Slashdot Mirror
Software Customer Bill of Rights
Cem Kaner of Badsoftware.com has written up a Software Customer Bill of Rights. Very appropriate considering our recent stories about Microsoft viruses, Dell's BIOS-clickwrap licensing agreement, etc.
← Back to Stories (view on slashdot.org)
But this is America. Consumer rights are secondary to business rights...
Nice thought but no one would ever adhere to these 'rights'. Its not profitable for commercial software vendors and open source vendors usually dont care or are too lazy to invest time and resources into making sure that these 'rights' are followed.
"Today a local man was arrested for screaming at employees of a local 'Best Buy' store after they refused to sign a contract he had printed out. Bystanders claimed that he refused to buy any of their products unless they signed said document, and that NOT signing would be a grave injustice. Our sources have told us that he is currently being held in Bellview Psychiatric Hospital, and is undergoing observation."
I am a filthy pirate.
But then IE crashed.
Just kidding! I'd never use IE.
sad but true
When has any product ever "lived" up to the marketing claims? If I expected everything I bought to live up to their claims, I'd be dissapointed with every bar of soap, every beer, and every Big Mac.
Yeah, it's fashionable to want to sue Bill, but what if some guy creates some virus that brings a Linux system down to it's knees? Who do we sue? Linus? OSDL? Or will there be a double standard? Remember, if Bill gets to be sued, be prepared for your favorite OSS house to be liable as well. Otherwise it's just sheer hypocrisy to target MS. And remember, MS is made of of coders who went to the same schools as you. Contrary to OSS opinion, Bill does not write every single line of code in the products nowadays.
If I could have manufacturer's adopt one part of the consumers bill of rights, it would be to advertise with honesty. Do not sell me a software product which does not live up the advertising.
The one part I disagree with is the reverse engineering. Companies have a right to sell software and to ban people from reverse engineering it.
Rosco: "If brains were gunpowder, Enos couldn't blow his nose."
"1. Let the customer see the contract before the sale. It should be easy for customers of mass-market software products and computer information contracts to compare the contract terms for a product..." It would be interesting to see how the court opinions which make this right one of the few listed which are already enforcable would serve as precident in relation to the new agreements imposed by microsoft as one installs mission-critical updates. Would drastic changes to EULA's made by Microsoft in software updates which are all but absolutly essential for the wellbeing of your data, etc, be court enforcable? Probably not...
So who's going to fund this 'Consumer Friendly' bill? No Corporation would back it.
This is a really well written, thought out, piece of work. But the only flaw I see is: 4. User has right to see and approve all transfers of information from her computer. (Basically says end-user should see un-encrypted version of what is being sent) If this law would be to put into use, we would have more of a problem with people stealing credit cards. I agree with what they are trying to do, but this looks like (to me) as if it's going to promote exploits.
I can repost this ad nauseum, since someone doesn't want to face the truth. Yeah, it's fashionable to want to sue Bill, but what if some guy creates some virus that brings a Since someone doesn't want to face the truth, I can repost this ad nauseum. Copy is a very useful function. Linux system down to it's knees? Who do we sue? Linus? OSDL? Or will there be a double standard? Remember, if Bill gets to be sued, be prepared for your favorite OSS house to be liable as well. Otherwise it's just sheer hypocrisy to target MS. And remember, MS is made of of coders who went to the same schools as you. Contrary to OSS opinion, Bill does not write every single line of code in the products nowadays.
Nice piece. Very nice, and very never going to happen. At least as long as opponents are large corps with armies of slick lawyers and proponents the EFF, RMS and a few computer-educated consumers.
...
...
Remember, most computer users still think software crashes and glitches are part of life with a computer, that viruses and worms are the work of evil pirates and that Microsoft is the victim, not the cause, etc
In short: it'll never happen. Move along
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
All those crummy Licences/EULA's etc have been unenforceable here for years! we cannot give out rights away here even if we wanted too. Mind you there's no point in sueing here, you(and your lawyers, of course) generally don't make a sh*t load of cash. just the purchase price back I paid for Win95 everything from then on has been a bug fix
You must not have seen the herbal essence commercials then.
some strong feelings to hold companies fully accountable for losses caused by their products' defects
I can see where this view is coming from, but seriously; the litigious culture that is developing in the USA (and therefore no doubt on this side of the pond before long) could have a grave impact on your economy.
You have to take a certain degree of responsibility for your own action. Otherwise, everybody will just be too scared to do anything, and every American will just stay in bed all day.
You NEED suppliers to be a viable business yourself; and in return those suppliers deserve a leniency from you as far as accountability goes.
In return you get leniency from your customers as far as your own liability goes.
As the owner of a small software business, I feel comfortable with the fact that whilst I cannot sue Microsoft's ass if something goes terribly wrong; neither can my customers sue my ass.
Swings and roundabout; 6 of one...
There should be no changing the contract terms in order to get bug fixes. (And no bundling bug fixes with new features to get around this provision.)
...by the Subject line of an email I just sent to some of my friends on this matter:
Subject: Great ideas that will never come to pass
Honey, I shrunk the Cygwin
Oh, you mean that one that was patched a whole month before? Or are you talking about that e-mail attachment virus, the one for which you apparently expect Bill Gates to show up at people's houses telling them not to run the attachment?
How is it Microsoft's fault if users run the attachment? Is it Linus Torvalds' fault when there's a sendmail hole? Is that suddenly a "Linux hole?"
Just curious.
"Sufferin' succotash."
Because software isn't a patentable good or service, it's simply a license.
Can we say "legal contradiction" boys and girls?
I knew you could.
KFG
5. A software vendor may not block customer from accessing his own data without court approval.
But the software is intended to allow the user to see what Microsoft wants them to see. Encouraging users to see all their own data is circumventing the grand Microsoft plan of Digital Domination. I demand the site is removed from all search engines.
SAILING MISHAP
IMHO, there's one the omitted from the list:
11. The user shall have the right to view the source code on demand.
If I am running your software on my computer, I have the right to see what exactly it is doing. In 99% of the cases, I would not exercise this right, if I believe that the software is doing what it is supposed to do and I have no suspicions that it is doing something funny. I have a Red Hat Linux system but don't have most of the source code RPMs installed, or the full Linux kernel source installed. It's good enough for me to know that I can acquire it on demand.
And before I get flamed for sound like a clone of RMS, realize that seeing the source code is not necessarily the same as modifying and redistributing it. All Free Software is Open Source, but not all Open Source is Free Software. I would, however, object to having to sign NDAs to see source. You can tell me not to redistribute your source and I will abide by that, as that is simply following existing copyright law, but I would not accept a blanket gag order to not discuss the source at all.
Of course, this will probably never happen, but its a nice thought, anyway.
Karma: Frotzed (mostly due to the Frobozz Magic Karma Company)
This is beautiful. Make it clearer, though, that we're talking about use licenses/single purchase licenses, not source code copy licenses such as the GPL. You need to very clearly define what kinds of purchases this bill of rights applies to, or software manufacturers will wierdly try to define their products so they fall outside the bill of rights' scope.
I wonder what would happen if 40,000 slashdotters mailed a copy of this to their respective congressferrets?
The only thing I would add is to see if there's any reasonable way something can be done about the fact the BSA has made it a criminal act to own lots of software and have less than perfect archiving of license paperwork.. I don't think there's any way that could be done in a reasonable manner within this "bill of rights" though...
Irritable, left-wing and possibly humorous bumper stickers and t-shirts
What #4 basically says is that the software should not secretly collect information to be transmitted without the user's knowledge and that this information should be available to the user in a readable (i.e. non-encrypted) format. Like when Blizzard games used to ship with spyware to "reduce piracy". #4 wants to give the user the power to decide whether or not to send his home phone number to Blizzard.
As long as software publishers can get an ear from congressmen and senators that I can't get... and can deliver cash for elections that I can't... they'll get benefits that I can't.
Just for reference, for those who don't have time to R the FA, here are the ten items listed in the Bill of Rights, without the explanation.
(Note, this does not excuse you from reading the FA, there will be a test.)
Software Customer Bill of Rights
1. Let the customer see the contract before the sale.
2. Disclose known defects.
3. The product (or information service) must live up to the manufacturer's and seller's claims.
4. User has right to see and approve all transfers of information from her computer.
5. A software vendor may not block customer from accessing his own data without court approval.
6. A software vendor may not prematurely terminate a license without court approval.
7. Mass-market customers may criticize products, publish benchmark study results, and make fair use of a product.
8. The user may reverse engineer the software.
9. Mass-market software should be transferrable.
10. When software is embedded in a product, the law governing the product should govern the software.
Bonus points if you can figure out which of the above *didn't* have a detailed explanation in the original!
Stressed? Me? Of course not. Stress is what a rubber band feels before it breaks, silly.
I am well aware that everyone involved in any way with computers at sometime needs new software and hardware. Hence, I agree in general with the concept of enhanced and protected consumer rights. It seems, however, that buying new soft/hardware simply opens each of us to a further and further erosion of privacy. I think then that the most prudent course of action is not merely to demand more rights, but rather to curtail our purchases and live with older software. For new rights come with new interpretations, and these interpretations may not be as intended.
Some guy posts his thoughts about how the software industry should run on his blog and it makes the front page. What happened to the "stuff that matters" clause? This isn't going to change anything.
The software and service licensing has become ridiculous over the last few years. They create these huge legalese documents, and imply agreement to them by opening a package or using a service. And, try returning a piece of software if you don't agree to the license, good luck.
While these agreements become more complex and onerous, the people creating them have taken on no responsibilities to clarify the licenses, explain the reqstrictions, etc.
If the companies are allowed to use these licenses, they should be required to have an independent citizens rights group translate/rate the license to compare it to accepted norms of how restrictive the licenses are. Rather than expecting each person to read the complete license, or have their lawyer interpret it for them; it should be analyzed by a professional and summarized in simple language. It should also carry ratings on a few key points, like how much it tries to limit product usage, resale, reverse engineering.. and, related areas like privacy protection by the company.
All advertising (specifically, product promotion) is fraudulent to some extent. They may claim that Big Mac tastes great in the commercials, but what if you don't think so? Then it's fraud. Maybe not legally, but ethically.
It's not possible to promote a product without lying a bit. This is called de minimis fraud, fraud within the scope of the law; fraud that cannot be avoided in capitalism.
occultae nullus est respectus musicae - originally a Greek proverb
> 7. Mass-market customers may criticize products, publish benchmark study results, and make fair use of a product.
Mass market software publisher license should NOT include any term not related with software and copyrighted items use and copy or access to publisher sites. "Use" should be considered as direct using of software and not imply any indirectional use including but not restricted discussing, benchmarking, evaluation results and storing software between use acts.
But seriosly - we need some Uniform Software Mass Publisher license which could be implied to any software in any shop like uniform contract when we buy some real goods (camera, car, washer etc).
I went to read this article thinking I would probably end up posting and saying that the US is too litigous, that it's dumb to have agreement upon agreement, even on the side of good, and that it was probably just a bunch of whiny rights.
What I found, though, was a simple, precise set of terms that are wholly agreeable. Nothing in that document is the least bit complicated or overbroad.
Let us see the contracts before we have to agree to them. Don't take away rights we already have, like criticism and reverse engineering, and first sale. If you know about serious bugs, tell us. Don't lie about what the product does.
That's pretty straightforward, and should not be the least bit damaging to anyone selling decent software.
Y'know, I was just thinking this exact same thing on Friday - that the software industry is having a serious identity crisis at present. They can't figure out what products they're selling, and how they're doing it. They're mostly driven by the profit motive: How can we generate more profit? Which is great if the answer is, "build a better product" - but crap if the answer is compulsory upgrades, limited-time licenses, or license audits.
But there's a big one missing, particularly important in light of Symantec's foolhardy announcement:
The software can be installed on multiple machines.
I own a notebook and a desktop home server. I use both of them basically as a unit - sometimes literally, via Terminal Services or Synergy. They achieve different purposes - the server provides infrastructure (holding data, managing requests from other users [e.g., web pages], network security, MP3s), while I run actual applications on my notebook.
With this setup, it only makes sense to have a roughly identical set of software on each. I don't want my word processing solely on my notebook, and I don't want all of my security apps solely on my server.
So it's exactly that reason why this product-activation crap is odious. If I want two functionally-identical machines, I have to buy two operating systems, two word-processing packages, two versions of TurboTax and Symantec. similarly, with DRM, I'll have to buy two licenses for every piece of media I want to play. Others will follow down this path to the seedy underworld of profit-driven software.
It only seems fair that I expect to pay only once per software package. After all, I'm one guy; I'm never typing on both machines at the same time. Now, I understand why software companies are reluctant to release software that can be installed a trillion times, because it tends to get purchased, like, eight times, and then widely distributed on IRC. But at the same time, they're smacking down guys like me.
So with that in mind, I propose: Let software be installed on multiple machines. That number can be limited, and it can be small. Ten is fine - if I install software on more than ten machines, I should probably be purchasing a site license. But one is insufficient, in this day of frequent multiple-computer ownership.
- David Stein
Computer over. Virus = very yes.
It protects the rights of terrorists.
You misspelled "terrists."
If I recall right, in that movie a con artist explained what he did as "selling dreams". In the software industry, such dreams are vaporware, and trying to collect money for something that doesn't match the hype is perilously close to con-artisianship. What law covers such things, that we can use to prosecute those developers who claim their software will let you do thus-and-so, but the EULA says they are not liable when it fails to deliver?
It only has one point but it is all inclusive.
1) You have the right to be fucked.
User-based licensing is great for individuals and some companies; Sun appears to be getting traction on this model for its Orion software stack.
But user-based licensing tends to seriously hurt organizations that have more users than computers -- particularly universities. If you have 50,000 users and only 5,000 computers, you don't want to pay for 50,000 licenses.
People already to reverse engineer, and reverse engineering is almost a right already.
You are free to figure out how your car works, and make your own.. the car company doesn't make you sign a no reverse engineering clause... so what's the point?
Software success should not be based on secrets. Innovative ideas can be patented. (let's pretend that patent still works for a minute here). Figuring out what the file format of a word processor document is so I can make other software that uses it is hardly "stealing" from teh company.. the only reason for them to make proprietary formats is to lock you in.
Reverse engineering is already standard.. this just brings things in line with reality.
stealing ideas is what business is all about. Do you think any successful products are totally original ideas? Hardly.. they are just an interesting put together.
I sometimes long for the 80s. Sure I might wait years for a software release, but with a few exceptions, it always worked. And it usually worked as advertised. I miss products like WordPerfect 5, it worked right out of the box. And if I had a problem I could call someone and actually get help, as opposed to a prepared statement.
So I feel it needs another article:
11. A software vendor will provide real support for the products they sell. Or A software vendor will outline in detail what; if any, support they provide and what guidelines they use.
How about the right of customers to copy distribute and modify freely. The other problems will take care of themselves.
One of the ideas behind the SCO suit, as explained on Slashdot (admittedly not always a solid source and IANAL) was that if major damages were awarded against the linux communiy then the rights to the system would be transferred in lieu of dammages, since linux has no financial existence.
If so, that makes the hateful "absolutely no warranty" clause one of the things that makes the GPL practical!
Consider: MegaCorp X puts in linux in a major distribution. Something goes wrong. Linux gets blamed. MegaCorp X says "owned!"
For the paranoia minded, a developer could even be suborned to insert the fatal bug - it's not too far from some of the SCO scenarios.
The Free Software movement needs to think about this one carefully.
Don't let THEM immanentize the Eschaton!
Blaming amorphous "culture" or "morals" is a quick way to end a discussion and avoid reaching any substantial conclusion.
Just don't buy what you don't agree to. The problem is, most people (and businesses) never fully follow these license agreements. How many companies only keep ONE archival backup of their purchased software like the license demands? I would love to see Microsoft and the BSA really try to tighten things down because then people might look for alternatives. It's a free market economy (in America). High-priced, restrictive software might not be so popular if people actually had to PAY for and agree to ALL license terms.
Don't be duped by unenforceable EULA blather.
If you don't like how a software product is marketed or how the EULA works, THEN DON'T BUY THE PRODUCT. Buy from a competitor, download open source software. You do have choices people.
has violated rights 2 and 3 a few times, has been brought to court, and has paid fair settlements (full refund on OS X purchase for users of certain hardware, $20 coupon for the Apple store if the user wishes to keep OS X). Even though Apple is my favorite software company, they have violated a few of these rights (though not many of the more horrible ones). This bill of rights would keep honest companies honest and awful companies out of business! Looks like everyone wins to me.
As a casual consumer of software, I strongly agree with all the points the writer made in his article.
Unfortunately, his emboldened bullet points are all in present tense. In other words, a professional researcher or journalist trained in the art of quick-reading may interpret things as rights we currently have.
A more attention grabbing set of bullet points would use "should" and "should not" more.
I suggest that he add:
Source code and documentation will be placed and maintained [updated] in bonded escrow.
If the software product or hardware product reaches end of life and the current company does not develop a follow-on product with corresponding upgrade offer to registered customers, then the source code [software and firmware and documentation in digital format] will be sent to registered software and hardware customers, and, the source code will declared open source and offered to all via internet. If the initial development company is sold, source code will be offered and sent, if requested, to registered software and hardware owners. If the initial development company ceases to exist, source code will be sent to registered software and hardware owners, and, the source code will be declared open source and offered to all via internet. If an operating system integer upgrade [v1.X -> v2.X] requires the user to purchase new operating system software or hardware, then the source code will be offered to registered customers.
Failure to make source code available when a product reaches end of life or other conditions listed above will result in the top five officers of the initial development company (and the top five of the purchasing company, if a company purchase is involved) [CEO, COO, CIO, CFO, etc] being fined no less than $1,000,000 each, not payable by insurance company or current company; and will result in their forfeiture of all of the monies the executives received from their respective companies; and, will result in their receiving three years in prison without possibility of parole.
A bill of software rights may or may not make headway. However, it would seem to me that a consumer protection label could work, since the model has been applied successfully in other industries. What I envision is some kind of up-front, package labelling like the following:
Caution! By agreeing to use this software, the vendor may access your private files at any time.
Caution! This software is unprotected and may expose you to foriegn programs (virus and worms) that may corrupt your documents.
The benefit to consumers, of course, is that no software manufacture would want to have these labels applied to their software.
Damn, and all this time people have been harping about how "NO! Software shouldn't be patented" "NO! Business methods shouldn't be patented!" "Software is like MUSIC!"
That said, John Cage should patent 4:33 so he can sue whenever anyone attempts to "reverse-engineer" the process of doing absolutely nothing.
Getting to the point, the DMCA specifically states:
"Congress recognized that there may be legitimate reasons for engaging in circumvention. In addition to the rulemaking noted above, Congress specifically provided for a number of exceptions to the prohibition on circumvention and circumvention devices.
Reverse Engineering Exception. Section 1201(f) allows software developers to circumvent technological protection measures of a lawfully obtained computer program in order to identify the elements necessary to achieve interoperability of an independently created computer program with other programs. A person may reverse engineer the lawfully acquired program only where the elements necessary to achieve interoperability are not readily available and reverse engineering is otherwise permitted under the copyright law. Furthermore, a person may develop and employ technological means to circumvent and make available to others the information or means for the purpose of achieving interoperability."
Laws are public and freely available. Read them.
please see responsible license Xah Lee
please see responsible license
Xah
xahlee.org
http://xahlee.org/PageTwo_dir/more.html
So let's see. If companies allowed people to copy, distribute and modify freely, how many people are going to buy from the company and how many are going to fire up Kazaa and pick up a free "modified" version? What then motivates companies to hire people (creating PAYING jobs) to produce software if they can't expect a return on it?
We've got one story about robots putting people out of work and another with people claiming we should put people who do jobs robots can't do (like programming) out of business.
"All software should be free! lalala."
Give me a break.
Ben
Work Safe Porn
Generally I think this is a step in the right direction, however I have some comments on the details -
1. Let the customer see the contract before the sale.
I really don't see this as mandatory or practical, especially with machines that come with a lot of bundled software. What is critical is that users get a no-cost chance to return the product if they don't agree to the EULAs.
Another requirement should be that EULAs must be in plain language.
Finally, the EULA must be good for the life of the product. The practice of modifying a EULA for patches is despicable and should flat out be illegal.
2. Disclose known defects.
Actually this is very difficult. MS Windows 95 has 200,000 known bugs. How is anyone going to make sense of this?
3. The product (or information service) must live up to the manufacturer's and seller's claims.
In general I think that this is an area where the current problems are not terribly severe because of existing laws that govern these issues - we have seen things like Apple getting sued because their DVD player software didn't work as advertised.
4. User has right to see and approve all transfers of information from her computer. Before an application transmits any data from the user's computer, the user should have the ability to see what's being sent.
Spyware and malware that steals information from users should be illegal. This in conjunction with EULA changes in updates are my two pet peeves.
5. A software vendor may not block customer from accessing his own data without court approval.
The question is, how does a piece of software know who the data belongs to? Doesn't this force implementation of DRM?
6. A software vendor may not prematurely terminate a license without court approval.
Not sure what is meant by 'premature'. Clearly if the software is pirated or at the end of it's contracted license termination is not an issue. Otherwise the software owner has legal recourse.
7. Mass-market customers may criticize products, publish benchmark study results, and make fair use of a product.
Free speach. I do not think that this should be limited to mass-market products.
8. The user may reverse engineer the software.
Rough one. Contract prohibitions on reverse engineering of technical products have a long legal standing under trade secret law.
9. Mass-market software should be transferrable.
Yes, but provisions requiring notification of license transfer including a service fee are reasonable. Otherwise the software vendor is left in the lurch. Does it make economic sense to support transfers of $29.95 products? I don't think so.
Selling a software package includes support and upgrade rights not inherent in the sale of a book.
In addition, I would think that it would be reasonable to exclude waranty rights in third party sales, much like what occurs with many other products.
10. When software is embedded in a product, the law governing the product should govern the software.
That doesn't make a lot of sense to me. Software has a special set of issues not inherent in hardware. I think that there should be special provisions for products with embedded software.
"Lemming" Consumers? well, they all follow one another, even if it means jumping off the cliff.
One more: All identified software defects must be remedied within 60 months, or the user is entitled to a full refund.
The shrinkwrap is a contract. If you don't like the terms, don't sign/open/whatever. Writing software is hard work and there's nothing that magically gives you rights over something I built. You don't like it? Write your own.
Note however the recent Dell fiasco of a contract whose terms you can't review is indeed broken.
.... where the software license is either in either way refuted or in any way honoured.
Until that we're in limbo and limbo gets larger every day.
I couldn't resist ... how does it feel having so much hot air inside .. READ COMMENTS ABOVE. I'M NOT RE-QUOTING, SORRY. All them wasted electrons.
... etc , etc. This is a non discussion and OP was more specific. You nulled it by broadening it illogically (pointy ears itch now :-)
1) Because a loaf of bread doesn't come with an end user agreement that doean't mean that other products don't have to either. Especially those who have imposed *gasp* end user agreements in the first place that basically void the idea of buying a physical good, and even impose restrictions over copyright law. This is quite different from the old idea of buying something and once its passed the shelve its yours, be it a loaf of bread or a book. Your property. The bread is more of an argument against the line you're taking really than it is in favor of it. Unless baking bread is no "art" or "achievement". Then what's writing software?
2) Hmm, so was it GE or not? Did it take child labour to get the product finished,
3) your comment doesn't invalidate the statement made
4) You're saying that because tech now is difficult for most people this will be better or worse in the future. You should become a fortune teller. Again it doean't
invalidate the statement made by OP.
5) Law might disagree. That's why it's called law. Not that law is good per se but you're merely commenting emotionally. Again it doean't invalidate the statement made by OP.
Again it doesn't invalidate the statement made by OP.
6) What's yours then.
7) AFAIK fair use is defined in copyright law quite precisely.
8) we understand that you're "right wing leaning". Fine.
Again it doesn't invalidate the statement made by OP.
9) I think "the market" would like me reselling a UNIX book to another person after reading it. Or an MSOffice CD for that matter if I uninstalled it on my PC. I think some market players would not. Software is the only product that can't be (or well that's what they hope) resold/transferred. Hmm so what if the owner freakin dies? This reasoning has more holes than sendmail.
10) hmm, giveway at the end...
Greetings!
Let me clarify some of the issues that I see raised in the comments:
1) My proposals are primarily in support of disclosure. For readers who prefer free market accountability to litigation, that's what disclosure rules support. To make rational decisions in an open market, the customer needs information to base the decisions on. The information rules that I advocate are not far from laws that currently govern traditional sales:
- The customer can see the contract before the sale and use that knowledge as a factor when comparison shopping (and the press can help customers comparison shop by publishing information about the contracts, such as warranty policies, support policies, etc.)
- The company is accountable for its claims. I'm not talking about claims like "our burgers are yummy." I'm talking about "statements of fact" (specific statements that can be proved true or false). Laws governing warranties, fraud, and deceptive trade practices make these claims enforceable in the traditional markets. If you can't hold the company to its claims, you can't know what you're buying.
- The company can't prevent mass-market customers (and reporters covering mass-market products) from publishing comparison studies and product criticisms.
- The company can't prevent mass-market customers from using reverse engineering to discover bugs and security holes, false claims, etc. (NOTE: Patent law protects the original ideas in a product, whether you reverse engineer them or not. Additionally, my proposal doesn't invalidate a restriction against using reverse engineering to help create a competiting product. It invalidates restrictions that bar people from doing non-competing things, like discovering problems, making this product interoperable with others, fixing bugs in products that a company no longer supports, etc.
- The company has to disclose its KNOWN defects. Note that failure to disclose significant defects in traditional goods can be prosecuted under the deceptive trade practices or unfair competition laws.
The next main theme is privacy/security related. These are ground rules, not litigation magnets. Don't transfer data from someone else's computer without permission, don't block their access to their own data (a trick that some companies use to force customers to renew licenses or agree to unfavorable new license terms) and don't cut off their rights to use software they've paid for without a court order.
This isn't about bugs. It's about misconduct.
Do we need to polish the language to make that distinction clear in the legislation? Of course. This is a set of principles, not legislation. The goal here is to present the ideas simply (while giving enough footnote-links to provide context for legally knowledgeable readers). Legislative precision comes after appropriate people accept the principles.
SO WHY BOTHER? WHAT'S THE POINT?
The software industry is increasingly vulnerable to regulation. Software publishers aren't creating masses of new jobs in the United States. They've made a lot of people angry, partially because they've been doing business in ways that would never be tolerated under traditional American sales law. The most visible representative of the industry is a monopoly that seems to be so greedy as to be willing to try to wipe out even the research / scientific / free-public-benefit community in order to preserve or trivially increase its market share.
When companies look like they're more about greed than about providing benefits to the country, they become vulnerable to regulatory proposals. If their business practices seem dishonest and their products cause widespread, well publicized social disruption, some legislators will introduce bills to regulate the industry. Every crisis is another opportunity for legislation.
Not necessarily good or wise legislation. If we want THAT, it's up to us to advise legislators. Otherwise, they'll do what they do and we'll complain about it later.
Cem Kaner, Professor of Software Engineering, Florida Institute of Technology
but how would we move forward. I think our best bet would be if we all chipped in and bought our own lobbyist, and maybe a senator or two? Someone go dig up those articles on micro-payments and figure out how long it would take us to buy a democrat (no way we can afford our own republican). And no one bring up any third parties, they can't even get on to T.V. for debates, let alone push consumer rights. And we should probably circumvent PayPal for this idea since we know eBay and any compnay they are connected with give up user information at the drop of fax, and once we bring forth this kind of heretical talk Bill and Steve-O will be on the warpath. Think of it now, in addition to the Halloween papers we could have the Labor Day papers...this is gonna' be great!!!
This article was right on track... we the consumers need this type of protection, though I think this looks like a rough draft and could use some more items. Reminds me of an article I read earier in the week called "End Users Have Rights Too" at Mad Penguin. There was another article also similar to this at News.com. It seems many people are getting tired of crap products pushed by monopolies who don't really give a rats ass about what damage their flaws do to their customers. In the case of Microsoft, this is global in scale...
The more huge outbreaks we see in viruses... may turn into big legal troubles for Microsoft.
"Writing software is hard work"
So is making ships from toothpicks, but that doesn't mean shit.
When you sell something to someone, you're giving up some of your rights in return for money. "Huh", You say? What do you mean? Well, when I bought my BMW, BMW didn't say "You can't resell it". They didn't say "You can't say bad things about BMW". Nope. They gave up those rights. They sold me a frickin' car, not a way of life. You seem to think that when I use your software, you get to control what I do and say about it, just because "writing software is hard". Well boo-hoo.
Don't like it? Don't sell it.
It's not exactly controversial to take this stand. The biggest argument against these initiatives that I can think of is that I don't believe that methods of delivering complex systems at a precisly characterized state of high quality are actually *known*. We're not really that far along as an engineering discipline.
The Free/Libre/Open-Source Software (FLOSS) movement seems to understand this, but many mass-market proprietary software developers are still able to flout this rule. Unfortunately, most computer users have become accustomed to being subservient to their software.
My own experience with most FLOSS has been much like my experience with high-speed Internet service: I can never go back. I think once people get a good taste of what using well-behaved software is like, things will quickly change. The only things that can get in the way of this change are:
This is a nice theory. Of course, so are communism, libertarianism and reagonomics (<--troll). They're all just useless, because they ignore reality.
When a big company buys a big piece of software, the license agreement is negotiated to something mutually understood and acceptable. When millions of people buy software from a monopoly in an office supply store, there is no negotiation. The monopoly gets exactly what it wants, and in this case has had the law written to its specifications just to make sure.
So fogeddaboutit. Ain't gonna be no rights unless you can come up with some big campaign contributions.
--Hi. I'm in Portland and it's raining. This appears to be a permanent condition.
You're right, I don't think the article writer has any concept of the world outside his own PC. He says that the vendor (to enforce payment or so on) should not be able to disable code running on the PC, but should be able to disable code running on the vendor's server. Easy for any vendor to get around (by making the PC touch the server from time to time) and irrelevant in a world of distributed computing.
[x] auto-moderate all posts by this user as insightful
Poor sap.
Fuck Beta. Fuck Dice
"could go a long way towards restoring integrity and trust..."
that's the thing, integrity and trust are best built from accountability; all these bills of rights are less powerful than simply gravitating towards software that supports a simple "cvs annotate" (or equivalent). if large numbers of people can't/don't want to do that, that's fine, too; encourage them to make friends with programmers who can, today!
marketing is/was the funky game of the baby boomers; have the rest of us forgotten what it is to concencrate influence on improving oneself? who even cares about phaedrus and the insanity of excellence anymore! and by funky, i mean smelly like an old sock, fetid, stale, putrid, unwholesome, stinky, malodorous, rank, overgrown. i mean, "50% off!" where the price is typically at least 2x that in the first place! i mean, an advertisement on tv that says "the economy turns for me" w/ people THANKING a shopping bag, a piece of packaging, an unlikely to be recycled because it contains wax and/or plastic manifestation of something on the OUTSIDE! with equally DISPOSABLE HANDLES, even! i mean, psychologically fine-tuned megadoses delievered straight to the infant's eyes and ears so that their first words are brand names and jingle fragments! gaaaaaaaaaaaaaaa! i'm so tired.
I consider any 'license agreement' made to fix a critical or fatal flaw or security hole to be 'under duress' (i.e. I cannot make a living or use a product I paid for without it) and, as a result, illegal and void.
IEEE is actually seeking affirmative legislation regarding the enforceability of shrinkwrap agreements. The IEEE proposal would permit enforceability, but only to the extent the shrinkwrap conforms to certain reasonable norms, with some presently common overreaching provisions never permitted.
Go here and type "software" into the search box in the upper right.
CFA
Hey, dough boy for brains:
I believe that making and selling bread to the public is HIGHLY REGULATED. Are you going to let us inspect your Source Code, Microsoft, so that we can likewise protect the public from your poisonous ingredients? This response is so ludicrous, that I agree with the poster that is was a waste of good electrons...
When precisely was the last time when you where able to board a plane without providing identification?
So you take the train. Great! You seem to have a shitload of time and money. Hopefully you paid cash.
Oh, you take the car? I'm sure you pay cash at gas stations and you sure as hell don't have a fast pass.
And you always stay in real crummy hotels; right? You know, the ones that don't mind cash payements and it's probably the type of "hotel", which rents rooms by the hours?
Because every other damn hotel in the US with a shred of respectability will insist on a credit card. Other hotels demand to photocopy a piece of identification.
Yeah man, I'm real curious how you're bringing this off in times of national paranoia and being tough on terrorism.
ich bin der musikant
mit taschenrechner in der hand
kraftwerk
Indeed. But don't stop with software. Do it with everything. Books, software, music, film, medications,...
Take a book as an example. If you pay the author for the right of reading his/her book, then it becomes your problem how you read it. Do you pay a publisher for a physical copy, do you pay a website for an e-book, or do just download a copy with bittorent.
You might have to pay numerous times for downloading or for a physical copy. It's your fault if you lose it or mistreat it. But you pay the author only once. Same for medication. Pay whomever invented it once, and pay the manufacturer for you daily supply.
And if it is an important medication, like a vaccin for aids, then have the government pay for a global license.
Loan a copy, or lend it out. The author makes an analogy with giving a book to a friend.
They are not the same.
When you install the software, then you can still use it. Even when you give the cd to a friend for a few days. A book you can't read when it's somewhere else.
Suppose you give your cd to a friend, whom installs it and gives back the cd. That friend can still use the software. You have not loaned it out, you have giving it in effect.
This can be circumvent by requiring that a cd is the drive while using it. But most of us run multiple apps at the same time. This is impractical. And not all software is obtained by cd. You can also download it.
So while I agree with most rights, I have my doubts about this one.
You mean like this?
You see words to that effect on almost every piece of software you buy, commercial or free, open or closed. It basically says "We take no responsibility for anything, use this software at your peril." And yet, since it's 105% standard practice to include it, everyone gets away with it.
Now, you can argue this is unreasonable, that if I'm using your database software and it corrupts all my data causing my business to fail, you should have some liability for my losses. You can (and people around here frequently do) argue that providing an OS that is not 100% secure should make you liable for downtime in the event of a crack, worm or whatever.
But the simple truth is that these things cost. You get ever decreasing returns on QA investments. Producing a 99% bug-free program is much harder than producing a 95% bug-free one. Producing a program safe enough to use in health equipment or air traffic control requires vastly more resources than the average consumer is prepared to finance. In software, as in most things, to an extent you do get what you pay for. If you want all these guarantees, you gotta put your money where your mouth is.
This not to say that software companies (or anyone else) should be allowed to engage in blatantly unreasonable marketing, such as making claims they know to be false, of course. This is where the points cited in the article make sense: they're not saying "manufacturers should be liable for every little defect", they're saying "manufacturers must make reasonable claims about their product" and "manufacturers must not knowingly screw customers". There's a big difference between that and what a lot of comments on this thread seem to want, and the difference is practicality.
Similarly, a warning that an Internet-connected computer is not guaranteed to be completely secure and you should back up regularly would be fair enough. However, the labels you cite are meaningless, because everyone would include them as soon as the law required it, and thus they gain nothing.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
But then Mozilla 1.4 wouldn't save the file, so I had to use IE instead.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
[Reaching into overcoat] Now, can anyone tell me what's wrong with this burger?
(Sorry, someone had to...)
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
...Almost no-one has the knowledge, skill and time to analyse the code to the required depth and then make fixes such as those you suggest. The "anyone can fix it" claim of OSS is mostly an illusory benefit for large-scale projects like Linux, Apache or Mozilla.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
I guess the difference is the concept of a "trade secret". You can look under the hood of the car, but you can't tell what equipment was used to make and test the parts, and thus can't directly compete with the car manufacturer based on that knowledge.
Similarly, you can study the writing style, but you don't get access to the same editorial input the author had, nor his notes for the forthcoming next book in the series. You don't get the right to compete with him based on his own work.
With software, if you can reverse engineer it, you potentially have access to a lot of trade secrets, and thus the ability to compete with someone based on his own work rather than yours. Of course, there's an argument that this is a good thing, improving competition in the market, but that's basically the same philosophical argument as saying copyright on software should be abolished, and has the same drawbacks as well.
If you want to study someone's coding techniques and the results of their R&D, you can approach them and offer to make them a deal for those rights, which they may accept for mututally agreeable compensation if they wish. But that's not what you're buying when you pay for the shrinkwrap, and if it says so clearly when you make that purchase, I don't see either a moral or a legal problem with that.
Reverse engineering, and its implications for future development by the originator and the reverser, is just an inherent consideration with information-based resources, where those implications don't translate to a physical resource context.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
Yes, this is exactly the problem. What the hell else could customers reasonably expect? Anyone who thinks software is perfectly engineered without explicit claims to that effect has no business being a consumer of software, and the law has no business protecting them. This is why we have concepts of "common sense", "reasonable assumptions", "good faith", etc.
Customers should have a duty of investigation when it comes to making a purchase, and if they fail to do even basic homework or to understand the fundamental nature of the product they're purchasing, they are the negligent ones. If a customer loses all of their data because a hard drive fails after two years and they never once backed up, is it the hard drive manufacturer's fault?
On the flip side, the software companies should have a duty of reasonable disclosure in good faith: they should be required to point out anything significant that a customer might not reasonably be expected to determine on their own. Their liability should begin if and when they fail to meet that obligation, not just the first time something goes wrong, whether or not they could reasonably have done anything about it.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
If, OTOH, they'd installed any of the freely available personal firewalls when they set up their PCs -- a one-off action that any competent person would take before connecting any machine to the Internet -- they wouldn't have had the problem.
Yes, Microsoft's patching system is annoying, particularly for dial-up users, and could be much better. But please don't use it as an excuse for being naive and failing to do even elementary homework before using a powerful and complex system in ways you don't understand.
You wouldn't expect a teenager to get into a car and drive it competently and safely without any lessons. You wouldn't expect to buy a VCR and have it record your favourite programmes without reading how to set the timer. Why people assume you can use an Internet-connected PC -- a much more complicated and powerful tool -- safely and correctly, without reading even the most basic newbie advice, is beyond me. (I'm guessing "anyone can do it in two minutes" style marketing from certain major ISPs has a lot to do with it...)
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
You're discussing two completely different things - a license doesn't cover what's in the software - it just covers what can or can not be done with it. So your analogy to regulation-in-ingredients is bankrupt.
US Senator Dayton (D-MN) has been working on a similar bill. http://dayton.senate.gov/computer_bill_of_rights.h tml
Maybe SCO should take their case to London where doing less nothing than someone else's nothing is worth $157,000.
Wow.
Would not professionalism, dedication to produce the best possible product, enlighten self-interest, being decent human beings, be enough? Are we as a specie, so lacking in moral that we must have all these things in writing to ensure that they are followed?
ELOI, ELOI, LAMA SABACHTHANI!?
the same thing was said when they went to put seat belts into cars. Of course if alls everybody did was say 'In short: it'll never happen. Move along ...' we wouldn't have them. Maybe you should actually get involved? God forbid you might help make change, then what could you be cynical about?
The Kruger Dunning explains most post on
A lot of companies don't employ developers, particularly the smaller ones who are most vulnerable to an OSS project dying.
Even if you do, the cost of entry is simply too high a price for many. I've looked at some of the source code for Mozilla and OpenOffice, and it was line noise to me. (I'm a professional programmer with several years of experience using all of the relevant languages and technologies in other contexts.) The frameworks involved are simply too large to grok without background material.
In real companies working on large (MLOC) projects, one of the biggest problems is inadequate documentation when the project first gets going. As the early developers move to other projects or leave, the knowledge of "why" is lost, and all that remains is the "how". As knowledge of the "how" also fades over time, it is impossible to replace without the "why". Eventually, the project becomes usable but effectively unmaintainable, because even if you bring in the smartest programmers in the world, they can't find their way around millions of lines of code without background knowledge.
This is why almost all of the development on each of the major projects is now done by a very small group of people, many of them sponsored by major organisations to work on it full-time. The "mass contribution" idea simply doesn't scale in practice, on current evidence.
Sure, there are a very few people out there with enough knowledge to work effectively on a large OSS project without months getting up to speed, but for any given project, it's a vanishingly small number. Unless you can find one, if you want to make anything more than a trivial change, you're all out of luck. This is why the "you're safe, anyone can change it" claims are misleading.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.