Slashdot Mirror
UCITA By the Back Door
InfoWorld's Gripelog airs a subject that should interest this community — involved as we were with efforts against UCITA back in the day. One main aim of the derailed UCITA initiative was to give software manufacturers and content owners a degree of control over users' computers. Gripelog's Ed Foster informs us that UCITA is sneaking back in, under the cover of an anti-spyware bill, S. 1625, now making its way through the US Senate. One clause in this draft bill would legalize what the BSA calls "electronic self help" — i.e., the ability for commercial entities to cripple or disable software or networks on your computer if they believe you are violating their property rights.
"(10) detection or prevention of the unauthorized use of software fraudulent or other illegal activities."
When I hear of something like this, the first thing that occurs to me is how valuable the keys or mechanism or whatever that actually does the "preventing", how badly the criminal element would want to get hold of that information, and the inevitability that this will happen when the right price is found for whomever holds the keys.
In other words, this kind of thing will eventually, inevitably, be used for nefarious purposes.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
That's the best euphemism I've ever heard for legitimized corporate spyware and DRM. Big software companies will finally be able help themselves to my electronic devices.
steampunk web design
So if an entity (any virus writer, for example), incorporates, then it's legal for them to mess with your computer? All they need to do is claim that they have evidence that you are infringing some property rights of theirs?
Is Congress insane?
The real answer is that they don't tend to think of consequences. Rather they are more interested in rewarding their friends and financiers.
You know what, give the lousy ba$tards what they want! They more than anyone else deserve it, and once they start disabling computers willy-nilly it will only beat a path to the OSS door. Why would any company in their right mind turn their entire company over to the trust of a greedy software vendor? They might as well hand over their bank-account numbers and power-of-attorney to BSA while their at it.
It will frankly create a situation ripe for software-license blackmail and extortion.
If they're so intent on shooting themselves in the foot, all the better for the rest of the world. Enough is enough.
cat sig >
GPL Violations is allowed (with author's permission) to break into the boxes of all GPL violators. *That* could be interesting.
Opus: the Swiss army knife of audio codec
consider provisions of this bill "do not apply to any monitoring of, or interaction with, a subscriber's Internet or other network connection or service, or a protected computer, by or at the direction of a telecommunications carrier, cable operator, computer hardware or software provider, financial institution or provider of information services or interactive computer service..."
and "(10) detection or prevention of the unauthorized use of software fraudulent or other illegal activities."
Well clearly, as per the article they are slipping in "any enforcement we choose" actions regarding the ability of the BSA (etc) to pry into your computer with spyware like tools...
But worse, the spyware perpetrators themselves gain free immunity to all their spyware actions if they can proved they are "a provider of an information service" which, in fact, they are. They provide my information to their paying customers.
Now not only is spyware made penalty free (by accident) but Auditing Trojans that "accidentally" destroy all your data while "trying to detect" whether you have stolen Barbie's Big Adventure
The corporations, both legal and illegal, now own your computer in every way that matters.
Ta Da!
Innocent people shouldn't be forced to pay for inferior software development.
--"Code Complete" Microsoft Press
By writing themselves into the law as "above the law", I no longer feel particularly feel any moral obligation to obey the law. The only principle that guides my behavior now when it comes to dealing with the RIAA/MPAA is "don't get caught".
Congratulations, you people just created another pirate.
Done with slashdot, done with nerds, getting a life.
The summary acts like the UCITA failed and is trying to come back. But UCITA passed Maryland and Virginia, and probably some other states too. I think Massachusetts actually passed an anti-UCITA law.
...'Member the "This is your brain on drugs" TV spots, with an egg sizzling in a frying pan? No, no, I don't think you do.
I would be open to this if the legislation placed control of whether software on a privately owned computer should be disabled in the hands of a court rather than in the hands of the software vendor. The problem with this legislation, and all DRM, is that it hands much too much control over to the vendor, which is a conflict of interest. Governments exist to protect property rights, not private corporations or individuals.
I haven't read this legislation. But UCITA most certainly did not do that; it placed control completely in the hands of the software vendor (copyright holder). I think this type of DRM could fly with a real adjudication process that's fair and fully public.
They are certainly interested in rewarding their friends and financiers, but they are mainly interested in sound bite politics. It's an election year.
I wonder, can this be used to monitor GPL violations?
I know - I shouldn't reply to my own posts, but...
If any of you have recognizable credentials in the field, please try to contact your senator or congressperson and offer your assistance in these matters. I've received a very grateful response from my senator for this offer, and I've been called by his office before with questions about issues.
Here's a chance to have more than your "fair share" of influence in certain matters.
Take advantage of it.
Point the first: If they think this won't get hacked, they're out of their freaking minds. You think spyware is bad now, just leave a huge hole in your OS where other people can come in and change stuff. This proposal will make the problem worse, day one. Or should I say 0-day.
Point the second: Accountability. Assuming this could get implemented and be magically unhackable, what all are they actually allowed to do, and who will oversee this?
Put another way, let's say I release an email client that is legal to use for non-commercial purposes. May I read all of your email to see that you're sticking to the EULA? May I delete the ones that are commercial?
How far can this go, and what checks and balances do they propose?
Weaselmancer
rediculous.
"Self-help" is kind of a legal term of the art for any extra-legal means that people use to resolve a dispute without the aid or sanction of the courts, usually with the implication of violent means of depriving people of property in dispute.
For quite enlightened reasons (and the more cynical would say selfish ones too), courts tend not to favor resolutions that encourage self-help. Courts are not going to interpret the phrase "detection or prevention of the unauthorized use of software fraudulent or other illegal activities" to allow for deprivations of or interference with the enjoyment of personal property without due process. This law can't be interpreted in any manner to set up a due process satisfying procedure, so it's pretty much unconstitutional if interpreted to allow remote disabling or (suspected) pirated property.
Assuming that the above language even means to imply the "software fraudulent" is a meaningful term, given that it appears nowhere else in the US Code, and there's no definitions section for the bill. The sentence makes a lot more sense if "...software for fraudulent..." was their intended language.
In that context, it seems less like a backdoor attempt to insert remote disabling into law and more like a phrase in line with preventing malware. UCITA was dangerous because it allowed people to contract away their protection against this sort of thing, which is less constitutionally suspect than just writing into law at large.
If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
There is something deeply ironic about a lot of the hyperagressive IP enforcement stuff going around. Orrin Hatch's self-destructing computers, Fritz chips, and now "electronic self help". All of these things are deeply antithetical to the notion of private property; but advanced under the banner of protecting private property.
I'm surprised(but not too surprised) that this sort of thing doesn't get more attention from the free enterprise and private property crowd; it is, after all, a much greater threat than any of the pitiful remnants of Communism that still survive. If this sort of stuff persists, it will, in effect, be illegal to own almost any computerized device(sure, you'll own the actual hardware; but the software and firmware will be licenced-revocable-at-will from dozens of different firms, all with the authority to poke at your device whenever they want). I'm sure that some of the true believers will comfort themselves with the fact that it isn't the State that is to blame; but private property will be just as dead as if it were.
It's not like WoW is more important than due process rights.
(Not that that's what the bill actually does, but I'm kind of horrified to see someone supporting what the article purports that it to.)
If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
what this might mean (if it actually comes to pass as a body of new laws) is that people will hard partition their various activities.
...I really hate the way laws are mostly just BAD, these days ;( I can't think of a single GOOD LAW they've passed in, well, YEARS.
ie, a work machine (or even many discrete ones), a home machine, a machine that can be task-related and shared, a machine that is ONLY private stuff and no commercial software, etc etc.
so if there has to be 'crap' installed on some box, don't let it invade on ALL your boxes. partition the systems so that you limit exposure or damage potential. contain the 'viruses', so to speak.
there was a slash story about nokia and their 'bright lines' between GPL and private code. same basic idea here but translated to keeping info on separate boxes and limiting what kind of programs get installed on each 'type' of box.
PITA to have to think in those terms, though!
--
"It is now safe to switch off your computer."
I unashamedly admit that I deprived BSA members of profits, and at least weekly encourage clients to do the same.
I encourage the use of BSA-profit-depriving alternatives such as:
* Linux rather than Windows
* The OpenOffice.org and OxygenOffice suites rather than Microsoft Office
* Thunderbird or Evolution+Lightning rather than Outlook
* Moon Secure rather than the buggy, resource-hogging Symantec antivirus
* Scalix, Zimbra, or even good old Postfix rather than Exchange
* Mozilla Firefox rather than the insecure MSIE
* Spybot S&D rather than commercial (OK this one is freeware not F/OSS but proprietary/free as in beer is great when the payware solutions suck!)
* ASSP rather than Symantec's crappy spam filter - which after an automatic update deleted every single email attachment in my Exchange Info Store years ago, which prompted my moving almost everything at the office back to Linux. ASSP blocks more spam, incurs fewer false positives, plus it's FREE/OSS! I implement ASSP for clients running both Windows and Linux mail servers.
That isn't to say I am opposed to buying software, nor is open source software a solution for everyone. I pay for my Linux distributions, I buy Crossover Office and Zend Studio, and I just bought a Windows game. There is an intern at one of my clients wanting to get everyone on open source across the board, and was asking me why I didn't do it. I pointed him to the fact that QCAD is 2D-only, PythonCAD is weak, other CAD solutions on Linux are immature, incomplete, incompatible (no LISP), or in planning stages, plus there would be HUGE training issues. Also, they NEED M$ office for some of the programs they need to run, and several engineering programs they use "might" run under wine, but there is no way the execs would approve of the training cost. We're planning a Linux server for them for some time sheet/project billing software, but there is no realistic way they can dump Windows. As it is, I have OOo.org, Firefox, PDF Creator (no more "pirating" Distiller), 7 Zip (no more "pirating" Winzip!), Filezilla (No more "pirating" WS_FTP), and various other F/OSS and freeware programs deployed there. When I pointed that all out he saw the reality of it: F/OSS is not the BFH that works for every solution, but when it can be used, it should be.
In the architecture industry there are few alternatives to AutoCAD or DesignCAD, both of which require Windows.
Also, for syncing up PDAs, smartphones, etc. nothing beats Windows and Exchange+Outlook.
There isn't a good affordable alternative to Quickbooks - and none that I know of that run on Linux.
You're a gamer? CVS Cedega, Cedega, and Crossover Games may play a lot of games, but not all. Like Microsoft Live games? Linux is probably not the best solution for you.
I recommend F/OSS solutions whenever possible, because it's best for the client, it's best for the F/OSS community (exposure), and it helps keep the market forces (read: Microsoft) keep their prices in check.
The Christian Right is Neither (Christian nor right). See: Matthew 23, Matthew 25, Ezekiel 16:48-50
tm
Support TBI Research: http://www.raisinhope.org
Bad PR used to be bad for companies when people actually cared about anything but their wallet. It's not really a problem anymore.
Remember Sony? The guys with the rootkit? And? PS3s sell well, BluRay won the HD war and they're having a record high in profits.
Oh, you mean not enough media coverage, it was a far too geeky topic? Ok, another example: Nokia in Germany. In a nutshell, they cashed in the bribe, fulfilled just the necessary contract and then laid off their workers and moved to Rumania. Now THAT had media coverage! A national outcry, politicians trashing their Nokia cells in front of cameras and calling people to do just the same to "stick it to them"...
Nokia recovered instantly from the week long "boycott". Hey, you get one of those cells free with your next 2 year contract, how can you lose?
People have the long term memory of a gold fish and their eyes on their wallets.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Maybe balanced with anti-bullshit legislation.