Slashdot Mirror
Digital Convergence Changes EULA, and Gets Cracked
mfdii writes "Apparently Digital Convergence has changed their EULA. This EULA has been modified to include the CueCat reader in an attempt to shutdown those tinkering with their cats. The old EULA can be seen here."
Meanwhile a dozen or so really excellent programs utilize the childishly simple protocol (or, if you're DC, their "Intellectual Property")... and as if that isn't enough, apparently their service was cracked. Anyone who used DCs CueCat software has had their information stolen from the DC servers! This comes from an e-mail being sent in by zillions of people warning them (and also apologizing by giving a $10 gift certificate).
When will companies start being held legally accountable for these types of inexcusable security oversights?
Where the hell do they get off throwing lawyers at innocent people for violating their "property" and then making no effort what so ever to protect my property (specifically, my personal information)?
How about if I make DC sign an EULA that says "if you lose positive control of this information (last name, first name, address) then you owe me $10K for every piece of junk mail I get as a result"
Did anyone besides me notice the fact that in order to get your 'free' $10 RadShack gift certificate, you have to go to the DC site and provide them with your NAME, ADDRESS, ETC, far more personal information than they orginally asked for...
Think about it, the reason they are offering the free certificate is BECAUSE SOMEONE CRACKED THEIR SYSTEM AND STOLE OUR PERSONAL INFO... and now they want us to go back and GIVE THEM MORE?
Huh? I never made the connection....
A computer once beat me at chess, but it was no match for me at kick boxing -- Emo Phillips
sulli
sulli
RTFJ.
Your understanding is wrong. The issue with Digital Convergence here is that they WANT you to use their software, and by using your own software with the Cuecat you're infringing on their IP (or so they claim). It's the hardware that they have an issue with.
I have a cuecat. It was handed to me at radio shack with no mention of a license agreement, and in fact, the salesman said they were "giving them away for free". I have not installed the software, or even taken the software out of its sleeve. I wrote a javascript decoder for it. I can just as easily write the decoder without having a cuecat, so I want to tell digital convergence i do not accept their EULA. How does one officially do this? Mail it back? Take it back to the RS I got it at?
Their registration "database" was actually a plain text file published on their webserver! No hacking involved. Just type a URL into netscape, and viola, there's the "database." Digital Convergence isn't staffed by geniuses.
---- ----
Napster-to-go says "Fill and refill your compatible MP3 player", which is a lie. It's not MP3. It's WMA with DRM.
No, they were really cracked. I've seen the data. It was posted to a publically accessable web server for quite some time.
/. posts it on monday)
DC submitted their press release on the issue at 10pm friday night, probably in hopes that nobody would care about it by monday. (Tried and true technique, release bad news friday night and it has less impact. Unless nobody hears about it until
I read their press release on Yahoo's news site saturday. It's probably not there anymore, news gets turned over pretty quickly.
The $10 certificate is probably their way of saying "Please don't sue us for mishandling all that information you gave us."
This is just like television, only you can see much further.
Yeah, I know, gotta get linux. Working on it.
sulli
sulli
RTFJ.
You're absolutely correct. Any unsolicited merchandise you recieve is yours to keep without charge to do with what you will.
Here is the Postal Service guide to preventing mail fraud in PDF format (it doesn't say much about this other than anything sent to you unsolicited is yours to keep).
-------- This space intentionally left blank --------
I don't even know what that agreement is for, or what it would give me if I agreed to it, but since I don't have one of their cheap scanners, I can be bound to it by pressing the 'Agree' button.
So where's the 'Agree' button?
Also, my name is not "Your Signature". Sorry, try again... Could they at least have you fill out a form to generate something official-looking with the right name on it? Sheesh.
---
pb Reply or e-mail; don't vaguely moderate.
pb Reply or e-mail; don't vaguely moderate.
The CueCat is the product of what might just be the dumbest startup ever. I'm not sure who's going to be made to suffer for the error: the engineers or the investors.
The thing spits out whatever barcode it reads, massaged for easy merging into a URL by a logical XOR on the number 67 followed by a pass of Base64 encoding, not unlike what happens when you attach a file to e-mail. In nontechnical terms, this is "encryption" weaker than passing something through a Flash Gordon decoder ring, then passing the result through a Lone Ranger decoder ring.
The "intellectual property" Digital Convergence is trying to protect can be expressed in 3 lines of very basic Perl or a flowchart sketched inside a matchbook. I wish them luck.
As a result, I've seen a quickie book database someone slapped together: it grabs the ISBN and fetches book info from Amazon. Anonymously. Without having to pass a thing to Digital Convergence, makers of the scanner, and without passing a cookie or any other form of ID to Amazon. I've never been consumed with an urge to catalog my books or CDs on my computer, but the CueCat makes it surprisingly convenient. It took me about ten minutes to feed in about 60 books. The ones without barcodes are still a problem, but this certainly takes much of the bite out of the process. Nearly all CDs, on the other hand, have barcodes.
Another little perl script floating around lets you scan anything the Digital Convergence folks have catalogued on their servers groceries, radio shack catalog items, magazine articles) and jump to the product's site or web page.. again without passing so much as a user ID or cookie to them. The servers are wide open and will return the product URL for a given barcode regardless of whether or not you're a registered, cookied user of their official software. Whoops!
Since it's easy to distinguish between the barcodes on books, CDs and grocery items, the same three lines of perl could be used as the basis for a five-line program to put products in a shopping cart on your favorite web grocery store, again without involving the CueCat folks.
You'd think in the four years this was in development someone would have wondered why no other company had ever tried to build a tight marketing database around cheap barcode scanners given away at a loss.
It's not because it hasn't occurred to thousands of entrepreneurs since cheap barcode wands first appeared 15 or so years ago. It's because until the dunderheads behind the CueCat came along, all the other peopole who had the same dream realized that even a kinda-sorta lockable barcode scanner would cost too much to give away for free. And then with that Big Idea out of the way they went and did something productive, like wash some dishes or eat a Popsicle.
So simple, so early-80s is the CueCat's design that those Linux drivers probably took someone half an hour to write while watching TV and feeding the dog. Especially given the dozen or so little shell scripts and perl programs that have since popped up, all of them ramshackle "baby's first program"-caliber triumphs. I can't wait to see what online music, grocery and book stores do with this.
If any license agreement short of requiring a signature before receiving a security-free scanner like this holds up in court, it would open the way for hand-tool makers to require people to buy separate "screwdrivers" and "paint-can openers".
I wonder if Digital Convergence is publicly held.
InterNet News Radio ran an interview with me this morning about the CueCat. I have it mirrored
here. It runs today, Sept 18, 2000, so you'll have to look for it in their archives starting tomorrow. However, I'll keep the mirror at my site.
---- ----
Napster-to-go says "Fill and refill your compatible MP3 player", which is a lie. It's not MP3. It's WMA with DRM.
For example, if the software contains an EULA saying "you may not reverse-engineer this software", and you never accept the EULA, then you have every right to reverse-engineer the software.
However, you don't have the right to burn copies of the CD and pass them out (except of course as permitted by "fair use"), because even without accepting an EULA, you are still bound by copyright law. (By the same token, if you get a copy of Newsweek in the mail, you can give it to a friend, but you can't distribute a zillion copies of the articles in it -- you own the physical magazine, but Newsweek's publisher owns the copyright.
Getting back to the CueCat: Whether or not you've consented to the ULA, the firmware inside the CueCat is protected by copyright law, and you can't, say, download the object code and then burn it onto chips at your own bar-code-reader factory. However, reverse engineering is not forbidden by copyright law, so if you don't consent to the ULA, you can reverse-engineer the CueCat protocol.
IANAL, of course, and I am ignoring the whole question about whether shrink-wrap licenses are ever enforceable.
--
send all spam to theotherwhitemeat@ropine.com
It's kinda the same thing. I don't own the software on the the CC's microcontroller, but I do own the hardware (I have a reciept), so I can, say, take it apart, or analyze it's output, without ever caring about the software burned into it's ROM.
Of course, assuming I *did* want to read the uC's ROM, I prolly wouldn't be able to. Many microcontrollers are read-protected so people can't look at the ROM.
--K
---
I'm not talking about the software on the CD or floppy. I'm talking about the software withing the cuecat that turns a bunch of lines into a bunch of alphanumerics.
Except for emulation, the same goes for the PC software. DigitalConvergence can't protect against emulation unless they get a patent on some crucial part of the decoding process.
--
IIRC, most EULAs allow the software maker (but not the user) to change the terms of the license, subject to agreement by only one of the two parties. So, the company lawyer says, "Sure, I agree to that change," and there you go: the EULA has changed, and you are still bound by it.
Of course, this assumes that click-/shrink-wrap licenses are binding, which will become law when UCITA gets passed. (And don't fret, it will, just like the DMCA did. You don't have enough money to brib... er, donate to your elected representatives.)
"I came here to kick ass and chew bubblegum. I'm all out of bubblegum." MSE USC APX AIA CSI CASp
I think the point is to appear to be the good guys on this issue. Yes they don't have a clue with their business plan, but they'll point to the "hacking" community as the reason their business failed, not to that plan. If people take the high road then I think they would be left naked with a crappy business plan and no one to blame but themselves.
In Soviet Russia...michael would be rotting in Siberia!
This cable is supposed to capture special bookmarks embedded within TV ads and forward you to the web site of their choice. It saves a lot of hassle, because you no longer have to type in "http://www.forbes.com" just to order an official :Forbes :Magazine :Golf :Shirt. Surely, this is also part of their :Intellectual :Property and took up some of their five years of engineering and development.
Why aren't they coming after people who are reverse engineering the :Convergence :Cable, those who circumvent their EULA by using it to make .ogg files out of their ":South :Park" video tape collection? Maybe somebody should put up a "How to :Reverse :Engineer the :Convergence :Cable" :web :site.
Could someone please tell me what the difference is between the :Cue :Cat and the :Convergence :Cable?
check out the cuecat.com webpage by digital convergence:
they say: "We've made it super easy to get your new :CRQ system, including the :CueCat reader, absolutely FREE"
Even Digital Convergence's own page says "Digital:Convergence will distribute more than 10 million of its new :CueCat(TM) devices and :CRQ(TM) software free to consumers by the end of this year."
Even more interesting is who runs Digital Convergence (see link above): "The company's management team includes a roster of industry veterans from Time Warner, AT&T, GE, ING Barings and Disney."
It would seem that they're not idiots. They're just dumb
-V
Don't know why this was marked as a troll, but anyways... For confirmation:
N =669719818&CONTEXT=969293000.49807373&hitn um=59
.txt file globally readable via http:.
http://x64.deja.com/=dnc/[ST_rn=ps]/getdoc.xp?A
The site was not "cracked". They simply left the registration file as a plain
-- Don't Tase me, bro!
Ahh, I see what you mean. I guess they need to put the EULA inside the microcode on the Cuecat in the next revision? ;)
Nobody viewed, copied, reverse engineered, or emulated any part of the firmware in the CueCat, so there couldn't be a problem with that.
--
Here is the Postal Service guide to preventing mail fraud in PDF format
Funny, my mail fraud is all on paper. I haven't seen any "make money fast" schemes in PDF format.
;-)
--
Friends don't let friends misuse the subjunctive.
To start - what DC is trying to create is a bailment. A bailment is A delivery of goods or personal property, by one person (bailor) to another (bailee), in trust for execution of a special object upon or in relation to such goods, beneficial either to the bailor or bailee or both, and upon a contract, express or implied, to perform the trust and carry out such object, and thereupon either to redeliver the goods to the bailor or otherwise dispose of the same in conformity with the purposes of the trust. Black's Law Dictionary, 6th ed. All that verbaiage is the attempt to legally describe all the ways you can lend things to other people without transferring title. As DC says in its EULA, The :CueCat reader is only on loan to you from Digital:Convergence and may be recalled at any time. Without limiting the foregoing, your possession or control of the :CueCat reader does not transfer any right, title or interest to you in the :CueCat reader.
:CUECAT READER TO ACHIEVE YOUR INTENDED RESULTS, AND FOR THE INSTALLATION AND USE OF THE :CUECAT READER. This is pretty standard sales warranty disclaimer language. DC states that the user has chosen CueCat. While this may be true for those folks who got it at RS, it is not true for those who received it unsolicited in the mail.
:CUECAT READER IS PROVIDED "AS IS" AND WITHOUT WARRANTY OF ANY KIND. DIGITAL:CONVERGENCE EXPRESSLY DISCLAIMS ALL WARRANTIES AND/OR CONDITIONS, EXPRESS OR IMPLIED, INCLUDED, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES AND/OR CONDITIONS OF MERCHANTABILITY OR SATISFACTORY QUALITY AND FITNESS FOR A PARTICULAR PURPOSE The disclaimed warranties are all sales warranties. The especially damning one is the disclaimer of warranty of fitness for a particular purpose. First, DC says you can only use it for a particular purpose, and then says it is not warranted to actually serve that purpose. The fitness warranty applies where you get specific help or guidance in selecting a product for a particular use. DC wants it both ways - they want to force you into their particular use, but say that they did not so they can disclaim the warranty.
The most important thing is that a bailment is not an absolute transfer. The bailor (in this case DC) retains title to the chattel property (CueCat).
Problem is, DC goes on to contradict its bailment agreement as follows:
1. The warranty recital.
The DC warranty disclaimer says, YOU ASSUME FULL RESPONSIBILITY FOR THE SELECTION OF THE
2. The warranty disclaimer.
The DC warranty disclaimer goes on: THE
3. Integration clause
The integration clause says, No amendment to or modification of this License will be binding unless in writing and signed by Digital:Convergence. . Hey, where's the signature?
For further entertainment, check out http://www.digitalconvergence.com/legal.html, which contains the absolutely laughable statement, The materials ("Materials") contained in Digital:Convergence Corporation ("Digital:Convergence") Web site are provided for informational purposes only. Ah, its just info, not a real contract.
Geez, these guys are fools. Bankruptcy or buyout in 12 months.
Ah, the infamous WOM - Write Only Memory.
It's not as stupid as it sounds.
The ROM and processor are on the same die,
so the ROM is readable by the processor core, but not externally.
--K
But you probably knew that already.
---
Hey don't underestimate the power of a "you suck" note.
A lot of companies do suck -- DC is certainly one of them -- and they often need to be reminded that they do, in fact, suck.
Everyone tries to be nice-nice. "Dear Sir, It has come to my attention that your bar code device... blah blah blah"
Just tell them they suck and be done with it.
People underestimate the power of simple, honest language. Everybody tries to throw in 10-cent words when a few, choice 5-cent words will do just fine.
Besides, I'm tired of all these companies talking at my head. "You can do this, you can do that, you can't do this, blah blah blah."
It's high time consumers -- or whomever -- just dispense with the niceities and get down to brass tacks: more and more corporations suck, period.
Corporations want to fuck us over, take our money, and move on to the next sucker, er, consumer at our expense.
That *does* suck. And the corporations that do this *do* suck. And no amount of "pretty" language (or professional) will hide this. I'm tired of being a "nice" consumer when these not-so-nice corporations want to order me around, and spit me out for dead when they feel like it.
I'm sick and tired of it.
DC sucks. And their stupid bar code reader sucks.
Nobody viewed, copied, reverse engineered, or emulated any part of the firmware in the CueCat. Period.
That can't be right - the firmware encodes the barcode, right? And those clever hackers figured out how to decode it, so doesn't that count as reverse engineering?
Not that there's anything wrong with that you understand...
There was no shirnk wrap to break. No license agreement to agree to. I *NEVER* installed their software, so their new EULA is just as unenforcible as their old one and will get the same response from my atterney: Get Bent.
This company was doomed from the start and it is a good thing since the next company that decides to use similar business practices will take CueCat's mistakes into consideration. Not a single user is at fault here. Just like when you are paying taxes. I read a book that teaches how to minimize tax payments, it started with a disclaimer stating that nobody should pay more than is required by the law. So, if the CueCat did not understand this simple concept - user will not pay more than is required by the law, and did not encorporate this idea into their product, it's their own mistake and they will pay for it. The bar code reader maybe good due to excellent engineering (I don't have one, since they are not distributed in Canada) but CueCat's business model is flawed and that is due to poor business management (who the hell sponsored these guys anyway?)
You can't handle the truth.
Is it just me, or is that a little too specific? When was the last time you saw this kind of language when other "e-commerce" sites got cracked?
I mean, I'm not accusing DC of doing this, but if I were a marketing company, and my product was based on being able to track who scanned what ad, and I were to sell my database to mainsleaze spammers (e.g. MessageMedia, m0.net, and other "legit" spam-for-hire outfits, as opposed to the MLM and MMF pyramid/quack-medicine/pr0n scammers), this is exactly how I'd do it.
Those of you who gave DC a "spamtrap" address - say, a dc-spam-12345@yahoo.com type of thing, to trace the spam you got from DC and to not be detectable with a traditional dictionary attack on Yahoo - keep an eye on your headers.
If the spam's from a random dialup IP, it's probably a dictionary attack or maybe, in 3-6 months, if there was a cracker, then maybe the addresses did get resold.
But if it comes from a "mainstream" spam-for-hire company with real money behind it, and advertises real products, you just might want to suspect that DC themselves sold the data to the mainsleazer.
Hell, I'll bet it's even in their "privacy policy" that they have the right to do so. So blaming an imaginary "Hacker X" shouldn't be necessary in the first place. Again, I'm not accusing them, and I have no evidence that this is the case, but I must confess I'm just a little bit suspicious that maybe there's more to "Hacker X" than meets the eye.
EULA for ACME Toothbrush. By opening the packaging for this toothbrush, you acknowledge that this device will only be used orally. This device may only be used to brush teeth, dentures, or anything as approved by the ADA.
Improper uses unclude:
Pets
Shoes
Computer parts
Silverware or any other dishes
Any other device where the object where the cleaning agent is not toothpaste.
Our lawyers will attack if this agreement is breached.
If you'd sooner have your cat on /dev/scanners/cuecat than hanging off the back of a Windows box then you can patch your kernal today... CueCat Driver 0.1.8 was released on Freshmeat mere hours ago.
0daymeme.com: Great stuff.
Well, you *do* own that copy of the software and can do anything with it that you legally could do with a book... You can sell it, use it, modify it, ignore it, critique it, benchmark it, burn it, or feed it to a cyber-pet.
You can't bypass copyright controls and start reselling the AOL software (plural), but you may resell your copy of the AOL software.
Ditto with the CueCat. You own it in all concievable ways, but that doesn't mean you own the patents it's based on, or the copyright on any ROM code. But you do own the right to use everything that it comes with.
The majority of the people who use the cracks do so because Cue's software either doesn't work on their OS or because they don't want Cue to snoop on them. In either case the EULA would never be seen by the user, I can't imagine that it would be enforceable.
Icebox
Companies change their license agreements all the time, if a new product comes out then it stands to reason that the lawyers are going to want to see it included in the EULA.
;)
What would have been more relevant would have been a if DC (or any other company for that matter!) had made a change to the EULA, not notified their users and then tried to enforce the changes.
I don't know if this is the case, but to be honest, DC would probably have been much better off having two completely seperate EULAs. This way there is no confusion - and again no possibility of falling into the "no notification" trap.
Mind you, it is governed by the laws of the State of Texas, so I guess that you'll be on the chair before you have a chance to pipe up your disent of any part of the agreement
-Tom
as far as I can see Eazel's stuff is a pure service, not an after-sale, since there is NO SALE to begin with. and since their software is open source, they sure can't be accused of tying a product (whatever they develop) with a service. hence, for all I care, they should feel more than free to base their business on offering their update services -- although I have my reservations as to whether it's a viable model. and if it *does* work, it'll be precisely because of this lack of tying; once the users know that they're free to use whatever service (or none), and that this is freedom is protected by the fact that the software is open source, they may actually have less reservations to use the service in question.
Add something else to this line of thought: it is legal to disassemble software. After the initial round of legal nastygrams went out, I asked a number of people in the know about the legality of this whole mess, and the common answer was: It is legal to disassemble software. If you use those instructions line for line in another product, that is not protected, but you can dig up the algorithm, reimplement it yourself, and all is fine. The DMCA (DCMA? I don't remember. It's morning) has made some weird restrictions on reverse engineering, but there's no copyrighted information we are accessing, they can't even wave that one around.
So, this lands under contract law -- the sort of thing where they start saying "If you do not agree to these terms, we do not acknowledge your existence and therefore you must vaporize immediately or stop using our product", but even with that in mind, there's still some problems. They've just made changes to a contract nobody agreed to in the first place, which is not available with the product, neither through radio shack or the magazines that sent them to their subscribers.
When I printed the text portion of patent 6,098,106 from the USPTO.GOV site, I found this interesting tidbit:
This application is related to copending US patent application Ser. No. 09/151,471, entitled "Method for Interfacing Scanned Product Information With a Source for the Product Over a Global Network" filed of even date herewith.
Interesting, but not exactly a patent on the CueCat itself, based on the title.
You may want to update your Perl script to take into account some recent discoveries about modifications to the 'Cat.
Specifically, you may want to insert the minor tweak that lets the code handle those 'Cats that return command and slash.
It strikes me that whenever a company comes out with something where they intend to make their profits from after-sale mechanisms, the first thing that people want to do is to try and avoid this. We've recently had this CueCat business and a page complaining about paying $10 a month for TiVo, despite the fact that they sell their hardware as a loss leader and rely on the subscription charges to make any money.
To me, all of this seems like trying to rip off companies that are providing something which people obviously want. And if people succeed, then these companies are going to suffer, which means no more deals for people. Is this what we want?
Every time a new service is hacked into so that the company fails to be able to make a profit, it just discourages other companies from being so generous, or encourages them to follow the MPAA/RIAA in slapping restrictive laws or licenses on the technology. Do we really want a situation where every new technology comes out hand in hand with restrictive legislation to give the companies a chance to make a profit?
Riiightt... so, now not only can't I reverse engineer the software under thier "agreement", I have to dob in anyone I find out that is reverse engineering it?
hmmm, better stop reading slashdot, I guess MS, RIAA and the MPAA were right. You are all the spawn of Satan. Lucky the big companies are here to protect me and my children (please, won't you think of the children?).
That's funny. I guess their lawyer didn't do a good enough job of combing through the EULA after cut-n-pasting it from somebody else's shrinkwrap software.
So are you bound to the specific contract that you agreed to with the "I agree" button, or can you use multiple copies since they publicly state that you can?
--
Since in the email they sent they ask you to fill out a form to get the $10 Certificate snail mailed to you -- it is just a way for them to tie your address in Meatspace to your 'userid' or whatever it's called in their software. I for one won't be getting the $10 certificate. Infact I just disabled the email account I had setup to get a code to test the software with.
I'm not going to sell my address to those spammers for a lousy $10.
I have no idea about the legalities of chaning the EULA for a product already in one's possesion. Obviously, they are trying to add the hardware to the EULA, which only included the software before, but how on earth can this be enforced.
Most licenses expire. At least most non software licenses expire like driver's licenses, and alcohol licenses. Each time you renew, you could be subject to new rules, but all parties are more or less aware of that in advance. I don't see how they can expect to change the terms of a license that most people just clicked through, and expect it to mean something.
IANAL, but even in the great state of Texas, I think that their business, if it depends on this change in EULA, is pretty much over.
I don't practice what I preach because I'm not the kind of person that I'm preaching to.
I received a CueCat in the mail. I have accepted no license, and I don't plan to. I'm not going to install their software by any means. They have given me no ability to refuse the terms of their license. It was sent to me without any action on my part, other than being a subscriber to a magazine- that sounds like a gift to me.
:CueCat reader leading to my acceptance of the license. But what do they mean by using it? Using it as a doorstop? Paperweight?
They have the broad statement of (2) using the
I really hope this issue comes around and hurts them in the end. They must have spent a *huge* amount of money to get this out. They probably have 100's of thousands sitting in a warehouse somewhere, ready to be shipped. I hope they never get to ship them.
Hmm... a thought. Can I refuse their terms with an email that states that if their email server accepts the message, they accept my terms? That sounds a lot like the arbitrary acceptance conditions that they put forth.
I received a CueCat in the mail. Apparently because I am a subscriber to Wired. I did not ask for the CueCat, did not order it, did not pay for it (yes I know its free anyway). Under US Postal Regulations, this item is now mine. It is not the property of D.C., they have not loaned, lent, nor licensed it to me. They can not ask for it back, they can not tell me what to do with it. It is mine, period. If they would like to claim differently, they can take the issue up with the Post Office, not me.
So if I don't agree with the licensing terms for this unsolicited mailing, what can I do with it? I certainly can't break it into bits or burn it up. That would violate the "disassembly" clause. I can't even throw it in the trash since that would be an illegal "distribution" of the device.
What's a poor law-abiding consumer to do? I guess I'll just have to keep it in my closet.
What do you mean they cut the power? How can they cut the power, man? They're animals!
Repeat after me, no one is ripping off these companies. If some braindead MBA believes that selling stuff below cost in order to gain mindshare is a business plan, I am not obligated to satisfy his plans for me as a consumer by paying for a marked up service or accessory to something I got for free or below cost.
It strikes me that whenever a company comes out with something where they intend to make their profits from after-sale mechanisms, the first thing that people want to do is to try and avoid this.
I seem to remember one of the first things I was taught in Economics class being that consumers should be assumed as rational beings that will try their best to maximize their utility (i.e. consumer happiness) by paying as little as possible for a service. In my opinion a company that fails to factor in the lessons of ECON 101 while designing a business plan deserves to fail.
People like you who complain because consumers are not going along with a corporation's plan to sell them a marked up service or product shock me. I cannot for the life of me figure out why I should spend more than an item costs after other payments are factored in for the illusion of being given something for free. Anyone remember all those free PC companies that made you sign 3 year ISP contracts? Guess that means the PCs weren't so free, huh.
No. Software isn't any different than a book. When you buy a book, you own the book. When you buy software, you own the software. (Note that in both cases, you're just buying the item, not the copyright, so IP rights are still preserved.) You can tear the pages out of a book and make paper airplanes, and you can disassemble software.
The only time you buy a license is when the purchase of that license is explicitly made a part of the sale. (For example, when people buy custom software from my employer, I think they sign a license at the same time that they hand over the check, although I don't work on that side of the biz, so I'm not sure if this is still done.)
Or if the license grants you additional rights that you otherwise would not have under copyright law, then you might decide to agree to the license in order to take advantage of those additional rights. For example, you normally can't give away copies of copyrighted works, but some software comes with the offer of a special licence (e.g. GPL) that will grant that right (with some restrictions) to people who agree to its terms.
---
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Hmm, this gives me an evil idea!
If I were [theoretically of course!] to crack into a database and obtain e-mail address data, it wouldn't take much effort to then mail out everyone whose addresses I had obtained saying "We're sorry - our database got cracked. Send us your credit card details and we'll give you a $10 refund straight to your card for the inconvience!". =)
Put in a genuine looking "From:" address, and a temporarily set-up "Reply-to:" address, and wait for those CCs to come rolling in =) I'm sure there are enough people out their who would happily fall for such a scam!
-Tom
IANAL, but can they change the EULA so radically after thousands (millions?) of CueCats have been distributed? I got mine from rat shack a number of weeks ago, and immediately destroyed the CRQ CD. Now they're trying to bind me with a contract I didn't agree to? I'm going to disassemble my CueCat right now...
We have more to fear from the bungling of the incompetent than from the machinations of the wicked.
Ah, you think that the long-term effect of this is that we will cross over the transition from having a free lunch, to not having a free lunch? There never was a free lunch! They're not going to "reduce services", they're just going to make costs more explicitly spelled-out up front.
If you get one of these CueCats and use their software, then it isn't free. They are getting information about you (which has value) and probably selling that information to someone, or selling targeted adspace (which has value) to companies that want to advertise things related to whatever you scanned. Whenever someone pays Digital Convergence for an ad, that money doesn't come out of thin air -- it comes out of the sale price that you pay when you buy that item.
Any time someone pretends to give you something for free, it is almost certainly an attempt to decieve you. Taking advantage of them is a Good Thing, since it punishes lies and hidden costs. The especially nice thing is that if they don't try to trick you and actually put the costs up front where the customer can see them, then no one can take advantage of them, and fair market forces decide their fate.
---
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
A previous Slashdot article of a few weeks ago encouraged people to submit comments for that proceeding. Some of those comments are online at the FTC site. (The FTC staff tell me all the comments should be up shortly.)
I am just imagining scared housewifes standing on a chair trying to beat down a CueCat on the floor with a broom.
Seriously, how much bickering is there going to be about all these litttle details on an inanimate object? I don't think people are going to take software agreements seriously anymore with all this BS going on. I haven't even hooked up my cuecat, and I could care less about it's agreement on the software I won't be installing. I'm not really afraid of any acronyms in this situation.
On evolutionary grounds a company without a clue in their business plan deserves to die.
So just get go and get your CATs.
Baker's Law: Misery no longer loves company. Nowadays it insists on it
http://www.sigsegv.cx/
...you will notify Digital:Convergence of any information derived from reverse engineering or such other activities...
Well, so far I've determined that the people at Digital Convergence are pricks. Does that count?
Guess I better go notify them.
-
Except as expressly permitted in this License, you may not decompile, reverse engineer, disassemble, modify, rent, lease, loan, sublicense, distribute or create derivative works based upon the
:C.R.Q. Software in whole or part or transmit the :C.R.Q. Software over a network or from one computer to another.
Has been changed to this:-
Except as expressly permitted in this License, you may not decompile, reverse engineer, disassemble, modify, rent, lease, loan, sublicense, distribute or create derivative works based upon the
:CRQ software or :CueCat reader in whole or part or transmit the :CRQ software over a network or from one computer to another.
They clearly thought that anybody wanting to reverse engineer their scanners would have to disassemble their software, so they thought that they could prevent this with the software licence agreement. They clearly didn't realize that by using such a braindead-simple protocol, people could reverse engineer the protocol just from the hardware, so they have extended the EULA to cover reverse engineering from the CueCat itself.But how can this be legal? What you buy a piece of software, you are buying a license to use that software. When you buy ( /are given ) a piece of hardware you own it. You can do what you like with it. You have the right to sell it to someone else, and DC have no contract with that person.
This cannot be enforcable.
You're right! Individuals are exercising more and more power over companies. It's getting out of control and is completely contrary to the American way of life. People are unfairly exercising their rights to think and use technology to abuse poor companies that have no recourse when faced with the power of a motivated hacker and such unscrupulous tools as Linux.
One of the problems with capitalism and technology is that individuals often become so powerful that their influence over honest hard-working companies becomes so great that they can start to take advantage of them. This is where the federal government can step in to protect the rights of these poor companies that are just trying to mind their own business and make a buck.
People might complain that these companies need to exercise a little more judgement when they come up with their business plans, but let's face, even the most careful companies can fall victim to ruthless individuals utilizing their technology to take unfair advantage of them.
It's time people stood up for the rights of victimized corporations! Write your Congresspeople so they can pass laws to protect those poor companies who cannot protect themselves.
If we don't stand up for the big companies, who will?
You are in a maze of twisty little passages, all alike.
See this comment for a link to the more-restrictive EULA that was posted about two weks ago.
--
send all spam to theotherwhitemeat@ropine.com
Well, last week I threw together a Java based CueCat decoder/web page finder. Its at http://www.timpatton.com/jcat. It just needs java 1.2 or better. I guess I will sit around and wait for my subpoena. :)
QUOTE:
"Please read the following license agreement carefully before using this software or hardware as you are agreeing to be bound by the following terms and conditions of this license. You agree to the terms and conditions of this license by performing ANY OF THE FOLLOWING ACTIONS: (1) using the :CRQ software; (2) using the :CueCat reader (3) pressing the "agree" button below; OR (4) printing out a copy of the agreement, signing the agreement and returning a copy to Digital:Convergence(TM). If you do not agree to the terms and conditions of this license, do not press the "agree" button or engage in any of the foregoing acts."
Hmm.
So here is what we have got here... a "legal" (read as "clickthrough", "shrinkwrap") agreement that tries to be as binding as if it were signed and returned to D:C. I wonder how many seconds this will hold up in court when challenged. The fact of the matter is is that when they give me hardware, it is now MY hardware, and if they think that I have to use their software, then they are stuffed. Also, is it possible to open the package and use their damn barcode reader WITHOUT viewing any portion of the license at all? Of course. However, D:C wants to bind you to their terms even if you don't ever even take a glance at their terms.
D:C is one of those companies that will be throttled by their own license and slowly fade away. Thank god.
Oh, I was about to post this, and lookee what else I found, buried in an unindented block of legalese:
QUOTE:
"The :CueCat reader is only on loan to you from Digital:Convergence and may be recalled at any time."
They need to realize that when they put hardware into my hands that it is MY hardware. If they want me to sign a contract with them (not the crap faux contract they try to bind you to in the first place), I will happily do so, but as long as they try to stiffarm me into forking over all my data, I'll just use the cracked software.
Oh, yea, I want to see someone ballsy enough to actually print out that agreement, cross out everything that they don't agree with, and fax it to them. :)
inquis, posting anonymously 'cause he's too lazy to go get his password.
I think that the reason we're seeing so much angst over these business models is that these "giveaways" are presented as free; they aren't, as you have so eloquently argued. The actual intent is to trick the unwary into giving away something of greater value for something of lesser value. The old "new lamps for old" scam.
If some one wants to make such a deal, knowing what he's getting into, fine. If CluelessCat wants to trick the gullible, I don't think that is fine at all.
Every time one of these companies sets their "rules", and finds that people who never knowingly agreed to them don't follow them, we can only laugh. If new technology comes out with restrictive legislation, it'll be because you didn't contact your congress-critters early and often.
Nels
See what I've been reading.
Being... well... Evil, it occured to me that you could pop out to Radio Shak, pick up one of these, open the box, disagree with the EULA and send it back to Digital Convergence. Think a couple'a hundred thousand of their silly felines in the mail might make a point?
Of course, if I were looking for a laser scanner, I'd have much more faith in the Intermec hardware I can get, and it dumps staight ASCII and is much more stylish.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Anyone who believes these liars is a fool. Sure, validate their account details on you for $10 credit if you like - it may be a fair sale to some.
:)
:)
Just don't for a minute believe they were hacked. Oh, they're using NT servers so I'm supposed to believe their "our IT is incompitent" line.
This sounds too vague to be legit. Offering $10 to end users for SELLING their details is one thing - at least that is honest. This little scam makes them no different than the spammers who put "reply to unsubscribe" in their email (in order to verify an address to sell it at a higher rate).
Besides, the Linux software is better than the Windows version.
I unplugged my cat and tossed it on my bed. When I realised my (falsified) data was not safe, I deceded to abandon ship. They offer a gift cert of $10 to the shack, but the last time I needed to go there was about 3 years ago.
Lowmag.net
A dead looser company alsways blames someone. This is part of the business. Hackers, Weather, Force Major, but never idiotic business plan and lack of clue. The reason is very simple. The concession that the business plan was idiotic means that the VCs were idiots. VCs do not like to be marked as stupid. So having someone else to blame is to be expected.
Baker's Law: Misery no longer loves company. Nowadays it insists on it
http://www.sigsegv.cx/
I can't help but wonder: has Digital Convergence stopped to think about the early adopters who really drive the spread of new technology? Since the benefits of their scanner aren't immediately obvious, I think that Digital Convergence, whether they realize it or not, is dependent on these early adopters. And these are the very same people that are (1) going to find out about the license shenanigans and legal blustering and (2) be really irritated by it.
The saying, "don't bite the hand that feeds you" comes to mind. I think Digital Convergence is about to learn what happens when you ignore this sage advice.
Phil
Anyone who used DCs CueCat software has had their software has had their information stolen from the DC servers!
Humble suggestion: make it a policy that Slashdot editors should preview their posts, and even consider doing this yourself.
--
Life's a bitch but somebody's gotta do it.
Shrink-wrap license on material goods? I think not. You don't 'license' goods, you buy them (or are given them for free).
-----
--
perl -e'$_=shift;die eval' '"$^X $0\047\$_=shift;die eval\047 \047$_\047"' at -e line 1.
Patents are given only if the creator can show that the invention is novel enough, after which, the inventor is given a limited-time monopoly.
If DC can't get a patent that specifically covers the CueCat, then they shouldn't be able to arbitrarily upgrade their protection to the level of a patent. If they were able to, then there would be no reason for the patent review office. The kind of protection they're seeking is only given to products that do something in a non-obvious and novel way.
--
If anyone is interested, you can find the one and only Digitalconvergence.com patent here. The patent number is 6098106 and it was issued August 1, 2000. It covers using sound to link to a web site. IANAL, but it doesn't look like it covers bar codes.
As for bar codes, they really don't encode much information. The first part of the number is the company producing the product, and the last part is a unique identifier for the specific product (a green widget would have a different identifier than a red one). So really it's just a pointer or index that links into a database elsewhere. Forget any hopes of scanning your CD's and getting a song list from the barcode, unless you link it to a database that contains what you're looking for.
sulli
sulli
RTFJ.