Slashdot Mirror
Apple Cease-And-Desists Stupidity Leak
Apple cites the Lanham Act (see below) and I have no idea what that covers. But Bill Innanen pointed out on a mailing list that the operating system might be said to violate its own access control rights under the DMCA:
...since the possession of the tools to violate a copyright has been criminalized, we have yet another case of circular legal "logic." The only tool necessary to violate this particular copyright is the very operating system that the copyrighted software (the updater/full-installer) installs (or an earlier version of same).(Just pop open the installer package with the built-in "context sensitive menu" module, find the CheckForOSX module and drag it to the trash can. Voila!)
Is the possession of MacOS X v10.1 or its installer illegal because it can be used to violate its own copyright?
(Well, actually by the letter of the law in 1201(2) I think you'd have to argue that Mac OS X 10.0 was "primarily" designed to circumvent the access controls in the 10.1 update... but it's still pretty funny.)
Bill goes on to point out: "The problem that this converted updater fixed is that there are reported problems with 10.1.1, and with a 10.0.x and the updater you can't backtrack. With the 10.1 full installer you can."
Apple's lawyers write:
We represent Apple Computer, Inc. ("Apple") with respect to its intellectual property matters. Recently, it has come to our attention that you are providing unauthorized instructions concerning the modification of the Mac OS X 10.1 update software (the "Software") on your website. Specifically, it appears that you are providing instructions for converting Mac OS X 10.1 update Software to a full install version of Mac OS X from your web site in violation of the Copyright Act and in violation of your software license agreement with Apple.
You should be aware that Apple has never authorized you modify the Software. Moreover, by providing instructions on how to modify and circumvent restrictions within the Software, you are infringing Apple's copyrights in violation of the Copyright Act and engaging in acts of unfair competition in violation of the Lanham Act. Additionally, Apple's license agreement, which you accepted upon purchasing a copy of the Software, specifically prohibits you from copying, decompiling, reverse engineering, disassembling, modifying or creating derivative works of the Software.
Consequently, on behalf of our client, we demand that you cease and desist from publishing or distributing the above-referenced materials. We believe that this is a very serious matter, thus we ask that we receive confirmation in writing from you that you have removed the infringing material from your web site.
Thank you for your prompt cooperation on this matter.
to stuff the genie back into the bottle?
"Win treats sysadmins better than users. Mac treats users better than sysadmins. Linux treats everyone like sysadmins."
What they should have done is a package-by-package analysis of the install and tell what each part does. Leave it to the discussion board and newsgroups to establish what taking out a piece does.
Send your friends messages of love at fuck-you.org
The Lanham Act is actually a trademark / service mark protection law, not really a copyright law. To see Apple's lawyers use it in this context seems a bit out of the ordinary, although Apple is notorious for vigorously defending their trademark and look-and-feel related concepts (remember the OS X themes debate a few months back?). Still, if they're relying on the Lanham Act to do their bullying, they might be on shakey footing. Stick to the (deservedly despised) DMCA for things like that.
If I could only live my life with my threshold at 4...
You know, when you want to circumvent the existing install checker on the average PC upgrade edition of a product, you usually have to murk around with the registry or apply cracks with non-standard install methods ... things that would confuse the average joe newby pirate. But on the MacOS, you can crack your software with just a single drag of the mouse! Now that's what I call UI innovation.
Depending on how you use any of these instructions and/or pieces of software it may be illegal. It also might be legal, or at least grey. Suppose I've got a legitimate copy of MacOS 10. I've also legitimately purchased the 10.1 installer. My hard drive fails and I want to run 10.1 again. I can install MacOS 10, then install MacOS 10.1 - or - I can defeat the protection on MacOS 10.1 and install it in a single step. In this case the end result is the same, I've legally installed a copy of MacOS 10.1.
If I don't legally have MacOS X and use this trick to get a copy of MacOS 10.1 for 20 bucks then I'm at least doing something immoral, and possibly illegal. Apple has the right to try to prevent this (beyond that, they've got an obligation to as well, an obligation to their stock holders).
That said, it will also be ineffective. The crack will appear on some dyndns.org warez site and on gnutella etc. I had suspected that upgrade CD was a full install but didn't have a chance to verify it. I upgraded my sisters G4 over thanksgiving weekend. The CD seemed pretty full for an upgrade, and you could actually boot from it.
Chris Kuivenhoven is a thief, beware
In their letter, they only talk about reverse engineering and modifying the software and such. Ok, so that's illegal. But no one modified any software here, you just say "hey, don't install this package."
I also don't see how this could violate Apple's license agreement. I'm sure that MacFixIt does have an OS X license, so it's not like they installed the software without a license -- they just chose to install it in a different way. A way that Apple made possible by making the package optional.
Sig (appended to the end of comments I post, 54 chars)
Here's a link to it: Lanham Act.
Here's a little description I found online:
The Lanham Act defines the statutory and common law boundaries to trademarks and service marks. Trademarks (and service marks) are words or designs used in the advertising of goods and services. Rights to use a trademark are defined by the class(es) for which the trademark is used. Therefore, it is possible for different parties to use the same trademark in different classes. The Lanham Act defines the scope of a trademark, the process by which a federal registration can be obtained from the Patent and Trademark Office for a trademark, and penalties for trademark infringement. The Legal Information Institute provides Title 15 of the US Code, which encompasses the Lanham Act.
It sounds like this act has to deal with advertising... so is Apple saying that MacFixIt should take down their post because it advertises away to get a full version of commercial product that costs $129 for $19?
I don't think this should be that big of a deal - they'll probably just stop making the update CD, and most people who bought one already owned a copy of OS X anyway.
F-bacher
James Tiberius Kirk: "Spock, the women on your planet are logical. No other planet in the galaxy can make that claim."
Looks like Apple needs a lesson in software temper resistance. I know that it's hard to do (part of my current job) and security by obscurity sucks, but at least don't name the crucial file "CheckForOSX" ... better use something bland like "OFUpdate", or if you're in the mood, "MicrosoftEngineersAreWeenies" ;)
No, they don't. Copyrights and patentsdo not have to be defended (remember gif, mp3, etc?). It's a good idea to defend them along with patents, or else you can lose out big time (Frauenhoffer and mp3). Trademarks and servicemarks are the only things that need to be defended, lest they be diluted and become generic (kleneex, asperin, etc). Now the law that's being cited, the Lanham Act, is a trademark law so a defense seems reasonable until you realize that they're using a trademark law to prop up a copyright argument. Something about that doesn't seem quite right. Maybe they need to go back to law school.
If I could only live my life with my threshold at 4...
Back in the ol' Win 95 days, the Win95 upgrade could be used as long as you had a "WINDOWS" directory and a file named "win386.ini"
so you took edit.com, and created a blank file called win386.ini - presto..the upgrade became the full kitten kaboddle
Upgrade disks will by necessity require the entire OS - all that is required is to figure out how to circument it, and it's end of story...this is barely even news if it wasn't for the fact they sic'd lawyers to prevent a webpage from passing out info every hacker will figure out in about 2 hours
----------
ah honey, we're all resplendent - Bill Mallonee
First of all, I don't suspect most people would consider removing a package from an operating system 'modifying the software' or any of the other list of things stated.
I would agree. Because if I don't like, say, the calculator program and I delete that after installing 'the Software' and install a calculator program that I like better, is that 'modifying the software'? By their logic it sounds like it is. When is 'the Software' no longer 'the Software'? After I install it, am I then permitted to modify it? Would I be in violation of my license agreement if I delete calc.exe after installing 'the Software'?
This sounds like a load of hot air to me.
I couldn't have said it better.
Things you think are in the Constitution, but are not.
didn't Steve Jobs just say something like, "Any security scheme that's based on secrets will be broken sooner or later." about the iPod's lax copy management scheme?
so did Apple do this on purpose, or are they just being hypocrical? seems like the latter.
Just raise the taxes on crack.
You are confusing trademark law with copyright/patent law. Trademarks must be defended or lost. Copyrights and patents need NEVER be defended. Recall the GIF compression patent fiasco - the patent holder did not enforce their patent for 15 years. Everyone who dealt with GIFs was vioating their patent. For 15 years. And then they started enforcing it.
I hereby sentence both you and your moderators to read "The Intellectual Property FAQ." Search for it on google...
Remember that anyone can write a Cease and Desist letter. Remember that lawyers are not required to be honest in such letters.
Their job is to convince the "offending" person that it would be a bad idea to piss off their employer. The C&D is basically a more business-like version of sending a 200 pound hired goon to your door.
Semantics aside (who's to say that by not installing something, you're "reverse engineering"?), since when do you agree to software EULA at purchase time?
I haven't installed OSX10.1, but any other EULA I agree to presents itself before I open the CD enveloppe, or when I run the installer.
Does Apple really make you agree to the EULA at PURCHASE TIME?
By posting the entire text of said article?
Convert your Update CD to a full Install CD
In the meantime, we found a work-around that may be even better than the one we were looking for. Instead of finding a file on the hard drive that we could modify to fool the Installer, we found a file on the Installer that we could delete and thereby bypass the checking process altogether!
We found the file by comparing a Mac OS X 10.1 "full" Install CD with an Update CD. Both CDs had the aforementioned VolumeCheck file. However, only the Update CD had the CheckforOSX file. Could this be the only critical difference between the two CDs? What if we made a bootable copy of the OS X Update CD, but with the CheckforOSX file missing? Would it act as a full install CD? We tried it. It worked! In brief, here is what
to do:
1. Using instructions posted on this page, create a disk image of the Update CD.
2.Delete the CheckforOSX file from the Essentials.pkg file in System/Installation/Packages folder of the image file. [You need to use the Open Package Contents contextual menu item to access this file.]
3.Burn the image to a CD using Disk Copy.
You can now boot from this CD. When you do, it will list any volume - even one that has no version of Mac OS X at all - as eligible for an install of Mac OS X 10.1. We did not test to see if this actually correctly installed the OS, but we have no reason to believe it would not. This method thus apparently converts an Update CD into a full install CD! A neat trick (although we suspect Apple may not find this so wonderful).
"Remember when the U.S. had a drug problem, and then we declared a War On Drugs, and now you can't buy drugs anymore?"
Specifically, it appears that you are providing instructions for converting Mac OS X 10.1 update Software to a full install version of Mac OS X from your web site in violation of the Copyright Act and in violation of your software license agreement with Apple.
So, I do not own a copy of Mac OS X. So therefor I would not be violating any license agreement.
You should be aware that Apple has never authorized you modify the Software.
I did not see the web site state that they modified any software. Deleting a file is something that Apple gave them rights to do when they placed a trashcan on their desktop.
Additionally, Apple's license agreement, which you accepted upon purchasing a copy of the Software, specifically prohibits you from copying, decompiling, reverse engineering, disassembling, modifying or creating derivative works of the Software.
Again, not something the site told anyone to do. Deleting a file is not copying, decompiling, reverse engineering, disassembling, modifying or creating derivative works of the Software.
Oh man. It is shaky ground. I can fully understand the web site removing the instructions, but their response was pretty weak. If they needed leagal help, they should have asked Slashdot. They have many lawyers that could have assisted in a response.
LD
The Mac OS 10.1 update is given away for free. You walk into any Mac-carrying retail outlet and they will hand you this nicely-packaged CD with instructions and send you on your way.
Actually, they won't. They will look at you with a confused expression and go "I don't think we have that", or perhaps a "Sorry, Apple didn't send us any- all we have is the full version."
At least, that was my experience when I went to upgrade 10.0. The former was 2 separate Circuit City's, the latter a Mac store (Not one of Apple's). I finally asked a guy I knew online to make me an (illegal) copy.
Apple screwed the pooch bigtime on this upgrade. I'm one of the few folks here who will speak of Macs without spitting and they made it close to impossible for a loyal user to upgrade from a slow, buggy, feature incomplete beta version of the OS.
Eric
"Seven Deadly Sins? I thought it was a to-do list!"
Here we have Apple, whose job it is to provide hardware, software and updates for both. Now what you're telling me is that if Apple doesn't know how to do its job correctly, they think it should be illegal for anyone to point that fact out. And it's not just Apple, if anyone things I'm just picking on them. Choose any company that's filed a non-patent related IP lawsuit in the past few years and in nearly every case, the suit originated because someone pointed out that they weren't doing their job very well (and provided details.)
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
anyone remember the ms office 97 upgrade cd that you allowed you to point it back to the cd itself when it asked for the location of your office install? i love it when companies spend years designing the software and let an intern write the install procedures.
So was Apple stupid? No. Customer-service oriented? Yes. Ease-of-use oriented? Yes. Transparency-of-upgrade-process? Yes. Safe-and-reliable-installer prioritized? Yes.
Heck, I'd think the /. crowd would be thrilled there isn't some elaborate product activation scheme or big encrypted block of material. Yeah, it's easy to defeat and steal the product. On the other hand if one's determined it's trivial enough to copy a buddies CD or download the original.
Hey - Apple ENCOURAGED folks to pass along their update! They didn't do what so many other vendors do and require proof of purchase. They didn't charge some outrageous rate. They didn't even go the MS route and call it a new OS. They even stated they'd have made it free for download if it wasn't so honking big.
All Apple did was ask (ok, in a heavy-handed legal fashion but that's how the legal system works) a website to take down directions for circumventing their security mechanism. I've no doubt numerous other companies send out reams of the same boilerplate every day asking folks to stop posting how to crack their demos or post their passwords.
And here we have folks bustin' on 'em.
So - what SHOULD they have done? Would folks REALLY prefer encrypted material doing who-knows-what after some onerous registration process and limited distribution? Crow all you want that Apple "gave away" their product, they went about their technology in a far more responsible way then many others. Think about that the next time you install an MS/Sun/Irix/IBM/HP/Compaq/Unisys/etc. OS.
I don't read ACs: If a post isn't worth so much as a nom de plume to its author then I wont bother either.
Apple is in most certainly in the wrong here, in as much as it is wrong to be stupid, lazy, and legally defensive of the first two failings.
Look, ignore for a second that the label on the CD reads "10.0 -> 10.1 upgrade" or somesuch. The fact is that you legally purchased a CD that contains the entire 10.1 operating system. It is the fully functional operating system, and the only requirement for having 10.0 is an artificial one that is easily removed. Does Apple wanting it to just be an upgrade CD change the fact that it is the entire OS + 1 package? Not at all.
It's like overclocking. You might buy a processor that is labeled as 1GHz, but it can run at 1.2 if cooled properly. Does the fact that the vendor would rather you buy the actual 1.2GHz part make a difference? They sold you a device with a capability, and you are using it.
Or it'd be like if Stephen King was doing his online book thing, but his "preview" was actually the entire book, with a note to please not read past page 47.
Or it'd be like a video card upgrade that came in the form of a completely new computer, but you were expected to only take out the video card and leave everything else in your closet.
If Apple really wanted the upgrade CD to be just an upgrade CD, it should have contained only the data necessary to make the change, like every other software upgrade I've ever seen in my entire life. That they didn't do this is a sign of laziness on their part, not moral obligation on mine.
They sold me a CD containing data, and I'm using it. I'm not copying anything they didn't sell me; I'm not giving it to someone who didn't pay; I'm not modifying their code and redistributing it. If it is, well, that wouldn't surprise me, but that doesn't mean Apple isn't wrong.
What _would_ be wrong was if I (probably as a reseller) bought a bunch of the upgrade CD's, and resold them as the full thing (at full price). You'll note that in the case of CPU overclocking, the chip makers have made that distinction, and while they make overclocking harder for everyone, they only really care about the dishonest resellers.
I think the only protective action that Apple could take that would put them in the right would be if they stated they would not give technical support to those who used the upgrade CD to do the full install.
The enemies of Democracy are
So you believe no one should have a +1 bonus unless they are in lockstep with the doubleplusgood Slashdot groupthink? *sigh* Slashdot is falling apart...
Never take moderation advice from sigs, including this one.
You gotta give Apple developers some credit for crying out loud. If they packaged the upgrade the way they did, running the risk of someone mucking with their packages, it clearly had to be because it was easier *and* faster to do it that way.
Mac OS X 10.1 is a pure Jewel of an Operating System, and I for one like to see frequent major upgrades that acutally render my work more productive. And this one sure did.
Chances are I am not the only one thinking that.
So Apple saved time and figured their money would be better spent on lawyers sending out semi-generic cease-and-desist letters, rather than delaying the release of their upgrade by a few more months and miss the X-Mas rush.
Are they dumb? NO. It's about money. Time-to-Market translates directly into money. I'm sure they knew the risks they were taking and carefuly measured them.
Does the fact that they released a full working version of an operating system on a demo-disk harm the user in any way? NO. But that's what is unconsciously implied: "oh Apple made a quick upgrade hack that can easily be worked around, quick hacks are dumb, quick hacks are bad, so *I* as a geek, must absolutely go out there and make a big fucking fuss out of it so I can look cool and get some publicity out of it". Again, this is not microsoft quickly hacking their "Passport architecture", loading it with obvious security holes to make a deadline, thereby harming the greater computer user community, we're talking about a legitimate software upgrade that happens to give you more, MUCH more than what you bought.
Exploiting this for any other purpose than recovering from a failed upgrade is *wrong* and, indeed illegal. Beside, keep in mind that even if leveraging this weakness to shorten the installation process to recover from a broken upgrade may be *very* convenient *and* tempting, doing it the regular way, which was installing OS X 10.0.x and *then* using the OS X 10.1 upgrade as just that, an upgrade, still works. While this appears to be a cool, convenient hack to share with close friends and family to save them time, I do believe this information to be a little too sensitive to be permantently published on a web site for everyone to leverage. Again, this is *not* like a security hole, this is publishing information which deliberately violates the Software License Agreement.
MacFixIt most likely understands that.
Are they trashing freedom-of-speech? FUCK NO. Stay real guys and look at this whole thing for what it really is: a very simple, dumb hack which violates a very clear, simple, software license agreement. Software Vendors have those agreements so they can actually make money off of the shit they make. Duh.
MacFixIt handled the situation very maturely but anyone here invoking "freedom of speech" rights for this particular case is merely making a devious use of one of our most cherished inallienable rights, and such behaviour can easily become one day its most threatening enemy.
Extraordinary Vacations. Exceptional Prices
They even succeeded in providing a point & click local root exploit (for details take a look at Bugtraq).
I don't know if they are the first to offer this feature, but it's definitley nice.
I am surprised this fact has not been pointed out. Remeber software is licensed not bought. For all it matters apple didn't even need to install a checker at all.
The license states you need to own a copy of OS 10.0 to use the CD, that is the illegal part. For all it matters what the CD contains they could make one CD that has 9, 10.0, and 10.1 on one disk, if you only paid for the use of 9 then that is all you can legally install.
I can legally buy a gun, I can legally walk in a store, but if I use that gun to rob that store it is illegal, the tool dosen't matter, that you use it for the legal/approved outcome does.
iRepairIT - iPhone, Mac, & PC Repair
It is a disturbing trend that businesses are more concerned with the act of POINTING OUT how crappy their security is than they are with the actual act of exploiting that bad security. They don't give a damn about the theft - they just don't like the bad press, and will gag you for trying to point out a truth about them that they find embarassing.
The DMCA - the law that makes it illegal to tell the truth.
Don't label something "offtopic" unless you know the topic well enough to tell what's on topic.
Think Lawyers.
The correct analogy is if the cashier at a store gives you a $20 instead of the single that you were supposed to get in your change. Or buying a car from someone and finding an expensive watch between the seats.
For that analogy to be even close to correct it would have to be the case that Apple -accidentally- put the entire functional Mac OSX 10.1 on the CD. Since I doubt this is the case -- that the only difference is the CheckForOSX package attests to this -- your analogy is "correct" only for definitions of the word opposite the accepted usage.
Your analogy might be in the same hemisphere as reality if they willfully put the watch in the car, but asked you to kindly just leave it where it is between the seats. Or better, they're selling you the watch, but the box it comes in happens to be a Mercedes.
If it seems like only a complete idiot would do that, then you understand my point -- there is nothing illegal going on, just Apple being very, very dumb.
It is very, very simple. Apple sells you an upgrade CD. They - through incompetence or ignorance - included the whole OSX 10.1 install. You inadvertently receive something you didn't pay for. Keeping it (or similarly, installing it without paying for a copy) is stealing.
Well, you're right about the simple part, at least. They sold me a CD containing the entire 10.1 operating system, I paid for that CD, and now I'm copying that data to my system. MY system, the one who paid for it. There is nothing on that CD that Apple didn't knowingly give me, and to call it stealing to use that which was knowingly sold to you for the purpose for which it was intended is insane.
I mean, the idea of illegal copying of software being stealing is dubious in and of itself (since copying software leaves the original intact), but here not only is there no loss, I'm not even gaining a single bit of information that I didn't pay for!
The enemies of Democracy are
Check it out - very easy to follow.
This really surprises me.
I'm surprised by the fact that people think Apple is wrong in this.
When you buy a $100 cubic-zirconium ring, and then take it home only to find out it's a real diamond... do you take it back? Yes. If you don't you're stealing.
Apple is selling an *upgrade* to an Operating System. People pay $20 for this upgrade. If those people turn around and modify it so that it's a Full Install... then they are getting a $100 product.
Is Apple getting the $80 they deserve from the people modifying their CDs? No. Therefore... those people are morally obligated to not do that.
Whether it's legal or not... I don't care, I assume it's not. However, it's morally wrong... so on those grounds, Apple certainly has a case.
Useless laws like the DMCA aside, if you buy software you are legally entitled to do anything with it that you could do with a book.
If CheckForOSX annoys you, remove it. Just the same as you might scribble in the margins of a book, or rip out a page that offends you.
If the seller intends otherwise, then they need to make it a clear part of the pre-sale agreement. EULAs and any software which try to enforce them are void at best, and illegal at worst. (Preventing someone from doing something they are entitled to do until they give you something of value (your compliance) is extortion, the same as if I demanded $50 before I'd let you use your computer which I had snuck in and passworded the night before.)
The only reason this hasn't been pursued is that nobody with enough money has been annoyed by EULAs.
Not everything which harms a company is illegal (though the way they whine, it soon will be) nor is it necessarily immoral. Imagine if you stood outside a major electronics store handing out a competitors fliers, with a lower price that the first store had promised to match. Of course, they always hope nobody tracks these deals down, but they have no right to sue you for you activities, they made the deal and should have made sure they could honor it.
Drag it to the trash bin? What's wrong with that?
A user tells the computer what to do - a computer does not tell the user what to do.
There are two exceptions:
I can ``rm -rf /'' if I want to (and I have root permissions). That's an example of the operating system being done as it is told.
I don't see Apple letting a person (with appropriate permissions) being able to drag the entire operating system to the rubbish bin as being a problem. It's their computer - not OSX's.