Ask Slashdot: What can we do about UCITA?

Ben Woodard asks: "I've read several articles describing the evils of the UCITA and the fact that it has passed (and this article from LinuxTicker), but not one of them has said anything about what we can do about it. Since it is now only a suggested law and has to be adopted by each states isn't there time to do something? What can we do? Who should we contact? Is anyone organizing a lobby against it? Have the Open Source companies taken a stand regarding it? Is it time for the Open Source community to band together and hire lobbyists to represent our issues to the government?" The UCITA isn't law yet, but you can bet folks are going to try to push it through. Sounds like its high time to go on the defensive.

Re:Yes, we need to fight it

Not strictly true, Bruce. MS documents the structure for Word and Excel documents on msdn.microsoft.com so that developer can use the files in their own work. There's a very large, sad industry of MSOffice add-ons, plug-ins, converters, and so on. I assume that reverse engineering will go the way of crypto and all move to countries that have less ridiculous laws. Germany, I understand, explicitly permits reverse engineering for the purpose of compatibility. --JZ

Re:Nice clause!

Cool, so reversing out a CD-based copy protection scheme because it wasn't compatible with my CD-ROM would be legit then, right?

Re:Bloody control freaks

The day they implement this is the day I start ripping that shit out of my car. I don't plan on any high speed chases with cops, but I really HATE the fact that someone else has complete control over something I own.

One approach

My approach would be to get a bunch of people together, head for my state capital and jump up and down while carrying a sign saying: "It's about time! Vote YES on UCITA!"

I want this to pass

This will be the death of all proprietary software as companies unwilling to bet the corporate farm on software that may or may not contain back doors and booby traps flock to Open Source. Even if Microsoft denies that there's a back door in Word, who's going to believe them? They've a history of pulling shit like that and only fessing up when they're caught. So what if you can't reverse engineer programs anymore? No one will want to run the risk of using any program you can't reverse engineer anyway, so the point is moot. Maybe this will finally give the industry the push it needs to get rid of those nasty, badly designed proprietary protocols that are currently in service. Maybe this will be what finally and irrevocably kills Lotus Notes. Make no mistake, if this becomes a law, it WILL kill every propretary software company in the United States.

HAR!

Sounds like pure M$ to me!

Re:Yes, plenty you can do.

Also, refusing to buy such software isn't going to exempt you from the prohibition on reverse engineering.

Let it pass

It will only do open source good.

Re:Wouldn't that make Samba illegal? Yes.

Read thst clause more carefully. That only applies to a copy that you lawfully have the right to use. A company could always say "your right to use this program is voided if you reverse-engineer it". They pretty much say this nowadays anyway, but under UCITA such clauses will be valid.

what he said.

Yep. UCITA is not a threat, it is the biggest gift yet to the Open Source movement. The harder the proprietary software barons squeeze their customers, the more tempting Open Source looks.

Re:what he said.

[spot]

No. UCITA is a step in the wrong direction. It outlaws reverse engineering. It makes EULAs enforceable.

The tighter they squeeze, the more justification they have for squeezing tighter. Don't count on them going too far, seeing the error of their ways, and then swinging them back.

think of it as war. every battle counts.

information is free.
the only question is:

Re:what he said.

[AArthur]

Well, Reverse Engineering, I don't see to be much more enfourceble then in the past.

When do you call it reverse engineering? I don't see that clearly defined in UCITA, it basically states it's illegal. If you haven't looked at the source code or haven't tried to disemble the program is it reverse engineering?

Okay, I don't see Microsoft going after mom and pop small free software projects -- it would be just a pain in the ass for them (there are so many of them), it would be hard to prove, and most importantly it would be really bad press.

Think of the headlines in the bussiness section, "World's Largest Software Maker--Attempts to Crush all others via. Power of UCITA", "Microsoft Tries to make Populuar Free Product Illgal", etc.

Blunders like this don't look good -- they make the software company look like a large tyrant trying to hurt everybody out there. And if enought software developers just get fed up, they will choose to go with another existing software plaform, and build on top of that (such as Linux, FreeBSD, Mac OS X, Amiga NG etc.)

Reverse Engineering has been illegal for years -- but it's almost never enforcable for sevral reasons:

1) It's Hard to Create Enough Proof
2) Laws allow it partially -- as long as it's not an obivious copy.
3) It's too much time and money to waste on small companies.
4) At least with free software, who do you sue?

There is nobody to sue, as said in the license, except for maybe support companies, which already have rules in place to avoid that. Lawsuits against the FSF won't seem to go to far -- since FSF can claim that software is done by indivuals and not themselfs. And suing a non-profit organisation is quite hard to do legally, especially if they didn't blatently do something illegal.

Re:what he said.

[HiThere]

If a term is not defined in the laws, then it will be defined in the courts. How good are your lawyers?

Re:Resisting the UCITA

It's true that you wouldn't be accused of reverse-engineering free software, but authors of free software might be accused of "reverse-engineering" any proprietary software they attempted to be compatible with. E.g. a word-processor that attempted to read MS-Word documents might be accused of reverse-engineering MS-Word. Worse still, a driver for some new peice of hardware might be claimed to be the result of "reverse-engineering" on either existing drivers or on the hardware itself.

This seems to be a strong disincentive for authors to attempt compatibility, although surely some would try anyway. This, combined with the problem of drivers, means that even F.S. isn't really an answer to the problem, since the maintainers could be sued. The upshot of which is a serious blow to the ability of F.S. to gain wider acceptance.

Now on the other hand, if there were NO central maintainer, or if maintainer-ID's were securely anonymous pseudonyms, this would be irrelevant, since there'd be no (easy) way to find out whom to sue. At that point they'd have to make it illegal to use secure crypto - which they might, but which has the advantage of being far more obviously bad, and therefore (hopefully) less likely to pass.

not quite

We also need to point out the stupidity of UCITA to PHB's when we're pushing Open Source solutions. So in that sense, the original question does have merit. How to best enlighten managers and CIO's about the dangers of UCITA?

Re:not quite

[Anonymous+Colin]

The key here is "Fiduciary responsibility". The reason the PHBs ask "who do we sue?" is that top managers in a company have a legal responsibility to the owners (shareholders) of a company to behave in a fically responsible manner. In other words, if a manager loses money irresponsibly, the owners can sue him/her. Hence the PHB wants someone else that he/she can sue in turn (or, preferebly, instead).

If (once?) UCITA passes, shrinkwrap can (and will) become immune to court challenges and fiduciary responsibility would, IMHO, REQUIRE managers to choose the option that gave them control of the source, seeing as they would no longer have even the theoretical right to sue.

In other words, UCITA could end up leaving managers open to law suits if they *didn't* use open source programs when these are a viable option. Another wonderful instance of the law of unintended consequences!

Possers?

What's a posser? I know what a posse is... "Posser" rhymes with "saucer". //Nicholas Bodley

Re:Possers?

Did you know what he meant you PUTZ.....?? Get a lfe, though I'm not sure if you'd know what to do with one.

Re:Ban on Reverse Engineering may be the worst par

I was surprised by the seeming lack of interest in this point as well, but now that I think about it, how could that be enforced? Who is going to be prosecuted in an open source development effort? The truly paranoid can write under a pseudonym, and/or have someone in another country distribute it. And the end user? Well, do you know how many people use Linux? Do you have any MP3s? Once something is out and/or open-source, it is impossible to track.

double edged sword

You made some very good points but you missed one of the clauses of this legal wopnder. One of the clauses outlaws reverse engineering. Even without being retroactive (which it won't be, I hope) all work on WINE would cease as a result of it being illegal to reverse engineer the Win32 API. Work on Samba would also stop for the same reason. And MS would quickly add the odd 2 or 3 lines of code to the SMB code base, breaking the current Samba relsease. Same with WINE. Want to reverse engineer the Word document format so that you can build Word support into you new word processor...Well, that would be illegal. This is definelty not a Good Thing (TM). -The Voices in Your Head

Re:double edged sword

[AArthur]

Reverse Engineering is kind of a strange thing -- since it is quite difficult to prove... especially if you didn't decompile the program, and how can one prove that you accutually reverse engineered the protocol instead of actually completely clean boxing the code.

WINE is probally mostly designed clean boxed -- I don't see them use Microsoft code themselfs, it is written by the programmers themselfs, and is quite different for Microsoft code (that's why the widgits look different and why some programs refuse to work with WINE). AFAIK, none of the WINE developers have yet to get there hands on Microsoft Windows source code.

So you get a policy like this with WINE: It may be compatible with Microsoft Windows products, but it may not. This is an entirely new set of API's designed to make it easier for software developers to easily port there programs to Linux x86. No code was taken from Windows, nor was any code reversed engineered -- all was based on documented APIs (from various programing manuals or from populuar open source progams) and based on completely Free code.

Samba is kind of the same thing -- it was designed to work with other pieces of hardware, using a protocol similar and possibly comaptible with Windows NT SMB networking, but it contains no Microsoft code, and was not reversed engineered, therefore, none of the developers had access to Windows NT SMB source, it may not be compatible with your network, or it might be. Samaba is a totally new protocol, in which some cases may be compatible with Windows NT SMB, but it may not be.

Making sure that you don't claim your product is 100% compatible with a piece of software, and claiming that your software is totally new, and contains non code from a previous piece of software, makes proving reverse engineering almost impossible to prove.

As long as you can prove your code is 100% clean and contains no code from previous places, and was not reversed engineered, your okay. Since Open Source Software is completely open, and any person can look at it, it would be quite hard to find spefic lines that have been reversed.

Re:double edged sword

[Tau+Zero]

... it would be quite hard to find spefic lines that have been reversed.

You are obviously confusing copied code with reverse engineered code. While it would be trivial to compare two blocks of code line-by-line to see if one had been copied, it is all but impossible to look at an independently-created block of code and see if it was developed by disassembling another program to examine its methods of operation or by just watching its interactions with the rest of the world.

Re:Yes, we need to fight it

As a non-American, I really don't care about this law, except insofar as it affects the developers who live there and who create software I use (which is plenty)... And also insofar as the American government has a way of strongarming other governments into copying their laws (albeit only somewhat effectively) or signing international treaties which further their interests.

I do like to see absurd, self-destructive laws passed in the U.S., however, as it has far too much power on the global scene, and laws like this which only serve to destroy its productive capabilities just bring closer the day when it's been reduced to the same level as everyone else and we can play fair again.

I'm not anti-American, by the way (trolls take note), but geopolitically speaking, the U.S. is the Microsoft of the world - a virtual monopoly on certain kinds of power, and a tendency to play mean to maintain that monopoly. And the power in question has more to do with mindshare than anything.

You don't OWN the software

That's what the licenses are all about - you didn't purchase the software. You purchased the right to use it. The software companies retain all rights to the software. Read some of the EUA's a little closer and you will see what I am talking about.

In this case, they can use this to push this law through - even though they would have to invade your computer in your house/business in a way a policeman can't do without a search warrant!

If you don't like it, then get a really BIG mouth and get all your buddies to voice up too. If you don't care now - you will later. This law will affect more than just 'illegal' software - it will severely hinder the computing industry as a whole and return us back to the black ages when only one program would open a particular file and no cross-application file sharing was possible.

This will even hurt the Open Source movement by giving corporate entities like Microsoft yet another legal tool to use against us. Believe it - when they get the oportunity, they'll go against individual programmers and shut their projects down. No Gnome, no KDE, no Samba, no a lot of apps. Then M$ would really win and the computing industry would lose BIG TIME!

US Problem

Making note of the fact that this is a US problem the rest of the planet shouldn't even have to worry. What's the courts going to do? Fine us?

Re:US Problem

No bozo, MickeySoftware will whine to the US government who then lean REAL HARD on YOUR government to throw your ass in jail.

Re:US Problem

[Wah]

Of course, when every copy on Windows need a key from M$ to install you guys should be just fine. (serious question) Anybody know what percentage of software is created in the U.S.? What percentage of the Internet?

Also, what kind of implications would this law have on Internet based apps (organizers, e-mail, word procs, yada yada yada)?

Easy solution

Problems caused to Free Software by this law can be avoided the same way as crypto export laws: Reverse engineer the software somewhere else than U.S.

probably not

I can't imagine this ever happening, as there are too many forces present in the market which would make it bad business for either a hardware or software company to engage in such practices. There are two cases to look at: hardware and software (please let me know if I'm twisting your arguments too much)

1) Software requiring hardware - a certain piece of hardware requires the use of only a certain brand of software on its systems, or else some or all functionality will be disabled.

a) Any such block would be cracked quickly
b) Consumers would unanimously prefer an equivalent product without such blocks, hence market pressure favoring a non-proprietary system

2) Hardware requiring software - (same situation, reversed)

a) hardware manufacturers like having as much software support as they can get, and wouldn't want to restrict certain types of software from running on their systems (Intel is allowing a Linux port to Merced, etc)
b) This would drive people in droves to other options. Even the end user wouldn't stand for buying Word if it required they also had to buy a Dell. Most would either head over to an open source solution, or a competitor (eg. Corel), and again market forces prevent the extremely proprietary systems from succeeding Thus, I don't think that this would be a problem in the long run. The only aspect of this bill which concerns me is the no reverse-engineering clause, but I think that it would prove to be nearly unenforceable in worldwide opensource development projects.

Re:probably not

Once again naivety and self-styled expertise rule on Slashdot...Think this won't happen? Ever hear of Apple Macintosh? Up until this year all Macintosh software wouldn't work unless a certain piece of hardware, notably the Macintosh ROM chips, known as the "Toolbox". Were present in the computer. Had this law existed a couple of years ago then Microsoft would have lost the "look and feel" court battle against Apple and there would be NO competitors for the market to flock to. Can't happen? Boy are you dumb!

Re:probably not

[HiThere]

That's a really nice argument. But it doesn't get me a printer driver for an HP1150C.
It would "obviously" be in HP's benefit to make, or enable to be made, such a driver. They don't, and they won't. They claim to support Linux, too. Everytime I hear their name recently I think to what kind of "support" that means.
I sent questions in about it, and only ever got one reply, which basically said: "O, I'll pass that request on to the developers." That was over 6 months ago.
I don't think it's a WinPrinter, either. I think they just won't tell. But they won't even tell me that.

UCITA: Something you can do

Contact one of the national organizations concerned with civil liberties and make sure they're well aware of what this law says. I doubt the aclu (www.aclu.org) would consider this under their 'jurisdiction' but there are computer liberties groups like the Electronic Frontier Foundation (www.eff.org) who would take an interest in it.

the "Grandfather clause" was actually really evil

The constitution bans "ex post facto" laws, which is to what you're referring. The term "grandfather clause" dates from efforts to prevent blacks from being able to vote in the post-Civil War South. Many former slave states passed literacy requirements for voter eligibility, allowing poll officials to disqualify as "illiterate" anyone who didn't know the answer to obscure questions. The "grandfather clause" said that anyone whose grandfather was an eligible voter automatically qualified irrespective of the "literacy test". This exemption gave all whites the right to vote without explicitly mentioning race.

Welcome to big-time software licensing

Not knowing all the ins/outs of UCITA, I can only say that is sounds a lot like what I have dealt with for over 20 years with mainframe software. For instance with SAS, your co. signs a contract with SAS agreeing to pay X dollars for use of SAS for one year. Then, after you get the installation media, and follow their installation instructions, you call SAS' support number, identify your co., they look it up on thier terminal, find you are paid up, and run a routine to generate a hashed key, and read to you over the phone. You then carefully type it into the right file/dialogue, and presto! SAS will work for 1 year (plus some grace period as I recall since they want to give you time to get your purchasing people and their payables people to get the payment made). Each year that you decide to keep using SAS, you go through this routine. After all, you get updates and tech support with this. Now most PC software arrangements for individuals do not work at this level, but enterprise PC software management has been moving in this direction for some time. With something like SMS, I can see how M$ would extend this practice in an enterprise environment, but it would be quite difficult to apply to personal/home use. Individuals would be highly motivated to find a less onerous replacement that would not have this built-in payment cycle whether OSS, or a commercial, competitive product (a WordPerfect comeback opportunity?). (Please forgive the typos, but using Lynx to create this is a bit "challenging" ;-)

passed? why do you morons keep saying that?

It hasn't passed anything. It's a recommendation to the State Legislatures. Granted, the Legislatures tend to follow it, but this one seems a bit...eh, controversial.

If one of the fat cat bendover.net morons that runs this site would get off their ass and post a form letter we can print and send to our legislators (as well as the legislator list by state) we might be able to beat it.

otherwise, there is a link elsewhere in these posts about the acm.org letter, that's probably a nice start.

Would this make IBM clones illegal?

Wouldn't the anti-reverse engineering part have made it impossible to clone the IBM PC? Originally, when IBM made their first desktop PC, everything was built using off-the-shelf components, and likewise, there were no problems copying the hardware. However, there was one thing that could not be copied: the BIOS. The first company to clone the PC (I think this was Compaq) had to essentially reverse-engineer the the BIOS, and write a new BIOS that had the same functionality as the first.

If this law was passed before the BIOS was reverse-engineered, would that mean it would be illegal to clone the IBM PC, and we would all be paying more to buy our computers from IBM?

Make one state crack is all you need...

If one state ceases to honour UCITA or rejects it then people will all buy their software in that state to avoid license perils that endanger their businesses. Remind your represntative about that remind them why every corporation is registered in Delaware. This is one state's great chance to be the Delaware of software sales

Re:only one problem with the law.

I think Samba would not be reverse engineering if the authors have gathered their information by watching unencrypted MS packets on the network to determine the protocols. To me "reverse engineering" is disassembly of existing code for the purpose of creating an equivalent product. Samba runs on an OS that MS doesn't support and is obviously different from NT file services. Now if MS decides to encrypt the network packets so that only W9X and NT can deciper them - that might make the issue murkier. But MS CAN legally do that right now, which would make it very difficult for Samba to operate.

M$ Wins Round 7

I find the "reverse engineering clause" to be the real meat of UCITA. Imagine if you could never have developed and legally deployed SAMBA. What about the current fight between Microsoft and AOL concerning instant messaging? The interoperability of todays software is often based on reverse engineering. A good example ..... StarOffice. StarOffice is able to use Microsoft file formats. What about Conversion programs? If this law is enacted then every software development vendor will have a monopoly on any product it produces that is not based on open standards (ie... ICQ). Not necessarily a bad idea when you look at M$. Don't get me wrong. I'm for open source. My biggest question- Does Microsoft already have the ability to turn off your software? Are they just waiting for this law to be enacted? Wasn't it Microsoft maintaining information it gleaned from your PC? If you don't think M$ has a few items hidden in their software you have never been inside the hidden world of Excel97 (I kind of like the surreal landscape you fly across. It would make a nice screensaver.) My point? I have migrated to OpenSource as much as possible. I also freely give my opinion to those who are still MicroBlinded (Just Made that up. I like it. I wonder if Webster would include it.) j.middleton@mciworld.com

Re:M$ Wins Round 7

[anatoli]

> A good example ..... StarOffice
Made by StarDivision GmbH. What's the point, again?
--

Standard Letter... here's one

Loren Osborne posted a good one as part of the July 30th discussion. Very clear explanation of the issues, with analogies the non-technical should understand. It's here.

Re:Standard Letter... here's one

[OnyxRaven]

Both of the letters presented in that link are very good, and either could be used.

I still really think that one of the more major orginazations need front-page links to these types of letters. Wether they are sent by email or by snail mail they are still seen by the legistlature. Send them to your local, state, and national representatives and senators. Send links to colleagues and friends that may be interested in the topic. Get The Word Out in other words.

If I get time tonight I might write a quick page that has links etc to all the important sites, with example letters and such. mmm... javascript.

The Whole Commission Sucks

I was looking at the University Of Pennsylvania web page, and this proud organization appears to be funded by the states, but nearly always suggests radically pro-business laws.

A proud heritage since 1899 or something. This is the root of the problems in our society -- the public is getting ripped off to fund these sickening groups that are nothing more than political action commitees for companies.

The law is bad enough, but to see the crimes this organization has committed by circumventing the democratic process for 100 years WITH OUR OWN MONEY is ludicrous.

Not only should we fight UCITA, but the state funding for this group of pro-business lawyers should be halted immediately!

hmm, i think it could only do good for open source

Think of the sales pitch we could throw. "Hey we won't take the software back after you paid" "It's yours, keep it." I mean, why would i want the code i have 10000000+ copies of anyway? hmm... I think the end-users would only love to hear from us.

Write the congressman

Well, the only logical answer I see, is to write your local congressman. That's what many of my IRC friends did. I wonder if I can. The problem is I'm not a US citizen -- I'm a legal alien, pending a green card. Would it be appropriate for me to write to the congressman as well?

Look at the president's bio!

http://www.nccusl.org/#leadership

http://www.lynnjackson.com/gnl.htm

"Gene Lebrun has been practicing with the firm in Rapid City since 1964. His areas of practice include business transactions, business litigation, tort and contract litigation, real property transactions, public utility, higher education, and intellectual property law."

Oh yeah, this guy's really going to support anything for the little guy.

Funding by your state taxes!

Another view of the "self-help" proviso

I've been a consultant/contractor for many years and occasionally I have had to deal with companies that have refused to pay for services rendered - usually because they had more bills than money and meeting payroll came first. It would have been much less stressful for me - and possibly for them - to know that I had a right to disable their software if it wasn't paid for. I would only have done it as a last resort - and possibly not even then. But before this law it would have been illegal.

Disabling someone's software is a radical and hostile step. No software company or consultant wishing to stay in business for long will play this card indiscriminately.

By the way, is there a definition of what constitutes "reverse engineering?" Does MS have the legal right to keep someone from decoding a Word document? WordPerfect will read Word documents. Did Corel infringe on MS? Does MS infringe on Lotus when they decode a 123 spreadsheet?

The nice thing about bad laws is that they tend to get the bullies all riled up. Pretty soon the law gets sent to the Supreme Court.

Re:Yes, plenty you can do.

That's the thing, though. UCITA now makes it possible to bind a person to a contract (i.e., by "opening the package") before they've had a chance to actually READ the contract. Are not existing IP laws (trademarks, copyrights...notice how I left patents off. Patents, imho, are a *process*, not an end product. Software algorithms and ideas do not fit this patent scheme very well. The most obvious analogy to software to me is a drug. Pharma gets a patent not necessarily to protect investment in DrugX, but in the process to *MAKE* DrugX. Drugs these days are pretty specialized, and it seems like there is only one likely way to make a drug, so this works... but software is vague enough that patents seem like they shouldn't apply) enough to protect software? Why does no one in a place to actually have an effect on this (Congress, Legislatures, Courts) ask this?

SAMBA style RE not prohibited by UCITA

>If "reverse engineering" is banned, then open systems and system compatibility will be victims.

Federal law already guarantees the the right to SAMBA-style reverse engineering:

17 U.S.C. 1201 (f) (1999) ("a person who has lawfully obtained the right to use a copy of a computer program may circumvent a technological measure . . . for the sole purpose of identifying and analyzing those elements of the program that are necessary to achieve interoperability of an independently created computer program with other programs, and that have not previously been readily available to the person engaging in the circumvention, to the extent any such acts of identification and analysis do not constitute infringement under this title.").

Re:SAMBA style RE not prohibited by UCITA

[mcc]

i think that federal laws automatically take precedence over state laws-- i mean, it seems like if a federal law specifically states that something is legal intead of simply failing to outlaw it, that would keep a state from outlawing it?

are there any lawyer-type people reading who could elaborate?

Re:SAMBA style RE not prohibited by UCITA

[Tau+Zero]

Federal law already guarantees the the right to SAMBA-style reverse engineering

Not necessarily. That just means that reverse-engineering is not a violation under 17 U.S.C. 1201 (f). If a state adopts UCITA, it would be a crime in that state.

However, unless UCITA also criminalizes the use of the product of reverse-engineering, you could use reverse-engineered code written elsewhere, or write your own code in conformance with a specification derived from RE efforts outside the reach of the offending states.

Let's hope we can kill this before we need to.

Re:SAMBA style RE not prohibited by UCITA

[Tau+Zero]

i think that federal laws automatically take precedence over state laws

Where there is a conflict. But just because a section of one law in one place says that act X is not a violation of that law, it does not mean that another law in another place cannot criminalize act X.

If you look at the badsoftware.com web site (like an idiot I forgot to bookmark it), you'll find examples of ways that a company could write a license to prohibit use of the product for purposes of reverse-engineering. Under UCITA, a company could sell you software under a "license" that you couldn't examine until after you'd paid for it, and under the terms of that license prohibit you from doing anything to analyze how the software works or compare it against other software (like McAffee prohibits others from publishing results of tests without their consent.) Go to the site and read the papers.

Re:Yes, we need to fight it

MSXML: Yeah, XML. But all the doc-specific stuff is stored in the XML as ActiveX controls. I think that MS just morphed the OLE Document Container to XML...

Re:Yes, we need to fight it

Word isn't documented that much. XBIFF5 and 7 are documented OK. The kicker is that the OLE Document Container (file system within a file...that's what Office 97 uses to contain the actual binary file format stuff) isn't all that well documented...

Re:Open Source should embrace this...

...and neither does commercial software. Have you read a shrink-wrap license recently?

Re:Wouldn't that make Samba illegal? No.

This type of reverse engineering is expressly permited by the feds. This supercedes any state law

17 U.S.C. 1201 (f) (1999) ("a person who has lawfully obtained the right to use a copy of a computer program may circumvent a technological measure . . . for the sole purpose of identifying and analyzing those elements of the program that are necessary to achieve interoperability of an independently created computer program with other programs, and that have not previously been readily available to the person engaging in the circumvention, to the extent any such acts of identification and analysis do not constitute infringement under this title.").

Re:Wouldn't that make Samba illegal? No.

It wouldn't make samba illegal, but it sure would make the creation of wine illegal

Re:No, nothing you can do at all.

Mail her anyway. It only takes a few moments, and she has a right to your opinion. I know every one has a right to mine.

only in the USA

These reverse-engineering clauses would only be enforceable in the states that recognized UCITA, correct? Even in the worst case (every state recognizes UCITA), reverse engineering will still continue abroad. SAMBA, for example, was originally developed by an Australian.

An interesting question is, what happens if a US citizen illegally contributes to a reverse engineering project? Will the entire project be 'contaminated', or will only the US citizen be subject to censure?

Re:only in the USA

Or... what if SAMBA becomes contraband in USA due to its reverse-engineered nature. Product of an illegal act....

Re:only in the USA

[Beethoven]

Or... what if SAMBA becomes contraband in USA due to its reverse-engineered nature. Product of an illegal act....

That's when I say to hell w/ it, I'm packing my parka and heading for Sweden..

Re:State Attorneys General

really... what did happen to slashdot's angry "kill the demon" aditude when these things came up? everyone is acting like they learned to think ahead for once....

Re:Promote Open Source Software

And the UCITA I suppose, will make the [L]GPL as powerful as other software licenses. Sounds fair enough to me =) Once developers flee to GPL, they can never go back !!

On the RE part: I think reverse-engineering the DATA FILE FORMAT / PROTOCOL, etc. is not covered. UCITA only covers the RE that "translate machine-readable source-code into human-readable source-code" (i.e. disassembly) so I guess SAMBA won't be affected.

How about WINE? Well, the license agreement only applies to the MS OS. We can still write programs that calls their API and include the whole symbol table, debug symbol, etc. and release the code in another license. Thus, we don't have to RE the OS itself, only the APPS that don't have such a stringent license agreement. In fact, WE can write those apps ourselves!!

only one problem with the law.

I don't have a problem with companies shutting down illegal computers. That will only help Open software. I do have a problem with making reverse engeneering illegal.

Wouldn't that make Samba illegal?

Rodger

Re:only one problem with the law.

Well sure, NOW they have. Would MSFT have done that if it weren't for Samba? I really doubt it.

Re:only one problem with the law.

Not really. Microsoft has published the specs for most of the SMB/CIFS protocol.

Re:only one problem with the law.

[Glith]

Yep. And MS Instant Messanger

Order and Chaos

A ban on RE would be devistating in the short term. But consider the possibility that since free development is inherently faster and more innovative than proprietary development, eventually free software may be setting the standards instead of reverse engineering them. In the mean time we just have to hope to Bob that nobody manages to prosecute.

Also, might it be possible to hit MS for all the reverse engineering they do? Or are they perhaps planning to enter a new phase of thier strategy, with an even more in-house mentality and all-MS standards? Or do they think they're above the law? Maybe they are, and I'm just dreaming that this law could be used against them. Besides, even if it could, this would be small consolation for the losses that everybody else (free and proprietary alike) would take if RE is effectively banned.

However, even considering the damage this could do to free software if it passes, its only possible ultimate effect is to create instability in the software market, and instability is always good for the revolutionary. Imposition of order equals escalation of chaos.

"The more you tighten your grip, the more star systems will slip through your fingers." --Leia

Re:Order and Chaos

[argathin]

Also, might it be possible to hit MS for all the reverse engineering they do?

Makes me wonder: If you're not even allowed to take their software apart, how do you prove that they did reverse engineer parts of it?
Or, to take this further: How, for example, could we prove that they're using GPLed stuff?

Worried (even though not located in U.S.A.),

Argathin

Re:Order and Chaos

[Wah]

However, even considering the damage this could do to free software if it passes, its only possible ultimate effect is to create instability in the software market, and instability is always good for the revolutionary. Imposition of order equals escalation of chaos.


I think if this passes and is enforced it would be devastating to the free software movement. Far from creating instability it would create total software dependance, moving from vendor to vendor would be made more difficult and extremely expensive.
What this does is lock down the status quo, which would have to be the big reason M$ is supporting it.

Linux isn't to the point that most folk can trash M$, so they'd be stuck and then totally unwilling ot move.

Re:Script Kiddies go wild with new DOS attack.

...but *YOU* can get in trouble for this just like a virus programmer/sender can. No matter the justification, you will have disabled someone's system when you had no right to. But as far as the remote disabling, I guess even in Real Products where one does not own the product the company (or lienholder) cannot remotely disable your vehicle. Thank god for that. Sure, your vehicle can be reposessed, but that means someone actually comes and takes the car. Lots different than doing reverse-LoJack and terminating your car's engine computer.

Re:Ban on Reverse Engineering may be the worst par

...there is a nifty clause in the Constitution (would the Constitution be able to be applied in this contractural/common law matter?) that says you cannot be punished tomorrow for something that becomes illegal today that you did yesterday.

In other words, Samba won't be made illegal. But future work on it will probably end. MS can then put in whatever BS crap (i.e., extend it, basically adding new protocol to it and not using most of the current, published parts of it) they want to. But then the rest of the world adopts OpenSMB (the former Samba), with help probably from IBM, and like what TCP/IP has done to proprietary protocols like IPX, SPX, etc., will happen to MS-SMB too, as hopefully router co.s limit their support to the "open" SMB protcol spec, and thus ignorning MS extensions.

But I have a backyard of flying pigs, too...

not very clever

Hi, I live in Belgium and to me this whole matter doesn't mean that much yet. But it may even become an advantage for me, and this is why : If the US bans reverse engineering, it will still be done, but it will be done in other countries. The US right now has a lead in software, if they block this by diabling reverse engineering, this type of software development wil not stop, it will move. Software development can be done anywhere there is electricity. So probably you'll see a lot of the development (and therefore the economic benefits) move to Europe and Asia. And I admit they might pass that kind of legislature in Europe too (although I think a law like that has to be passed country by country in Europe). But it never will get passed in Asia. So unless the US wants to see Europe and Asia to become the high rollers in software development they'd better think about what they're legislating. Nevertheless i can see that if this law gets passed in even only some states it will result in a noticeable delay in the progress of software development (and possibly hardware development too), which is a Bad Thing (tm). So I'm wondering if there's something a European can do. If anyone knows, please tell me.

A cynical (but sadly, probably accurate) response

So what? It's quite clear that UCITA is big business friendly - screw the little guy. And if thousands of small businesses go under thanks to backdoors built into software - is this really a problem?

Think about it. The Gov is not always your friend.

Re:Wouldn't that make Samba illegal?

yes.

2 of 2

i wrote as well... mercenary_4_hire@hotmail.com

Re:Potentially worse for M$ and others like them

Don't forget, long long ago, Bill Gates bought DOS from someone else... Microsoft has -never- had an original thing going for them.

People Please Support the UCITA

The UCITA, when approved and enforced will serve to strengthen the position of the open source community. 1. Restrictive licensing practices make products such as Linux more attractive to IT staff and management. What managers hear before I install a Linux/SAMBA file server: Blah blah blah blah blah blah, plus we do not need to wory about maintining NT client or server licenses. 2. To shield yourself from microsoft's prying eyes, would you rather use Microsoft Proxy server or Linux/FreeBSD for your firewall? Please note, I am against piracy as much as the next guy. However, I have yet to find a single electronic license registration program that actually works. Screw up your registration, they screw up your system. Sigh. Slashdoters: Please do your part and support the UCITA!

Re:Write your state legislator!

I always considered reverse engineering to be learning how something works. If you prohibit reverse engineering, you might as well prohibit learning.

Re:Politics vs. Markets // it's far worse.

Of course if this becomes law then software manufacturers won't have to put any terms anywhere on or near their products for you to find unacceptable. Part of the UCITA states that software manufacturers don't have to inform their customers of any of the licensing terms. They can either have no accessible licensing terms or simply omit the unacceptable terms

Such as:

"By registering this product you are agreeing to not utilize any non-standard* partitioning or OS scheme offered by any distributor other then Microsoft Universal Unlimited Megacontrol Group Inc.

*Anything we don't like geek-boy!"

Also this could crush the free-software movement which is only succeeding financially because of reverse engineering OS like Unix, VMS and Mac. Reversing windows apps and making emulators for the more popular operating systems.

If they can't reverse engineer this stuff then they can't draw in people from other markets like windows and Mac. Also Microsoft could dramatically change, no one could reverse engineer their new stuff and they won't be able to provide an alternative like they have been (which is the cornerstone of the free software peoples success) and all those stupid people with all the money won't buy into things like Red-Hat.

So if this goes through Microsoft will be able to regain control of the market (be making it easier to crush smaller companies like Red Hat), corner the American market utterly (by making free software unprofitable) and completely destroy Americas ability to compete in the global market (because if all we have is windows we're screwed).

Re:Ban on Reverse Engineering may be the worst par

Doesn't this only apply to the United States?? I mean, can't everything just continue on everywhere else leaving the US in the dust. I'm sure once that happens, people will wake up and repeal this law. Maybe that's what it takes, a large amount of financial damage to the industy to realize how stupid they were in the first place!

Re:State Attorneys General

Andover.Net took over and SlashDot became for profit...that is what happened. The situation is repeated all over every day it is called sell-out. If slashdot stirs too much shit now the boss gets unhappy. How is Corporate life at slashdot these days.

Re:Script Kiddies go wild with new DOS attack.

The kiddies may be M$.

And how 'bout the other way around?

What if a certain manufacturer, let's say Micros~1, violates the license agreement is the other party (the customer) then allowed to shut their operation down? I seem to remember something about a certain windows-refund day. What boiled down to Micros~1 violating their own license agreement which in my eyes invalidates the license agreement comletely, or are customers the only ones bound to license agreements? This seems a wee bit unfair to me!

Oh no?!! What ever shall we do?

I have an idea I've been dying to try. Get on a boat, sail into the middle of the ocean, declare myself an independant state, and live off of fish and filtered water the rest of my life.

Re:Oh no?!! What ever shall we do?

[mcc]

interesting point. but you wouldn't have to declare yourself an independant state-- just go into international water.

There are already companies that get people on boats, go ten miles offshore where you're no longer under the control of any one state, and then do things which would be illegal under the anti-gambling laws of the state they're located in.

I'd assume that would mean that any reverse-engineering done on a boat eleven miles offshore would be untouchable by USCITA and legal. Unless USCITA intends to make _usage_ of reverse-engineered software illegal, in which case a lot of IBM-combatible PC clones are immediately contraband.

Re:How can somebody INTERNATIONAL fight this?

Research trade import laws and trade agreaments, try to find some clauses in which this is in violation. If you do find something, send it to people in as many of the states as possible, and the other commonwelth countries (to see if they have the same or a similar claus). Get it looked at by a lawyer. Then get your friends in the states to tell the local buisnesses and Gov. officials that if they use it they may not be able to import to other parts of the world, and thus could hurt the local economy. (the people mumble, but money screams)

Or you could write essays on how it will ultimetley hurt the software industry (get americans to do some finishing touches for that local flavour)

More Canadians should get involved in american politics, it'll speed up the in vasion plans :)

Re:But what can I do?

I'm in Canada, so no US congressman is going to give a lick of difference about what my thoughts are (I can't vote for them, so what good am I, right?). However, as it's been mentioned before, Canada always bows down before the mighty US and we wind up getting screwed by their laws almost as much as their citizens do. I don't want to see this law take effect, but what can I do?

www.badsoftware.com

Check out attorney Cem Kaner's excellent, comprehensive site concerning UCITA: http://www.badsoftware.com . He attended the NCCUSL meeting in July and has been heavily involved in this debate.

UCITA also affects writers and photographers, not just consumers of software. Electronic publishing will be covered by UCITA, not the UCC. My understanding is that you will have to negotiate separate agreements with your publisher when publishing in the traditional and electronic mediums. To read Kaner's discussion of this topic, go to //http://www.nwu.org/pic/ucita2.htm.

Kaner's site also contains the letters from the attorneys general to the NCCUSL. Not to mention plenty of other UCITA-related items.

Re:Politics vs. Markets

Unfortunately, normal market forces don't appear to apply to Microsoft software, as we all know. It is darn near impossible to prevent millions of lemmings from purchasing their software simply as a matter of course.

I have just one question.

Would it be illegal to _use_ the products of someone else's reverse engineering under this law? If yes, then we must fight it. If not, I don't see what the issue is.

Open Source should embrace this...

After all the law pretty much absolves the programmer/vendor from any responsibility, and OSS doesn't take responsibility for any of it's apps.

There is some organized opposition to UCITA

[Thalia]

Attorneys general don't all like UCITA. For example, California's attorney general has critized and expressed opposition to UCITA. See an excellent summary page.
The de facto clearinghouse for legal briefs and position papers from all sides in the process is the "Guide to the Proposed Law on Software Transactions" provided by Carol A. Kunze.
Now that the National Conference of Commissioners on Uniform State Laws has passed the the UCITA, each state individually has to enact it into law. The best thing to do is to write to the Attorney General in your state, expressing your opposition to this law. Please couch it in terms of economic harm to industry. Remember that rants about free software probably won't win you friends in government.

Re:Promote Open Source Software

hes got the right idea. we have many end-users that really lack the skills to respectably own a machine, but do anyway... and their rights are as good as ours. surely we cannot throw away "oss's greatest gift" for them... it all boils down to the need for linux for the masses. get that down, and have this put a major disadvantage to using commercial softs, and open source will win out much sooner then it was first predicted.

Re:Promote Open Source Software

Anyone stupid enough to buy software under those terms deserves exactly what they get.

That means anyone who is using commercial software. While it might be good for open source in the long run, it still hurts a lot of innocent people in the short run.

Re:Yes, we need to fight it

[kovacsp]

While I agree 100% with your intention, in the end I think it won't make that much of a difference (at least that example):

1. People from outside the US have no restriction on reverse engineering the format. They can then release the results as open source to the benefit of the entire community. (Of course, I don't know if it would be legal, but it seems like a reasonable loophole).
   
2. Isn't MS Word going to an XML format? That, hopefully, would be easily reverse engineerable. (I can see it now...MSXML, oh wait, that already exists :)
   
3. Civil disobedience. I know that I will disobey unjust laws such as these. I'm sure many millions more will as well.
   

Never underestimate the power of the individual

Microsoft's "open" APIs

[Ripley]

Anything that is "xxx-compatible" was created through reverse engineering. Do you think Microsoft published the format of Word files, to help their competitors be "Word-compatible"? People had to reverse-engineer it.

Not to defend MS, but this is actually false. Microsoft does publish it's binary file formats for all of the Office suite on its msdn web site (the Word 97 format is at link and display the TOC). And, before you say that you have to pay for it, that's wrong, too. It is available without a membership to the MSDN. Now that I've said that, I read a passage that makes the file format a little less "open". "To access data within a Word binary file, the file must be opened using the OLE 2.0 docfile APIs, and it must be read with the appropriate docfile APIs." So, it is dependent on the openness of the OLE 2.0 docfile APIs.

Anyway. Microsoft has always claimed that all of their APIs are open. I don't believe them, because WINE has not been completed and has very smart people working on it. There are undocumented APIs. Theoretically, it should have been able to create WINE without reverse engineering. Microsoft knows that even if they publish their APIs, few companies have the resources to duplicate them quickly enough to cause concern (if Corel writes an import feature 3 months after Office XX comes out, that's 3 months that Microsoft has had to sell Office XX without a compatible competitor).

I don't know if the SMB protocol is published at all. I think the Samba team does reverse engineering, but that may just be to optimize (not to do basic implementation).

Re:Microsoft's "open" APIs

[MrKhuel]

Not to defend MS, but this is actually false. Microsoft does publish it's binary file formats for all of the Office suite on its msdn web site (the Word 97 format is at link and display the TOC). And, before you say that you have to pay for it, that's wrong, too. It is available without a membership to the MSDN. Now that I've said that, I read a passage that makes the file format a little less "open". "To access data within a Word binary file, the file must be opened using the OLE 2.0 docfile APIs, and it must be read with the appropriate docfile APIs." So, it is dependent on the openness of the OLE 2.0 docfile APIs.

The usefuleness of those documents is actually restricted by the MSDN EULA (based on the assumption that accessing MSDN from the MS web site also falls under its EULA). See section 2.1.b which contains this passge:

b. In addition, for the MSDN Library, this EULA grants you, as an individual, a personal, nonexclusive License to make and use an unlimited number of copies of any documentary material ("Documentation"), provided that such copies shall be used only for personal purposes and are not to be republished or distributed (either in hard copy or electronic form) beyond the user's premises and with the following exception: you may use Documentation identified in the MSDN Library as the file format specification for Microsoft Word, Microsoft Excel, Microsoft Access, and/or Microsoft PowerPoint ("File Format Documentation") solely in connection with your development of software product(s) that operate in conjunction with Windows or Windows NT that are not general-purpose word-processing, spreadsheet, or database management software products or an integrated work or product suite whose components include one or more general-purpose word-processing, spreadsheet, or database management software products. Note: A product that includes limited word-processing, spreadsheet, or database components along with other components that provide significant and primary value, such as an accounting product with limited spreadsheet capability, is not considered to be a "general-purpose" product.

Thus to avoid a potentially expensive lawsuit from MS you really have to do a "clean-room" implementation of document reading and writing. Its really too bad that is is even legal to hold hostage the data someone creates like this.

Re:Just crack it with reverse engineering!

[J.+J.+Ramsey]

No it doesn't make sense. The SAMBA developers are already known to use reverse-engineering to figure out NT's network protocols. You could find this out by reading trade publications, Linux web sites, etc. Why would a computer have to announce "Here's what user X is doing"? If reverse-engineering becomes illegal, that throws SAMBA's legal status into question, period. That would make any business gun-shy of going near SAMBA.

Re:Yes, plenty you can do.

[Danse]

Why does no one in a place to actually have an effect on this (Congress, Legislatures, Courts) ask this?

Simple. They're either stupid or corrupt.

Re:Yes, we need to fight it

[tzanger]

Umm... Samba originated in Australlia...

contact the ACLU, vote with your cash

[Proteus]

Sorry if this is a repeat, I browse at 2...

The ACLU helps defend matters relating to civil rights.

This, IMHO, is indeed a violation of basic rights, not the least of which is freedom of speech. This bill allows organizations to, among other things, dictate and enforce regulations regarding "proper use" of their software. That means that Microsoft (for example) could say "you are not allowed to use Word to disparage Microsoft" and shut down your license if you do. Given the fact that most people don't read their EULA's, items of this nature can and will appear.

Another effective tack would be to vote with your money. Educate your employer about the dangers of using UCITA-protected software and suggest free or non-UCITA alternatives. It sounds to me from the nature of this bill that would merely allow EULA's to contain clauses allowing things such as remote shutdown -- if product EULA's don't include this clause, then UCITA is ineffective. Simply put, if it's UCITA, don't buy it.

Also, take the time to let vendors know that you will not purchase any software from them if it is protected under UCITA.

Disclaimer: I am not a lawyer (IANAL), nor a lawmaker -- my interpretations are subject to error. Further, I am human... :P

Posted by the Proteus

Good either way

[clasher]

As I see it this can only be good news for the Open Source movement. If it passes then IT professionals will begin looking for cheaper solutions. If it doesn't pass it still will raise enough hype to make the Open Source concept so much more appealing.

Why not let it pass ...

[Helmholtz]

I might be missing something obvious (I am up past my bedtime, afterall), but it seems to me that nothing could be better for the alt-OS market (Linux, FreeBSD, Be, etc) then for this bill to pass. When people are angry at a provider of a good or service, they tend not to use/purchase their product. Not to mention the large number of markets that this kind of action could lock out for a company that actually used this functionality ... heh, and you don't think Microsoft hasn't already drafted up a new end user license.

The advantage for the Open Source folk (who I am partial to -- Debian all the way!! -- ) is obvious. This legislation doesn't change the way Open Source products work in the least. So OSes like Linux will be able to carry on as if nothing had happened. Other OSes, like Be, which is not based on an OSS model, have a couple of different options. They can either try to use the law to their advantage and perhaps make a few extra dollars in the short run before they see their customer base dwindle to zero, or they can change their license to explicitly state that they will not utilize the powers given by the legislation. This could then, of course, become the centerpiece of a powerful marketing scheme.

Such a marketing scheme would quite possibly be very effective. Just how mad do you think the average American will be when his copy of Microsoft whatever just up and quits, leaving a nice little bit about sending a check to such and such address if they want to continue to use Microsoft whatever. And then you have the people who have put a second morgage on their house so they could buy Office 2000, and because of either some dolt at a control panel in the hallowed halls of Redmond or a bug in the auto-shutdown software their copy of Word shuts down right as they're putting their finishing touches on that big report that was due in yesterday. It won't be too long before the general public starts to get extremely fed up and begin to look for alternate solutions to their computing problems.

Then there is the whole governmental angle. Do you actually think that the government would allow software to be used in the offices of Congressmen and Senators that could be remotely shut off by some third party. While I don't think the suits at the Capital building are the most computer savvy blokes around, all it would take is either one incident or a buzz about what would happen to peoples' jobs if such an incident were allowed to happen. And who do you think the government would turn to? OS/2? Be? I doubt it. With such legislation in place, their only option would be to go with a form of OSS based software, which is immune to the ramifications of this legislation.

Of course all of this is pure late-night speculation on my part, fueled by a boiler loaded to capacity with 'what ifs', but I just don't see how this legislation could be anything but bad for any commercial software company. Americans will put up with a lot and turn a blind eye to many things, but there does exist a threshold, and once it is crossed things can get very ugly. And I also realize that I've been portraying this like Microsoft would be the only company who would use this legislation to their financial benefit, and while this would certainly not be the case, I think when people read about this law the spooks up at Redmond are the first group of undesireables that come into mind.

You got to wonder where Microsoft's PR people have gone. Public opinion may not matter much in the short term, but if enough of the public hates you, life can be very very difficult. Good press helped Microsoft immensely when they were fighting 'Big Blue' ... have they forgotten that, or have they just ceased to care. I'm not sure which timebomb would cause the most damange.

Well, to anyone that has gotten this far, sorry I've burnt up so much of your time with my frivilous surmising, but hopefully you found some small pieces somewhat interesting and/or mildly entertaining.

So automate the response. make it a 'service'.

[Nathaniel]

If you set your machine up to respond automaticly, and documented it in /etc/issue or a web page or something, you could claim it's a 'service, freely available to anyone who does such and such', and if a script kiddie sets it off and gets burnt, that's their problem. Particularly if you warn against misuse in the documentation. Of course, this all hinges on the fact that they shouldn't be misusing your system, and should have read the documentation.

what does UCITA matter?

[Dr.+Know]

UCITA sounds like a fair law to me...and i could
really care less, i don't use any software that
has such restrictive licenses that would need to
be recalled in such a manner.

also, how do companies plan to remotly shut down
their products? i don't see how you can't just
undo what ever they do to disable it (edit windows
registry, reinstall software, block w/ firewall),
of course, this would be piracy i guess, since
you're no longer authorized to use the
software...but if you break the license, even w/o
UCITA, couldn't MS just call you up and demand you
stop using Micosoft Foo '99?

Re:what does UCITA matter?

[bgarrett]

The problem is that while individuals may not choose to use software with such (comparatively) draconian licensing terms, every day of our lives we are affected by people who do use that software -- the word processor at the office, the application development environment, etc. etc.

I don't think any technical solution would NEED to be implemented for remote deactivation. That opens up a can of security worms that I'm sure most big software houses are sick to death of by now. In today's lawsuit-charged climate, if a ten ton boulder rolled down the hill and a lawyer issued it a cease-and-desist letter, that boulder would stop -- legal pressures are quite sufficient to implement the remote-deactivation clause.

I sincerely doubt that the level of remote-shutdown "license recrimination" that many people are predicting will come to pass. It's much more likely that the no-reverse-engineering clause and the slippery-slope principle will get a lot of people. After all, how much time before the Samba team (housed in Australia) will find themselves on the business end of a lawsuit from the Australian government after something like UCITA passes down under?

Politicians are stupid: Law of Nature

[Morgaine]

Instead, kill a million birds with one stone by replacing all career politicians by community delegates with strict 1-year tenures, rather like doing jury duty, requiring all laws to take 2 years to be voted in, and banning all access to government by external lobbies.

Then, stupid delegates wouldn't matter, nobody would have time to build up a power base which is the root of all corruption in politics, and there would be far fewer stupid laws passed because the absence of lobby power would mean that delegates would only create laws if the topic interested them and hence if they knew something about it from their previous occupation.

But hey, obviously that won't happen, so we're stuck with a totally assanine political system. Don't worry about it. Nanotech is just around the corner, and then everything will change.

Only if they do good cryptography

[bill_mcgonigle]

Fortunately good cryptography is rare. A secure key exchange would be unlikely to break. I have more ideas on how to make it impossible to break secure cryptography, but I won't post 'em here for fear "they" might implement it. Just say I've seen it done in research.

I can't edit?

[bill_mcgonigle]

I meant to say "I have more ideas on how to make a software distribution system that's impossible to break with secure cryptography" but somehow hit sumbit instead of preview. need coffee...

Remote Shut Down

[Hal+Roberts]

Once UCITA gets passed, software companies could do something similar to what DIVX players did. Require the program to contact some central server once a month or so. If the customer is still allowed to use the program, the central server will send the program the insanely large private key that goes with the correct one of a large sequence of public keys stored by the program. If the private key matches the public key, then the program will continue to work. Else, the program will shut down until someone feeds it that private key.

The strength of this plan is that it requires action on the part of the installed program. So simply blocking communication between the installed program and the central server will not help you escape the restrictions. Similar safe guards could be used to make sure that you don't just reinstall the program (every freshly installed program needs to contact the central server for a new set of keys, etc).

Nothing is completely secure, but the above setup could be made very hard to circumvent.

State Attorneys General

[unitron]

Aren't a bunch of Attorneys General, about 10 or 12 states' worth, fighting this?

(was this story really up for over 2 hours before someone posted? none of whom felt compelled to holler "First Post!"? Is this still Slashdot?)

Re:State Attorneys General

[Stinking+Pig]

Hey buddy, who are you accusing of thinking ahead!?

I was busy slamming my head into the wall repeatedly, that's why I didn't jump in earlier. But now that I'm here, L1nuX R001Z!

Re:No, nothing you can do at all.

[Jeff+Monks]

I personally email every congrassman, and state legislator I can, whenever something like this come's up (I did for this action too). Unfortunately my email is apparently one of four:(

No, the problem is that legislators (or, more accurately, their staff who deals with correspondence) know how easy e-mail is (and how easy it is forge a lot of messages to fake a groundswell of support), so they don't lend it much credence. I would guess that one real, paper letter is probably worth at least twenty e-mails.

That said, an e-mail is better than nothing. But if you really want your voice to be heard, send a paper letter, or call your representative's office. If you can't or won't do that, at least send an e-mail...

Re:Wouldn't that make Samba illegal? No.

[AArthur]

I am not sure that would make WINE illegal, if you look at the clause you could say WINE is just a compatiblity layer to help ease porting of programs to Linux x86 (such as Corel). It does not contain any Windows code at all, and is simply a system to remap API's from populuar programs, that run on systems with implementations of Win32 APIs or Win32-similar APIs.

WINE could be claimed by it's authors that it's not neccessarly an clone of Windows, but a compatiblity layer, designed to work with many populuar programs, that use these APIs.

Gif/Unisys/Compuserve

[deusx]

Didn't the details of GIF compression get mostly published as well...?

What about a 'Standard Letter'

[OnyxRaven]

I know the EFF has standard form letters for these different causes (which reminds me, they should really get involved in this).

Is there a spot for a form letter for this occasion? I'm sure if it was advertised properly, it could be of enormous help. I know I've not written cause I really don't know what to say without sounding rather dumb. Then provide links to the sites mentioned that provide state legistlature addresses. ...

Re:Promote Open Source Software

[simm_s]

Try GNUcash.
It's no Quickbooks but it is a start!
---------------------------
^_^ smile death approaches.

Shutting down software remotely?

[simm_s]

That will never work, i'm sure people will find a way to exploit it.

That's the obvious problem some not so obvious problems is interaction between programs.
Say program X,Z depends on program Y remove Y and you cripple X,Z.

If X,Z are important server programs, that could take down your network. It would be problematic if you could not reestablish the programs because the network is down and the codes can't reach the programs. Now lets say these are mission critical machines, you can loose millions of dollars in downtime.

I'm sure companies like Netscape have to use Microsoft programs to get some projects working. If Microsoft decides it does not approve of what Netscape is doing, they could disable servers. Could goverments be held by the balls by companies like Microsoft? Who is going to regulate the ability to use this power? I now understand why protections like copyleft and GPL exist. Businesses are not looking out for you, they are looking to get a piece of you.
Please avoid dumb ideas like these they can only cause problems in the long run. Support licenses that protect you, own software and don't let software own you.

Wow it is late let me stop ranting!!!
---------------------------
^_^ smile death approaches.

Bend over bitch.

[Lord+Kano]

What will we do about this? Probably nothing. This piece of rap legislation will get shoved down our throats like the CDA only there is no secion of the Bill of Rights upon which this can be overturned.

We take this shit lying down and the people who propose it get bolder with each pass. You non-thinking law and order types who spout drivel like "Kevin Mitnick is getting exactly what he deserves. Don't give me any of that 'constitutional rights' crap you anarchist!" are the very reason for this. Bad laws should never come into being, if they do they should be nullified.

How long before GM and Ford make an EULA for their cars? You can't reverse engineer your new Mustang, so that design flaws are forever a protected secret under the force of law. If you allow this to happen it will get worse. You can't allow the camel to get his nose under the tent.

This is not some minor change in copyright law, this is a VERY big deal. It has to do with whether or not you have the right to control what is in and on your own computer.

Are geeks the gutless wimps that they say we are? Or are we strong and capable of uniting against a common enemy? UCITA is that enemy. If we can't unite to stop this, we may as well bend over right now, because implied consent to anal rape will be added to EULAs next and there's not a thing we will be able to do to stop it.

LK

create a petition at www.e-thepeople.com

[meme]

Here's a place to create a petition on any subject. There's a list of Congressment, the President and more that you can choose from to receive the petition. I'm not all that familiar with UCITA, so i'm not sure who the petition should go to. If someone will create the petition and post the url here, i'll sign it. http://www.e-thepeople.com

Why UCITA is bad for everyone.

[Graymalkin]

You personally may use all GNU/open source software, but as someone else pointed out with Foobar Inc, your bank, grocery store, ect. probably uses commercial software. With the ability to change license agreements after the sale of a product and the ability to disable software remotely, companies can hold their customers by the soft spot because their customers may depend on their software. You know why Microsoft supports UCITA? They can sell Brand X Inc Windows 2000 Uber-super preium server edition but then Brand X Inc hits it off with an IPO or their product kills everyone on the market, Microsoft says "hmmm, they can afford a hugely inflated license fee now", then they change the EULA so all Uber-super preium server editions need extra licensing fees whenever someone visits a website hosted on the server. Microsoft gets a huge cut of Brand X Inc's profit but then Brand Y Inc which didn't have a successful IPO and hasn't made much money cant afford the new EULA, they go out of business. Don't ignore this or pass it off because you personally use open source software, not everyone else does and you have bank accounts with them or buy groceries from them or maybe they're you're local elementary or high school.

Script Kiddies go wild with new DOS attack.

[Zaffle]

Hmm, I haven't noticed anyone else comment on this
so I will..
Imagine if a piece of software listened on a particular port, and if the right code came in, the software would disable itself.
I could have so much fun with that actually.
Next time some script kiddy annoys you with some lame nuke attack that'll never work (because you don't use faulty software like Windows), just disable their copy of Windows.

Re:Script Kiddies go wild with new DOS attack.

[mcc]

umm.. of course it would be illegal. you missed the original posters point.

winnuking, Denial of Service attacks, and beating random people on the street with baseball bats are all illegal. Yet people do these things, either because they want to hurt the person being nuked/DOSed/beaten, or just because they can.

The point is that if there is some way that the company who made the software can disable the software, then there will always be some way for random hackers to disable the software, whether or not it's legal. And once that way is found, you'll have a thousand script kiddies disabling people's software at random without any thought for the consequenses.

Think about it. I doubt the people who made USCITA did.

- mcc-baka
INTELLECTUAL PROPERTY IS THEFT

Re:Script Kiddies go wild with new DOS attack.

[fnj]

You're too quick to make a distinction about hardware such as cars, and computer software.

Don't look now, but there are plans to mandate that all new cars have engine control systems that will allow cops to shut them off by radio. Does anyone doubt that this will be hacked so the repos will be able to disable your car? Maybe even the neighborhood kids?

Re:Script Kiddies go wild with new DOS attack.

[Trepidity]

somewhat offtopic,

...some lame nuke attack that'll never work (because you don't use faulty software like Windows)

Is that why thousands of boxes running faulty software like Linux were crashed by teardrop.c?

A small example of the danger of UCITA to all

[MO!]

OK, all the advocates who think this is a Good Thing(tm) because it makes Open Source look better than commercial software, consider this (slightly at best) scenario: I have both personal and home business accounts at my local credit union. It's a small organization, completely insured, with good rates. However, being a credit union and not a huge multinational bank, their IT budget is rather tight. Let's say their using FooBar Inc. software for all of their database and financial transactions. UCITA is passed, and the clause in FooBar's EULA states that they maintain the right to change the terms of the license without notifying their customers (a common clause, I'm sure). Then one day, My Little Credit Union, receives an invoice stating that the terms of FooBar's EULA has been modified, and all users of their software must pay a rental fee of twice the original purchase amount, or immediately cease using remove all (now unlicensed and illegal) software from their computers. Since the credit union does not have the funds to pay such an outrageous 'rental fee', they call their attorneys to pursue available legal options. Meanwhile, FooBar Inc. decides that the payment window has passed, and promptly disables their software in use at the credit union remotely. This will stay in effect at least until a judge can hear arguments and issue a preliminary ruling on whether FooBar Inc. has to reactivate the software while fighting things out in court. So, during this time, me and all of My Little Credit Union's other customers have: 1) No way to access our money. Since the computers have been disabled, my account details can't be accessed. 2) Many small businesses are also locked out of their accounts. Payroll checks cannot be issued, nor those already issued cashed. 3) Personal and business bills go unpaid, causing a wide array of problems, from auto repo's, to mortgage forclosures, to business backruptcy and loss of jobs. All this because FooBar Inc. knows that their software is used by 80% of the financial institutions in the world. If one puny credit union doesn't play by their new rules, SO WHAT! All the bigger fish will, especially now that an "example" has been set. This may seam a bit far fetched, but is it really? This type of scenario is what is needed to wake the sleeping non-technical masses up. When someone tells you, oh *I* won't be affected by that stupid computer law, I don't even own a PC! An example like the one above illustrates that even though *they* don't use FooBar Inc.'s software, business and institutions critical to their well being *do*. Just a thought... I'm sure someone's bound to call this an overreaction... So be it~

Re:A small example of the danger of UCITA to all

[MO!]

OUCH! Just noticed the nasty formatting... Sorry!

That'll teach me to submit a rant this late at night! Guess I should've used that handy "Preview" option Rob gave us!

Re:Ban on Reverse Engineering may be the worst par

[Bizzaro]

Who is going to be prosecuted in an open source development effort?

Even if your program is given away, you can still be sued for taking business away from whatever company. This is the whole case the music publishers have against MP3: The people giving it away on the Net aren't making money, but they are causing the studio execs to lose it. But whether or not your actions are "illegal" depends on just how much of it is theft and how much is "reverse engineering".

It's pretty obvious how important reverse engineering is to the current state of technology. For example, what would the personal computer industry look like today if Compaq and others couldn't make PC clones? It would stifle competition. We would be running $10,000 IBM PCs with 386's and $12,000 Macs with little black and white screens.

This sort of thing has cropped up before. And it has always been due to human error.

Re:Ban on Reverse Engineering may be the worst par

[Bizzaro]

you cannot be punished tomorrow for something that becomes illegal today that you did yesterday

That's right. It's called the "Grandfather Clause".

But maybe that wouldn't be so bad. Think about it: MS-DOS was reverse-engineered from CP/M. So, MICROS~1 would have been established upon an illegal act, which means all derivative products (like Windoze) would have to be pulled from the market, and they would owe Digital Research (who made CP/M) some 100 billion dollars.

It is rather odd that we see the banning of reverse engineering once large companies like MICROS~1 no longer have use for it, and at the time when open source projects are appearing on the scopes of these companies.

This sort of thing has cropped up before. And it has always been due to human error.

Re:No, nothing you can do at all.

[Helge+Hafting]

I would email my state rep but she doesn't have an email address.

Use snail mail then. :-)

Re: "It's good to be king"

[HiThere]

Yeah. But nobody stays on top forever. And the longer they do, the more despotic they tend to become (probably because power attracts the power-hungry, who frequently also have other problems). This might be an easy way down. (Usual dethronements involve war, and I'd just as soon avoid that thank you.)
That said, I still hope it gets defeated. I'd prefer that others rise economically that that US decline.

Re:Resisting the UCITA

[HiThere]

1) You don't need to be convictable. You just need to be chargeable. Lawyers are expensive.

2) The government is already against the use of secure crypto. They'd love another reason to justify their stance.

3) Prominent monopolies are the only ones likely to benefit from this law. But they frequently give large political campaign contributions.

The only true defence is that non-US countries don't have any reason to enforce this law, even if they pass it, as it is purely in the interest of large monopoly powersm (not even the small monopoly powers!). It may, however, drive all "compatible" software development out of the US. (Well, there's SUSE and KDE and ...) Red Hat might need to relocate (O, wait, they've already opened offices in Germany! .. make that expand their foreign offices).

It would really be bad for the US.

Not quite -- Re:write your congressman!

[HiThere]

The idea is correct, but it's the state legislator that you need to write to. And it's probably better to be polite....
Also, it would be better if you could point to a specific bill, but AFAIK, it isn't yet on the calendars of any states. (That will probably change soon.)
Does anyone know how important the bill number is when writing to a legislator?

Re:Big Software Companys Streching their long arm

[HiThere]

My suspicion is that what will really happen is software with an embedded expiration date, and you will need to go to the vendors site to get it unlocked every so often. But they need to take steps to make resetting the codes illegal before they activate this process. Possibly they need to take steps to make resetting the codes both illegal and traceable (as in, every time you log onto the internet your guid [assigned at time of registration {activation}] is broadcast to the central site, together with the amount of time that you have remaining. If a month goes by without a reply coming back, your software starts complaining about the need for an upgrade. Etc.

The case for laws that protect stupid customers

[sethg]

Anyone stupid enough to buy software under those terms deserves exactly what they get.

At any one point in time, there is only a certain amount of capital available for investment. The businesses that respect their customers' intelligence, and the businesses that try to provide genuine services for the ignorant, are competing for capital investment with the businesses that exploit customers' stupidity.

Therefore, if you are a smart customer, laws that prevent businesses from exploiting customers' stupidity are in your enlightened self-interest.

Re:Democracy in the 21st century

[Rob+Davenport]

"Every day it gets clearer and clearer that yesteryear's methods of democracy just don't cut it these days."
I have to wonder - when in any time in the History of Man has there been a method of democracy that did cut it? Haven't people always been "dictated to by a group of essentially greedy and corrupt 'leaders'"? (Even the ancient Greek democracy of Athens(?) was a democracy of upper class men - not everyone, IIRC.)
Thank goodness we now have the internet and places like Slashdot to learn about these important issues and like Project Vote Smart to help us make our voices heard.

We all need to become more aware of more issues that affect us. (I know, duh!) I'm a computer geek and my wife's a pharmacist. For every issue like UCITA or encryption regulations that could significantly affect geek and non-geek alike, there are at least as many similar issues in the pharmaceutical/medical fields. I laugh (or cry) at how some news stories about computer virii or such get skewed by the media - and she does the same for many medical-related stories, ones that without her corrective input I'd have gone, "oh, wow that sounds bad/good" on the media's word alone. That's scary to me.

How many other aspects of life are we being manipulated for others profit without our voice being heard? I suspect almost every one. And that's sad because our best choice is to become more knowledgable about all these issues - and who's going to have the time or desire to spend that much time and effort on issues, especially as they get more and more distant from one's areas of expertise and interest? I'm thankful there are consumer-protection groups out there - but I will have to get off my butt on more issues, make my opinions known more often to my representatives, and not rely on them or the sand my head gets stuck in to protect me. We all should.

Re:Yes, plenty you can do.

[Greg+W.]

If you refuse to buy such software, then you have just protected yourself from UCITA

But only at home. I'll still have to face crummy licenses here at idiot central (err, work). Those of us who aren't self-employed are still at the mercy of fools.

frickin troll.

[ivan_13013]

So, you advocate laws based on how BAD they are for the people that they affect?

sorry to respond to this crap..

[ivan_13013]

but I just had to say:

"this AC probly works for microsoft"

UTICA is bad: we need reverse engineering

[B.D.Mills]

I work for a small software company. One thing that we have been asked to do is to write new (Linux) software to run an old communications protocol. The protocol lacks documentation, so we must reverse-engineer the protocol by watching every byte transmitted and received. We have successfully implemented the protocol by using RE in this manner.

If this proposed law passes, then we would no longer be legally able to implement an old, undocumented protocol in the future as we can do today.



On a similar topic, the most disturbing thing I have noticed is that here in Australia, it is very difficult to read the licence of computer software before purchase. To read the licence, you have to buy and open the shrink-wrapped box, but once the box has been opened, the software retailers refuse to give you a refund. You therefore have no choice but to accept the agreement, or be out of pocket. This is a classic catch-22.

It should be a legal requirement to give prospective purchasers of software every opportunity to read the software agreement before any money changes hands. (It probably is already, under standard contract law.)

Re:Promote Open Source Software

[SL+Baur]

once businesses understand the security and legal ramifications, they will flee to OSS in droves.

That's my take on this too. What exactly is so bad about this proposed law? Anyone stupid enough to buy software under those terms deserves exactly what they get.

Caveat on Citizenship and Political Action. . .

[Salgak1]

Wah (walkindude50@NOexcite.comSPAM.PLEA.SE)writes...
Unfortunately the political power of the /. populace is next to nil (lots of college students and computer geeks all of which are too *busy* to vote on a regular basis). . .

Too busy to VOTE ?? Sorry, friend, but if you're too busy to vote, then you're too busy to bitch about the results of not voting. Vote absentee if you have to: the lack of voting brings us things like the CDA, Senior Citizens bleeding us dry, and UCITA. . .

Re:Caveat on Citizenship and Political Action. . .

[Wah]

Sorry, friend, but if you're too busy to vote, then you're too busy to bitch about the results of not voting.

That was the implied reading. If you look at what I wrote more closely you'll see that all I was doing was pointing out that the majority of /.'s clientele are not the voting type and therefore not even on the radar of politicians and other policy makers. I was hoping on some deep level that my post might create that extra bit of social responsibility required to motivate said demographic to visit a voting booth. True, sterotyping can lead to trouble, but it's how my company makes money, mainly because it works when looking at the big picture.

Phone Call > Snail Mail > email

[Mudb0ne]

Most politically active people will tell you that email is pretty low in effectiveness when contacting a politician, snail mail is much better and a phone call is much better than that. A personal appearance is the best, but not too likely.

Personally I'm conflicted over UCITA. It's bad, but may be good in the long term by pushing more people towards opensource

Re:Phone Call > Snail Mail > email

[Wah]

Of course when Opensource loses all connectivity to proprietary software (after Samba is declared illegal or M$ changes a stack) its appeal will basically disappear for all but the hardest core.

Re:No, nothing you can do at all.

[pben]

I know her stands on other issues it is a waste of time. The other problem is she got well over 65% of the vote last time.

In short sometimes goverment doesn't work to your advantage or sometimes at all.

Re:No, nothing you can do at all.

[pben]

I would email my state rep but she doesn't have an email address.

Sounds like a major project to get her up to speed!

Re:No, nothing you can do at all.

[pben]

You might be right. The local state rep. is a lost cause but the AG has eyes for the govenor's office. She likes to brag on her pro consumer stance even though she doen't do that much really. Afer all it is her job to go after fraud.

While I am at I should tell the State school board that evolution is a fact even if they don't like it. Yea that is right I am from Knasas.

Inform others so they'll write their legislators

[HermDog]

Yep, spring for some stamps and tell your representatives what you think, but don't forget that there are lots of people who have no idea this is going on. Find ways to get this issue to people who aren't aware of the UCITA and how it will affect their businesses if it is enacted. Recent posts here on this subject prompted me to inform the person who handles computer issues (editorially) at my community newspaper, and here's the payoff: First Byte.

Write letters to the editor as well as letters to your state legislators.

My Letter

[dbrown]

I am strongly suggesting that everyone (US citizens here) write your state representatives in both your state governments and federal governments. If you don't know who your reps are, just go to Vote-Smart and enter your ZIP code.

If you do write your reps, try to mail the letter the old fashioned way, since it is most effective because they are required to file every letter they receive.

For those of you who need a starting block as to what to say, here is what I am sending. It fits on a single page. Obviously, you may modify it if you want (you will probably want to replace the stuff in the brackets []):

---------------------

August 11, 1999

[STATE REP]
[STATE REP ADDRESS]
[STATE REP CITY STATE ZIP]

[YOUR NAME]
[YOUR ADDRESS]
[YOUR CITY STATE ZIP]

Dear [STATE REP],

I am writing you due to my concern over the Uniform Computer Information Transactions Act (UCITA) that has been approved by the National Conference of Commissioners on Uniform State Laws (NCCUSL). This proposed law will most likely come to the floor of the [YOUR STATE] State Legislature in the near future. I strongly request that you VOTE AGAINST this proposed law.

The legalities contained in the UCITA aim to protect the large computer software corporations who are sponsoring the law, while severely limiting consumer rights. Also contained within the UCITA is a ban on reverse engineering. This is by far the most disturbing amendment of the UCITA. If reverse engineering were to become illegal, a large portion of computer software and computer software businesses would cease to exist. Reverse engineering is a central point of computer software. Reverse engineering allows a developer to create software that is compatible with existing software. If reverse engineering were banned, a large portion of existing software would become illegal, while the remaining "legal" software applications would suddenly have monopoly status. This would destroy small computer software businesses and severely harm consumers due to limited choices. The amendment for banning reverse engineering only benefits the large corporations by allowing them to further secure their monopolies.

As a professional computer software engineer, I am asking you to VOTE AGAINST the proposed UCITA law. It is not good for [YOUR STATE] and it is not good for The United States.

For more information about why the UCITA is an unbalanced law, please point your Web browser to the following addresses:

http://www.cptech.org/ucc/ (talks about Uniform Commercial Code Article B2 of the UCITA)
http://www.acm.org/usacm/copyright/usacm-ucita.h tml (letter from the ACM President)
http://www.infoworld.com/cgi-bin/displayStory.pl ?/features/990531ucita3.htm (general issues)
http://www.infoworld.com/cgi-bin/displayNew.pl?/ reed/990531sr.htm (other issues)
http://linuxticker.com/artikel/135.html (informal review)

Thank you,



[YOUR NAME]

Let them do it

[TheMunk]

I say let softawre companies build in these features and lets see who sells more products companies that respect their customers or Companies that snoop or cut off service to their customers. It might even be a chance for a new company to get a foothold in the market if they can play up the fact their software wont ever erase itself or they wont login and scan your computer. Most of this is irrelevent to me as I mostly use open programs

If I may play devil's advocate

[SendBot]

Is this really a bad thing? I could see this seperating the proprietary from the open when open standards are becoming stronger and propreitary solutions weaker. I, and I assume many slashdot readers, have been using commercial solutions less and less as open alternatives become available. Commercial vendors will see this as a bad thing, and so will lawmakers when no one can sell software. It seems as though any new law concerning electronic information is written by a neo luddite... that is to say it's made harsh and out of fear under the cover of protecting people. I'm inclined to believe that it won't stop until it's so bad that our entire legal system will have to be redesigned. I see the UCITA as one step closer to that, and convenient for people like myself in the meantime. I know that sounds selfish, but most people don't seem to mind when their rights are taken away, and maybe that will wake them up.

On the other hand, much of the computing industry is driven by entertainment, very little of which resides in the context of open source and standards. Take, for instance, DVD. Anything that would let you watch DVD movies on your linux box can't be open source because of the encryption codec, I think (I'm not especially clear on that issue). And I'd hate if something like DIVX couldn't be avoided because of something like UCITA, and I'd have to end up going to the theatre and getting carded all the time.

I apologize for any inaccuracies, it's hard to read the manual from my soapbox.

Re:But what can I do?

[Wah]

E-mail friends in the U.S. or use some other tactic to spread the word on this. Unfortunately the political power of the /. populace is next to nil (lots of college students and computer geeks all of which are too *busy* to vote on a regular basis), especially when compared to the senior vote (which is VERY powerful) which would most likely support this initiative considering their steel grip on technology issues.

(run-on sentence provided at no charge)

Re:Ban on Reverse Engineering may be the worst par

[Wah]

Personally I'd like to avoid that scenario, "It's good to be the king!"

Resisting the UCITA

[Ogantai+Khan]

The easiest way to avoid the yuckiness of the UCITA seems to be using Free Software (Noone can claim you reverse-engeniered software you were given the source code to :)

As for politics, hopefully the
Libertarian Party will raise a stink soon.

Re:Resisting the UCITA

[gid-fu]

As long as UCITA doesn't threaten gun ownership and doesn't tighten existing marijuana laws I doubt the libertarian party will care. They have nothing to do with freedom, just with shooting things and smoking dope.
gid-fu

Re:Libertarian Party polices

[Ogantai+Khan]

Perhaps, but for those of us who believe Reverse Engeniering is a form of free speach, it's a diffrent issue =] Especially annoying to then would be special interest groups conspiring w/ government to take that freedom away...

aaarrrggghhghghh

[netwiz]

I remember when IBM was _GIVING_ away COMMENTED SOURCE to the PC BIOS.

board schematics, etc...

oh how I long for those days...

Re:Ban on Reverse Engineering may be the worst par

[kenb]

If reverse engineering is banned, will that doom the Human Genome Project?

1/2 ;-)

Cheers,
KenB
--

Democracy in the 21st century

[sam_vilain]

Every day it gets clearer and clearer that yesteryear's methods of democracy just don't cut it these days. Individuals don't get a chance to have their say; they are invariably dictated by a group of essentially greedy and corrupt "leaders".

This "Ask Slashdot" broaches a subject that every Free Software advocate must have felt before.

What is the only technology that can bring it down? Communication. Currently manisfested as the internet.

In an ideal democracy, every person gets the right to have their say on every matter. Soon the network infrastructure will be there to enable this.

Here are the first steps:

1. Some kind group sets up a forum through which people can delegate selected signing authority. A convenient method for allowing them to vote on critical matters. Set your opinions on subjects, then leave it. This group regularly sends in automatically generated petitions to parliament.
2. This group gains enough reputation to make it to the mainstream press. Word is spread of the true democracy.
3. The numbers get large enough that the government is pressured into making the technology available to the greater populous of the world with Taxpayer money.
4. Power to the people!

Ok, this is pretty idealist, and there are obvious steps missing. There are also big, open ended questions - do you really want people who know squat about a subject having a vote that casts as strongly as a world class authority? Still, it can't be worse than the current situation.

What's good for the goose is good for the gander

[IIH]

Didn't Microsoft use reverse engineering (otherwise described as "stanadard programming methods") to make MSN messenger with with AIM?

Funny that.
--

What's good for the goose is good for the gander

[IIH]

Didn't Microsoft use reverse engineering (otherwise described as "stanadard programming methods") to make MSN messenger work with AIM?

Funny that.
--

no, "ex post facto"

[/]

It's the clause that reads "No Bill of Attainder or ex post facto Law shall be passed." Read &graph url=&court=US&case=/us/3/386.html">Calder v. Bull (1798 for the binding precedent.

Politics vs. Markets

[Russ+Nelson]

Please note that this law doesn't *require* the bad aspects of it. It simply allows them. Perhaps we can keep it from being enacted in the various states? If we don't succeed, we can still fight it in the marketplace by refusing to purchase software which has unacceptable shrink-wrap terms.
-russ

Re:Yes, plenty you can do.

[Russ+Nelson]

Forget politics -- it takes more than one person to make a difference, and nobody cares to. Instead, don't buy software that has crummy licensing terms. If you refuse to buy such software, then you have just protected yourself from UCITA -- and isn't that worth doing?
-russ

Promote Open Source Software

[Baron+Von+Fackenheim]

There's a simple solution, promote open source software. Since most projects are distributed free (in the beer sense), there is little incentive for the coders to include such back doors. At any rate, if it's open source, just remove the offending code. As for commercial vendors, well companies like M$ will love this and it may even give them some short term profits, but once businesses understand the security and legal ramifications, they will flee to OSS in droves.

Re:Promote Open Source Software

[Dr.Random]

I agree that this makes OSS even more attractive, but we have to be realistic here; OSS can't do it all yet....(and I stress yet).

We have to deal with pesky little things like users. How many common everyday end-users would be willing to give up their cushy Windows9x point and click box for a Linux box running X (lets face it many of these people don't like clicking on "Start" and then "Programs" in the Windows world)?

And then there are the apps that just aren't there yet in the OSS world. I would LOVE to find an OSS Accounting app that can compare to comercial products like Solomon, Great Plains, or Oracle Financials (or hell even QuickBooks), in capabilities and usability. These are the apps that are driving small-medium sized companies (which there are a lot of out there) and there just aren't any OSS solutions available.

I'm all for an end to comercial software, and achieving the Software Utopia that we all are working for, but it's a ways off yet.

Personally I plan to draft a few letters to a few offices of a few of the State Officials hanging out around town (I happen to live in the State capitol).....maybe if I convince a few more people to do so something will happen.....(is that Arlo I here?).....

Dr. Random

Re:first post...(was State Attorneys General)

[Baron+Von+Fackenheim]

well, I was gonna yell SECOND POST!!!, but somehow it didn't have that certain ring to it....:)

Re:Yes, we need to fight it

[Mignon]

Had this law existed a few years ago...nobody but Microsoft would be allowed to read Word and Excel files.

Good point; I wonder if Word would have sold so well if it hadn't been able to read WordPerfect files. As I recall, one of their big target markets was legal firms using WP. I doubt such companies would have switched if they hadn't been able to open their old files directly in Word.

Wouldn't it be ironic if this legislation were documented in a proprietary format and that company stopped supporting that product? If the legislators upgraded their computers, they'd be unable to read their own legislation, since they'd be prevented from copying the old software to the ones and competing products couldn't read it either.

Proprietary file formats are bad; legally protected proprietary file formats are worse.

There is some organized opposition to UCITA

[Thalia]

A number of individuals as well as organizations have expressed their opposition to UCITA. This includes industry groups as well as individual law professors.



Attorneys general don't all like UCITA either. For example, California's attorney general has critized and expressed opposition to UCITA. See
an excellent list of organizations and individuals opposing UCITA, including their comments on this page.



The de facto clearinghouse for legal briefs and position papers from all sides in the process is the "Guide to the Proposed Law on Software Transactions" provided by Carol A. Kunze.



Now that the National Conference of Commissioners on Uniform State Laws has passed the the UCITA, each state individually has to enact it into law. The best thing to do is to write to the Attorney General in your state, expressing your opposition to this law. Please couch it in terms of economic harm to industry. Remember that rants about free software probably won't win you friends in government.

There is some organized opposition to UCITA

[Thalia]

A number of individuals as well as organizations have expressed their opposition to UCITA. This includes industry groups as well as individual law professors.

Attorneys general don't all like UCITA either. For example, California's attorney general has critized and expressed opposition to UCITA. See an excellent list of organizations and individuals opposing UCITA, including their comments on this page.

The de facto clearinghouse for legal briefs and position papers from all sides in the process is the "Guide to the Proposed Law on Software Transactions" provided by Carol A. Kunze.

Now that the National Conference of Commissioners on Uniform State Laws has passed the the UCITA, each state individually has to enact it into law. The best thing to do is to write to the Attorney General in your state, expressing your opposition to this law. Please couch it in terms of economic harm to industry. Remember that rants about free software probably won't win you friends in government.

Re:Rights?

[Chandon+Seldon]

I've mostly given up on the USA, if this country doesn't get it's act together soon I'm going to move to Canada, where things seem to be a little better.

The crap the US has pulled, what with ignoring the basic human rights "ensured" by the countries constitution, and with setting up and requiring attendance in orgainzations (public schools) that go beyond violating basic human rights.

I don't recomend email.

[__aahyzr9271]

Sounds good, but if you really want to make your voice heard, I recomend you call, fax, or write your congressanal rep instead.

I don't recomend email because, many times, the reps refuse to corrispond by email, or the email is ignored, or "lost" in the system. Considering the US government's current ignorance and position on the internet, this is not likly to change soon.

If you don't know who your Rep is, one way you can find out is to go to the Center For Democracy & Technology's site, and enter your zip code. The site will display a page with your rep's name and office phone number.

Libertarian Party polices

[Alien+Conspiracy]

Correct me if I'm wrong, but I thought the Libertarian Party were just as propertrarian w.r.t software as all the other parties.

Re:Libertarian Party polices

[hopeless+case]

I checked out the Libertarian Party's platform at
http://www.lp.org/platform/

and could find no reference to copyright or patent laws. It doesn't appear to be a high profile issue with them.

I would say, however, that there is a lot of sympathy among libertarians with the view that enforcement of patents and copyright represent an initiation of force on the part of the government and is a violation of individual rights.

I have been a libertarian for 11 years and I certainly feel that way.

Makes me laugh...

[ronfar]

In a recent computer science guest lecture I attended the featured speaker mentioned something to the audience like "how many businesses run on 100% clean boxes?" Now, what he meant by clean boxes is one software license per computer, as opposed to buying one copy of, say, M$ Word and using it on two or more computers. One of the startups I worked at used very little licensed software, I was always switching to a new program when the 30 day trial would run out on the ones I was using. My boss would've given me a pretty wierd look if I had said, "you know, you've installed M$ Widget on all three computers and we only have the license for one." I mean, the place was operating on a shoestring until the money from a government contract came in. The few programs they actually bought had to be used by more than one person or they may as well of fired some people. (And considering how small the company was, gone out of business right after firing the people.)

Here's and article about this exact type of mentality that I found to be really, really funny:

My Dinner with Origin

Of course, the article is about controlling game software as opposed to business software, but it is a similar idea.

In the long run small companies without much starting capitol will end up to be forced into either a) contracting help from the Imperial companies (like IBM, M$, etc.) or b) go with open source. Until the government decides to shut down open source, this will be a huge boon to the open source movement.

But is UNITA bad for Open Source ?

[redelm]

Granted UNITA is _very_ onerous on users of proprietary software. That should make them more receptive to free [FSF] software.

The ban on reverse engineering is probably the worst for OS. IANAL, but Samba shouldn't be affected since the rev-eng would be done in *.au AFAIK. Still, it's bad that the US is restricted like crypto again.

UNITA is egregiously odious. But in the fight to free software, is it bad that the enemy is hobbled? Even if it reduces freedom for many?

I don't know. What does RMS or ESR say?
-- Robert

UNITA is only in US where adopted

[redelm]

IANAL, but Samba users wouldn't be affected. It was done in *.au AFAIK. You couldn't do rev-eng where UNITA was valid, but the results of the rev-eng could be used anywhere.

Still, it's bad that the US would be hobbled again like crypto.

-- Robert

Re:Rights?

[Microlith]

Bill of rights? It's been utterly disregarded by our government left and right. Only after people stuck the book in their face and rubbed their noses in it did they have a clue that these government agencies/corporations are trying to legally control our every thought/moment/choice.

You could of course, be blunt about it.

[Microlith]

I know one small business guy who said this "you know, this law doesn't seem as important as everyone makes it out to be..." I said that wasn't true, and he asked how could it be. Mind you he uses AutoCAD daily. I said "because they will OWN you" and I "defined" what I meant to him (software hostage-taking). He got scared, to say the least.

Slashdot Sellout?

[PotPieMan]

Nevermind being entirely off-topic, but how did Slashdot sellout? It's still run the same way--with moderators who are the users. I guess the moderators don't want to waste their points on first posters, and would rather concentrate on the good comments posted to an article. The Andover.net purchase has allowed CmdrTaco to make changes to how the site runs, while still keeping the same atmosphere that we all love. As for the first posters, all I can say is go back to Segfault.

In terms of UCITA, does anyone have any idea where I might find some specific websites that we could refer the appropriate state government authorities to, that explain the problems and so on? Any help would be appreciated.

write your congressman!

[agtofchaos]

Tell them that you want them to oppose the bill if it comes before them. You can also tell them that you won't vote for them again if you don't. If it doesn't come before congress you can ask your congressman to use funding blackmail against the states that adopt it.

Just crack it with reverse engineering!

[invenustus]

I'm not particularly scared by this. I'm sure the only way it can work is for your computer periodically to connect to the publisher's server and say "Here's what user X is doing! Hope that's okay!" If it's YOUR computer doing that, there must be some way to disable it, or make it lie. All it would take is keeping one computer off the Internet for as long as it took to reverse engineer the protocol the software used to talk to the host. Does this make sense?

hmm Copyright law...

[grmoc]

Well, the easy way to change all of this so that the software companies can't screw people over is to ammend copyright law so that it says:
rightful possers
instead of owners.
If you've read the copyright laws over, or you've had a class o IP you'd know what I'm talking about.
I welcome anyone to elaborate for me.. =)

Re:hmm Copyright law...

[grmoc]

What I meant to say was:
rightful possessors

whats the distinction?
well, if you go to the store and you buy software.. you'd be a rightful possessor of that software (because you HAD a copy of it, and you payed for it).
Right now, you pay money, and you are buying a license for the software.. but not the software itself...
that way the software companies control the software.

The bad part of ammending the law like this is that it'd become much MUCH more difficult to make a profit from consumer software...
(is that necessarily a bad thing?)

Rights?

[mdvkng]

Shouldn't purchasers/owners have purchasers'/owners' rights? If you bought something, don't you own it? Why should someone have the right to take away what I've paid for after I've paid for it?

Shouldn't the Right to Privacy be added to our consitutions or bills of rights or charters of rights/freedoms or whatever as appropriate? Why should a company have the right to spy on me just because I paid them money for their product? Why should they have admin level access to my system because I paid them money for their product? This makes no sense!!!

A country that founded itself with all the trappings of rights and freeedoms and champions freedom around the world is making stupid laws that threaten the freedoms of its own citizens. Those citizens should do something.

Good luck folks. The rest of the free world is appalled and we hope you can fix this threat to your rights and freedoms.

-M

Re:Rights?

[bigchief]

Actually, you are completely mistaken. When you "buy" software in a store, or online, etc., etc., you are not buying that program. You are purchasing a license to use that program. At no time does a software company give up a shred of ownership of that program. Thus, you have no rights that are not explicitly stated in the license agreement that you agree to when you buy the software (before you can read the license agreement, but that's another story)

Re:No, nothing you can do at all.

[BlueRivets]

Conventional wisdom has it that snail-mail is far more effective when writing to your state representatives. It only takes a click to delete your e-mail; a hand-written letter suggests the writer expended at least some effort to express his opinion.

And don't forget your state Attorney General! This has the potential to become the sort of high-profile populist issue they can't seem to get enough of.

How can somebody INTERNATIONAL fight this?

[Luke+B.+Bishop]

Maybe this makes no difference, me being a Canadian and all, but I want to fight it too. The last thing in the world I want is for this to pass. I mean, sure I'm fairly high up in my company, enough to make some decisions, but everybody here is against it. We make a mix of opensource stuff too, (we know the value). Either way though, it is just plain wrong!!!

If somebody does not soon oppose this stuff, then the US is going to become either a dictatorship or (worse) a corporate state. The last thing I want is to be neighbors with such a place. Maybe I'm paranoid, but its getting too obvious now.

Those of you who don't get what I'm saying, imagine this: Microsoft decides to put all available resources into PURCHASING AOL. When they succeed, they go after the phone companies (being a logical step in the communications infrastructure) or they just start competing directly with "internet based" telephony. When they see that Intel has jumped ship, they buy out some small company in hard times (like AMD or Cyrix) (not really small I know but this IS microsoft) and start making their own chips. Sorry, but so far that sounds a lot like a corporate state to me!

If I'm off, excuse me its late.

More effective action

[Bolero]

A more effective action to combating this proposed law is to point out the possible harmful effects to large companies that purchase alot of commercial software.... Let them fight it, I promise you that they know how to be effective with legistlators.

My suggestion is to send an email up the chain at whatever comapany you work at (if they use commercial software), and hope that it doesn't reach deaf ears.

My mama sed 's/information/instruction set/g'

[Evil+Poot+Cat]

...or something like that.

Seriously, I like to use text replacement to remove some of the obfuscation, by replacing certain "defined terms" with some of their definitions....Here's the UCITA definitions of "information", "computer", and "electronic" (Section 102):

(37) "Information" means data, text, images, sounds, mask works, or computer program, including collections or compilations thereof.

(10) "Computer" means an electronic device that accepts information in digital or similar form and manipulates it for a specific result based on a sequence of instructions.

(27) "Electronic" means relating to technology having electrical, digital, magnetic, wireless, optical, or electromagnetic, or similar capabilities.

Replace the terms with other words that (A) meet the criteria of the definition, and (B) aren't so generic. Thus, the word "computer" can become things like "integrated circuit," "cell phone," "monitor," "television," "printer", or "keyboard". Now here's where everybody gets it on the chin...

(13) "Computer program" means a set of statements or instructions to be used directly or indirectly in a computer to bring about a certain result. The term does not include separately identifiable informational content.

Now, I believe this includes, among other things, chip-based instructions. Meaning that a chip designer can add logic to their chips to disable, say, internal caches, if their chips do not detect a certain motherboard/bios/os. and vice-versa, stipulate this in a "license", and not be held accountable. But oh, yeah, it's up to "Market forces" now, to decide. This is where Open Source gets it up the butt.

Actually, it isn't just Open Source, it's Open Anything. Basically, personal computer tech has been open since the first PC clone, to the point that actions to the contrary are viewed as anti-competitive. UCITA gives legal backing for practices that will reverse the tide, and it starts with hardware and firmware. Look out!

Re:Write State and Federal Lawmakers

[Filthy+Rich+Bill]

I don't think you understand.
There will be no free software
since a large and critical mass
of what makes a functional OS was
and even is today being reverse-
engineered. You won't have an option
to use free software. That is what
you are about to be deprived of.
Read the UCITA carefully before
commenting.

Potentially worse for M$ and others like them

[RickyRay]

How much useful new technology has ever come out of M$? None. How much of the useful technology they have (in NT kernel, and many other areas) is from reverse engineering of Unix, VMS, Mac OS, and others? Probably all of it. Word knows how to handle Wordperfect files. Thus Office is illegal under the proposed law. Windows is full of "borrowed" code from other OS's, thus illegal. I remember a few years back when M$ lost a court case about stealing disk compression technology (Stacker), and another (I believe it was Intel) where Apple source code (Quicktime) had been blatantly stolen. The big fight right now between AOL and M$ is that M$ isn't able to keep up with the reverse engineering on instant messaging. Now they'll go to jail if they even try. Maybe this law (especially if it's retroactive!) will be the key to take M$ down. By my understanding, if someone finds a derivative of their code in a M$ product, they would be legally justified to take down and erase every copy of it even at M$'s own site. Cool.

Heck, I live in the States but I own a vacation house in Acapulco. Maybe a bunch of us could set up shop down there to get around the law, while we watch the big US corporations squirm as they're destroyed by their own creation.

(Question: could this law really even affect free software? It's hard to demand a percentage from derived software's price when that price is zero.)

SAMBA and StarOffice will be just fine.

[anatoli]

Enlighten me, 'coz I don't see how UCITA can affect either. Reverse engineering protocols/languages/formats is not the same as reverse engineering the software that uses these protocols/languages/formats. The former does not even require me to buy the license!

To reverse-engineer the MS Word format I (theoretically) don't need a copy of MS Word. I just need a large bunch of MS Word documents. Same goes for SAMBA. Just sit on the network and snoop packets, and eventually you'll decode everything you need.

Or is it illegal to put Linux on the same net with Windoze? That would be interesting.
--

all the rope they want

[Rick+Razzano]

Let the closed-source vendors do this. If anything, this law (especially if it gets passed all over the US) will make an excellent case for open-source.
Makes some great advertising: "Don't want to be held hostage by a software company? Use open-source!"

Big Software Companys Streching their long arm

[quecom]

I am concerned that this will be abused by script kiddies. Who says that the software is secure? I dont think this will go through. With the competition in the software industry, I think the consumer will buy the software that can not be remotely disabled. Also, Crackers can get past dongles, why wouldn't they be able to get past a remote disabilitation program.

Write State and Federal Lawmakers

[Aaron+M.+Renn]

The first thing is this is not "passed" until various states enact the model legislation. The first line of defense is to write your state legislators and get active at the state level to oppose this legislation.

Second, write your US Senators and Representatives. The federal government has typically left this type of regulation to the states but the federal gov't has the power to set nationwide standards in this area tha override the states. I wrote my Congressman (woman, actually) already (there's a copy of my letter someplace in the slashdot archives. Search for me and UCITA. I think it's a pretty good template letter).

Third, use free software! Reject all proprietary "solutions".

Reverse engineering still an issue

[J.+J.+Ramsey]

The UCITA would make the anti-reverse engineering clauses in software licenses legally enforceable. That could chill the development of such things as SAMBA, which is dependent on reverse-engineering NT protocols.

Infoworld Anti-UCITA forum

[randolph]

Here led by Ed Foster, who first brought this to public attention.

Word and Excel files

[Bruce+Perens]

Do me a favor and look up their license for that data, please. Is it only licensed for making plug-ins for Microsoft products?

Anyway, they didn't document SMB that way.

Thanks

Bruce

No, nothing you can do at all.

[doomicon]

Nope,

There's not a thing you can do about it. Why?
It takes more than one person to make a difference, and nobody cares to.

Those are just the facts, I personally email every congrassman, and state legislator I can, whenever something like this come's up (I did for this action too). Unfortunately my email is apparently one of four:(

Until we reach a point where the general population does something more than just complain, it will always be the same.

My personal recommendation if you are not discouraged by now, is to take the initiative and find out who your state reps' are, and email them.
Hell we will spend four hours sweating over HOWTO's over one little doohickey, but we can't spend 2 minutes searching with altavista? Take that 2 minutes. Maybe you won't make a difference with your emails, but I tell you from experience, you'll feel more justified when you complain, cuz you actually tried to do something about it.

peaCe

Blind Contracts

[Hal+Roberts]

One of the main reasons the UCITA is required for shrink wrap licenses to work is that shrink wrap licenses break one of the primary requirements of any contract -- that both sides have to be aware of the terms of the contract before agreeing to it. With shrink wrap licenses, you basically agree to the license before even getting the chance to read it (since it is inside the shrink wrap and becomes effective as soon as the shrink wrap is broken).

Therefore, you can't just refuse to buy stuff that has outrageous licenses, because you won't know what the license is until *after you buy it*.

Ban on Reverse Engineering may be the worst part!!

[jsm]

This point isn't getting the attention it deserves: If "reverse engineering" is banned, then open systems and system compatibility will be victims. This will push any dominant product toward a monopoly, and will entrench existing monopolies.

In fact, I suspect Microsoft was a major lobbyist for this particular clause of UCITA. Don't forget, in the Halloween Documents, they talk about the threat of Samba and they propose to complicate SMB just to make it difficult to reverse-engineer.

Anything that is "xxx-compatible" was created through reverse engineering. Do you think Microsoft published the format of Word files, to help their competitors be "Word-compatible"? People had to reverse-engineer it. This is true for any proprietary file format or network protocol, like SMB for Samba. If reverse engineering becomes illegal, then all software that can read Word or Excel or Powerpoint or Whatever files will become illegal! Samba will become illegal.

This would greatly damage any migration path that would allow users and businesses to escape from a proprietary system.

Sample letter

[cemkaner]

I recommend that you write your state legislator and your governor. Your letter should be short and simple at this point:

Dear [whoever]

I am deeply concerned about (and opposed to) the Uniform Computer Information Transactions Act, which may soon be introduced in our state's legislature. Would you advise me when (if) this bill is introduced in our state?

Yours truly

====================

Also, the Free Software Foundation has come out against UCITA. Check http://commons.somewhere.com/rre/1999/RRE.campaign .against.abu.html.

====================

Don't kid yourself that this bill is just about software. It governs electronic information in general. Libraries have come out en masse against UCITA because of its effects on them.

Additionally, UCITA creates a precedent that makers of other kinds of merchandise want to use. There is nothing different about hiding the terms of a software contract from the customer until after the sale and hiding the terms of any other kind of merchandise. It is partially because non-software manufacturers got pretty excited by the UCITA sales rules that they invested a lot of money in "tabling" a technical revision (12 years in the making) to Uniform Commercial Code Article 2 (the current Law of Sales in the US.) The bill was tabled in a way that seemed calculated to insult the drafting committee for Article 2. And, indeed, the Reporter (senior author) and Associate Reporter of Article 2 resigned shortly after the draft was tabled. Next year, I predict that we'll see something for traditional merchandise that looks a lot more like UCITA.

====================

Carol Kunze, http://www.2bguide.com is one source of information about UCITA. The site has a pro-UCITA bias, even though it carries some of the opposition materials. I point to a few other materials at my site, www.badsoftware.com.

====================

26 attorneys general, the Federal Trade Commission, libraries, software professional societies, insurance companies, and many others opposed UCITA. see http://www.badsoftware.com/oppose.htm for a list and links.

UCITA passed despite this breadth of opposition. A lot of money will go into supporting it in the state legislatures. This is a powerful example of law for sale.

We CAN fight this turkey, by bringing pressure on our representatives, by asking the press to look at it (write a letter to your local paper's editor, asking for more coverage), and by providing examples of the problems that a bill like this can create.

It won't be easy, but it is far from impossible.

Yes, we need to fight it

[Bruce+Perens]

Unfortunately, the prohibition on reverse-engineering only helps keep Microsoft entrenched. Had this law existed a few years ago, there would have been no Samba (at least in the states where it applied), and nobody but Microsoft would be allowed to read Word and Excel files.

It's something we need help from the large Open Source companies on - the Red Hats, etc., of the world. I'm not sure it fits in the Linux International charter, though - it might have to be through a different organization. A number of us were discussing how to go about this today at LinuxWorld Expo.

Thanks

Bruce

Boon To Open Source Not Enough

[ewhac]

Good folk, I respectfully submit that this issue is of gargantuan importance and that we must mobilize ourselves at once to inform our state legislators that this proposal is an astonishing step backwards in consumer protection, from the standpoints of both product liability and baseline consumer protections in the implied contracts governing retail sales.

As I see it, this legislative proposal is a transparent attempt to completely re-write the rules governing retail sales of copyrighted works. By enacting UCITA, purveyors of "information" -- which includes not only software, but digital recordings of music, books, movies, etc. -- can exempt themselves from consumer protection laws and fair use provisions in copyright law. I do not believe I overstate the issue when I assert that this is absolutely unacceptable. Advocates of software publishers (like the SPA) would counter that unfair provisions would not stand in court. The argument falls apart, however, when one observes that litigation is still obscenely expensive, giving the publishers an almost insurmountable advantage; and that such cases would be tested in the nauseatingly complex world of contract law, rather than in the (relatively) simpler and more straightforward arena of copyright and consumer protection law.

Moreover, I further argue that there is no compelling reason for this legislation to exist at all. Existing copyright law has proven more than adequate protection for software vendors and, to date, no one has offered an undesirable (not to mention realistic) scenario whose only solution is legislation of this kind. Many of the arguments I've heard run along these lines:

• "Someone could disassemble our software and clone it."
  • Correct. This is also true of just about everything else you can buy in a retail venue, from power drills and washing machines to cars. All of these devices can be taken apart by their owners and inspected, tweaked, and learned from. None of the corresponding industries is in remote danger of going out of business.

    People are going to take apart your software. Deal with it. If you don't want your product taken apart, you have precisely the same option as everyone else in all other industries: Don't sell it in a retail space.

• "People don't need to disassemble their software."
  • How the fsck would you know? People don't "need" to take apart their cars, either, but it's done every day. General Motors is still in business. This is a non-argument.
• "We spent $(LARGE_SUM_OF_MONEY) developing this software; that gives us the right to dictate how it may be used."
  • No, it doesn't. Again, the example of General Motors suffices. Indeed, if dollar figures are to be quoted, General Motors has an even more "compelling" argument to constrain use of their products after the fact, as their R&D investment easily dwarfs even Micros~1's. GM still hasn't made such demands on their customers, and GM continues to be profitable. Non-argument.
• "It's our ball; you have to play by our rules."
  • Ah, the real reason emerges, and it is a valid one. However, you may find life more rewarding if you grow up. You are not an island. The most casual inspection of the Open Source movement illustrates that hoarding software is not only silly, it dooms you to stagnation.

However, there is the, I think, more important issue of how this would affect users of "non-traditional" computing systems. Think "Internet Appliance" here. All the proposals on the table for Internet Appliances are extremely closed systems, WebTV being the most obvious example. Do you know all the data the WebTV box is squirting back to Micros~1? With UCTIA in place, Micros~1 can make it illegal for you to find out. Want to install a proxy to filter out all the fscking ad banners? Sorry, that's not allowed, go to jail, do not pass Go...

Heck, forget the Internet Appliances, think Nintendo. Right now, Nintendo is laboring under the delusion that they have the right to dictate who can and can't write software for their machines. UCITA will allow them to enforce this idea. Same deal with cell phones, PDAs, and other "small-scale" "dedicated" devices where the user "doesn't need" to get in and fiddle with it. There are a lot of organizations with a lot of money trying to make these devices happen, and they are drooling all over the UCITA, which will allow them to lock down the box, screw the user, and absolve themselves of any responsibility.

I'm sorry, but this is just plain wrong, and I challenge anyone in the industry to argue convincingly otherwise. Anyone who wants to take apart their software and computers should be able to. Anyone who wants to write software for a particular platform should be able to, without having to justify themselves to the vendor. How would Gutenberg be remembered today if he had forbidden people from using his printing press to print anything other than "approved" writings?

While I agree widespread adoption of this travesty would be a boon to Open Source solutions, Open Source is still not the primary solution that comes to mind for all classes of computing products. Moreover, the average consumer doesn't understand the subtle implications of selecting Open Source over Micros~1 or Nintendo or whatever. While we could argue over whether they should understand such issues, I personally don't feel that Caveat Emptor needs to be raised to such stratospheric heights.

This is your mom and dad we're talking about here; people who think they will be protected from exploitation by existing hard-won consumer protection laws, when in fact they'll be "signing" their rights away. This isn't just us techno-geeks who will be screwed, it's everyone.

I urge active opposition to the UCITA.

Schwab

Re:Ban on Reverse Engineering may be the worst par

[Filthy+Rich+Bill]

I am not sure you people are
aware of the magnitude of
reverse-engineering that has
taken place in Linux. In short,
Samba is lossed but this is only
the beginning. Much of the kernel
code was and even is being reverse-
engineered as well as very key
hardware drivers. Also, some of the
compiler coding was reverse engineered.
To make matters worse, any exiting
data/file format that is labeled
proprietary would have to be reverse
engineered to employ it. So, with no
Samba, no kernel, no drivers, no compiler
what is left of the open source
movement. This is a clear reinforce
existing monopoly law that affirms
the government's ability to enforce
anti-competitive behavior. Also, think
about this, who would dare to use
any proprietary software and be locked
into proprietary formats forever.
But with not alternative remaining
what choice would anyone have.
My point is don't be naive to think
that you only lose Samba. There is
reverse engineering at many levels
which was in fact necessary as the
coders did not have enough money to
buy the protocols outright and release them.
And even if they did this what would
prevent an existing monopoly to change
protocols after they sold out the
rights to previous ones. Think of the
ramifications of this law as it extneds
not just to software but also to
hardware as well. It really only serves
to maintain the current anti-competitive
status quo. The real question is why money
is allowed to buy out this government
despite its purported (but not actualized)
obligations to its citizens.

Write your state legislator!

[Zippy+the+Pinhead]

The ACM has a page on the UCITA and other copyright concerns. There are links to several other good sites. Also, check the Consumer Project on Technology's Protest Page for excellent links to articles and sample letters.

At this point, it's up to the 50 states to individually ratify the UCITA into state law. So write your state legislator. Snail-mail counts most, short letters with useful arguments are easier for staffers to handle. Basically, (I think) you want to have 'em amend or strike UCC Article 2B. The remote-deactivation provisions will be the most odious and easiest to fight. You can even cite the fact that it will be bad for the commercial software indistry 'cos it'll pressure s/w-dependent businesses to switch to free and homegrown s/w just so they don't have to fear pissing off their s/w vendor.

To find your state legislator: Project Vote-Smart or the Democracy Network.