Slashdot Mirror
BSA Accuses OpenOffice Mirrors
sqrt529 writes "A German university was accused by the BSA of pirating MS Office, because they mirrored OpenOffice.org. The scripts from the BSA only check for "Office" in the filename and then automatically send out notices to the ftp admins. Did any of you get similar notices from the BSA?"
"I've got an idea! Let's write scripts that will automatically log in on FTP servers, waste bandwidth, cost people money, and also do a shitty job looking for pirated software!"
Yeah, that's really bright. If I were operating any servers that had been raped by the BSA's scripts like this, I'd be extremely pissed off. They should realize that bandwidth isn't exactly free, especially not in countries != US.
And imagine what the BSA would have loved to do to these servers if they were allowed to hack the offending boxes.
FTP is a file-sharing protocol, isn't it?
Doing the Right Thing should not be preempted by making a buck.
... a sneaky way for MS to hit OpenOffice by threatening mirror servers with legal action? The SysOp at uni.Muenster wasn't sure whether he was on shaky legal grounds or not. If the name OpenOffice gets any way muddied, people would turn off it. In short - more FUD.
Alison
"It is a miracle that curiosity survives formal education." - Albert Einstein
I think you are parsing that wrong.
[The BSA] states, under penalty of perjury, that it is authorized to act in this matter on behalf of the copyright owners listed.
Seperate clause from the first half, I believe.
Microsoft had nothing to do with this. This should be a YRO article.
Why doesn't the RICO Act apply to the BSA (not the Boy Scouts)?
Probably not perjury. They didn't check at all, so didn't know they were wrong.
Nevertheless, adding this seems to be a formality. I'd love to see someone prosecuted on that line just to force lawyers to think about how inimidating sending a letter is.
No, you're confused.
It's Mr. Rogers that passed away, at 74. Now that's an American Icon.
Back on topic: The BSA rep apologized for the mistake, which implies she's a) not a lawyer, and b) knew something about OpenOffice- if only that it's GPL/free-as-in-beer.
It would have been more of a story if the BSA started trying to find out which company owns OpenOffice, or just blindly pressed on with their accusations... but they didn't.
Hacking, as well as perjury for this statement:
"BSA represents that the information in this notification is accurate and states, under penalty of perjury, that it is authorized to act in this matter on behalf of the copyright owners listed above."
Unless OpenOffice authorized the BSA to do that, then it's perjury, by their own statement.
This has been a test. Had this been a real emergency, we would have fled in terror and you would not have been informed.
Someone knocks at your door. You don't know who the hell it is but you let them anyways. You serve them tea. Then they accuse you of copying a wicker basket design of theirs. You say nope, its all my own original work. They agree. Then you send them the bill of .73 cents for their tea bag.
Who is the dickhead in this situation?
Why on earth would you write a script/program that automagically sends out nastygrams without a human being first checking to make sure the "hit" is even valid?
Pirated software can actually increase
profits in the long run. Would DOOM
have been so popular, consequently giving ID
profits on Quake, had millions not had a
pirated copy?
One reason MS office is so popular is because
years back it was often pirated, increasing the
user base that depends on it.
seriously. they sent you a legal notice that was false. they logged into your ftp server with false information.
if you sent the bsa a legal document that was false, could you get away with, "oops, sorry?"
US Citizen living abroad? Register to vote!
I'd ask him what measures they're taking to ensure things like this don't happen, and then, what went wrong here and why?
Maybe add something about there not being a human element to all this, which may have been able to spot a good number of false positives.
This has been a test. Had this been a real emergency, we would have fled in terror and you would not have been informed.
Hmm... Good questions. Any lawyer know how much the Open Office team can sue the BSA for claiming, under penalty of perjury, they represent them?
Or, does the Open Office team have to sue the script that sent out this letter?
(I'm not opposed to people sending out thoughtful, intelligent cease-and-desist letters on a case by case basis. I'm opposed to blanketing legal threats like spam across the world, and taking up other company's time and money instead of doing your job as a lawyer properly. This letter obviously was never seen by a human being until such a time that it was recieved by the school, who like so many other institutions had to take a large chunk of time to investigate the claim. Only piles of money allows the BSA to do such a thing: no smaller company would ever be allowed to get away with flagrantly false legal threats.)
The ______ Agenda
It is stating under penalty of perjury that it has the authority to act on behalf of Joe Bob Copyright holder. Not that you have broken the law. That's like suing the prosecution for perjury during your trial because you think they're lying.
Seems like a very simple misunderstanding. Like it or not, the BSA exists, and is full of people who are trying to do their jobs. If it were you, tell me that the notion of a net spider wouldn't appeal to you.
Not too much of a stretch. Microsoft has been a major contributor to the BSA since its inception. It harasses companies based on rumors of software non-compliance co-opting US Marshalls to act as a the gestapo. It is also growing power and influence worldwide.
Read this interview with Gates himself for more insight on Microsoft and the BSA.
To sum it all up, the BSA *is* Microsoft.
As one sig I see here on Slashdot goes: Behind every sleazy lawyer is a sleazy client.
In this case the BSA is acting as a hired gun for Microsoft, so Microsoft should be getting the bad PR.
The BSA's notice states that they make their claims under penalty of perjury.
As their information is easily shown to be false and incorrect, and as it's also easily shown that they should have known enough to check simple facts like these....
How about applying to the court for the application of the penalty for perjury, which I believe is time in jail, to the folks who are responsible for this obviously faulty notice that they obviously didn't bother to check for accuracy and that they themselves have sworn to the accuracy of.
Penalty of perjury isn't just a form of words like "How do you do" or "Have a nice day". The penalty is real and should be applied where warranted. The BSA requested the penalty for perjury in their notice. It should be delivered.
If you're a zombie and you know it, bite your friend!
A net spider would appeal to me, but you can be damn sure i wouldn't be mailing out legal threats the moment the spider caught the word "office" in the filenames. Why wouldn't they just plop the server name and file name into a database where human eyes can check it out before mailing threats?
--- What
scripsit Spudley:
Bad idea from whose perspective? It's very intentional, I am sure, that MS uses these kinds of names. They want their products to be ubiquitous, to equate in the public's minds with the generic. In other words, the possible confusion between the specific and the generic is very intentional.
It also helps if you can achieve a legally-protected trademark on a generic term, preventing competitors from accurately identifying their software. Just try to make a new product -- let's say a window manager for Gnome called ``Gwindows'' -- and watch the fun.
In principio creauit Linus Linucem.
Yeah - but at least I'd have my software check some checksums on the allegedly pirated files - then have a human go check them out BEFORE mailing out threatening letters.
This sort of harassment needs to stop.
The problem is that it's cheaper to send out a threatening letter than to check carefully and THEN send letters only to true offenders. You just bet that 99% of recipients will stop doing whatever it is you suspect them of - which makes it a cost-effective way to work. The BSA doesn't have these people as customers - so what does it care if it pisses them off?
I suppose, what the world needs is a law to say that if you send someone a letter threatening legal action if they don't do something - then if they don't do it, you should be REQUIRED to take them to court - and to be liable for their costs, pain & suffering, mental anguish, etc, etc if they turn out to be innocent.
www.sjbaker.org
They couldn't have.
If memory serves me correctly, and it has been known to fail me at times, one of the requirements under the DMCA is that an expedited "takedown" notice has to be stipulated "under penalty of perjury" to be valid.
Arguably, this was to prevent people from making stuff up to get other people's sites taken down. Otherwise I could send a letter to your ISP claiming that your site infringed on a copyright that I or someone who employed me held. The ISP would immediately take your site offline, doesn't want to loose its "safe harbor" immunity. By the time you contested it, your site would have been off line for a day or longer. This way, if you do send out a "take down" notice that you haven't checked and made sure that it did indeed contain infringing materials, you could be punished.
I think that the BSA should be taken to court. If they can have a program automatically generate notices to hundreds or thousands of sites automatically, whether or not they are actually infringing, it makes a mockery of swearing to something under "penalty of perjury".
Scripts shouldn't be allowed to threaten legal action. The DMCA is bad enough as it is. If someone doesn't put a stop to this soon, a large swath of the net could be censored by bogus "take down" letters. Saying "Opps, so sorry 'bout that" when some one calls you on your lie isn't good enough. What about all of the other sites that may have or will get taken down because of things like this that weren't caught?
Just my $0.02 (Canadian, before taxes)
From the BSA apology: (italics and emphasis mine)
Apparently our system detects the OpenOffice files as MS Office programs and alarms me, which in turn sends the notices. I failed my part by not reassuring clearly enough which property was infringed and now that I am aware of that fact we will try and fix the search terms of our system and of course be more aware of the possible mistake.
Apparently, they automatically assume that some one/organization is a crook by the "which property was infringed" statement. No human oversite of the 'bot, no extensive verification routines, etc. and the result is frivolous threats and accusations. This isn't the first time I've heard of this happening. To me, this sounds like routinely making false accusations against innocent people and businesses.
IANAL, however let's see if I can layout objectional behavior and possibly illegal behavior:
Frivolous accusation of wrong doing without due diligence to verify allegations made by threat. This cost the University money because employees had to deal with a claim without merit. At least 2 employees, and a potentially expensive number of man-hours. No doubt, the person who received the threat sent it to their boss, who either sent it to their boss or the legal department. At least one meeting would have ensued as well as researching the claim that the University stated that they did to check that in fact they were not distributing MS Office. That could be several thousand Euros or even more that ten thousand Euros based on time involved where these people could have and would have been engaged in productive work.
Despite the point of entry being anonymous FTP, the BSA engaged in what might possibly be theft of service (by consuming a finite resource for other than the purpose the allowed reason of access that the University pays for). This may also prevent others from using the system legitimately because of the expense of the system.
Trespassing possibly. SPAM has been cited as trespassing due to the use of others assets for transmittal and storage. Perhaps this can be construed like this as well.If in fact accusations like these directed against the University of Muenster have been occuring for some time against others for doing similar things, than the apology (from the organization since I can't speak for the individual) most likely is not sincere and means that this behavior will in all likelihood continue, the the University and others. I believe we can be reasonably sure that the BSA has not ceased this behavior because of this incident.
I feel that this situation is akin to this scenario: I give or sell a dozen cookies to people or organizations in Boston. Then, I walk into every office in New York City and exclaim that because there is some food on a desk, food waste in the trash, etc., that they obviously stole my cookies because cookies are food. Cookies are the metphor for software and an unlocked door at an office is the metaphor for anonymous FTP.
What this shows is that the BSA is engaging in activities in multiple countries. Because their membership is dominated by the major software companies, and here they threatend the distribution of a competing, if free, product, perhaps this can be construed as collusion by the software giants and anticompetive behavior. Can someone cite other similar instances?
"Do you prefer they eliminate the middle step and go straight to the FBI when you learn about your illegal copy of Office?"
Why not? They already eliminated the first step where they actually make sure you have an illegal copy of office.
But regardless, if you are doing nothing wrong there is no harm.
Bullshit... if they have some reason to believe I'm pirating software, even if I'm not using said software, it can be tough for me to prove I'm innocent. After all, their standard is "guilty until raided and proven innocent." So they can come in and raid me, and even though I'm innocent, they can disrupt my business and confiscate my computers. Who else has the power to do this? Nobody I can think of, definitely not legally.
Do you prefer they eliminate the middle step and go straight to the FBI when you learn about your illegal copy of Office?
Actually, yes. I think that's what everyone wishes would happen. If the BSA is accusing you of less than $5,000 worth of piracy, the FBI will tell the BSA to f'off. If they're accusing you of more than $5,000, then the FBI will conduct a proper investigation, unlike the BSA's slash and burn approach. The BSA is a vigilante group, and they should be stopped.
-- Never hit a man with glasses. Hit him with a baseball bat.
If the BSA sent a false complaint to your ISP / hosting provider saying you violated copyright laws, there would be no harm? Even if they take down your site or cut off your internet access?
If they went straight to the FBI with a false complaint like this, they'd probably end up in jail.
I think that the practice of letting computers/searches/scripts do all of the work without applying any human intelligence to the process has become more and more common.
This, in itself, isn't bad. For example, I use scripts almost every day to make me much more productive. However, as any decent programmer can tell, a quick, dirty, and untested script can wreck a system or, at least, output garbage (like in the example you provide).
What this incident with the BSA shows us, is that their impulsive and uneducated lawyers and businesspeople hired incompetent and lazy programmers to do their dirty work. If one of those people is reading this, then, yes, I do mean to offend you (you should be in a different line of work...perhaps custodial engineering, instead?).
Healthcare article at Kuro5hin
One might argue that BSA's belief was arrived at negligently...
Exactly. The signatory to the letter, Ms Corina Beck, was clearly negligent in allowing this allegation of criminal activity to be made in her name, without first making at least a cursory review of the "evidence". As she was acting as the legal agent of the BSA, the BSA is responsible for her incompetence. BSA either failed to train Ms Corina Beck properly or failed to supervise her activities, or both.
As a result, BSA has accused an institution of criminal behavior. That is not something that should be taken lightly. The law deserves more respect than BSA is currently giving it.
At its best the law is a precision instrument. If we allow it to be used as a hammer, we'll lose a core part of civilization. There are other ways BSA can accomplish its goals.
One appropriate response to this sort of letter that I don't see advocated much on these forums: find out what Bar Association has authorized the lawyers sending the letter to practice law, and send the Bar Association Ethics Commission a politely-worded formal letter of complaint. IANAL, but IMHO the lawyer is definitely engaging in unethical behavior under the Canons by sending legal notices on behalf of clients without any kind of legal basis to do so. It would be nice to get them sanctioned.
Perjury must be "knowingly lying under oath" though I believe. Perhaps Fruad?
"Ignorance more frequently begets confidence than does knowledge"
- Charles Darwin
I suppose, then, that I should also send a similar bill to Google, Ask Jeeves (Taeoma), and all the other web search engines that hit my site every day, hmm?
They provide an open, anonymous FTP service. People are more than free to connect and browse the site. It's implied by leaving the port, and access to the service on the port, open and freely available.
And no, it's not like a wicker basket, a convenience store, arcade, car dealership, household, tea party, donut shop, sheep farm, or anything else. It is running an openly accessible file service to the global Internet. Period.
Want to see what it looks like when you don't run an anonymous FTP server?
I get probably, on average, about ten attempts per day, every day. I suspect that the vast majority of them are automated robots, perhaps even the BSA has tried a time or two (I rarely investigate these probes).
Were I running an anonymous FTP server, I'd have to accept the consequences of people connecting, like above, at random, and perhaps actually utilizing the service. Tracking down these robots and attempting to charge them bandwidth utilization for all of five minutes is patently ridiculous, and you'd never get a law authority to take you even remotely seriously.
Now please, can we skip the usual rhetoric and try to see the big picture?
Oh, my apologies, I seem to have forgotten where I am ...
BD Phone Home!
Shameless plug. Like you weren't expecting it.
I read the correspondence. It seems like the exchange went something like this:
"Hello, we see something that looks like illegal software on your public server. If so, please take this opportunity to remove it."
reply: "You're mistaken, it's a legal, well-known package."
response: "You're correct, please accept out apology."
Now maybe I missed the part where the stormtroopers break down the door, but it seems like an honest mistake, quickly rectified, and politely explained.
I hate posting RTFA responses, but RTFA.
Their scripts screwed up, they admitted the mistake, appologized and have promised to adjust the scripts. What more could you want?
While I may disagree with their initial tactics, they've been most understanding and civil about the whole matter. One could only hope more of their member organizations behaved in as level-headed a fashion.
Case closed. Move along. Nothing to see here.
I just want to take over the world...Why does that automatically make me EVIL?
I read the correspondence.
I read it too. I saw this:
BSA is not the representative of OpenOffice and made fraudulent legal statements based on that falsehood. That the statements may also have been negligent does not excuse that fact. If I get a debt collection letter printed by an automated machine that threatens me with broken legs if I don't pay, the sender is still criminally liable under the Fair Debt Collection Practices Act.
That the site in question was, in fact, not guilty does not make it fair to have presumed them guilty in the first place. This incident demonstrates that allowing a commercial entity to conduct law enforcement activities not only encourages abuse, but proves that such abuse actually takes place.
If they went straight to the FBI with a false complaint like this, they'd probably end up in jail.
Untrue. The FBI investigates, and thats that. You go the FBI with suspicion, they investigate. That is how it works.
Wrong. If I as an individual make a false criminal complaint against someone, I can be criminally liable for doing so. Extensive law and precedent of civil liability is also associated with making false accusations.
Perhaps someone can clarify what a cease-and-desist order really implies, but I've always considered them a thinly-veiled legal threat which, financially speaking, could be considered analogous to a mob thug showing up at my business demanding "protection" money. Even if I'm doing nothing wrong, I still have to pay a lawyer to prove it...which I think the BSA is entirely aware of. I don't believe that RICO could be applied to the BSA's strongarming tactics, but their methods certainly underscore a severe need for an Anti-Barratry Act.
--K.
Sig: Bad people happen. Try to avoid being one of them.