The Self-Modifying EULA?

An anonymous reader asks: "Years ago, when I first installed Windows 2000, I accepted its EULA. Despite serious defects in the product, I resisted installing Service Packs because they modify the original EULA. Now even Homeland Security is on my back to upgrade and install a fix. I would be happy to install SP4 and all the security patches BUT ONLY IF IT IS DONE UNDER THE ORIGINAL EULA. Otherwise, Microsoft has made me an unwilling zombie. The clear fact is that Microsoft delivered a defective product- should not allow them to redefine our agreement. I cannot think of any other market that successfully browbeats its customers in this manner. Can this be legal? Has it been tested in court?"

Is it possible

[ack154]

That certain parts of the update required some sort of change to the EULA? Possibly a new feature or option that was not covered by the original?

Then again, you could always just not accept the EULA and not install it... despite what DHS says. That's why there's another option to select.

Re:Is it possible

[kfg]

That certain parts of the update required some sort of change to the EULA? Possibly a new feature or option that was not covered by the original?

" Microsoft has made me an unwilling zombie."

And thus we see how a newer generation blithely accepts as the normal status quo that which the previous generation finds abhorent.

And now you see how our "culture" has gotten where it is and how the next generation will accept that which the parent will find abhorent.

Ave Caesar!

KFG

Re:Is it possible

[kfg]

"you too can become rich if you work hard and play by our rules"....bullshit.

Work your fingers to the bone, what do you get?
Boney fingers. Boney fingers.

-Hoyt Axton

This is because of the way our schools and news are used to bombard us as citizens and our children, to teach us to be "good little consumers"

Here's an interesting site I found after my last round of dissing our schools. I don't completely agree with him, but he's got the gist of it:

http://www.johntaylorgatto.com/underground/toc1.ht m

KFG

Re:Is it possible

[aichpvee]

Bill Gates was NEVER poor. His family always had money. The proper phrasing might have been, "That's why Bill Gates is still only as rich as he was when he founded microsoft."

I'm not sure if you were trying to be funny, just being a jackass, or really are ignorant enough to believe Bill Gates worked hard and honestly to get to the top.

I'm willing to bet it's some of each as anyone with even the slightest clue will see that working hard is definitely not a guarantee to getting ahead. It's usually the people who fuck over others the hardest who rise the highest. The ones who actually work the hardest are usually lucky if they ever make more than a few bucks north of minimum wage at any time in their lives.

Re:Is it possible

[babbling]

There is one important difference between (most) legalese and so-called "real problems". Real problems affect everyone, whereas legalese often affects different people in different ways. People are divided and conquered. Most people don't even think of blaming lawmakers. Their immediate reaction is that whoever screwed them over with a legal agreement is the bastard.

When the same problem affects everyone, people are good at reacting. Unfortunately, people do not care enough about the problems of others, so everyone loses...

Re:Is it possible

[tomhudson]

"When I have trouble finding a job without a last-minute "agreement" that claims they own everything I think of, even outside of work, and it kills my ability to work on my business or to better myself due to ownership issues, there is a problem"

This is an indicator that the company doesn't have a real product.

I changed employers this month, and my new one has a real product, and its in use. Their NDA is much more reasonable - they own the stuff I write that's related to their business. This is fair to everyone, and is much more enforceable than a blanket "we pwn your @ss". In other words, if I come up with a new way of dividing up the work flow on a cluster of machines (since that's part of what I'm working on) they own it.

This is reasonable because this is what I'm being paid to do. A restrictive interpretation of "they own everything you do whenever" would mean I wouldn't even be able to update my existing clients web sites with new features without their permission, even to fix a scripting bug.

If, on the other hand, I come up with enhancements to my c2java program, that's something I can freely share. It has nothing to do with what I'm workng on, existed long before I joined them, and its the subject of a future gpl release, same as pydb and remotemail were, ... yadda yadda yadda ...

Even then, I'd still do the courtesy of discussing it with them ahead of time, to avoid any possible misunderstandings. If they're treating my right, why wouldn't I do the same?

A smart business lays down reasonable restrictions that protect all parties' natural rights. This generates loyalty and pride (neither of which you can buy) and is defensible both morally and in court. A dumb business creates an "us against them" mentality.

Which do you think is more likely to succeed in the long term?

I did ask for one change ... I noticed that the NDA forbids me from disclosing details to 3rd parties ... so I asked that it be changed to "without written permission." This is because, having seen some of the product, I forsee that there may come a time when they'll want to do a licensing deal with non-competing industries, and they may want me to talk to those same.

As for the rental agreements, that's just fscked up. Add an "all these clauses apply to both parties, mutatis mutandi". When they ask "what does that mean, say "it means that all the clauses of this lease apply to both of us. I'm not the only one who has to respect them - you do to0"

Then unilaterally REDUCE your rent. When they bitch, point to the "mutatis mutandi" and say "ALL the clauses" includes the unilateral fixing of the rent. Then change it to a negative amount, and tell them you expect their check on the first of each month.

Re:Is it possible

[NoMaster]

That's exactly why almost no one has heard of this guy named Michael Moore.

Actually, it's exactly the reason you've only heard of Michael Moore (and, OK, a small handful of others).

Always keep a few voiciferous opponents around - it prevents the merely discontented from becoming your enemy; lets them blow off steam. People feel like they've achieved something and done their part by just listening to them, rather than doing deeper investigation themselves. Having just one (or a few) around makes them easy to marginalise as "kooks" and "nutters", or even more maliciously as "anti-American". They present an anti-objective, around which you can rally your own supporters. And, when all is said and done, it's just plain fun to laugh at them.

Really, political manipulation for most of recorded and anecdotal history has followed this exact philosophy.

Of course, the trick is to gauge their number and strength just right. Too few, and everybody will laugh at them, negating the purpose. Too many, and the small minority that just tends to agree with them sudden becomes a majority that believes them...

Exchange of mutual consideration

[Alan426]

If you want the software patch, you accept the new licensing agreement. If you don't want the new EULA, no one is forcing you to download anything. Sounds like a perfectly valid contract to me, but IANAL.

Re:Exchange of mutual consideration

[babbling]

You're ignoring the fact that the patch exists to fix flaws that are defects in the original product. The patch is released because the original was not as it was supposed to be.

Re:Exchange of mutual consideration

[Rich0]

Windows is only being modified in the sense that a Honda Civic is being modified when they replace a defective water pump with a working one. If there is a warranty then they are required to do it. Even if there isn't a warranty and there is a major defect in manufacture they might still have to do it (this is more of a gray area).

The windows box didn't advertise that it contained buffer overflows - this wasn't a feature that was purchased. The consumer wanted a working version of the software - this is what they paid for.

Now, paying for Media Player 10 vs Media Player 7 would certainly fall under the category of an enhancement. However, asking for a fix to a buffer overflow in Media Player 7 (without upgrading it to a later version) would not.

Basically, the issue is whether products are required to meet some basic standard of security for some period of time after release. Patches for 10-year-old Windows NT are one thing. Patches for software that was purchased six months ago are something else. Companies should be required to support software with security patches for at least a few years after they sell the last copy.

Modifications

[kevin_conaway]

Well submitter, I guess it would be helpful to know what modifications you're complaining about? I can't really find a genuine concern beneath all your rhetoric

The clear fact is that Microsoft delivered a defective product- should not allow them to redefine our agreement.

Spoken like someone who has never written software of any consequence. All software has bugs. Do you consider every piece of software you own to be defective?

Re:Modifications

[pla]

I guess it would be helpful to know what modifications you're complaining about?

I thought s/he made it clear enough - Any of them. When first installing any version of Windows, you have to agree to the EULA. Why should the terms of using the software change for a frickin' patch to repair their bugs?


Spoken like someone who has never written software of any consequence. All software has bugs. Do you consider every piece of software you own to be defective?

I've written in the gamut from firmware for bill accepters, to thinclient frontend code that runs on one of the world's major lotto machine vendor's hardware. Some might say that counts as "of consequence". And yes, all software has bugs.

The difference between me and Microsoft, I don't have the arrogance to say the bearer of my paycheck has to renegotiate every time someone finds a bug. In some markets, they call that "extortion". "Gee, really awful that your bill accepter sees the new $5 bills as $100s... Someone should patch that for you ASAP! I'd do it, but I already know what a nightmare the code looks like - But if you toss a new house my way, I suppose I could suffer throught it. Say, could you set me up with that new VP's cute daughter?".

OTOH, Microsoft's biggest problem here doesn't even come from the original product... They actually have the arrogance to use their "fixes" to beta-test their next-gen products on live systems in the wild. Consider just how different a fully updated 2000 looked from XP when XP first came out - Practically identical, I didn't even bother upgrading until my 2k box needed reinstallation (and even then, after XP SP2, it still looks and feels almost the same). And the most recent, we have .NET3 for XP, - Which will differ how from WinFX for Vista?

Re:Modifications

[dwandy]

Spoken like someone who has never written software of any consequence. All software has bugs.

Spoken like someone who hasn't thought about the fact that *no* product made by humans is perfect. It's not relevant. As previously discussed manufacturers have tried and failed to change the terms on products in the past ... Regardless of whether any person has written code, engineered cars, or pooped in a shoe: It should not be acceptable for the terms to change post-purchase. Period.

Smug Linux World vs Reality

[bananaendian]

This must be the millionth time I've seen this comment from a smug linux geek...

First of all Linux is what gives me the discomfort and headaches - W2K with SP2 and SR1 is secure and stable thank you very much. Every time I've tried Linux (Debian, Ubuntu and currently Suse) I've faced hardware problems as well as stupid things you need to hack some Make file or the kerner to get it to work. No thanks. W2K just works (and BTW is currently running apache, ssl, vpn etc. - and this is just my home workstation).

Secondly, yes, we all know that OpenBSD and others are up there in the ivory tower but who really gives a shit. Some people actually do work on these stupid machines and have invested years learning one particular operating system. Migrating to Linux would involve a learning curve that only students have time for. And then there is all the software, some of which might be replaceable but in my case not. The closest thing out there is OSX but it has the hardware vendor-lock-in problem with limited support for various things essential to my work. Maybe one day when the world stops supporting W2K.

Re:Smug Linux World vs Reality

[plasmacutter]

Every time I've tried Linux (Debian, Ubuntu and currently Suse) I've faced hardware problems as well as stupid things you need to hack some Make file or the kerner to get it to work. No thanks.

And every time i've used windows, i've faced viruses, nagging, spyware, intrusive spying, and massive inefficiency.

I guess it depends on which aggrivation you want.

Personally I'd prefer one time aggrivation of having to compile and configure things the hard way than continued slowdowns, viruses, hacking, and spyware.

The closest thing out there is OSX but it has the hardware vendor-lock-in problem

this is myth. OSX is a bsd derivitive. This means you can, with the installation of a few libraries (like libgtk), install most unix or linux apps if you don't like apple's stuff.

Granted i'm still quite paranoid over the TPM's on their new intel line, but I've temporarily gotten around that buy buying the last top of the line PPC. It works well, and 3/4 of the software I use is open source.

no i'm not a fanboy though.. if apple's software continues to lose efficiency and usability as has happened with quicktime and itunes on osX I will defect to kubuntu ; )

Re:Smug Linux World vs Reality

[argent]

Those are not strictly OS related problem and are mostly due to the stupidity of the user and a lack of properly programmed firewall.

While I agree that running any applications that use the MS HTML control or similar mechanisms to display untrusted documents, keeping track of which applications those are seems an unreasonably difficult thing to expect of a typical user.

The latter part of the comment, however, is simply false. No firewall can prevent Windows applications from using Microsoft's documented and standardised and *utterly* insecure API for displaying HTML and other rich text documents.

Re:Are they even enforceable?

[Schraegstrichpunkt]

But the service packs are free, so this wouldn't apply there.

I don't think it's quite that simple. For example, if the product was originally advertised as coming with "free security updates", then one could argue that Microsoft is obligated to provide the free updates they advertised under the same terms as the original product. If the EULA isn't enforceable for the original product, then it's probably not enforceable the the service pack. Another example is if you lawfully received the service pack without agreeing to an EULA beforehand (such as if you get an update CD from Microsoft). Or, certain terms in Microsoft's EULAs might also not be enforceable because of their the company's monopoly status.

I'm not actually saying that I *know* that an EULA wouldn't be enforceable, I'm saying that it's not wise to just assume that it is in all cases. Again, talk to a lawyer in your jurisdiction.

Trucks

[SmallFurryCreature]

If you deal with large scale transportation you will have heard this tale:

Transport company X has a fleet of brand Y trucks. It is time to replace a portion of them. So they buy a handfull of brand Z trucks, park them at the entrance then invite the sales rep for brand Y to come by for a talk. "Well we have been thinking of upgrading our fleet of trucks. We are looking for offers, by the way have you seen those new Z trucks? Nice aren't they? So what kinda of deal can we expect from you?"

Then ask them wich OS they buy and how they deal with their OS seller. Watch them be confused.

It is sensible business. If you are a fleet manager and you would come to your boss saying, "Hi boss, I completely standarized on brand Y trucks, our repair shops can repair nothing else, our drivers can drive nothing else, our loading stations can accept nothing else, we are now one hundred procent at their mercy of brand Y. Oh hi Mr Sales rep from Brand Y, why are you grinning like that?"

Such a fleet manager would be fired in an instant.

In IT, that is what has been taking place for the last decade. The same trucking companies that do everything to get their trucks with the cheapest discount hand over their IT to companies selling just one solution and totally tie their entire company to just one supplier.

Insanity but when it comes to IT common business rules do seem to apply.

In holland the goverment tries to keep monopolies from happening. Market forces can after all only work if there is more then one player right?

So we get silly stuff like the attempt to run more then one company on the dutch rail system (crowded in a crowded country) or Shell being stopped from owning more highway gas stations. Or even sillier stuff like privatizing stuff like gas and elec even medical insurance. All meant to drive down price and all the price does is skyrocket up.

And what is done about the ultimate monopoly? Shit all. Forget Shell owning 80% of dutch highway gas stations. Try MS owning 9*% of all the worlds desktops.

Face it. IT doesn't follow normal rules. No you would not accept a new EULA (or any EULA at all) when your car company recalls your car to have your brakes fixed. In IT MS owns your ass and they can do whatever they want.

But it easy to buy another brand of truck. For proof, just look at your big local trucking company, they almost always got a handfull of trucks of another manufacturer. Keeps your supplier on its toes and the costs are trivial. Now try doing the same with computers. Oh it used to be done. Only a very BAD IT manager would not make sure that his IBM datacenter did not have a couple of Sun machines installed in plain sight. But when it comes to desktops we have come to accept lock-in (says a linux user and someone who refuses to answer personal ads that accept only .doc cv's) and we all can see the result.

Accept lock-in and get locked in. Yet the old trick does work. Look at munich. MS sales rep fell all over himself when he came into his clients office and saw the linux trucks parked outside. In fact MS wherever there is a rumor that a linux truck is even passing MS sends its sales reps with freebies and special deals. And still, the majority of sales meetings with MS go like this. "Ah thank you for your replying to my outlook email, can we shedule a meeting in outlook, I will get your details from access, to meet up and discuss us buying 100 more licenses, I will send you the details in a Word document, btw what kind of pricecut can we look forward too?"

You can hardly blame MS for it can you? Not their fault that everyone has their head up their ass when it comes to IT.

Re:It's Legal

[ScepticOne]

In any reasonable market, flaws impacting the safe use of a tool for its intended purpose should be fixed at the manufacturer's expense in a reasonable length of time.

If Microsoft isn't providing secure software (and yes, they aren't), then they should be providing free security fixes under the same terms they provided the original software. To do otherwise is (IMNSHO) to be an accessory to any illegal activities which occur as a result of the flaws.

Re:Splitting hairs.

[babbling]

I think you're completely missing the point, here.

He's not disputing the fact that he needs to install the patches for security reasons. He's upset because this puts him in a situation where he has no other choice other than to agree to the new contract. This is an unfair situation. Microsoft should be providing the patches without any additional conditions.

Re:It's Legal

[ScepticOne]

If anyone buys anything off the shelf for security, they probably haven't done their homework.

Linux is, in general, significantly better than windows, security-wise, but that isn't really saying much.

If you really want security, start with something like openbsd, keep on top of updates, and expect that any changes you make to get the system usable/useful are probably going to leave you more vulnerable to attack. And never, ever, think that you're completely secure.

Above all else, remember that all software sucks.

Re:Interesting...

[capologist]

Does it matter? An EULA is a contract. Vendors like Microsoft assert the right to unilaterally change an existing contract. The very notion is offensive.

The good news is that I'm pretty sure that the new EULA is legally unenforceable. It's a well-established principle in law that you can't do that. Congress seems to believe that anything that content producers do is legal and anything that consumers do is not, but I can't imagine that courts would find any merit at all in that position.

Re:Exchange of mutual code

[mrchaotica]

"Offering" a patch while tying it to a different license is entirely unreasonable, and amounts to the same thing as not offering the patch at all.

In fact, what it amounts to is extortion -- an "agree to my [new, unreasonable] terms or the software dies" kind of thing.