Slashdot Mirror
First Worm with a EULA?
ErikRed1488 writes "There is a new virtual postcard from Friend Greetings, owned by Permissioned Media that prompts you to install their software to view the card. You are then presented with a EULA granting them permission to e-mail all the Contacts in your Outlook Address Book. Those people are presented with an e-mail from you telling them they have a greeting card to pick up. So, this thing spreads like a worm, but includes a EULA that 95% of users won't take the time to read. Symantec isn't detecting this as a virus, but does have information about it on their site. In addition to the worm-like way it spreads, it also installs spyware designed to deliver ads to your computer. You also give them permission to install further software any time they want. In my opinion this is completely nasty, but it's all clearly in the EULA that you must agree to before it installs the software."
Just beautiful. The more insane EULAs get, the more people will start taking a harder look at all of the ones they currently sign their souls over to.
This can only be good for Open Source.
This may be a cynical thing to say, but I think it was only a matter of time before some shady software like this was made.
I would remark "How could the makers of such a thing sleep at night?" - but I already know the answer: they sleep just fine. People like that don't believe that they're doing anything wrong.
Experts agree: everything is fine.
to help force the govt to evaluate the merits of EULAs. While it can be argued..."you shouldve read the license before you agreed"
I would rather say "There shouldn't exist any such licensing format. And we as the people should not allow it to ever exist."
This points out the absolute absurdity of click-through EULAs. Hopefully, a case against them could be used as a legal defense against other badly-licensed software.
John
Eulas like these should be regulated by the government. It is pretty common in contract law that unreasonable provisions are not enforceable and illegal. Like for example a credit card agreement cannot mention it deep in the fineprint that if you default they own your house or are allowed to enter your home and steal your pants. This kind of EULAs are a consumer protection issue.
This to me is a primary example of the sometimes dichtomous nature between was is legal and what is ethical.
Is what these business professionals done legal? Probably.
Is it ethical? Absolutely not. Otherwise, why hide the email's worm nature in the EULA?
I know there are those that are going to say, "Hey, you had the opportunity to read the EULA, you didn't, and you clicked it anyway."
But caveat emptor, though a fact of life, does not exempt the screwer from his reponsibility of what he did to the screwee.
May be legal. But in my mind, definitely not ethical.
"We're sorry, but the website you're trying to reach has been disconnected."
This could make a good legal test, since many people have questioned the legal validity of click-through EULA's. If you could successfully argue that this EULA wasn't valid, then the others would be on very shaky ground.
Some may scream that the law should enforce morality, but then you must wonder "Who's Morality?".
I read a very interesting book recently, called Human Action, by a lovely looking grey haired man called Ludwig von Mises. It was left by my old boyfriend in the bathroom, and I picked it up and smelled it unhappily one evening, but before long found myself readin Mises' interesting take on the fundamental sovereignty of man.
Mises would warn us all against enforcing a common morality, for that is a sure way to tyranny, in the end. This company should not be legislated against. We should instead encourage people to read EULAs and to take responsibility over themselves, over their own bodies, over their computers. Anything else is slavery to government.
I thought I had left slavery to the state behind in my native Scotland. As a Catholic girl, I understand only too well the attractions of worshipping an idol like the state. But we are better to resist laws that seem fair and moral, and instead trust in common deceny and responsibility.
Thanks,
Margot. XXX
--Anticipation of a New Lover's Arrival, The
How many of you have read the Slashdot EULA?
This just describes what the program does, and by placing it in the license, they hope that you don't read it. Kinda like saying something in 4pt-font fine print: ("note: Happy Fun Toy will explode into sharp shards, killing your child"). Shady practice, but not directly related to the real problems with EULAs ("you may not use this program unless...").
Just nitpicking.. But it's true, you should always read your EULAs (prounounced EWWWWWWW-lahz).
This thing which automatically sends itself to everyone in your mailbox is saving a lot of people a lot of time. It's only slightly worse than the emails which end, "Send this to everyone you know." Most people believe the crap in them and forward to everyone they know.
Never: EVER, have I recieved an email which read "Forward to everyone you know" that should actually have been forwarded to anyone.
NEVER NEVER NEVER NEVER NEVER send to everyone you know! How many times must I say this? There is *NOTHING* that needs to be sent to everyoen you know.
Execpt this excellent cookie recipie...
M@
Krispy Cream is people
This really is not a Microsoft virus. If a person is stupid enough to install an application would be stupid enough to install an application on any platform. They would even be stupid enough to log in as root first if needed. Take a look at the EULA. What the application does is not hidden. It repeats itself several times and even puts it in all uppercase letters.
speaking of lawyers... are eula's treated like contracts, legally speaking? if so (and i'm pulling from a business law class from several years ago), illegal or unethical points of a contract are null and unenforcable by default, regardless of what you sign. i.e. - if you sign a contract to mow my lawn, and it states that if you cut down my roses, i get to kill your firstborn in a satanic ritual - well, that's just not enforcable.
too bad online legislation moves so slowly... i think i'm going to register for every spam list i can with my representatives' email addresses, and see if that gets things moving along... umm.. just kidding, secret service guy reading this over my shoulder.
a
It's unfortunate that it has to be this way, but unless people get burned by EULAs they're not going to take EULA's seriously. Discovering that they've agreed to let this software spam their boss, coworkers, and business contacts will hopefully encourage people to seriously read EULAs in the future. I expect that when people start seriously reading EULAs, they'll discover they don't actually agree with many of the terms. (Or at least they'll discover that they can't make heads or tails over the thing.) A little backlash would be help restore balance to EULAs and make the work a more fair place.
Search 2010 Gen Con events
"Hi, could you add the following term to your EULA?..."
Third parties: You agree not to reverse engineer or exploit Microsoft Outlook in such a way as to create "worms" [define to your lawyers hearts' content] on penalty of $1trillion US, to be paid to [add deserving fund].
Now they can make their worms as legal as they like and, by expecting others to live to their EULA, they have to abide by Microsoft's and file for bankruptcy.
Never thought I'd like Microsoft having EULAs.
Anybody that thinks that 5% of people read a EULA obviously gives a lot more credit to humanity than I do.
-Waldo Jaquith
well after that first eula do you still have the right to give away control again?
- important items in the EULA are often hidden or hard to find. EULAs should be ordered in chronological order of what will happen when the software is installed. also, items should be ordered in order of probability of happening, i.e. any actions the program is written to do (like spam your mailbox's email addies) would have to come before the 15 pages of lawyer-speak about how we can't sue the developer in the case that the software malfunctions (which, hopefully, it wasn't programmed to do) and your house burns down.
- 90% of EULA content is the same. when software is released under the GPL or Apache or Artistic licenses, the user (assuming they've reviewed the license once before) has a reasonable idea of what they can or cannot do. common EULA sections, such as "you can't sue us, even if our program blows your machine up" (and the pages of related wording afterwards) can be summarized, or pointed to hyperlink-style. i.e. "this software is covered under the 'You Cannot Sue Us' clause, which could be a link to a standardized, common document that explains all the ugly details. the actual EULA could contain this statement, as well as any modifications the developers have made... that way, there's hopefully less to look at ("ah, they support the 'We Won't Ever Touch Any Non-Directly-Related Files on Your Computer', but they do take a snapshot of my entire filesystem and send it back to the mothership every night. *clicks 'NO'*
i think there are alot of very reasonable ways to standardize and govern EULAs. of course, I'm just a programmer, so what do i know.If the greeting card popped up with a dialog that said "I will spam everyone in your contacts, and I will install spy-ware on your machine" when you tried to execute it, then nobody in their right mind would. The problem is, that the vendor buried what the application really does, in a bunch of legalese that they *know* end-users never read. And packaged the whole mess up as an innocuous greeting card.
I have yet to see ANY GPL software that is distributed this way.
"Politicians are interested in people. Not that this is always a virtue. Fleas are interested in dogs." P.J. O'Rourke
Actually, Wellstone was in favor of freedom on the internet, and he did not support the RIAA/MPAA. I personally talked to him about this, and he was, obviously, not a huge supporter of big business, and the RIAA/MPAA are a pretty big proponent of big business.
Why is it that people assume that censorship and the shutting down of the internet at the request of the industry is a liberal idea? Wellstone was the most liberal man in Washington, and he was against the above. Censorship does not fly along partisan lines, but if it did, it would not be a liberal idea.
The death of a senator probably won't affect the outcome of a national election two years down the road. The only way Bush gets elected in 2004 is if he is successful in keeping the voting public blind to the fact that the economy is more important than foreign policy, and that his failing policies both at home and overseas are, well, failing. Thus far he has been successful in keeping his blatant domestic failures a secret by focusing on foreign policy, and it is very ominous for the future of the republic if he is able to do it for an entire term and into another.
Either way, the death of Wellstone is not a political issue, and it should be looked at as the tragedy that it is. If anyone criticizes Wellstone as a man, they don't know who he was and are not qualified to talk about him. You can disagree with his views, but if you dislike him as a man, you are simply wrong.
Lack of eloquence does not denote lack of intelligence, though they often coincide.
(no one's going to read through 50 page agreements before clicking on "yes"). ... and IMO, if you aren't willing to even read the license, you have no business running the software. Likewise, if you aren't willing to read the GPL you have no business using code from GPL-licensed software.
And, if you don't read the warning labels/user manual on a product, and are injured as a result of its use, you certainly deserve what you get. I bet you read the manual next time. Or not.
As long as a reasonable effort was made to warn you (be it a warning label, or a license for which you have to click "I AGREE" before installation), it is your fault for not taking precautions.
Do I feel these people are doing wrong? Absolutely. Do I think it should be regulated/outlawed? Hell no.
NGWave - Fast Sound Editor for Windows
It seems like a lot of you guys are really down on Symantec and McAfee for not filtering this with their AntiVirus software, but consider this.
By clicking "I agree" on the EULA you are telling your computer "I want to do X". If you tell your computer you want to do X and Symantec's software tells your computer "he can't" how is that any different from all the DRM crap like Paladium?
I know the intention in this case would be to protect the user, but then again isn't that the tack that Microsoft is taking as well?
Of course, if the contract is null and void, you are still bound to the standard law regarding copyrighted material with respect to a GPL work. In other words, you can look at it, but you don't have any right to redistribute, modify, etc. etc. etc., all the nice rights that the GPL grants you THROUGH your acceptance of a contract, IN EXCHANGE FOR consideration. So it is clearly only possible as a result of BOTH copyright law and contract law that the GPL can exist. An EULA generally refers to a consumer good (a piece of binary software), that is also admittedly under copyright protection, and there is generally no "contract" that I think should be legally acceptable, because, as you point out, it restricts what you can do and offers you no consideration in return (though click-through licenses apparently offer you the consideration of being able to use software you already paid for - ROFL).
Summary: GPL depends on a combination of contract law and copyright law. Shrinkwrap EULAs depend on a serious misinterpretation of contract law to restrict rights that you have as a result of common law and copyright law (i.e. first sale doctrine, etc.). Clearly we can all agree that EULAs restrict freedoms, and most Free/Open Source Licenses, GPL included, grant rights you wouldn't otherwise have.