Slashdot Mirror
Spyware Maker Sues Detection Firm
Luigi30 writes "ZDnet reports that RetroCoder, makers of the SpyMon remote monitoring program, are suing Sunbelt Software, makers of ConterSpy, a spyware detector program, for detecting the SpyMon as spyware. According to the EULA, SpyMon can not be used in 'anti-spyware research,' and detecting it is therefore a violation of it. 'In order to add our product to their list, they must have downloaded it and then examined it. These actions are forbidden by the notice,' a RetroCoder spokesperson said."
The fact that someone actually is trying this, or the fact that I'm half-afraid it might work.
Let's all hope not.
To fight the war on terror, stop being afraid.
No, it isn't genious. It's only the crap you'd expect from an asshole...
Anyone remember those MOTD's on pirate-software FTP sites giving us a pseudo-legal-brief about President Clinton signing some law, and then "FBI AGENTS YOU CANNOT ENTER THIS SITE"?
Please help metamoderate.
This kind of thing is not likely to stand up in court. Spyware has been proven to be a malicious type of software that voilates one's privacy, therefore I would be shocked if the courts find in favor of the spyware maker. The spyware maker might have thought it was clever adding that clause in their EULA, but essentially what they've stipulated was people cannot investigate how their software works in order to prevent it's unwanted installation on to one's system. Not likely to stand up in court.
First: they almost admit in the EULA that is a spyware product. Who the fuck else would put such an idiot line in the EULA. Second: the antispyware company might have used some sort of heuristics. No install required. I would really like to see this go in court: isn't there a limit on the kind of shit people put in that EULA ?
Em. I don't get it. Who says the the company has to agree to the eula to look at it? If the spyware company declines the eula agreement they are not bound to it and as a result the proggy is not installed. How does that restrict they spyware company from analyzing the binaries present in the setup program? Decompress the archive and create a fingerprint done!
They don't need to be able to win. All they need is to have enough of a case to threaten them with long, costly litigation - and once the expected cost of defending themselves is greater than the cost of caving in, most businesses will cheerfully cave. In fact, for publicly traded companies you can make a decent case that it's their duty to do so.
Trust the Computer. The Computer is your friend.
Have they no shame!??
The spyware people should be treated like programming commands and scripts: "Carried out and executed".
In general, I think the USA should change its name to "SueSA". When are people going to take responsibility for their own actions? If someone walks on my sidewalks and trips in a hole in it, it's their own g*dd*mn f**ing fault for not watching where they are going, not mine.
This message has been ROT-13 encrypted twice for higher security.
The modern world is completely founded on contracts of one form or another - an EULA being an example of such a contract. Now this case is clearly ridiculous, and as such I fully expect the challenge to fail (and further could set interesting precedents regarding the reach of EULAs). BUT the company should have the right to bring the challenge, and should be heard by a judge.
You cannot just wave your hands at something that sounds ridiculous and then refuse to hear it, because you certainly will end up ignoring meritous cases.
Just go to
http://www.spymon.com/downloads/install.exe
Then you can extract the files from the installer exe without agreeing to anything.
You moderators might think that's Funny, but it's actually a very interesting point. If I can, basically, say "you're not allowed to come anywhere near my software" in the EULA as a spyware maker, why can't I say the same thing as an anti-spyware maker?
What's nice about this is that it works out no matter whether such a clause would be accepted: if it is accepted, then the spyware maker would have violated the anti-spyware product's EULA by looking at how it classifies the spyware. If it's not accepted, on the other hand, then the corresponding clause in the spyware's EULA would also not be accepted.
Myself, I think that such clauses aren't valid, but I also think that even if a court thinks they are, it'd be pretty impossible to actually get a case, as they could trivially be circumvented. For example, if I visit a friend and use their computer to do something in Photoshop, am I then bound by Photoshop's EULA? Of course not; I didn't buy the program, I didn't install it, I didn't agree to anything. My friend might be (or not), but I certainly am not. A spyware maker could do the same thing: just don't install the spyware yourself, but rather classify it after it infected someone else's computer. (On a side note, I doubt that most spyware actually presents a EULA to the user where he can clearly see what is going to happen, where he's given the opportunity to say "no, thanks" and where, if he does, the spyware will not be installed, anyway).
quidquid latine dictum sit altum videtur.
This is not my sandwich.
Since when did EULAs become meritorious in any way, shape, or form?
They've been stuck down as non-binding as many times as they've been upheld;
they often have clauses in them which are not only onerous, but downright illegal;
they do not have any form of traditional contractual agreement methods, wherein both parties have the ability (allowed by contract law) to modify the contract to their satisfaction;
and they represent the interests of one party to the exclusion of the rights of the other.
Tell me again why this sort of dispute should be allowed past the doors of any courtroom?
Oh, don't worry... they can't possibly win this case.
This isn't the kind of case that's filed to win in court, its purpose is to intimidate the defendant. Hopefully the court will smack them good and hard.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
Maybe they never downloaded it in the first place. Maybe they are acting on the basis of experience that is typically gathered by a practitioner of the field who also works to diagnose malfunctions in client computers where previous detection efforts have failed. This would not necessarily mean your software caused any such problems, but rather, your software may have co-existed on a machine with previously undetected malware which was also performing similar spying actitivies, although for malicious intentions. On the basis of these activities, they would never have agreed to your EULA in the first place as they would never have downloaded a copy of the software.
The ability to detect software like yours, which presumably has no ill-intent, is still necessary, IMHO, because of the existant possibility of ill-intended installation by other parties, such as kids spying on their parents first (it happens), or one spouse spying on the other in domestic issue civil cases (it happens a lot). Unless you can prove that your software has unbreakable facilities that prevent anyone from installing the software except in cases where it would involve only legal spying (e.g. parents spying on kids), I don't think you have a valid basis for demanding that your software be exempted. And I do not see how the software is capable of evaluating the domestic role of the person doing the installation.
My real concern has nothing to do with your software. It has everything to do with all spyware in general, and the establishment of legal defenses that they all may use if you take this matter to court and prevail. Such a ruling would be universally harmful to everyone.
In an unrelated issue, how is your software going to spy on kids that are skipping Windows and booting up a Knoppix CD instead to get to the internet to surf for 7un3z, w4r3z, and pr0n? You know kids are doing it, and not just the smart ones. Do you warn parents that your software cannot detect all these cases?
now we need to go OSS in diesel cars
And allows stalkers to spy on unsuspecting prey. And allows abusive spouses to spy on their spouse. And allows nosy neighbors to spy on others in the neighborhood. Your product is reprehensible, and a violation of all of the basic tenets of a free society.
2. Some anti-virus software blacklisted our software.
Which is their right. Bravo for them.
3. We state that they are not allowed to download our software in an attempt to stop them blacklisting us
There is no legal precedent for you to be able to "state" how someone, who obtained your product legally, may use it. The RIAA cannot prevent me from using a Brittany Spears CD as a coaster, as long as I purchased it legally.
This instance is where you're wrong. You can "state that they are not allowed" all you want, but you don't have a legal foot to stand on. Once they obtain it legally, they can do whatever they want with it - as long as they don't sell it or violate your patent.
4. They carry on doing so, ignoring our warning they they are expressly forbidden from downloading our software - it is our copyright.
Your warning has no basis or ability to be enforced by law. You're simply wrong. If you make it available for download, you cannot restrict who may download it without being guilty of discrimination.
5. They ignore our attempts to contact them
They have no legal obligation to talk to you.
6. So we consider going to the police to stop them downloading our program without permission.
If you make your product publically available for download to some people "without permission", then you cannot restrict the download from other people without being guilty of discrimination. In any case, you can't even prove that they downloaded it. It might have been given to them by a 3rd party. In which case, the 3rd party didn't "violate" you agreement since they didn't blacklist you, and the anti-spyware didn't violate it since they didn't actually download it. You're screwed.
7. We get flamed by a load of people who don't seem to understand the situation!
We understand the situation perfectly. You created a product that allows people to spy on other people without their knowledge (probably in violation of several other laws). You make this product publically available to anyone with an internet connection. You attempt to restrict the usage of the product AFTER it was obtained legally from your publically available web site. You only restrict the usage to those who download it for one particular purpose, but not others... engaging discrimination in the process.
Why are we sleazy?
Because you make a reprehensible product, make it publically available, and then get upset when people who obtained it decide to give other people the ability to render your reprehensible product useless.
Fuck you.
"I have as much authority as the pope, I just
don't have as many people who believe it" - George Carlin