Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security Government The Courts News

PCs Posted No Trespass 277

FreeLinux writes "USA Today has a story about a federal court ruling stating that Spyware can constitute illegal trespass. From the article: 'A federal trial court in Chicago has ruled recently that the ancient legal doctrine of trespass to chattels (meaning trespass to personal property) applies to the interference caused to home computers by spyware. Information technology has advanced at warp speed with the law struggling to keep up, and this is an example of a court needing to use historical legal theories to grapple with new and previously unforeseen contexts in Cyberspace.'"
This discussion has been archived. No new comments can be posted.

PCs Posted No Trespass

Comments Filter:
  • by millisa ( 151093 ) on Friday October 14, 2005 @05:01PM (#13794278)
    Had thet dang sahn posted out yahnuh fer years now. I do b'lieve it states clearly ah am hav'n theh ra'ht t' shoot 'em.
  • Comment removed (Score:5, Insightful)

    by account_deleted ( 4530225 ) on Friday October 14, 2005 @05:03PM (#13794283)
    Comment removed based on user account deletion
    • Read any EULAS lately? Realpayer at least used to have these clauses (I haven't used it in many years, so I wouldn't know if they're still there).
    • Even worse, the Internet is international. A law deeming the installation of spyware illegal in the US has no effect on a company based in Tobego.
    • It might (Score:5, Insightful)

      by Sycraft-fu ( 314770 ) on Friday October 14, 2005 @05:40PM (#13794522)
      It might make spyware warn you, and remove itself when asked. That's all I ask of spyware, the same thing I ask of guests in my house. You have to ask my permission if you want in, and you have to leave the minute I tell you to get out, and not come back unless reinvited.

      The problem I have with spyware is that so much of it is so slimey. It'll install itself and then put all sorts of trickey checks in to ensure it's not unloaded. It'll have a reinstaller in the services, and in the startup group, and in the "run" section, and add itself to the "run once" section each time it runs, and latch on to explorer and so on. Thus when you try to remove it, even with the help of spyware tools, it's often very difficult to get rid of. Also, spyware often opens backdoors to allow other spyware in. In the beginning you have one peice, then through no further interaction you have 10.

      This is what needs to be illegal. The software needs to make it clear what it does, and it needs to uninstall, and stay uninstalled, upon request. If we can start prosecuting the sleeze that make programs that don't obey those simple rules, I'll be real happy. If you want to load up spyware on your system voluntairly, that's your business. I just get pissed when I get a service call to remove it, and it fights tooth and nail, or when a person installed one thing they wanted, and it invited 10 of it's friends they didn't.
      • Re:It might (Score:3, Insightful)

        by Kaenneth ( 82978 )
        It probably helps if the Operating System kept better track of things that get installed, so that it can remove entire sets of programs together.
        • The problem is they work hard to avoid detection. They don't do this stuff with thier installer, they do it later. They'll have a program create another program, then have that program do it, etc. I don't know of any OS that tracks things well enough to deal with all that.

          It's not like things are just getting lost here, it's things that are trying to hide, and trying to setup redundant programs to replace themselves if removed. The level of insidiousness is approaching that of root kits. They aren't hard to
      • What you think are reasonable minimum standards are so easily worked around in licensing. By the time you discover what these proprietary programs have been doing, you have no means to fix the program so it doesn't do the bad thing again. What you're asking for is effectively going to allow others to control your computer and make it do what they want, not what you want. I don't want computer software I am forbidden from inspecting, sharing, or modifying. I want the limitations of control of my computer
        • What you think are reasonable minimum standards are so easily worked around in licensing.

          Where as what he suggests may be a little simplistic and utopian, I think that your criticism doesn't really negate his suggestions.

          Licenses are just contracts and, at least in the US, there are some laws limiting contracts. Specifically, contracts can be deamed unenforceable if they are proven to be unreasonable. I'm sure that a good lawyer with a bit of luck could invalidate a contract stating that you give over y

  • by geomon ( 78680 ) on Friday October 14, 2005 @05:03PM (#13794285) Homepage Journal
    When prosecuting a case of trespass, the owner must often demarcate their property with signs indicating that it is private property and trespass is not allowed. This isn't true for all jurisdictions, but the feds generally treat their networks and individual machines in such a manner. All of the ones I've worked on are required to post a warning that they are government property and that unauthorized access is considered criminal trespass.
    • When prosecuting a case of trespass, the owner must often demarcate their property with signs indicating that it is private property and trespass is not allowed.

      Eh, this doesn't sound right to me. I don't have to put signs on my house that says it's illegal for someone to enter it without my permission.

      On the other hand, I might believe your point in cases of rural land where there are no clear boundaries. In that case, it might be legal to cross someone's farmland, unless they specifically forbid.

      I t

      • That is where you would need a sign to prove trespass, open land is just that. However Farmland is a bad example. A farm is a place of activity.

        Now Merry and Pippin, If your caught trapsing around in Farmer Maggots fields he's like to get a little upset. Maybe even overreact.
        • Now Merry and Pippin, If your caught trapsing around in Farmer Maggots fields he's like to get a little upset. Maybe even overreact

          Depending on how annoying the trespassers are I guess.

          In the case of Merry and Pip, I thought that the movie was lacking; the scene following their capure by goblins should have gone something like:

          Gimli: *silence*
          Legolas: *silence*
          Aragorn: Shouldn't we like, go and rescue them or something?
          Legolas: Have you noticed how quiet it is suddenly?
          Gimli: I pity the goblins.
        • What distinguishes between open land and any other kind? I recently bought a field and haven't done much with it yet. It's fenced, mostly, but the fences need some repair. It's possible to walk, or drive, onto it without having to open a gate or climb a fence. Is that "closed" enough for me to prosecute if a bunch of yahoos on 4x4's go 4-wheelin' on it?

          How about my front yard, which is not fenced at all, right back to the building line? It's clearly maintained, is that enough for me to be able to admin

          • It depends on the state. I think in most places a fence is enough to make an area off-limits. Generally you have to do something for it to be trespassing: enter a house, step over a fence, ignore a sign. If it's totally unmarked and you could have just blundered on, then you're in the clear. Where it varies, I believe, is in regards to motor vehicles. In some states you only get that benefit of "oops, I didn't know I was trespassing" if you're on foot, it doesn't apply to people in trucks or on a quad.

            Where
      • Eh, this doesn't sound right to me. I don't have to put signs on my house that says it's illegal for someone to enter it without my permission.

        Good point and thank-you. I have put a yellow sticky on my computer designating it private property.

    • by Tackhead ( 54550 ) on Friday October 14, 2005 @05:16PM (#13794377)
      > When prosecuting a case of trespass, the owner must often demarcate their property with signs indicating that it is private property and trespass is not allowed.

      $ telnet 127.0.0.1 25
      Trying 127.0.0.1...
      Connected to 127.0.0.1.
      Escape character is '^]'
      220 127.0.0.1 ESMTP Sendmail 8.13.37/8.00.8.135
      214 Don't even think about attempting to relay spam through here, n00b. Tresspassers will be pwn3d.

    • Not quite, the simple fact of a door that is closed is all you need. Even if it's wide open it's still properly demarcated. Signage is not a requirement, merely courtesty. The Fourth Amendment - Search and Seizure is all about what is and isn't legit. Having a firewall on your system is enough of an indication your not a open house.

      Quite the reverse, a house or clearly property must have some sort of indication that welcomes visitors. Otherwise it is assumed not open. Thats why businesses have OPEN signs. I
    • by MichaelSmith ( 789609 ) on Friday October 14, 2005 @05:26PM (#13794433) Homepage Journal
      All of the ones I've worked on are required to post a warning that they are government property and that unauthorized access is considered criminal trespass.

      At a site where I once worked we had to change our login message from "Welcome to $machine" to "Unauthorized access prohibited" because "welcome" was considered a statement that unauthorized access was permitted.

      • At a site where I once worked we had to change our login message from "Welcome to $machine" to "Unauthorized access prohibited" because "welcome" was considered a statement that unauthorized access was permitted.

        I think some of the early Slackware distros used to have this as a default login. I haven't seen that for a long time.

        Amazing how networks went from communal workspaces to protected territories.
        • Amazing how networks went from communal workspaces to protected territories.

          Not really. Rural folks rarely lock their doors, everyone in the city does. Rural fences aren't meant to keep people out, but to keep cattle from straying. When the internet had only a few thousand users, no one cared much about security. But the internet isn't "rural" anymore, it's global with millions of people on it.
    • by WebCowboy ( 196209 ) on Friday October 14, 2005 @05:34PM (#13794488)
      ...if it was it would be pretty ridiculous.

      If I accidentally forget to lock the door of my residence when I have to leave to run a quick errand, and I return to unexpectedly find a stranger rummaging through my refrigerator it is criminal trespass. Said stranger need not enter by force or cause damage to be convicted of a crime, and I don't have to put a "no trespassing" sign on my front door to make it a crime. It is obviously a private domicile and "no trespassing" is implied.

      Spyware is the electronic equivalent of the above. Providing explicit notification should only be required when a given property could easily be mistaken for public property--and the same applies to computers. Spyware vendors should expect that it is a certainty that their distribution methods will target computers that are "private property" and that they must clearly and explicitly ask permission to interfere with that property.
    • Although it does make things interesting. Imagine if you will if someone marks all their ports with a notice stating that trespasser acknowledge that they might invite a hostile counter-attack, i.e. you attack the system that it is phoning-home to. Also, could you mark all your ports that you might "shoot" trespassers? Further, does a sticky note on the screen constitute notice against trespass? That would be interesting. By applying the common law ideal of trespass, now it will be interesting if all the co
  • by DigitalJeremy ( 907237 ) on Friday October 14, 2005 @05:03PM (#13794286)
    Seriously though, it's refreshing to learn the courts are looking at it, and at least TRYING to make spyware fit into the legal system somewhere.

    If I've ever said "there oughta be a law", here is where it most certainly applies.
  • Makes Sense to Me (Score:5, Interesting)

    by Trip Ericson ( 864747 ) on Friday October 14, 2005 @05:04PM (#13794287) Homepage
    But how much spyware is installed by the user unknowingly, via misleading dialog boxes or other methods in which the user is fooled into installing it? I somehow doubt that would fall under the trespassing rule, due to being allowed in, no matter how sleazy the entry. I can understand those that are installed without the consent of the user through security holes, but those are a minority of the cases. The overwhelming majority gets in through the user inadvertantly allowing it in.
    • Re:Makes Sense to Me (Score:5, Informative)

      by Fiver- ( 169605 ) on Friday October 14, 2005 @05:08PM (#13794319)
      From TFA:

      "One of the defendants supposedly has an end user license agreement pursuant to which computer users are to be informed that spyware will be installed. However, the plaintiff alleged that that defendant has three means by which to avoid showing this agreement to computer users."
    • by robertjw ( 728654 ) on Friday October 14, 2005 @05:09PM (#13794326) Homepage
      But how much spyware is installed by the user unknowingly, via misleading dialog boxes or other methods in which the user is fooled into installing it?

      Exactly, where will this end. If spyware is trespass how about all the advertisements or demo software that is routinely installed with commercial applications.

      From TFA the defendants caused spyware to be downloaded onto his computer.

      It would be interesting to know how exactly the defendants 'caused spyware to be downloaded'. Looks to me like the plaintiff was visiting sites that had spyware attached to them, he shouldn't have visited these sites if he didn't want spyware installed. That's what I do. It's like he had a party and his guests brought some friends. Now he wants to charge his guest's friends with tresspassing. Would make more sense to be careful who you invited to start with.
      • Defendant knowingly pays commissions on software installed by visiting misleading sites and sites that exploit security vulnerabilities. Thereby the defendants caused spyware to be downloaded...
      • It's like he had a party and his guests brought some friends. Now he wants to charge his guest's friends with tresspassing.

        One could ask the interlopers to leave. If they don't, then they are trespassing. And in any case, it wouldn't be legal for them to take your checkbook and ID with them.

      • by Feanturi ( 99866 ) on Friday October 14, 2005 @05:28PM (#13794443)
        Looks to me like the plaintiff was visiting sites that had spyware attached to them, he shouldn't have visited these sites

        That reminds me of a help desk tech I was in a Y-jack with one day, telling a customer not to use a firewall because of the problems they cause. I muted him and asked, "Ok, so what if they run a program that is actually a trojan?" His response, "Well they shouldn't do that."

        Great non-answer. How's the guy supposed to know which sites are safe and which aren't?
      • There's nothing wrong with his friends showing up, especially since you can always show them the door.

        If his friends start sleeping on your couch, or you invite him to stay the night and they kick back on the floor too, then you've got a good reason to call 911. Or get out your shotgun, if you're that kind.

        --LWM
      • It would be interesting to know how exactly the defendants 'caused spyware to be downloaded'. Looks to me like the plaintiff was visiting sites that had spyware attached to them, he shouldn't have visited these sites if he didn't want spyware installed.

        How was the plaintiff to know they were going to download spyware before he went there? It's not like the link says, "Click here to visit a site that installs spyware." I've visited a few, seemingly innocent sites and had them try to download viruses. In

        • I think you answered your own question. Just like anything else in life, if you go off blundering into unknown territory you might run across something unexpected. If you are going to forge into the wild you should be prepared, in this case with the appropriate AV software, anti-spyware, latest patches, alternative browsers, etc... Obviously there are sites that are relatively trustworthy, ebay, microsoft, slashdot... Anyone that ventures away from an established, responsible corporate or government site
          • You are correct that the best solution is for the end user to be smart. However, just because you shouldn't have twenty dollars bills taped to your suit when you go walking down an urban street, doesn't mean that the law shouldn't punish the crook who will rob you. Society and civil behavior exists because we try to prove Darwin wrong by helping the morons survive and smacking down the predatory.
          • Anyone that ventures away from an established, responsible corporate or government site should be prepared to encounter spyware.

            Yeah, it's a dangerous world. Doesn't mean that hijacking someone's computer should be legal.

            Poking our head in the sand by legislating this isn't going to help.

            Setting a precedent saying that this is illegal does help. Once it's set, suing the next guy is easier.

      • I think it's more like going to a party with people you haven't met because someone told you it would be interesting and between arriving, realizing it's not a very nice party at all, and leaving, someone slips coke in your pocket.
    • But how much spyware is installed by the user unknowingly . . .

      Isn't it still some sort of crime to impersonate the cable guy (or whoever) and gain entrance to a house? That would be analagous to the kind of trespass we're talking about. The 'consent' is obtained by deceit.

    • Once you invite it in you're, fscked. (or soon will be)


  • I guess this is one approach. Personally I think there needs to be a whole new slew of laws written specifically for cyber space. Ok great so we have determined the law was broken. It's usually the extradition part that's sorta hard concidering these firms need just move to bermuda. I think it would be interesting if a new section be formed under the judicial branch that dictates whether internet sites break US law and firewall there as slike china I'm serious there has to be a point where this is filtere
    • I'm serious there has to be a point where this is filtered.

      I wish you weren't. If you want to live in a communist dictatorship please move to China - don't make the U.S. one. Living in the 'land of the free' comes with some responsibilities. If you want the content filtered, filter it where the Internet comes in to your house, don't infringe on other's rights to download and view whatever they want to. Problem with a 'whole new slew of laws' is that the only way to enforce them results on infringment
    • It's usually the extradition part that's sorta hard concidering these firms need just move to bermuda.

      Then we level the playing field by increasing the duties on products they produce. They leave do dodge a legal penalty, they pay extra to bring their stuff back in for sale - make the import penalty equal to the legal damages. (I personally feel we should be doing this to corporations that set up tax shelters in places like Antigua, but that's just me).

      Of course, I know it'll never happen, but it's a t

    • No dammit! (Score:5, Insightful)

      by Sycraft-fu ( 314770 ) on Friday October 14, 2005 @05:46PM (#13794565)
      The last thing we need are millions of little laws governing every damn thing! We've already gone way too far in that direction. The law is supposed to be something everyone obeys. Well a prerequisite of that would be it has to be something everyone understands. You can't obey that which you don't understand. Also our laws are supposed to be somewhat rooted in common sense. When you get down to it, most of our most important laws are just formal codifications of basic kindergarden manners: Don't take stuff that isn't yours, don't hurt other people, don't lie, etc.

      Real and virtual property are basically the same when it comes to access rights, and what most people would find acceptable. If something is open to the public and inviting, like a store front or a public website on port 80, clearly it's an invitation to all to come on in. You only have to stay out if the owner explicitly forbids you access. If something is locked up, like a private residence or a passworded SSH server, it's clearly a message that you need to obtain permission first to come in, otherwise stay out. Likewise, regardless of permission, you aren't allowed to destroy anything.

      Basic property law really can be very well applied to virtual property, in such a way that I think everyone would understand it and most resonable people would agree it's a good set of rules. We don't need a whole new set of complecated laws for it.
    • I'm serious there has to be a point where this is filtered.
      Sure, but the filter should only be put in place by your request, and should only apply to you. Everyone should have the right to a completely unfiltered Internet, if they so choose.
  • So it's trespassing? Let the Windows and gates jokes begin...
  • Prison time (Score:2, Insightful)

    by Anonymous Coward

    but who is guilty, the people who create the malware or the people that finance them [benedelman.org] ?

    im looking forward to seeing a few more executives in jail, they seem to think if you wear a suit and have a PLC/INC you can do what you want without recourse

    • On that site you posted, I see under the column Controversial product characteristics / my research / references entries sucj as this: "installing through security holes".

      Isn't that a virus or a break-in that's already illegal?

      P.S. Thank you for posting that site. Now I can make sure that my "Adblock" ad-in for Firefox will block those companies.

    • but who is guilty, the people who create the malware or the people that finance them?

      Neither. It's the person who actually acts to put that software on your machine. Sometimes those are the same person, but it's the act that counts.

      im looking forward to seeing a few more executives in jail, they seem to think if you wear a suit and have a PLC/INC you can do what you want without recourse

      Tell that the executives who are in jail. The people that own and operate legitimate businesses hear this all the
  • .... Is a law giving us the right to shoot spyware writers on sight.
  • King Tut's Abacus (Score:4, Insightful)

    by HermanAB ( 661181 ) on Friday October 14, 2005 @05:10PM (#13794328)
    Obviously, if someone would install broken beads on my abacus without my permission, I would be rather miffed and would have no difficulty getting relief in court. The same thing applies to PCs. However, it simply isn't worth going to court for any damages under $20,000.
  • by ecklesweb ( 713901 ) on Friday October 14, 2005 @05:13PM (#13794352)
    the court didn't rule the case in the plaintiff's favor. The court just denied a motion to dismiss the complaint. I'd say that there's still a way to go before any precedent is set.
  • by Shadowhawk ( 30195 ) on Friday October 14, 2005 @05:17PM (#13794384)
    RTFA! All it says is that the court denied a motion to dismiss the charge of trespass to chattel by the defendants. The whole thing still has to go to trial. While this is a hopeful sign, the judge may later decide against the idea.
  • What about Sony's bullshit DRM that installs a driver without warning? I hope they get the crap smacked out of them.
  • If PCs are like private real estate, then we could be opening a pandora's box of real estate, zoning, and property law issues. If a PC is like a piece of land with built structures, then there is both the issue of trespass and civic responsibility. Zoning laws might limit how much bandwidth a person take from a shared network infrastructure. Subnets might create their own PC-owners associations (fashioned on Home-Owners Associations) that restrict activity to avoid inconveniencing others in the virtual n
  • by theLOUDroom ( 556455 ) on Friday October 14, 2005 @05:20PM (#13794407)
    and this is an example of a court needing to use historical legal theories to grapple with new and previously unforeseen contexts in Cyberspace

    No, this is an example of a really dangerous precedent.

    What if, for example, I was to send you an email contained a corrupted file that crashed your system?
    Is that tresspass too?
    How the fuck do we know?

    Part of the reason for having laws, it to have it clearly spelled out, what we can and cannot do within the bounds of the law.
    Rulings like this are really dangerous because they throw the established legal meaning and inperpretations to the wind.

    Computer crime laws exist and they are there for a reason. If they are not strong enough, that is a job for the legislature, not the judiciary.

    Sure it's important to catch these jackasses, but it's not so important that we should forget why we have written laws in the first place. A person should be able to know very clearly what they can and cannot do.

    Rulings like this are very dangerous, as the judge if effectively just making shit up and ruling by analogy.
    Can they start charging people who call on the phone too? We don't know.
    With judgment like this, you could be declared a criminal at any moment.
    No matter what you do, with enough bad analogies and hyperbole, it could be compared with something illegal. Is that really what you want?
  • Here's a nice review [berkeley.edu] of the application of this legal doctrine to cyperspace disputes. It includes bulk email and so on.
  • I think all software which includes an EULA can share in the blame. The EULAs offer little to no benefit to the legitimate companies which use them. They offer no benefit to the users of the software. But they offer legal cover for the spyware / adware folks. By training all the users of commercial software that click through EULA's are just a normal and expected thing, it helps ensure that it's easy for the slime to slide through nasty stuff in them.

    It's one of the things that makes me appreciate free soft
  • i really hope the judge finds in favor of the plaintiff.

    can you imagine the class action law suit that this could lead to? and not just for spyware, but spam and abusive cookies too... oh what a beautiful thing it will be should it ever happen.
  • for your WINTEL PC is by reformatting your hard drive and then installing Linux on it, so Windows based Malware won't infect it. Peroid!

    Either that or you can go the expensive route and buy a Mac or Amiga, or some other Non-Windows based computer.
  • Clearly Illegal (Score:2, Interesting)

    by whawk640 ( 848562 )
    I don't know why there's been so much debate about whether or not popups and/or spyware is illegal. Here is a simple analogy:

    Putting a pop-up on my screen to sell me a product to get rid of popups is like putting a rock through the window of my house with a note advertising your window company.

    Would anyone argue that the second situation is legal or that these two situations are dramatically different?
    The only argument that they are different is whether or not they are destroying your property with
  • Almost every goverment is throwing new laws at the internet, when there's quite a few good existing laws which relate to the same things but in the real world. Though hopfully they won't make laws regarding the mistreatment of pets relate to tamagotchi's :)
  • The article seems to try to imply that there's something wrong with having to apply "historical legal theories" to "Cyberspace", as if they're so antiquated as to be mere curiosities or something. But this looks to me like a cut-and-dried case where applying the standard legal doctrine achieves an entirely reasonable outcome, and shows that at least some of the "historical legal theories" are in fact protecting people in exactly the same way today as they did in the past, despite the advance of technology.
  • YAYY!!!! (Score:3, Interesting)

    by Hosiah ( 849792 ) on Friday October 14, 2005 @08:29PM (#13795339)
    Even if a court decision doesn't mean spit in the wind these days, at least SOMEbody else finally said it: (I've been saying it since my TSR-80), "I PAID for every bit of memory, so I will do with it what I Damn. Well. Please. And nobody else may say different."

    I don't know what takes people so long to come round. From my old Windows days, I literally scoured every directory, not just for spyware, but ANYthing I didn't want. It was a big motivation for my move to Linux. We ALL have the right to say how every single byte of memory is used. Executable too big? Bundled with crap I don't use? Too skeaky with your files nested inside directories with unpronouncable names? Hiding your source code from me? Out you go! Restrictive rights? Copy-protection? EULA? Bullshit! As long as I don't *share* the file with anybody else, I hold that it's within my perfect right to HEX edit, reverse engineer, and (MOST importantly) FIX it!

    I figure, as long as I already spent the money and no-one else sees it, it's my disk, regardless of whether I port it to a different file system, use it for a coaster, or cat the binary into a bitmap to make abstract art. It is the classic victimless crime. Meanwhile, anybody who tries to exert control over My computer, with or without my "consent" is wrong! (By "consent" I mean: I had no choice but to use your crap or get fired, to use your crap I had to check the box swearing that you own my children: NOT consent, at all. I check the boxes...and lie like hell!)

    It is JUST as bad to put a pop-up dialog in my face without my asking for it as it is to break into my house and spray-paint graffitti on the walls. The same way wrong to clog my inbox with spam as it is to scatter trash on my lawn. Should be illegal to sell me software without offering me the RIGHT to see the source code for free as it is to sell me a prepared food without showing me the ingredients and nutritional information. It is JUST as wrong to take over my machine as it is to steal my car. It is IDENTICALLY as stupid to build a computer that's locked shut so I can't upgrade it myself as it is to sell me a car with the hood padlocked shut so I can't even check the oil. What took us so long to apply the same logic to our computer that we have to our other possessions?

    All computer users...if you'll pardon the soap-boxing from the deliriously ranting man...you have been screwed long enough, and it's time you demanded that it stop!

"The following is not for the weak of heart or Fundamentalists." -- Dave Barry

Working...