious, that I declined, and threw away the software, so I could keep my free reader.

Re:Licence a piece of hardware?

[WNight]

The presense of a ROM code in hardware doesn't matter at all. If the company selling your old (completely analog in this assumption) fridge wanted to, they could make you sign a contract before buying the fridge which would prevent you from storing certain things in it...

They couldn't prevent you from storing grocieries from a certain store, that would be anti-competitive, but they could prevent you from storing beer, or peanut butter (maybe they're afraid of shotgun lawsuits from allergic people.)

It doesn't matter what sort of parts the fridge uses. Hell, they could sell you a cardboard box and if you signed the contract before sale, you'd be bound by the same rules...

But, if they don't show you the 'agreement' before you purchase the product it has *no legal force!*

If anyone claims that EULAs have any legal force (outside of the bonehead states that accepted bribes to pass the UCITA) they're lying. It's painfully obvious to anyone with any legal background that EULAs do not satisfy the requirements for a contract, they fall short in many different areas.

There's an off chance an EULA would be binding in the case of free software, but I doubt it. It's like an EULA for a book... If you buy it, you can read it, if they give it away, you can read it.

Re:Licence a piece of hardware?

[EnTerr]

they are not loaning CueCat to you with the process of obtaining it from a store. they cannot enforce retroactive change in the license (you got it from radioshack and they said it is free).

but when going to use their software, if you click "aggree", it can be argued that you aggreed to the change of conditions, that is - CueCat is no more yours. the catch is, if you don't aggree to that... like not using their software ever... CueCat will be forever yours! ;-)

Re:Licence a piece of hardware?

[HalfWalker]

By law you are allowed to keep *for free* anything sent to you unsolicited. Someone sends you a TV in the mail that you didn't request, it's yours.

The CueCat reader *belongs* to everyone who got one as a surprise.

This was to counter the scam of sending junk to people, then demanding outrageous payments.

Re:Licence a piece of hardware?

[geist42]

I belive what its called is Black box reverse engineering. They didn't use anything at all from it, just looked at the output of the device and see if they could figure out what it is spitting out. I dont see anything wrong with that, its how the IBM BIOS was figured out if I remember right...

Re:Licence a piece of hardware?

[zakezuke]

Major diffrence. Proper owners manuals are a requirement so that the end user doesn't endanger them selves and others. Not a licence agreement.

A car includes an owners manual with seatbelts instructions. If the instructions for said seatbelts are incorrect, then it's possible for the car co. to be held responcible. Sad but true. In my experence, contraceptive jelly states, "should not be taken oraly".

Now let's look at the service based industry. Cable telivision, they often rent a converter box in order to access their service. As you rent the equipment it is theirs. A contract is signed to this effect. With the CueCat, NO contract was signed, and signing up for their service is not a pre-requisit for getting the hardware.

To enforce their licence, the user must sign-up first. Otherwise we do have the option to say, "NO, I DO NOT ACCEPT THE EULA, BUT THANKS FOR THE BAR CODE READER".

What about the free gift scam. "You won a price, a free bar grill, some see our little sales pitch get free bar brill". Should what DC is doing be acceptable, then they could, "By accepting our free gift you agree to purchace whatever we are attempting to sell you".

Re:Licence a piece of hardware?

[WNight]

Not at all. The contract implicit in sale is completed the moment the product is sold. To disclose later that the product isn't what you advertised but 'offer an out' is fraud.

You can be held to an original offer even if you later wish to revoke the offer.

If I offer something for sale and tell people to reply to me by Friday, someone can reply saying 'I accept your terms' and that binds me to the sale. I'm then bound to the terms I offered initially.

If I want to offer something vague with undisclosed caveats, I have to say something like 'I have Item X for sale, email me for details if interested' which isn't an offer to sell.

EULAs are completely without any power (except in the states that were bribed to pass the UCITA).

Re:Licence a piece of hardware?

[orabidoo]

built in firmware doesn't come with "licensing agreements" by any stretch of the imagination, for the very simple reason that there is no copying involved. the (really bad) excuse that opened the software licence floodgates was that software gets copied from disk to memory at the user's request, so the user needs a 'license' for that. no such thing happens with firmware.

Re:Licence a piece of hardware?

[Shadowlion]

What cracked me up was the statement in the EULA:

The :CueCat reader is only on loan to you from Digital:Convergence and may be recalled at any time. Without limiting the foregoing, your possession or control of the :CueCat reader does not transfer any right, title or interest to you in the :CueCat reader.

Excuse me?

How can you "loan" me something if you a) don't know who I am, b) don't bother to record who I am, c) don't ask for any collateral or specify any terms/conditions/length for the loan, and d) retroactively declare it was a loan?

This sort of seems to me to be equivalent of handing out money on the street one day, and then getting on television the next saying, "Oh, by the way, all those people I gave money to on the street yesterday have to pay me back when I ask for it."

How absurd.


--

Re:Licence a piece of hardware?

[agentZ]

You laugh, but this might help end some of the frivolous lawsuits being filed on behalf of stupid consumers. ("But I thought the contraceptive jelly worked if I just put it on my toast!")

Re:/dev/scanners/cuecat

[Dahan]

Welcome to Linux 2.2.17.
Cherokee login: root
Password:

WHAT "cancel" at the login prompt?

Seeing that the original poster said, "That's all well and good, but what about those of us that don't use Linux? For me, switching to Linux entirely is not an option," I think someone needs to take your crackpipe away.

/me takes your crackpipe away

And your irc client too.

/dev/scanners/cuecat

[tinla]

If you'd sooner have your cat on /dev/scanners/cuecat than hanging off the back of a Windows box then you can patch your kernal today... CueCat Driver 0.1.8 was released on Freshmeat mere hours ago.

Re:/dev/scanners/cuecat

[Sygnus]

You don't have to have the drivers installed in order to use the cuecat. I have one connected to this box right now, and I don't have the driver on this machine at all.
All the cuecat does, is pass the information in cleartext to the console - which makes it a great password authentication system :) I created a barcode, printed it out, and stuck it in my security badge. And since each cuecat has its own ID code that it passes with each scan, you have to use my cuecat with my barcode in order to log into my box.

Re:/dev/scanners/cuecat

[topham]

Go to BeBits and download BeCode. If it works send me e-mail. (I wrote it, but since I am in Canada I don't actually *have* a CueCat, someone please send me one... :)

There are others as well.

(Mine places the results into the clipboard to be readily pasted into any input field. )

topham@home.com

Re:/dev/scanners/cuecat

[tooth]

CueCat Driver 0.1.8 was released on Freshmeat mere hours ago.

[In any event, you will notify Digital:Convergence of any information derived from reverse engineering or such other activities]

Well, I'm going to have to report all you too, now.
Don't bother with water-marking MPAA, you should just slap this licence agreement on the front of your DVD's

Re:/dev/scanners/cuecat

[SpyceQube]

Other

Re:/dev/scanners/cuecat

[WNight]

From the CC FAQ...

Q: Will staring into the :CueCat hurt my eyes like a laser pointer?

A: No. :CueCat uses LEDs for scanning. It poses no risk to your eyes.

I just posted this in response to what might be a joke because a friend asked me this same question... Most good barcode scanners use a small laser so they have a better range and can scan in more adverse conditions, the CueCat though is cheap, so cheap you don't have to worry about this.

Re:/dev/scanners/cuecat

[Nexx]

and on an NT box, clicking on "cancel" just throws you back to the "hit ctl-alt-del to login" prompt....

--

Re:/dev/scanners/cuecat

[Nastard]

Thanks, I couldn't find a link for those drivers anywhere. I have three cats and couldn't use a damn one of em. Thanks, tinla :)

Re:Multiple computer usage?

[zakezuke]

You can use the same disk to install the cuecat software on multiable machines.

You can not give the disk to someone else to install on machines.

You can not put the software on your web site to allow others to download it to put on other machines. You can not download their software and post it on your web site for others to download. You can download their software and install it on multiable machines.

Gawd, can't you read lawyer?

Re:Postal Regulations vs. EULA

[WNight]

Well, you *do* own that copy of the software and can do anything with it that you legally could do with a book... You can sell it, use it, modify it, ignore it, critique it, benchmark it, burn it, or feed it to a cyber-pet.

You can't bypass copyright controls and start reselling the AOL software (plural), but you may resell your copy of the AOL software.

Ditto with the CueCat. You own it in all concievable ways, but that doesn't mean you own the patents it's based on, or the copyright on any ROM code. But you do own the right to use everything that it comes with.

Huh?

[Icebox]

Is there any requirement that a company prove that a person has actually seen their EULA? If you never install their software or read their docs I'm not sure how they could make the case that a person was even aware of the EULA. The CueCats I have all came in bags, maybe they are printing it on the bags with the phrase 'by opening this bag you agree to....'.
The majority of the people who use the cracks do so because Cue's software either doesn't work on their OS or because they don't want Cue to snoop on them. In either case the EULA would never be seen by the user, I can't imagine that it would be enforceable.

Well, nothing really unusual...

[Malevolent]

Companies change their license agreements all the time, if a new product comes out then it stands to reason that the lawyers are going to want to see it included in the EULA.

What would have been more relevant would have been a if DC (or any other company for that matter!) had made a change to the EULA, not notified their users and then tried to enforce the changes.

I don't know if this is the case, but to be honest, DC would probably have been much better off having two completely seperate EULAs. This way there is no confusion - and again no possibility of falling into the "no notification" trap.

Mind you, it is governed by the laws of the State of Texas, so I guess that you'll be on the chair before you have a chance to pipe up your disent of any part of the agreement ;)

Re:Abusing the good will of companies

[orabidoo]

as far as I can see Eazel's stuff is a pure service, not an after-sale, since there is NO SALE to begin with. and since their software is open source, they sure can't be accused of tying a product (whatever they develop) with a service. hence, for all I care, they should feel more than free to base their business on offering their update services -- although I have my reservations as to whether it's a viable model. and if it *does* work, it'll be precisely because of this lack of tying; once the users know that they're free to use whatever service (or none), and that this is freedom is protected by the fact that the software is open source, they may actually have less reservations to use the service in question.

Re:Spot the difference. Is it legal?

[transiit]

Add something else to this line of thought: it is legal to disassemble software. After the initial round of legal nastygrams went out, I asked a number of people in the know about the legality of this whole mess, and the common answer was: It is legal to disassemble software. If you use those instructions line for line in another product, that is not protected, but you can dig up the algorithm, reimplement it yourself, and all is fine. The DMCA (DCMA? I don't remember. It's morning) has made some weird restrictions on reverse engineering, but there's no copyrighted information we are accessing, they can't even wave that one around.

So, this lands under contract law -- the sort of thing where they start saying "If you do not agree to these terms, we do not acknowledge your existence and therefore you must vaporize immediately or stop using our product", but even with that in mind, there's still some problems. They've just made changes to a contract nobody agreed to in the first place, which is not available with the product, neither through radio shack or the magazines that sent them to their subscribers.

Like the "FreePC" deal...gone with the wind

[Linux+Freak]

Hoo boy, things do not look good for Digital Convergence. Remember the "FreePC" deal that went bust due to a similar poorly-thought-out business plan?

Get your Cue:Cats while you can, folks.

2nd Digitalconvergence.com Patent Application

[satch89450]

When I printed the text portion of patent 6,098,106 from the USPTO.GOV site, I found this interesting tidbit:

This application is related to copending US patent application Ser. No. 09/151,471, entitled "Method for Interfacing Scanned Product Information With a Source for the Product Over a Global Network" filed of even date herewith.

Interesting, but not exactly a patent on the CueCat itself, based on the title.

take the high road.

[cetan]

I'm hoping that the community would take the high road on this issue and not degrade to flaming DC. I think that clear, concise, informative and not insulting emails to DC might help them see the light. Certainly it could have more of an effect than just telling them they suck. Think of them as children in need of guidance, because their behavior is that of a 10 year old, not that of adults.

Instruct, don't destruct.

Re:take the high road.

[__aaedhn419]

>DC sucks. And their stupid bar code reader sucks.

And their little dog, too!

Re:take the high road.

[WD_40]

Look for DC coming to a FuckedCompany website near you!

_______

Re:take the high road.

[arivanov]

No point.

On evolutionary grounds a company without a clue in their business plan deserves to die.

So just get go and get your CATs.

Re:take the high road.

[The+Monster]

Just tell them they suck and be done with it.

Then do it in their language:

.bYOKkJCIlWa.acWTnsyXjcyTicya.edyGkdbI.

Oh. Did I mention you'll need to run this through the (tweaked for generality) perl decoder (or equivalent) to make sense out of it?

(in case you've forgotten)

#! /usr/bin/perl -n
print map
{
if (length())
{
tr/a-zA-Z0-9+-/ -_/;
$_ = unpack 'u', chr(32+length()*3/4) . $_;
s/\0+$//;
$_ ^= ("C" x length)." ";
}
} /\.([^.]+)/g;
print "\n";

Re:take the high road.

[arivanov]

A dead looser company alsways blames someone. This is part of the business. Hackers, Weather, Force Major, but never idiotic business plan and lack of clue. The reason is very simple. The concession that the business plan was idiotic means that the VCs were idiots. VCs do not like to be marked as stupid. So having someone else to blame is to be expected.

Perl script has a problem...

[satch89450]

You may want to update your Perl script to take into account some recent discoveries about modifications to the 'Cat.

Specifically, you may want to insert the minor tweak that lets the code handle those 'Cats that return command and slash.

Shrink wrap? Mine said "Wired" on the outside..

[Ommadawn]

I got my little toy (which fills the space behind my computer with an eerie red glow - very spooky) in the mail apparently because I am subscribed to Wired. I opened the box, saw this cat-looking thing fall on the floor.

"Cool", I thought.. I wonder if those drivers that were supposedly banned are still available.. Yup..

A little while later I'm happily scanning ISBNs from my books..

Only then did I look at what else was in the box.. What's this? an audio cable with a monophonic 1/8" mike plug, with both a male and a female phono connector on the other end. "What's this for?" I wonder.

Reading the docs showed that you're supposed to connect your VCR's audio out to the phono connectors, and you're supposed to connect the mic plug into your computer's audio in, and after installing this software that came with the cue cat (windows only - I have only linux on my desktop at home) when you are watching a commercial or a tv show, the web page for the commercial or tv show is somehow transmitted to your computer.

Does anyone know how this works, and is there a Linux driver that will translate this information? Someone speculated that the info is somehow read from the closed-caption part of the signal, which got me thinking.. Perhaps I could receive via email transcripts of my favorite tv shows i never get time to watch .. hmm..

Abusing the good will of companies

[flatpack]

It strikes me that whenever a company comes out with something where they intend to make their profits from after-sale mechanisms, the first thing that people want to do is to try and avoid this. We've recently had this CueCat business and a page complaining about paying $10 a month for TiVo, despite the fact that they sell their hardware as a loss leader and rely on the subscription charges to make any money.

To me, all of this seems like trying to rip off companies that are providing something which people obviously want. And if people succeed, then these companies are going to suffer, which means no more deals for people. Is this what we want?

Every time a new service is hacked into so that the company fails to be able to make a profit, it just discourages other companies from being so generous, or encourages them to follow the MPAA/RIAA in slapping restrictive laws or licenses on the technology. Do we really want a situation where every new technology comes out hand in hand with restrictive legislation to give the companies a chance to make a profit?

Re:Abusing the good will of companies

[Another+MacHack]

I think they're less concerned about /. hackers than people who sell barcode systems which interface to commercial barcode scanners. Next revision, they can advertise "Compatability with Radio Shack's Free Barcode Scanner", so people go to RS to get the scanner and don't use it for DC's intended purpose.

Not sayin it justifies their actions, just explains them.

Re:Abusing the good will of companies

[skip77]

The Cellular Phone companies have the contract thing down perfect. People -expect- to have to sign a contract nowadays to be able to get a phone. Not that you could do the same thing with a Cue:Cat. Its a pretty useless device, honestly. I went out the day that I read about it and got one, but I haven't even had the time to install it. Now, TiVo on the other hand could get away with it especially because they are so cheap.

Re:Abusing the good will of companies

[jjoyce]

By virtue of being a company, they have no good will.

--
You don't become a failure until you are content with being one.

Re:Abusing the good will of companies

[Goonie]

It strikes me that whenever a company comes out with something where they intend to make their profits from after-sale mechanisms, the first thing that people want to do is to try and avoid this.

Well, knock me down with a feather!

If companies are basing their business model on after-sale mechanisms, and they intend to rely on technical means to compel people to pay them money, it's obvious that somebody is going to try and get around it.

Instead of trying to use *technical* means to do this, have they considered a) contracts, and b) making the extra-cost services sufficiently compelling to justify their customers spending money? If you're going to use a lock-in strategy, why not be up-front about it like the mobile phone companies, and be prepared to offer a contract-free version at the full retail price.

Re:Abusing the good will of companies

[Shotgun]

If companies want to make money this way, they need to get people to sign a contract up front. Plain and simple. If you build a business on being able to trick people into paying you for nothing, then you deserve nothing when they wake up.

As for the EULA, it's as worthless as the original. Here is the babelfish translation:

"Now that we've concluded our contract, here are some extra terms that we'd like to add."

All EULA's say exactly the same thing. If a vendor wants to enforce a EULA, it must be presented before the sale so that I can read it, and the vendor must refuse the sale to transpire without me signing the agreement; otherwise, it's all bullsh**.

Re:Abusing the good will of companies

[NReitzel]

Good will my ass.

These companies have ridiculous business plans designed around the idea that people are willing to pay forever for a "service" of nominal value. If this were true, broadcast television stations would have been charging their subscribers a service fee for the last fifty years.

And the idea that the solution to this "problem" is litigation ranges from absurd to positively subversive. It is flatly ludicrous to expect a government to protect faulty business models by shoving legislation down the throat of the consumer. I cannot even begin to comprehend the logic that places used car salesmen in the position of writing legislation that turns a fee-for-service into a tax.

Somehow, in this country, businesses have forgotten that success depends upon delivering a service or product at a price that benefits both the provider and the consumer of the service. Instead, greedy marketing type pinheads have decided that what is necessary is to scam customers into paying good money for items of marginal value.

The proper "solution" for a lousy business plan is bankruptcy.

Re:Abusing the good will of companies

[Icebox]

I think that companies take the chance, when they market a loss leader, that people will choose to buy only that product and not patronize their money makers. This adds a necessary element of risk to these types of ventures. I'm presently consulting for a manufacturing company that is trying to sell a product at a loss just to get into a new market. The idea is that they will expand their customer base for all of their products, not just the loss leader.

I think these companies need a better business model. I also think that they tend to blow these cracks out of proportion, at the very least they help to further spread the word that such cracks are available. I just don't see a tremendous profit loss from people tearing apart their I-Openers or cat shaped scanners. Companies need to consider possibilities like that long before they make their products available.

I'm not sure about legislation that protects companies when they try to market a hardware/service combo. What would that actually accomplish? If a guy a Radio Shack gave me a scanner would I be forced to scan something with it? Would I be forced to install their software? What if I went out and bought a TiVo but decided I didn't like it, would I have to use the thing or could I just throw it in the trash?

Re:Abusing the good will of companies

[substrate]

With the CueCat the intention was originally to stop the parent company from making money. The original thinking seemed to have been "Ooh... nifty hardware, lets see how it works". This led to it being reverse engineered and released for other platforms without the parent company making a cent.

Reverse engineering shouldn't be illegal, at least as long as its not for profit, and I've got a hard time even arguing that reverse engineering for profit should be illegal. I would argue that the fruits of the process may be unusable given good i.p. protection laws, but the act of reverse engineering it should never be prohibited.

Businesses need to make it their business to protect themselves, rather than making it the governments business. In CueCat's case they needed to have a business plan which included the danger of people reverse engineering their interface. An occurence which was virtually guaranteed given the simplicity of it. Perhaps this means that there would be no free CueCat, some nominal fee would be attached. Is this really worse than giving up freedoms?

Now if people obviously want the CueCat, but only if its free, then people don't really want the CueCat.

As for the $10/mo charges for TiVo, that wasn't really the case. There were a few comments that in truth the 250 dollar TiVo was the same price as the 450 dollar Replay TV since the 200 dollar lifetime subscription made the prices identical.

Re:Abusing the good will of companies

[Bieeardo]

The problem is that a lot of people don't understand, recognize, or appreciate after-sale mechanisms. They buy the hardware or the software, and expect it to be theirs to do with as they wish. "Sale" suggests a permanent transfer of ownership, after all.

I know a lot of people who won't go in for something like the TiVo, the :CueCat, or one of those monthly subscription online games, simply because they don't want to be continually paying for something that they've already bought. It's not like they're leasing a car, or anything.

Personally, I don't mind post-sale revenue mechanisms-- so long as they involve an optional, value-added service. If I buy a TiVo (at whatever price), it should be able to function as a simple digital VCR without being hooked up to the phone line. Sure, I lose out on a lot of the functionality, but it still works as a basic digital VCR.

The biggest problem is, a lot of these companies are just trying to make a quick-and-dirty buck off of the consumer, and there are a lot of people smart enough not to fall for it, and to work around it. A lot of these companies are jumping on this framework in the same way that everyone and their duck jumped on the dot.com and IPO bandwagon-- and a lot of them are going to get screwed, regardless of any improprieties on the part of the consumer.

Re:Abusing the good will of companies

[LarsG]

It strikes me that whenever a company comes out with something where they intend to make their profits from after-sale mechanisms, the first thing that people want to do is to try and avoid this.

Why the heck not? If there is no law or license agreement or contract that says I have to act according to their business plan, why should I?

To me, all of this seems like trying to rip off companies that are providing something which people obviously want.

To me, all of this seems like some companies that think we are gullible. They try to make it look like they are giving you something for little or no cost (cuecat, freepc, whatever), while what they really want is to force you to use their services and sic lawyers on you if you don't.

And if people succeed, then these companies are going to suffer, which means no more deals for people. Is this what we want?

No, it isn't.

If the :CueCat was given away with a prominent sticker saying "all use of this device except with our service is prohibited", I would have no problem with it.

Every time a new service is hacked into so that the company fails to be able to make a profit, it just discourages other companies from being so generous, or encourages them to follow the MPAA/RIAA in slapping restrictive laws or licenses on the technology.

For crying out loud - they already have the laws they need to bundle their razors with their blade-service. All it taskes is a simple 4 page license signed when you pick up one of the free CureCats at RadioShack.

So, why didn't D:C do this from the get-go? Could it be that people actually would be _scared away_ from the "free razor" when they are told the terms up front?

Do we really want a situation where every new technology comes out hand in hand with restrictive legislation to give the companies a chance to make a profit?

What is it with this restrictive legislation? Contract law is perfectly adequate for razor/blade bundling.

If they want some new legislation, it is for only one purpose - to still be able to hide the terms from the normal consumer, while making it illegal for us to play with the free toys we are "given".

Re:Abusing the good will of companies

[orabidoo]

To me, all of this seems like trying to rip off companies that are providing something which people obviously want. And if people succeed, then these companies are going to suffer, which means no more deals for people. Is this what we want?

yes. this is what we (or at least, I) want. I want after-sale business models to FAIL so that companies can get back to the good old way of selling stuff without tying the user to some badly thought-out service of theirs. namely, by selling appliances at a profit. just like VCRs, stereos, cars, and everything out there that gets sold. selling hardware at a loss and recouping on side channels is BAD FOR THE CONSUMER.

Re:Abusing the good will of companies

[RalphSlate]

I disagree with this. What if the instructions with every light bulb said "please discard this bulb after 2 weeks and buy another", but the light bulb really lasts for months? Would you suggest that we should all follow the company's rules on light bulbs so that the company can make extra money?

What if the side of the light bulb box said "by opening this box you agree to dispose of this bulb at the end of a two week period"? Would that make it "illegal" to get the maximum life out of a light bulb?

Ralph

Re:Abusing the good will of companies

[SuperLiquidSex]

Lets see here *CueCats are given away for free *They make no money from cuecats *The people who have the CueCat barcode pay them to put it on the ad *They make money from the barcode *All programs translate the cuecat code just like any other So the only way we could make them loose money is by preventing sponsors from getting the barcode read. But they don't, they just don't use THEIR program. Big whoopdydo they should be happy that they now don't have to code all that stuff, now they can just use freeware. Also, just to let everyone know...shrinkwrap licsenses are nonbinding...well effectivly I should say, theres never been a case where a defendant lost because of he violated a shrinkwrap. BTW I have 36 CueCats...and all of them are hooked up

Re:Abusing the good will of companies

[jachim69]

So, would you propose to put limits on AMD? They started out in the processor market by reverse engineering Intel's chips and making their own that worked the same way. In fact, that's the only legal method they had to make a compatible chip.

First, you find out what a chip does and write detailed specs describing it. Then you give that document to a completely seperate team of engineers. Since the 2nd team hasn't ever looked at an Intel chip, they have no knowledge of how it does what it does. They design their own chip to do the same thing. Presto, you have an Intel compatible chip that's completely legal due to the wonders of reverse (and clean-room) engineering.

Re:Abusing the good will of companies

[e_lehman]

As I recall, Digital Convergence did not hestitate to fire off bogus legal threats. This is no "good will" to abuse.

They have a busines plan with a hole large enough to float the USS Truman through. Namely, they hope to profit from a service that can easily be obtained elsewhere for free. They're trying to cover this gaping hole with legal intimidation.

An altruistic outfit might reasonably expect a somewhat altruistic public response. But once the lawyer threats start, forget it.

Re:Abusing the good will of companies

[tzanger]

Here is the babelfish translation:

Now that would be a truly useful babelfish language... Legalese to English!

Re:Abusing the good will of companies

[I+R+A+Aggie]

To me, all of this seems like trying to rip off companies that are providing something which people obviously want. And if people succeed, then these companies are going to suffer, which means no more deals for people. Is this what we want?

Actually, yes. When is a "good deal" not such a good deal? when it comes with stings attached. "We'll give this to you cheap, but then we'll profit mightily on the somewhat inexpensive service that we'll require you to use."

Let people think that you've given them something for nothing, then screw them on the backend. Now, who's stealing from whom?

James

Re:Abusing the good will of companies

[Felinoid]

The TiVo dose not on the surface appear to contain ANY hidden costs. You buy it take it home and plug it in.
Once you learn of the $10 a month fee you have allready paid for the box.

Selling at a loss can get you sued...
If your artificially low price hurts the sales of a compeating product the maker of that product may sue over it.
(They do not automaticly win BTW.. it needs to be shown that selling the product at a loss is abnormal.. in the video game market it is commen place and as such not an abnormal event.)

Re:Abusing the good will of companies

[BrK]

It strikes me that whenever a company comes out with something where they intend to make their profits from after-sale mechanisms, the first thing that people want to do is to try and avoid this. We've recently had this CueCat business and a page complaining about paying $10 a month for TiVo, despite the fact that they sell their hardware as a loss leader and rely on the subscription charges to make any money.

_However_... You can opt to use your Tivo without ever paying them $10/mo or any other subscription fee. You don't get access to the value-added features of the Tivo service, but you _do_ get a nifty digital VCR. Tivo also hasn't taken to sending poorly written legal letters to people...yet.

Re:Abusing the good will of companies

[Technician]

The point is; the stuff they are giving out is restricted! If the catalog was printed with a barcode my laser scanner would read, and the software could use the output of it, and they offered a scanner for a low price that didn't garble the output and read standard code, then more people could use the hardware and software. Think about it. How many specialty items do you have hooked up to your PC that can only be used for one thing? Don't count your MP3 player. It can play more than songs from mp3.com ;-) I don't have a printer that only can print labels or stamps. I don't have a keyboard that only can be used for (insert single app here) and a monitor that can only display web pages. I don't want a ton of junk hanging off my PC. I do have a quality industry standard laser barcode reader. No I don't have a clue cat. I have no use for one that only works in violation of their ELUA or with Digital Convergence stuff. They decided to be incompatible with my hardware and software when they could easly used B3of9 symbology and been an enhacement to many peoples systems.

Re:Abusing the good will of companies

[I+R+A+Aggie]

What if I went out and bought a TiVo but decided I didn't like it, would I have to use the thing or could I just throw it in the trash?

Well, if it were licensed to you (ala CueCat's new EULA), then that would probably be a violation of the license...

Only .5 * :)

James

Re:Abusing the good will of companies

[barracg8]

• it just discourages other companies from being so generous

DC is being every bit as generous as your local dealer who gives crack to kiddies to get them hooked. DC is not being generous. It is driven by the motive of making money.

• Do we really want a situation where every new technology comes out hand in hand with restrictive legislation to give the companies a chance to make a profit?

I have two imaginative thoughts.

1. Sell things for what they are worth. Crazy, I know, but what if DC tried selling the scanner for what it cost them to make it? Wow!
2. Just write off the loss. Okay, hands up anyone who has ever taken a free T-shirt at a trade show, for a product that they will never, ever, buy. Should there be an EULA on the T-shirt against that? If DC were really feeling generous, they could just write off the loss of a handful of scanners to /. geeks who want to hack around with them, and concentrate on pushing more scanners at lusers who are more likely to use their software.

DC are currently expending a lot of energy on fighting us, not on making money. This is very dumb.

• despite the fact that they sell their hardware as a loss leader and rely on the subscription charges to make any money.

Ah! DC is stupid. Tell me again, why is that my problem?

Re:Abusing the good will of companies

[arivanov]

I think you are too naive. So I will have to explain it at your intellectual level.

A loss leader is like spreading gold along a path. This usually leads to two options:

• The idiots that start walking along the path get robbed. In the middleages thay used to get killed as well. Unfortunately now this does not always happen and the evolution does not take its due course so we have to have this idiotic conversation
• The people who actually have some brains chose another path (or use armed escort). And they get away with their money and alive.

It is obvious that if two many people use an alternative path there will be an attempt to ambush that one as well (think of EULAs and similar measures), but until a company have not ambushed the other path it should not expect anything but a random idiot to fall in its traps. Evolution have taken its due course for thousands of years. So the avoidance of non-enforceable loss leader schemes is to be expected.

Re:Abusing the good will of companies

[Felinoid]

What service are they offering anyway?
The scanner reads a barcode that translates into a web url...
print a web url instead of the stupid bar code then you don't need the scanner or the service.

I'm doutful anyone would willingly paid just so they could scan urls instead of typing them

It does work in hardware..

[Fitascious]

Or at least I've seen the phrase "it is a violation of fedaral law to use this product in a way it was not intended to be used" on such things as lysol cans and stuff. I am praphrasing from memory so forgive and misquotation...

Re:It does work in hardware..

[igneous+polenta]

AFAIK, IANAL and any other acronymss you care to throw in...That specific warning is found primarily on aerosol cans or materials that contain harmful materials, to you or the environment. It's there to prevent people from doing really stupid things like spraying their rust-oleum into a paper bag and sticking over their head until they see pretty colors, or using their freon recharger to bust the lock on their neighbor's garden shed, and chewing a bigger hole in the ozone layer.

Re:Spot the difference. Is it legal?

[(void*)]

You are right. But the difference between weak encryption and strong encryption is not simple. If it was cryptanalysts are out of a job. And even if so, bear in mind that encryption does not prevent reverse engineering. It just makes it longer and harder. Someone who decides that it is worth their while might actually go ahead and do it.

Press Release Link

[waters]

Here's the link to the press release about the customer information being cracked.

Press Release

Not much in the way of details.

Tatle-tale

[tooth]

From the New EULA: In any event, you will notify Digital:Convergence of any information derived from reverse engineering or such other activities...

Riiightt... so, now not only can't I reverse engineer the software under thier "agreement", I have to dob in anyone I find out that is reverse engineering it?

hmmm, better stop reading slashdot, I guess MS, RIAA and the MPAA were right. You are all the spawn of Satan. Lucky the big companies are here to protect me and my children (please, won't you think of the children?).

Re:Tatle-tale

[plastik55]

No dice. You are interpreting it as:

you may not (decompile, reverse engineer, disassemble, modify, rent, lease, loan, sublicense, distribute or create) derivative works based upon the :CRQ software

Whereas the intention, and what would hold up in court, is (see, lawyers like compound verbs):

you may not decompile, reverse engineer, disassemble, modify, rent, lease, loan, sublicense, distribute or (create derivative works based upon) the :CRQ software.

So, you may not decompile the :CRQ software, reverse engineer the :CRQ software, etc.

Re:Tatle-tale

[HiQ]

Well, IANAL, but when you read carefully, I think that you can decompile, reverse engineer and/or disassemble:

you may not decompile, reverse engineer, disassemble, modify, rent, lease, loan, sublicense, distribute or create derivative works based upon the :CRQ software

Does this sentence say anywhere that you can't decompile the :CRQ software? No, it says that you can't decompile OR create derivative works. Decompile what? It doesn't say. It actually says that you can't RE, disassemble and decompile derivative works based upon their software. So be their guest, and work on their software... that's not derivative!
How to make a sig
without having an idea

Why this business model does not work except .....

[Chanc_Gorkon]

There are many companies who have tried this same model and they fail, or are failing. I call it the Cell Phone style business model. This model works for Cell Phones because the phone is pretty usless without the service (unless you are friends with a multibillionare who can buy or setup a similar free infrastructure). There are mahy things it has not worked with, or will not work with.....

1. Computers

The free computer with internet acess model is flawed because people can add. When you commit to a internet service to get your computer, you are tied until that computer is WAY beyond useless. Also, these companies forget computers are useful for things BESIDES the internet.

2. :CueCat

This is bound to fail because of the stupidness of the whole thing. I mean, really, a hacker might use this to create something for themselves, but really why do you need a barcode reader?? And the whole idea struck me as kind of dumb after I tried it and thought about it. I mean, except for the decoding thing and DC's only software WHAT possible use do you have for this dumb thing? Indexing CD's, videos, or DVD's by barcode may be the only thing. And why do companies keep trying to put a barcode reader in things? (Networked fridge with BC scanner, still not available cuz it's DUMB!).

3. Netpliance iOpener...

Hmm, lessee, let's make a network appliance out of commodity hardware, try to make it hack proof, and sell it so PC and Internet people can get grandma on the internet. Oh and let's sell them and a whopping loss so we can make money off of people who think they need to use their service on it. Netpliance could have done a smart thing and made a better investment in the hardware and made the thing truely unhackable before selling it. They didn't. Their revenue stream does not exist.

I could go on but what's the point? A company should just sell the freaking device at a reasonable price level, and charge little or nothing for the service. If Tivo reduced their fee to say, about 2 bucks a month (what I used to pay the cable company for monthly guide which I never looked at cuz of the on air tv guide channel and tvgrid.com) I'd jump on it! Another thing they could do is try to work out deals for people to reduce the amount of bills they have for services. An example might be phone companies have one fee to pay for tv guides for tivo's, internet connection thru ADSL, phone service and cable TV all in one bill a month which I'd call an Information Service bill. I'd love that.

Re:Multiple computer usage?

[interiot]

A better URL is here: http://faq.crq.com/ResultPage.asp?FAQId=129. Search for "can i use".

That's funny. I guess their lawyer didn't do a good enough job of combing through the EULA after cut-n-pasting it from somebody else's shrinkwrap software.

So are you bound to the specific contract that you agreed to with the "I agree" button, or can you use multiple copies since they publicly state that you can?
--

Infinite Shampoo Loop

[FalseConsciousness]

Ever read your shampoo bottle: "Lather, Rinse Repeat. Rumor has it that, as we argue here, Prell is hiring lawyers to stop people from circumventing their instructions.

Actually it is well known that the "Lather, Rinse, Repeat" instruction is included to keep androids from conquering the earth. As soon as they read it their heads tilt to the side and smoke starts coming out.

Decoder in Python

[K45]

Here's a Python implementation of the decoding algorithm. It's a little rough around the edges, but it works (hey, this is my first shot at learning Python).

This decoder is a bit different than the others I've seen, in that I put an emphasis on human-readable output.

Also, I've tested this with two different scanners, and each scanner obviously sends its own ID along with each barcode scanned (I think we already knew this, but I've now confirmed it).

Oh, one more thing.. It should be pretty easy to make this into a CGI script. <grin type="evil"/>

Happy scanning :)

#!/usr/bin/python

# Reads input from a :Cue:CAT and displays the barcode in human-readable
# form. Simply start the script and scan a barcode.
#
# Written by Nathan Walther <kas@devzero.org>, September 2000
#
# Copyright 2000 Nathan Walther
# This program is free software under the terms of the GNU General Public
# License, with absolutely no warranty.
#
# Thanks to...
# Joshua Garvin, for providing a very well-documented decoder in VisualBasic
# Stu, for pointing out the obvious (periods are the field seperators)
# And the people who gave me their :Cue:CAT readers.

import string

# The base64 mapping of ASCII characters to numeric values
# There is a Python module for this, but I'd rather implement the
# whole algorithm here, to help others see how it works.
map64 = {
'a':0, 'b':1, 'c':2, 'd':3, 'e':4, 'f':5, 'g':6, 'h':7, 'i':8, 'j':9,
'k':10, 'l':11, 'm':12, 'n':13, 'o':14, 'p':15, 'q':16, 'r':17, 's':18, 't':19,
'u':20, 'v':21, 'w':22, 'x':23, 'y':24, 'z':25,
'A':26, 'B':27, 'C':28, 'D':29, 'E':30, 'F':31, 'G':32, 'H':33, 'I':34, 'J':35,
'K':36, 'L':37, 'M':38, 'N':39, 'O':40, 'P':41, 'Q':42, 'R':43, 'S':44, 'T':45,
'U':46, 'V':47, 'W':48, 'X':49, 'Y':50, 'Z':51,
'0':52, '1':53, '2':54, '3':55, '4':56, '5':57, '6':58, '7':59, '8':60, '9':61,
'+':62, '-':63 }

def decode(input):
'Takes a component of the scan text, and returns it in human-readable form.'

# Process blocks of 4 6-bit values
block_list = []
i = 0
block = 0
shift = (18, 12, 6, 0)
for char in input:
if map64.has_key(char):
block = block | (map64[char] << shift[i])
i = i + 1

# One block of 4 values completed
if i == 4:
block_list.append(block)
i = 0
block = 0
else:
print 'Unexpected character:', char
# Check for leftovers
if block > 0:
block_list.append(block)

# Convert each block of 24 bits into 3 8-bit values
byte_list = []
for block in block_list:
for offset in (16, 8, 0):
byte_list.append((block & (0xFF << offset)) >> offset)

result = ''
for byte in byte_list:
dec = (byte ^ 67) - 48 # Get one decimal digit (48 is ASCII 0)
if dec < 0 or dec > 9:
print 'Unexpected value:', dec
else:
result = result + `dec`

return result

# Read a line of text as if it came from the keyboard
scantxt = raw_input('Scan: ')

# Split scan text into its component parts
prefix, scanner, type, barcode, suffix = string.split(scantxt, '.')

# Prefix should be two escape characters followed by '[21~'
# Suffix should just be ''
# TODO verify the prefix, suffix, and number of parts

# Print human-readable output, with nice formatting
print
print 'Device Number: ' + decode(scanner)
print
num = decode(barcode)
if type == 'fHmc':
print 'Barcode Type: UPC-A'
print 'Manufacture: ' + num[0] + '-' + num[1:6]
print 'Product: ' + num[6:11]
print 'Checksum: ' + num[11] # TODO compute expected checksum
elif type == 'cGf2':
print 'Barcode Type: ISBN and price'
print 'ISBN: ' + num[3] + '-' + num[4:9] + '-' + num[9:12] + '-' + num[12]
currency = num[13]
if currency == '9':
currency = 'Unspecified'
elif currency == '5':
curreny = 'US Dollars'
elif currency == '6':
currency = 'Canadian Dollars'
else:
currency = 'Unrecognized'
print 'Currency: ' + currency
print 'Price: ' + num[14:16] + '.' + num[16:18]
elif type == 'cGen':
print 'Barcode Type: ISBN'
print 'ISBN: ' + num[3] + '-' + num[4:9] + '-' + num[9:12] + '-' + num[12]
elif type == 'fGj2':
print 'Barcode Type: Paperback (?)' # TODO confirm this and get more info
print 'ISBN: ?-???-' + num[12:17] + '-?'
print 'Price: US $' + num[7:9] + '.' + num[9:11]
elif type == 'aabI':
print ':Cue: ' + num # TODO figure out the format of these beasts
else:
print 'Unrecognized Barcode: ' + num

DeCSS in barcode!

OK, here's our chance to piss off Digital Divergence AND the MPAA in one stroke. Let's publish DeCSS in barcode that can be read by CueCat. Publish it in some magazines - the caption: "Barcode as Art in the Digital Age". Put it on T-Shirts that can be scanned with the cat (on the front of the shirt, with the source on the back as it is now, only no typing required!)

Uh, we already have that, it's called a URL...

[Flat5]

What damn good is the barcode? I don't get it. As far as I can tell it "accelerates" the typing in of a URL. That's not exactly the biggest barrier to accessing the web, now is it? If the CueCat software, on the other hand, is sending info on people about what they're scanning, not only will it be useless, but people will avoid it like the fascist plague that it is. Either way this company is screwed.

$10 Gift Certificate - Invasion of Privacy

[nospoon]

Since in the email they sent they ask you to fill out a form to get the $10 Certificate snail mailed to you -- it is just a way for them to tie your address in Meatspace to your 'userid' or whatever it's called in their software. I for one won't be getting the $10 certificate. Infact I just disabled the email account I had setup to get a code to test the software with.

I'm not going to sell my address to those spammers for a lousy $10.

Re:Shrink-wrap license.

[jareds]

Weirdly enough though, this was determined to only govern the software in the result of commercial transactions. If you find a random copy of software on the street, you're NOT bound by the license.

So... have your friend buy the software and drop it in the street for you to pick up later.

Re:How can you license a gift?

[jareds]

I received a CueCat in the mail. I have accepted no license, and I don't plan to. I'm not going to install their software by any means. They have given me no ability to refuse the terms of their license. It was sent to me without any action on my part, other than being a subscriber to a magazine- that sounds like a gift to me.

As others have pointed out, under US postal law, the CueCat you received in mail is an unequivocal gift. If I were you, I'd mirror the Perl scripts Digital Convergence has been complaining about, write letters to DC telling them that you're mirroring the scripts, write letters telling DC they're morons, etc. Then, when they invoke some provision of the EULA requiring you to return the CueCat or something, report them to your friendly neighborhood Postal Inspector. I wish I got a CueCat in the mail. That could be fun.

Changing EULA

[Blindman]

I have no idea about the legalities of chaning the EULA for a product already in one's possesion. Obviously, they are trying to add the hardware to the EULA, which only included the software before, but how on earth can this be enforced.

Most licenses expire. At least most non software licenses expire like driver's licenses, and alcohol licenses. Each time you renew, you could be subject to new rules, but all parties are more or less aware of that in advance. I don't see how they can expect to change the terms of a license that most people just clicked through, and expect it to mean something.

IANAL, but even in the great state of Texas, I think that their business, if it depends on this change in EULA, is pretty much over.

Re:Changing EULA

[DHam]

Even if the licence states that the company may change it unilaterally, and even if the licence is made enforceable by some dodgy piece of legislation then the relevant clause is still void for uncertainty. You have to specify contractural terms in a pretty concrete manner. Just because UCITA plugs the acceptance hole in EULAs doesn't mean it fixes all the other problems.

\begin{disclaimer}
I passed contracts at the ANU but I believe US common law is pretty similar to ours.
\end{disclaimer}

CueCat's simple "encryption" alogrithm

[LtPaisley]

Yes, CueCat's method of scrambling barcodes is childishly simple. But there would be little point in implementing a stronger algorithm since an attacker would have an unlimited number of plaintexts available and could generate chosen plaintexts at will. Any algorithm that would be feasible to implement in a piece of giveaway hardware would be vulnerable to attack.

How can you license a gift?

[Matt_Bennett]

I received a CueCat in the mail. I have accepted no license, and I don't plan to. I'm not going to install their software by any means. They have given me no ability to refuse the terms of their license. It was sent to me without any action on my part, other than being a subscriber to a magazine- that sounds like a gift to me.

They have the broad statement of (2) using the :CueCat reader leading to my acceptance of the license. But what do they mean by using it? Using it as a doorstop? Paperweight?

I really hope this issue comes around and hurts them in the end. They must have spent a *huge* amount of money to get this out. They probably have 100's of thousands sitting in a warehouse somewhere, ready to be shipped. I hope they never get to ship them.

Hmm... a thought. Can I refuse their terms with an email that states that if their email server accepts the message, they accept my terms? That sounds a lot like the arbitrary acceptance conditions that they put forth.

Re:How can you license a gift?

[WNight]

More than that even... If I'm in a mall and someone asks if I want them to send me a free sample of something in the mail, that free sample is a gift even though I asked for it...

Basically, unless you've already entered into an agreement with a company (like Columbia House, etc) to send you something in return for payment (even if at a later date), you can consider it a gift and keep it, even if they show up at the door asking for it.

There are a couple exceptions to this, for instance if they mail something to the wrong John Smith, or if they mail you something you said you wanted and they told you they'd bill you for it (at the same time as you asked for it.)

Re:How can you license a gift?

[WNight]

That's not paranoid at all, that just makes sense... They're sending a product that only has value to them if it can be tied to a person, no doubt they did their best to do so.

But, the scanner doesn't communicate back unless you use their software and this guy didn't install the software so they'll never see the serial number from his CueCat, let alone be able to match it to an ID.

Re:How can you license a gift?

[Spoing]

It was sent to me without any action on my part, other than being a subscriber to a magazine- that sounds like a gift to me.

I don't know the specific U.S. law, but I do rember a commercial a few years back from the U.S. Postal Service that showed an Eskimo opening a box with a fan in it. The announcer (off-screen) said "Did you know that if you recieve anything in the mail that you didn't order, you don't have to pay for it?" "Cool" said the Eskimo, as he smiled.

Re:How can you license a gift?

[Moe+Yerca]

Exactly. I got a CueCat in the mail from Wired. At first I was thinking, "What the hell is this?", but then I remembered all the hubbaloo on Slashdot. I figure if I never install their software and throw away any paperwork that came with the hardware without reading it I have accepted no license. I'm therefore free to do whatever the hell I want with the hardware until the bring a courier to my door forcing me to read the EULA. I have read no EULA. I intend to read no EULA. I didn't ask for a CueCat, the name isn't even printed on the device. Whoo hooo! Free stuff!

I think I'm going to start by putting barcodes on my cats. That way if I ever go blind I can tell them apart with a bar code reader and some nice text-to-speech software.

Any opinions expressed above come straight from the voices in my head. Don't shoot the messenger.

What Database?

[september]

There was no database involved, they were stroring info in plain text. ( a .txt file !) The only tools needed was Netscape (lynx would have worked as well...)

Postal Regulations vs. EULA

[elbuddha]

I received a CueCat in the mail. Apparently because I am a subscriber to Wired. I did not ask for the CueCat, did not order it, did not pay for it (yes I know its free anyway). Under US Postal Regulations, this item is now mine. It is not the property of D.C., they have not loaned, lent, nor licensed it to me. They can not ask for it back, they can not tell me what to do with it. It is mine, period. If they would like to claim differently, they can take the issue up with the Post Office, not me.

Re:Postal Regulations vs. EULA

[Sloppy]

Does the same apply to the numerous AOL CDs I received in unsolicited mail last year? Do I OWN the software on the CD? Can I do whatever I want with it?

Yes, it's yours to do with as you please, within the limits of the law. (i.e. Don't violate the copyright by copying the CD and giving the copy to someone else while keeping the original.) You are perfectly free to do things like install the software (without agreeing to any license), disassemble the software, or use it as a coaster.

---

Re:Postal Regulations vs. EULA

[cgadd]

I've heard it said that good access security should be based on "Something you have AND something you know".

Re:Postal Regulations vs. EULA

[TheTomcat]

Does the same apply to the numerous AOL CDs I received in unsolicited mail last year? Do I OWN the software on the CD? Can I do whatever I want with it?

Re:Postal Regulations vs. EULA

[grahamm]

Not in the same way. You own the physical AOL CD, and you can do almost anything (legal) you like with it. You can use it as a cofee mat, a frizbee, you can use it as a mirror.... etc. However, you do not own the software on the CD.

Cue:Cat is different as it is hardware, so as long as you do not try replicating it then you should be able to be able to do almost anything you choose with it.

Re:Postal Regulations vs. EULA

[Tower]

Can I hear an amen from the congregation? (slashgregation?)

--

Re:Postal Regulations vs. EULA

[TheTomcat]

Ah, but my understanding is that there's software IN the cuecat, same as there is software ON the AOL CD.

They didn't lie...

[september]

They did damage control. Otherwise, if securitywatch.com had sent the report first, it would have been worse.

Disagree With License?

[devnullkac]

So if I don't agree with the licensing terms for this unsolicited mailing, what can I do with it? I certainly can't break it into bits or burn it up. That would violate the "disassembly" clause. I can't even throw it in the trash since that would be an illegal "distribution" of the device.

What's a poor law-abiding consumer to do? I guess I'll just have to keep it in my closet.

Re:Disagree With License?

[(void*)]

No no no. That would allow the vermin in your closet access to the device, which you must protect with your life and limb, since it is not yours and is on loan. Yes. The only way is to plug it into your computer port and install the software now, little consumer droid.

You will submit.

Any clean Windows driver?

Has anyone cobbled together a Windows driver for the CueCat that just translates the output without initiating IP traffic to DC? I'm aware of Linux drivers, Java translators, yada, yada, yada...how about something native to Windows?

Re:Any clean Windows driver?

[SuperLiquidSex]

Yes they did, a visual basic translation, I didn't write it and I can't find it again, but I will be uploading it to http://rapturesoft.yi.org/matt pretty soon, like as soon as I get access to my home puters.

Re:Any clean Windows driver?

[BrK]

The VB5 CueCat decoder software is here: http://www.wizkid.org/

Re:Contraceptive Jelly

[hndrcks]

Yeah, they had cherry preserves, but it seemed a little late for that......

Companies Don't Have Inherrent Right To Profits

[Carnage4Life]

Repeat after me, no one is ripping off these companies. If some braindead MBA believes that selling stuff below cost in order to gain mindshare is a business plan, I am not obligated to satisfy his plans for me as a consumer by paying for a marked up service or accessory to something I got for free or below cost.

It strikes me that whenever a company comes out with something where they intend to make their profits from after-sale mechanisms, the first thing that people want to do is to try and avoid this.

I seem to remember one of the first things I was taught in Economics class being that consumers should be assumed as rational beings that will try their best to maximize their utility (i.e. consumer happiness) by paying as little as possible for a service. In my opinion a company that fails to factor in the lessons of ECON 101 while designing a business plan deserves to fail.

People like you who complain because consumers are not going along with a corporation's plan to sell them a marked up service or product shock me. I cannot for the life of me figure out why I should spend more than an item costs after other payments are factored in for the illusion of being given something for free. Anyone remember all those free PC companies that made you sign 3 year ISP contracts? Guess that means the PCs weren't so free, huh.

Question about loaned items..

[parasite]

I have a question maybe someone knows: on the back of lots of cards like .. credit cards, video rental cards.. other stuff there is a clause similar to this :cat device's. It says that they can tell you you must return it at anytime -- does anyone know if this has ever gone to court or anything where a credit card or other company sued to get the card back or something? I wonder about legal precedents concerning that..

Re:Question about loaned items..

[zakezuke]

I you honestly think that DC would even consider taking the time to ask for these devices back? Seriously they have at-least 2million floating around, another 5 million to give away.

Do you know how much time, bother, and effort it would take to get even 1 cuecat back from one person.

A person would have to send out a letter, or make a phone call asking for said device back. They must state the address and basic instructions on how to package the said cuecat. This is alot of bother for a sub $5.00 item.

Re: Toaster EULA

[SpyceQube]

Except, on the Dwarf, Talkie would not wait five minutes before asking if you wanted hot scrummy toast again.

I'd hate to see the EULA for Peterson's AI shoes.

Re:Um, Okay.

[homebru]

In magazines in the past, I can remember seeing advertisements from companies nobody ever heard of, offering really low-priced, desirable knick-knacks.

"How can they sell those genuine stainless steel, bone-handled pocket knives for only $1.50 each?", we asked each other.

Because they wanted to collect names and addresses which would later be sold as a database of folk who were known to buy via mail-order. And the mailing list could be sold over and over and over again, more than making up the cost of the "genuine...".

What do you think DC intends to do with those addresses? Mail you your coupon and then wipe the file off of their disk?

Companies exist to make a profit

[flatpack]

In fact, they're legally obliged to. And the idea of a loss leader is hardly a new one after all, there is a hell of a lot of hardware out there designed to pull in after-sales business rather than make money from the initial sale.

I seem to remember one of the first things I was taught in Economics class being that consumers should be assumed as rational beings that will try their best to maximize their utility (i.e. consumer happiness) by paying as little as possible for a service. In my opinion a company that fails to factor in the lessons of ECON 101 while designing a business plan deserves to fail.

But this fails to take into consideration the fact that in the long-term this kind of selfish behaviour can only lead to a loss of utility as cash-starved companies are forced to reduce services thanks to the actions of a few people whose greed outweighs their rationality.

Re:Companies exist to make a profit

[Karmageddon]

you cannot claim that econ 101 fails to take into account "greedy self interest": the premises explicitly include self-interest where more-is-better. The same self-interest and greed that bring socialism to its knees, econ101 says "hey, we can harness this for the good of all". It is a lame business plan indeed that fails to take it into account.

Re:Companies exist to make a profit

Actually, capitalist economics takes fully into account that people act in entirely selfish ways. Selfishness on the parts of both seller and buyer is the engine that drives the law of supply and demand. The seller will try to maximize profit, the buyer will try to minimize cost and it is to the intersection of these two graphs that the actual price will converge (assuming a truly free market, of course.)

Business is a form of jungle. Darwinism functions quite well in the business world. And if DC can't figure out the rules and how to become just a bit more fit, they'll go extinct.

Re:Spot the difference. Is it legal?

[Sloppy]

What you buy a piece of software, you are buying a license to use that software.

No. Software isn't any different than a book. When you buy a book, you own the book. When you buy software, you own the software. (Note that in both cases, you're just buying the item, not the copyright, so IP rights are still preserved.) You can tear the pages out of a book and make paper airplanes, and you can disassemble software.

The only time you buy a license is when the purchase of that license is explicitly made a part of the sale. (For example, when people buy custom software from my employer, I think they sign a license at the same time that they hand over the check, although I don't work on that side of the biz, so I'm not sure if this is still done.)

Or if the license grants you additional rights that you otherwise would not have under copyright law, then you might decide to agree to the license in order to take advantage of those additional rights. For example, you normally can't give away copies of copyrighted works, but some software comes with the offer of a special licence (e.g. GPL) that will grant that right (with some restrictions) to people who agree to its terms.

---

Hmm - ideas, ideas...

[Malevolent]

Hmm, this gives me an evil idea!

If I were [theoretically of course!] to crack into a database and obtain e-mail address data, it wouldn't take much effort to then mail out everyone whose addresses I had obtained saying "We're sorry - our database got cracked. Send us your credit card details and we'll give you a $10 refund straight to your card for the inconvience!". =)

Put in a genuine looking "From:" address, and a temporarily set-up "Reply-to:" address, and wait for those CCs to come rolling in =) I'm sure there are enough people out their who would happily fall for such a scam!

Can anyone else confirm this for me?

[Oliver+Wendell+Jones]

I registered my CueCat at work and at home. At work, I got the e-mail this morning addressed to me and to someone else where I work.

If the whole idea behind the message was to apologize for accidentally releasing our e-mail addresses, does it make sense to mail it out to people and include OTHER PEOPLE'S e-mail addresses?

Did anyone else have multiple TO: names in their e-mail from CueCat?

Changing EULA after-the-fact?

[Kevin+DeGraaf]

IANAL, but can they change the EULA so radically after thousands (millions?) of CueCats have been distributed? I got mine from rat shack a number of weeks ago, and immediately destroyed the CRQ CD. Now they're trying to bind me with a contract I didn't agree to? I'm going to disassemble my CueCat right now...

Don't confuse ethics with legalities

[henley]

You're making a statement of ethics here, and it's important to recognise this.

The legalities of the situation are totally different; the right to reverse-engineer and adapt technology is well-established (if under attack in the US via the DMCA...). Let's be clear: hacking TiVO or CueCat is totally legal.

Now, to address the ethical side of this question, yes every business's first goal is to make money. And if you feel sorry for these poor companies having their income stolen from underneath them, then that's fine.. I don't have a problem with that.

However, personally, my own feelings are of mild contempt for the businesses concerned.. It smacks of incompetence to build an entire business around people's goodwill in not using their legal rights to reverse engineer your profit-stream..er...technology, without understanding what the impacts are.

In the CueCat case, they've taken some ever-so-slightly warmed-over technology (barcodes + scanners; available since the early '80s), wrapped some "encryption" around it, and expect to charge a great deal of money for providing what is effectively a referral service. Personally I'd have thought that it would have been cheaper for these guys to do a mass-market cheap implementation of same on the existing universal bar-codes; substituting quantity for quality with no hardware overheads... That's a business model I can see working, and people getting behind - think "hotmail" here...

What if...

[oni]

Oh shit, I broke it.
Sorry guys. How much do I owe you?

Let them make an honest profit

[Sloppy]

Ah, you think that the long-term effect of this is that we will cross over the transition from having a free lunch, to not having a free lunch? There never was a free lunch! They're not going to "reduce services", they're just going to make costs more explicitly spelled-out up front.

If you get one of these CueCats and use their software, then it isn't free. They are getting information about you (which has value) and probably selling that information to someone, or selling targeted adspace (which has value) to companies that want to advertise things related to whatever you scanned. Whenever someone pays Digital Convergence for an ad, that money doesn't come out of thin air -- it comes out of the sale price that you pay when you buy that item.

Any time someone pretends to give you something for free, it is almost certainly an attempt to decieve you. Taking advantage of them is a Good Thing, since it punishes lies and hidden costs. The especially nice thing is that if they don't try to trick you and actually put the costs up front where the customer can see them, then no one can take advantage of them, and fair market forces decide their fate.

---

Federal Trade Commission holding hearings

[Animats]

On October 26-27, the FTC will hold public hearings in Washington on "click-wrap licenses", software warranties, and related issues. If you're in Washington, go.

A previous Slashdot article of a few weeks ago encouraged people to submit comments for that proceeding. Some of those comments are online at the FTC site. (The FTC staff tell me all the comments should be up shortly.)

Re:Licence a piece of hardware? (OT)

[Elgon]

When selling property, rules are clearly defined. Once the sale takes place, no other contracts could be in force. This is because the new owner has the sole right and responsibility for that sold item. The seller has no rights, responsibilities, implied or otherwise, once he/she has received payment at the agreed price.
End of story.

Hmm, go tell that to the various parts of the firearms industry currently having their asses sued off by various misguided, politically correct etc... etc... cities.

Elgon

Disclaimer - I make no apologies for my views on firearms. I have been a responsible fireams user since the age of 13. All forms of armed violence, except in reasonable self-defence, defence of the law or the defence of others in danger, are wrong.

Who really needs a bar code reader in their home?

[BlueCoder]

And if you really wanted to read bar codes why not just write software to scan a picture from a quickcam? Or heck why not just type the numbers on the bar code label?

Nobody's going to care anymore

[British]

I am just imagining scared housewifes standing on a chair trying to beat down a CueCat on the floor with a broom.

Seriously, how much bickering is there going to be about all these litttle details on an inanimate object? I don't think people are going to take software agreements seriously anymore with all this BS going on. I haven't even hooked up my cuecat, and I could care less about it's agreement on the software I won't be installing. I'm not really afraid of any acronyms in this situation.

Why not write a Cue:Cat driver for Windows?

[CharlieDee]

Ok I know the dogma here, Linux is great and Windows sucks, but most people still use some form of Windows at home. If the hardware hack is so easy, why don't we just write a piece of code for Windows that will translate the output of the Cue:Cat into plain text. Regular folks who receive a "free gift" of a Cue:Cat reader in the mail could then perfectly legally throw away everything but the device itself and download our code to scan books or video tapes or groceries or anything they want. There would be no fear of personal information going back to any server because it would be a very simple hardware translator that acts like a keyboard. We could even write the code as open source and let people compile it themselves if they like. Pick the language of your choice to implement it in. If someone has already done this, please let me know. Thanks.

Privacy Laws!!!

[hengist]

It seems to me that the USA really needs some good privacy laws. In New Zealand, when personal information is collected, you must be informed for what it is to be used for, and it is illegal to use that information for any other purpose. Bascially, it means that information about yourself is your personal property, and cannot be used or divulged by anyone else without your permission. This has several side effects:

- a few years ago, the university I work for used to publish in the local newspaper what papers each student passed. This became illegal under the Privacy Act.

- we cannot display on notice boards student assessment marks next to their names - we can only use their ID numbers

- we have the right to have our name and number removed from the public phone listings

- we have the right to demand that any business or ministry turn over to us a copy of all data held by them

- we have the right to have erroneous data corrected so far as it pertains to us as individuals

- a company can't have you register for a product, then turn that data over to another company without your permission - no spammers buying e-mail lists!

I think the USA should start looking at getting some similar laws, it might fix a lot of the problems they seem to be having.

Re:Um, Okay.

[macro]

Okay, I won't pretend that statement makes any recognizable sense, but I'd like to read the article that it ALLUDES to. Cracked? When? How? By whom? I'd like to read an article about it, not a passing mention. Where's the story?

So there is a story:
http://www.digitalconvergence.com /news/index.html

New EULA

...you will notify Digital:Convergence of any information derived from reverse engineering or such other activities...

Well, so far I've determined that the people at Digital Convergence are pricks. Does that count?
Guess I better go notify them.

DC Isn't interested in "intellectual property"

[MagicHack]

The whole reason it seems for this "encryption" is that DC really doesn't want people to use all those free Cue Cat readers with someone elses web site and setting up deals with other Vendors. The encryption was the charade they use to create something enforceable. IF they sent out readers that just read say plain UPC codes or Code39 codes. Anyone could have easily created alternative uses and they couldn't have stopped it. So they tried adding something artificially "unique".

Spot the difference. Is it legal?

[barracg8]

The key change in the license agreement would seem to me, to be that this:

• Except as expressly permitted in this License, you may not decompile, reverse engineer, disassemble, modify, rent, lease, loan, sublicense, distribute or create derivative works based upon the :C.R.Q. Software in whole or part or transmit the :C.R.Q. Software over a network or from one computer to another.

Has been changed to this:

• Except as expressly permitted in this License, you may not decompile, reverse engineer, disassemble, modify, rent, lease, loan, sublicense, distribute or create derivative works based upon the :CRQ software or :CueCat reader in whole or part or transmit the :CRQ software over a network or from one computer to another.

They clearly thought that anybody wanting to reverse engineer their scanners would have to disassemble their software, so they thought that they could prevent this with the software licence agreement. They clearly didn't realize that by using such a braindead-simple protocol, people could reverse engineer the protocol just from the hardware, so they have extended the EULA to cover reverse engineering from the CueCat itself.

But how can this be legal? What you buy a piece of software, you are buying a license to use that software. When you buy ( /are given ) a piece of hardware you own it. You can do what you like with it. You have the right to sell it to someone else, and DC have no contract with that person.

This cannot be enforcable.

Re:Spot the difference. Is it legal?

[barracg8]

• That the encryption is weak or it is encrypted makes no difference.

IANAL, but I think it does.

Imagine I make a keyboard that encrypts the text you type, and provide special Windows drivers to decrypt the text, and wrap the drivers up in an EULA that makes you promise you will not be naughty and reverse engineer anything.

If you disassemble my software and reverse engineer my code, then I can probably prevent the distribution of any drivers based on your work. It is not a case of me owning the text you typed, but owning the IP over the driver that I wrote (and that your driver is a derivative work of). However, if my encryption is weak, and you can reverse engineer just from experimenting with the hardware, then you do not break my EULA (which only covers the software), and I cannot prevent you from distributing your drivers.

cheers,
G

Re:Spot the difference. Is it legal?

[(void*)]

Yes. But putting aside the issue of who owns the CueCat, their license doesn't even makes sense. The entire purpose of a barcode reader is to scan barcodes and spit out characters into the input stream. Exactly like the entire purpose of keyboard is to detect keypressed and spit out the characters to the underlying software.

Pursuing the analogy further, does having a MS keyboard mean that the code I type belongs to MS now? It is my effort, my code, my computer. Even if MS wraps a license around the keyboard, they can not be allowed to extend that license to my ownership of other things. In exactly the same manner, if I use the cuecat to catalog the books I own, the books are mine. the database software is mine (or some other company's) The barcodes are on the book - they are public. The ISBN is not a proprietry system. Which part of the whole thing does cuecat own? Nothing.

That the encryption is weak or it is encrypted makes no difference. I could use it to generate pseudorandom numbers. Does it mean that CueCat owns the random numbers now?

You greedy nerds!

[ConceptJunkie]

You're right! Individuals are exercising more and more power over companies. It's getting out of control and is completely contrary to the American way of life. People are unfairly exercising their rights to think and use technology to abuse poor companies that have no recourse when faced with the power of a motivated hacker and such unscrupulous tools as Linux.

One of the problems with capitalism and technology is that individuals often become so powerful that their influence over honest hard-working companies becomes so great that they can start to take advantage of them. This is where the federal government can step in to protect the rights of these poor companies that are just trying to mind their own business and make a buck.

People might complain that these companies need to exercise a little more judgement when they come up with their business plans, but let's face, even the most careful companies can fall victim to ruthless individuals utilizing their technology to take unfair advantage of them.

It's time people stood up for the rights of victimized corporations! Write your Congresspeople so they can pass laws to protect those poor companies who cannot protect themselves.

If we don't stand up for the big companies, who will?

This is not new

[sethg]

See this comment for a link to the more-restrictive EULA that was posted about two weks ago.
--

CueCat Business Model

[bobhope]

As other people have stated...

I was at radio shack picking up some various little things and they ASKED me if I had a "cat". I said "A cuecat?"
they said "Wow, He knows what one is."
They proceeded to hand me one. I never agreed to anything. There is no agreement even on the package. They just handed me a chunk of hardware. They never even said what I was supposed to do with it.

Any Business model that involves handing out the hardware and relying completely on service charges should have a more secure method.

Re:What can I do with my Cue Cat?

[(void*)]

Yes.

Java CueCat App

[guinsu]

Well, last week I threw together a Java based CueCat decoder/web page finder. Its at http://www.timpatton.com/jcat. It just needs java 1.2 or better. I guess I will sit around and wait for my subpoena. :)

Re:Um, Okay.

[wcb4]

I registered their software (using an email account that is about to go the way of the dodo) and I did get their email. This is not another case of the MS email tracking hoax, just for the hell of it, I went over to DC's site, following the link provided, to their secure server, and was rpesented with an apportunity to enter my address so that they scould send me a $10 coupon for Radio Shack. It is real. However, since they now want more personal information from me (the original software asked for name and email, not they want address as well) I did not bother to fill it out, but for those who will, DC now has their name, email address and snail mail address. considering that the average consumer who signed up for this won't think along these lines, DC has amde a wonderful $10 investment to get the name/address/email and buying habits of that person. I don't think the $10 is a hoax, I think that maybe the hack was a hoax. They could not have planned it better if they tried.


I think....therefore I am

I call bullshit.

QUOTE:

"Please read the following license agreement carefully before using this software or hardware as you are agreeing to be bound by the following terms and conditions of this license. You agree to the terms and conditions of this license by performing ANY OF THE FOLLOWING ACTIONS: (1) using the :CRQ software; (2) using the :CueCat reader (3) pressing the "agree" button below; OR (4) printing out a copy of the agreement, signing the agreement and returning a copy to Digital:Convergence(TM). If you do not agree to the terms and conditions of this license, do not press the "agree" button or engage in any of the foregoing acts."

Hmm.

So here is what we have got here... a "legal" (read as "clickthrough", "shrinkwrap") agreement that tries to be as binding as if it were signed and returned to D:C. I wonder how many seconds this will hold up in court when challenged. The fact of the matter is is that when they give me hardware, it is now MY hardware, and if they think that I have to use their software, then they are stuffed. Also, is it possible to open the package and use their damn barcode reader WITHOUT viewing any portion of the license at all? Of course. However, D:C wants to bind you to their terms even if you don't ever even take a glance at their terms.

D:C is one of those companies that will be throttled by their own license and slowly fade away. Thank god.

Oh, I was about to post this, and lookee what else I found, buried in an unindented block of legalese:

QUOTE:

"The :CueCat reader is only on loan to you from Digital:Convergence and may be recalled at any time."

They need to realize that when they put hardware into my hands that it is MY hardware. If they want me to sign a contract with them (not the crap faux contract they try to bind you to in the first place), I will happily do so, but as long as they try to stiffarm me into forking over all my data, I'll just use the cracked software.

Oh, yea, I want to see someone ballsy enough to actually print out that agreement, cross out everything that they don't agree with, and fax it to them. :)

inquis, posting anonymously 'cause he's too lazy to go get his password.

nonsense

[nels_tomlinson]

If a company tries this kind of thing, it has two choices: a contract, signed by both parties and enforceable in court, or to simply accept that some of the items it gives away won't produce any revenue.

I think that the reason we're seeing so much angst over these business models is that these "giveaways" are presented as free; they aren't, as you have so eloquently argued. The actual intent is to trick the unwary into giving away something of greater value for something of lesser value. The old "new lamps for old" scam.
If some one wants to make such a deal, knowing what he's getting into, fine. If CluelessCat wants to trick the gullible, I don't think that is fine at all.

Every time one of these companies sets their "rules", and finds that people who never knowingly agreed to them don't follow them, we can only laugh. If new technology comes out with restrictive legislation, it'll be because you didn't contact your congress-critters early and often.

Nels

Hee Hee!

[Greyfox]

They've got a line for "Your Signature" and they want you to fax it back.

Being... well... Evil, it occured to me that you could pop out to Radio Shak, pick up one of these, open the box, disagree with the EULA and send it back to Digital Convergence. Think a couple'a hundred thousand of their silly felines in the mail might make a point?

Of course, if I were looking for a laser scanner, I'd have much more faith in the Intermec hardware I can get, and it dumps staight ASCII and is much more stylish.

Re:Hee Hee!

[puppet10]

I thought of the same thing I think everyone reading should join a mass CueCat protest by mailing their CueCat (and as many as they can pick up) back to Digital Convergance POSTAGE DUE.

Maybe that will be enough of a clue-by-four to make them stop their ridiculous scary lawyer letters.

Don't put down the protocol!

[Coward+Anonymous]

If a protocol is simple and it peforms its task well, then it is indeed a good protocol.
Look at HTTP, it's its childish simplicity that made it the dominant web protocol.
I'm not familiar with the CueCat protocol but I do take issue with that condescending tone about 'childish protocols'. You may not like the company and its tactics but don't put down simple protocols. They are what make the internet and many other electronic gadgets tick.

RE: Toaster EULA

[Defraggle]

TT: Hey! Would you like some toast?

TT: NO.

TT: Ok.....

(five mins later)

TT: Hey! Would you like some toast?

Me: NO!!!!!!

TT: Your toast will be ready in a jiffy buddy!

Me: I DON'T WANT ANY FRAGGING TOAST!!!

TT: What's wrong, you agreed to get toast at least four times a day

Me: I did no such thing you dammed devil box!

TT: I'm sorry buddy but it says right here in the EULA..

TT: *Prints out 18 page fine print document*

TT: "By saying no two times in succession you
agree to eat at least five pieces of toast

Me: *BANG* (Voids warranty on Talky Toaster)


Defraggle
Head monkey
Dynamic League of discord POEE Cabal "Monkey"

Shrink-wrap license.

[Bilbo]

That's what a "shrink-wrap" license is -- As soon as you break the "shrink-wrap" around the box, you've effectively agreed to the license, even though you haven't had a chance to see it yet!

Works just like the Windows license...

--

Re:Shrink-wrap license.

[Anomie-ous+Cow-ard]

On my copy of the cuecat, there was an EULA notice: "By using this software..." it said on the CD package. "Cool!" i thought, as i threw the CD aside. "There's no restriction on the hardware, which Radio Shack gave me for free!"

-----

My thoughts exactly. They're CONFIRMING their spam

[Sleepy]

Anyone who believes these liars is a fool. Sure, validate their account details on you for $10 credit if you like - it may be a fair sale to some.

Just don't for a minute believe they were hacked. Oh, they're using NT servers so I'm supposed to believe their "our IT is incompitent" line. :)

This sounds too vague to be legit. Offering $10 to end users for SELLING their details is one thing - at least that is honest. This little scam makes them no different than the spammers who put "reply to unsubscribe" in their email (in order to verify an address to sell it at a higher rate).

Besides, the Linux software is better than the Windows version. :)

Re:Um, Okay.

[Sinistar2k]

Here's the message:

Dear :CueCat member, We've been alerted to a security breach in our system that may have exposed certain members' names and email addresses. As one of the members who may be susceptible, we want to explain to you how you may be affected and what we are doing to rectify the situation.

Digital:Convergence has secured the site and is conducting a thorough security examination to ensure the safety of its information.

As a result of this breach, unauthorized third parties may have been able to gather your name and email address. You may receive unsolicited emails (a.k.a. spam) from unrecognized sources. If you do not recognize the source, please delete the email immediately. You can also go to www.cauce.org, which provides information on spam and spam-blocking software programs that will prevent unwanted emails from reaching your desktop.

In light of these developments, we would like to give you a $10 gift certificate to RadioShack. If you are interested in receiving this certificate, please fill out a short form on www.crq.com/rs.html and we will mail it to you.

Digital:Convergence values our members and reiterates our commitment not to share your personal identifying information with third parties. We regret any inconvenience you may experience. We have fixed the problem and are taking extra precautionary steps to ensure it won't happen again.

Satisfied?

I checked out the page to register for the $10 coupon, but, of course, it requires all the information I lied about to them the first time around.

What can I do with my Cue Cat?

[whuppy]

Should I just throw it out now and avoid the hassle, or can it do something useful?
--

Re: Toaster EULA

[Felinoid]

Ahh but the EULA dosn't apply becouse the toaster said no the first time not the user :)

(Ops)
Hay wait.. you just violated the EULA on the gun... you shot a non-living talking object...
It's only supposto be used on a living item....
*BANG* Ok now that was within the EULA *THUD*

you don't need a kernel driver

[ArchieBunker]

Mine works fine using perl scripts under win32. It just sends keyboard esc codes, why should a kernel driver be needed?

Well, Here's what I did..

[angelo]

I unplugged my cat and tossed it on my bed. When I realised my (falsified) data was not safe, I deceded to abandon ship. They offer a gift cert of $10 to the shack, but the last time I needed to go there was about 3 years ago.

Power of the Geek Community?

[Phil+Wherry]

I've watched this story unfold with interest, because it really represents a pretty stark contrast with the way that a company like TiVo is handling the hacker community. TiVo's taken the attitude, "hack away, but don't break our revenue model." Digital Convergence seems to believe that legal blustering is the path to success.

I can't help but wonder: has Digital Convergence stopped to think about the early adopters who really drive the spread of new technology? Since the benefits of their scanner aren't immediately obvious, I think that Digital Convergence, whether they realize it or not, is dependent on these early adopters. And these are the very same people that are (1) going to find out about the license shenanigans and legal blustering and (2) be really irritated by it.

The saying, "don't bite the hand that feeds you" comes to mind. I think Digital Convergence is about to learn what happens when you ignore this sage advice.

Phil

Gack another grammatico

[SurfsUp]

Anyone who used DCs CueCat software has had their software has had their information stolen from the DC servers!

Humble suggestion: make it a policy that Slashdot editors should preview their posts, and even consider doing this yourself.
--

Sorry

[mindstrm]

Shrink-wrap license on material goods? I think not. You don't 'license' goods, you buy them (or are given them for free).

Patents

[interiot]

It sounds like their EULA is trying to be as broad and as protective as a patent would be. If so, why don't they just rely on their patent? (hint: maybe because it doesn't cover the CueCat?)

Patents are given only if the creator can show that the invention is novel enough, after which, the inventor is given a limited-time monopoly.

If DC can't get a patent that specifically covers the CueCat, then they shouldn't be able to arbitrarily upgrade their protection to the level of a patent. If they were able to, then there would be no reason for the patent review office. The kind of protection they're seeking is only given to products that do something in a non-obvious and novel way.
--

I OWN my Cue Cat

[Trailer+Trash]

It probably doesn't help DC's case that Radio Shack's latest commercial (the one where Howie brags on their new in-store Microsoft center) mentions at the end that they'll give you a free cuecat scanner when you stop in and ask.

I'm waiting for the wording to be changed to "We'll loan you a cuecat scanner"...

Michael

P.S. Too bad I didn't register.

Digitalconvergence.com Patent

[Pictling]

If anyone is interested, you can find the one and only Digitalconvergence.com patent here. The patent number is 6098106 and it was issued August 1, 2000. It covers using sound to link to a web site. IANAL, but it doesn't look like it covers bar codes.

As for bar codes, they really don't encode much information. The first part of the number is the company producing the product, and the last part is a unique identifier for the specific product (a green widget would have a different identifier than a red one). So really it's just a pointer or index that links into a database elsewhere. Forget any hopes of scanning your CD's and getting a song list from the barcode, unless you link it to a database that contains what you're looking for.

Changes in EULA

[mfdii]

Just to say that I may be bound by there old EULA (which i am not because i didn't install CRQ), would i be bound by the new one? My CueCat came with the old one. I never knew of this revision when I plugged in my cat. Which god do i bow to?

Shampoo

[big.ears]

What if the instructions with every light bulb said "please discard this bulb after 2 weeks and buy another", but the light bulb really lasts for months? Would you suggest that we should all follow the company's rules on light bulbs so that the company can make extra money?

Ever read your shampoo bottle: "Lather, Rinse Repeat. Rumor has it that, as we argue here, Prell is hiring lawyers to stop people from circumventing their instructions.

Mine too.

[sulli]

That is exactly what happened to me. As long as I don't run the software, I can do whatever the fuck I want with it. Sorry, :::::::whoever you are, Wired or DC, too bad.

sulli