Slashdot Mirror

← Back to Stories (view on slashdot.org)

General Public Realizes KaZaa is Spyware

Posted by CmdrTaco on from the death-to-the-eula dept.

blankmange writes "CNet is reporting the slow dawning of the general public to KaZaa and spyware. "Virginia Watson unwittingly authorized a company she'd never heard of to install software that would help turn her computer into part of a brand-new network. The software, from Brilliant Digital Entertainment, came with the popular Kazaa file-swapping program. But the 65-year-old Massachusetts resident--who has a law degree--didn't read Kazaa's 2,644-word "terms of service" contract, which stated that Brilliant might tap the "unused computing power and storage space" of Watson's computer. " " Fortunately the helpful graph in the article compares the complexity of IRS tax forms with Brilliant's terms of use... guess which one is harder to read?

6 of 408 comments (clear)

  1. There should be a law... by CaptainPhong · · Score: 5, Insightful

    It should be illegal to have complicated and misleading user-agreements in software. Over the course of a day, a consumer might have to agree to several of these, not to mention other contracts, service agreements, etc. they have to sign in their non-computer life. Invariably, these sorts of things are unreadably long and full of Legalese unintelligible to the average Joe. We're bombarded by so many, that it is literally impossible to read and understand them all, let alone send them to our lawyers (as we are "supposed" to do with contracts).

    Because of the size, complexity and volume of these things (and the need to usually get past them quickly), I would argue that they amount to coercion (which would invalidate them). The same is true of shrink-wrap software licenses (which you are rarely able to examine until well after you've unwittingly agreed to them). Of course, I doubt a court of law would agree with me. However, I think it would make sense to have a consumer protection law that requires that these sorts of things have a short, concise, easy to read summary at the beginning that gives the user an idea of what they're getting in to (with all the legalese below for completeness). That would prevent companies from creating scumware like this then hiding behind their user-auto-agreements.

    --
    ... "Give me a woman who loves beer and I will conquer the w
  2. It could be a valid business model... by Lobsang · · Score: 5, Insightful

    This *could* be a valid business model. Think about it: Company X offers services for free in exchange for a few of your CPU cycles. The same client could be used for both distributed processing and, say, file downloads. Company X makes money by selling CPU power to third parties (your spare cycles) and you, the user, enjoy free service.

    Unfortunately, KaZaa wants to do it *without* telling you. That's just unacceptable...

  3. How to install software... by smagruder · · Score: 5, Insightful
    1. While installing software, don't bother with reading the EULA (unless that gives you kicks, or you're required to), but run the installation as you normally would, making sure that whenever you have the option to *not* install adware or spyware, take it.
    2. Scan your system with Ad-aware or other comparable software. Note: I don't work for Lavasoft.
    3. If the previously installed software still works, Great! If not, uninstall it.
    --
    Steve Magruder, Metro Foodist
  4. A legal virus? by The+G · · Score: 5, Insightful

    I know that it's a mistake to think of legal documents as if legal language were source code or machine instructions for the legal system. None the less, it does seem as if we are beginning to see legal documents employing the same sort of "social engineering" and "viral behaviour" that we encounter daily in code.

    What Kazaa has done is no different from what the Mellissa virus did: It presented people with a choice (install this software for Kazaa, open this document for Mellissa) that appeared to most to be benign. The means of knowing the choice was not benign were available (the license agreement for Kazaa, the actual contents of the document for Mellissa), but were obfuscated (in complex and opaque legal language, in obfuscated macros in an opaque document format) and chaffed (in one small part of a very large file/document in both cases).

    Perhaps, then, we need to look upon trojans written in legal "code" the same way we look at trojans in software: As malicious and probably illegal. It is no more sensible to expect people to be able to fully comprehend a complex (and deliberately obfuscated) legal document than it is to expect people to read the binary code of every program they run. Yet our legal system presumes that you are responsible for your agreement to "run" the legal code but that you are the victim when you run the binary.

    We need to treat contracts and licenses written in legal language the same way that we treat compiled code: as opaque and, when they are harmful, as malicious "exploits" of user vulnerabilities.
    --G

  5. Re:GREAT! MORE LAWS! by karmawarrior · · Score: 5, Insightful

    Except that the current system is great for lawyers: You're forced to accept an EULA to use a piece of software, if you don't want to, you have to (somehow) negotiate your money back. And in order to understand the EULA, you probably should consult a lawyer anyway: Even if it apparently reads like plain English, there will be clauses that are likely to be invalid, or ambigious, or have hidden repercussions.

    Simply outlawing them, or offering a basic "If someone pays you for the right to use the software, you MUST offer them the ability to install and use the software without agreeing to any conditions beyond those implied by copyright law and first-use/right of first sale doctrines." is not going to help the lawyers. It removes them from the process, and a good thing too.

    --
    KMSMA (WWBD?)
  6. Re:And the public cried... by ergo98 · · Score: 5, Insightful

    Most people don't care if their spare computer cycles are used by some company if, in return, they get a good piece of software.

    Then how about distributing the software with "price: The Idle time of your PC"? Why are these "ways you pay for the software" always hidden away, usually installed silently in the background, and controlled via a checkbox that was careful placed outside of the visible range on one part of a 30 part install wizard? The reality is that most of this insidious software doesn't state its true intentions, because they know if they did many people would forgo using it, but instead they put "FREE!" all over the product.

    There does not need to be LEGISLATION in this matter. There needs to be education. People should not just download and run software from untrusted sites. EVERYONE knows that. So in this case, I do not shed a tear.

    Uh, we're talking about mainstream, very popular software : Not software from warez sites. So if Netscape 8.2 read your financial information and sent it on to banks, that's ay okay?

    No pity for the majority.

    And you work in computer configuration and repair? I feel pity for your customers. I'll guess that you're the type of guy that always has the raised eyebrow, exclaiming about how dumb the average Joe is, while at the same time wallowing in your own ignorance.