Slashdot Mirror

← Back to Stories (view on slashdot.org)

Using Spyware to Report Pirates?

Posted by Cliff on from the do-the-ends-justify-the-means dept.

An anonymous reader asks: "I have visibility to AUP complaints we receive at work, and we receive messages from a software vendor that make it obvious that their product is phoning home when it discovers it is running a cracked copy of itself." Apparently the software phones home, and then the publisher's legal department sends the administrator an e-mail. "The message goes on to detail the users IP, a timestamp, the product in question, the users PC name, username, and MAC address. This falls under -my- definition of 'spyware.' What are your thoughts?" Software has been making surreptitious checks for "piracy" for over a decade, yet these checks are usually limited to the software itself, and not data on the user's machine. Do you feel software publishers should have the right to peer into users data, if their software suspects foul play on the machine, or should it do the easy and intelligent thing and just stop working?

6 of 1,013 comments (clear)

  1. Re:SCO OpenServer by GigsVT · · Score: 5, Informative

    You're joking, but SCO OpenServer does actually scout your network for other unlicensed copies of OpenServer and other SCO products. As far as I know, it just causes an output to console every few minutes warning you of the unlicensed software.

    --
    I've had enough abrasive sigs. Kittens are cute and fuzzy.
  2. Was it VisualRoute? by drdink · · Score: 5, Informative
    I have recently seen this sort of thing from Visualware, the makers of VisualRoute. They send data like this:
    ip address: 192.168.55.3 [dhcp77-1.example.com]
    local ip address: 192.168.55.3
    date/time: Mon May 05 07:22:22 EDT 2003
    ethernet mac: censored
    user name: censored
    computer name: censored
    license key: NONE - CRACKED VERSION
    product: VisualRoute (build 1858)
    zone: en_US-06:00
    And yes, that data is falsified to save the identity of who it was. The amount and type of data it collects and sends home is rather disturbing. Can't the damn thing just uninstall itself?
    --
    Beware, Nugget is watching... See?
  3. Use Free Software by no_choice · · Score: 4, Informative

    Given that you undoubtedly agreed to allow the proprietary software to do a full body cavity search on you when you clicked through the EULA, the publisher has the right to do just that. Even if you're using a "legal" copy.

    YOU have the right to refuse to use binary-only, spyware infected, jump-through-hoops licenced programs. Use Free Software instead.

    "But I depend on the proprietary software to do my job." Then support the Free Software movement so someday you won't need to depend on proprietary software anymore.

  4. Re:why not? by RealAlaskan · · Score: 4, Informative
    ... stealing is stealing, ...

    Yes, it is. Funny you should say that and then follow it with:

    ... and if you're stealing a piece of software ...

    Stealing is stealing. Infringing upon someone's copyright is NOT stealing, it's infringing upon their copyright. Stealing is stealing, and using cracked software is something else entirely. That's why each is prohibited by a different law. You can't ``steal'' software unless you grab a boxed set and run out of the store.

    That may sound like a trivial distinction, but it's not: it is the heart of the matter. It's this sort of sloppy thinking that makes it so easy for Disney to get copyrights extended another 40 years every time Mickey has a birthday.

    It's important to remember that property rights are natural rights, which pre-exist our constitution (that's what our constitution says). Copyrights, patents, and the like are privileges which the constitution allows but does not require Congress to grant. When we equate copyright violation to theft, we blur that distinction, and play into the hands of those who would like to enclose the commons of our cultural heritage.

    --
    See what I've been reading.
  5. Re:What we want to know... by The+Vulture · · Score: 4, Informative

    Yep, and then they started making the manuals with dark blue text on burgandy paper (well, the code number sections, anyway) so that you couldn't photocopy it. By the time you can actually read the code number to enter to play the game, you've completely screwed up your vision. :)

    I had two Konami games on the C64 that used this method. After about five times of going through this pain, I cracked the damn games. What was great was that the copy protection code in both games was the same, and they even ever so nicely made it easy to find the protection (the border color changed after the code was correctly validated). Three byte patch (JMP $XXXX) and hacked game.

    Ahhh, the days of 8-bit computing. :)

    -- Joe

  6. Re:What we want to know... by riko_at_anubics · · Score: 4, Informative

    iptables CAN create rules based on the application.
    --cmd-owner name is the option to do so.
    you can also make a rule based on uid.
    Of course you can mix things up, for example you can allow an app to connect to some ports rather than to some others.
    And of course an application cannot use port 80 (server socket) if it's not uid 0 or suid.
    For example
    iptables -A OUTPUT -p tcp --dport 80 -m owner --cmd-owner mozilla-bin -j ACCEPT
    iptables -A OUTPUT -p tcp --dport 80 -j DROP
    would let only mozilla connect to port 80 of a remote server.
    I can tell you: you have got no idea how powerfull is iptables!

    --
    I don't want to start any blasphemous rumors but I think that God's got a sick sense of humor. DM