Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Security Software

RetroCoder Threatens Security Vendors 157

john83 writes "RetroCoder the company that brings you SpyMon, a commercial keylogger is trying to stop vendors of security software from looking at their software. RetroCoder uses a EULA that prohibits anti-spyware publishers / software houses from downloading, running or examining the software in any way. Essentially, they're trying to hide a key logger behind copyright law." While they are certainly not the first to do so, it is interesting that companies still take this approach.
This discussion has been archived. No new comments can be posted.

RetroCoder Threatens Security Vendors

Comments Filter:
  • Dupe... (Score:3, Informative)

    by zenmojodaddy ( 754377 ) on Tuesday November 15, 2005 @07:06AM (#14033629)
    ... from 11th November.
    • Sorry! (Score:5, Funny)

      by jolyonr ( 560227 ) on Tuesday November 15, 2005 @07:56AM (#14033798) Homepage
      I think you'll find, if you read the slashdot EULA, you are NOT ALLOWED to check for dupe articles.

      Lawers will be contacting YOU!

      Jolyon
    • I beleive it is called prior art. This article is null and void!
  • YAD (Score:2, Informative)

    Yet Another Dupe

    This is why I let my subscription lapse. I was sick of paying for duplicate articles:
    http://yro.slashdot.org/article.pl?sid=05/11/11/06 8222&tid=123&tid=172&tid=17 [slashdot.org]
    • by Anonymous Coward
      I'd like to congratulate you on your schemes to increase pageviews. The advertising money is just rolling in! Your dupe strategy has been a remarkable success. But I agree with your assessment that it needs to be replaced, the backlash is getting too great and some people are on to the plot.
      Your new strategy of having a continuing thread (the Intelligent Design flood), is even better! You just throw up 1 new piece of news and there is a whole new rehash of the same posts. It's the same crap over and over ag
    • YAD - Yad Another Dupe. Geesh, make your acronyms recursive. Especially in this case, where it'd be duplicating...
  • by Anonymous Coward on Tuesday November 15, 2005 @07:08AM (#14033634)
    ..... just go hardware...

    http://www.thinkgeek.com/gadgets/electronic/5a05/ [thinkgeek.com]

    k thx gg
  • Dupe [slashdot.org]. Funny how fresh, new and on topic submissions get rejected whilst the same old junk (and sometimes dupes too) get through.
    • Funny how fresh, new and on topic submissions get rejected whilst the same old junk (and sometimes dupes too) get through.

      Nonsense. The Slashdot Random Story Submission Selection System is completely fair and without bias.

      It just needs a shuffle feature so that tracks^H^Hstories arne't repeated so often.
    • The only thing about this site that annoys me more than the "same old junk" is that whenever there's a post on the front page that's even slightly on the same topic or story there's at least twenty people replying in the comments saying "It's a dupe!!!!" taking space away from people who might actually have something relevant to say.
  • What we need.. (Score:3, Interesting)

    by Ckwop ( 707653 ) on Tuesday November 15, 2005 @07:09AM (#14033638) Homepage
    What we need is a law that makes research a defence to copyright infringement. It's important that malware authors can't use the force of the law to hide. Hopefully a judge will do the right thing an establish case law in this area that defends us from this scum.

    Simon.
    • hmmmm. <Renames folder "mp3s" to "research data">
      Just to be on the save side.
    • Comment removed based on user account deletion
      • Recall the old days of the BBS movement when warez BBSes had MOTDs prohibiting law enforcement officers from connecting?

        Because such a post of course prevents such activity, not unlike a drug dealer asking someone who is buying "Hey man, are you a cop" or putting a sign that reads "officers of the law and all those reporting to them are bared from buying here" above a crack house.
    • I would have thought this falls under fair use. Looking at the four factors [stanford.edu] for fair use, it isn't entirely clear if this meets them. It seems very obvious to me that it should be fair use and there's substantial argument for it, but as the above reference points out, it's open to interpretation.

      Four (five?) factors:

      1. The purpose and character of your use. Since this is done to help protect people, it seems this is a slam dunk. And since the Supreme Court indicated in 1994 that this is the "primary

    • There is already such a law. Research and study are protected fair use.
    • I have a lot of music and movies I'd like to research.
    • Will the research tools include stream decoders, decompilers, stack tracers, and windows updates?
    • Why? (Score:3, Insightful)

      by WindBourne ( 631190 )
      Far better to back out the laws that allow this; DMCA being just one.

      Otherwise, we would be building law on a number of bad laws.
    • What we need is a law that makes research a defence to copyright infringement.

      This isn't copyright infringement. If it's anything, it's violation of a contract, but that depends on the clause being upheld.

  • by TheShadowHawk ( 789754 ) on Tuesday November 15, 2005 @07:10AM (#14033646) Homepage

    lets dupe the comments as well.. :P

    "Ah. the popular "Bend Over" EULA."
  • So let them (Score:3, Funny)

    by Jaseoldboss ( 650728 ) on Tuesday November 15, 2005 @07:10AM (#14033648) Homepage Journal
    They're way off track with this one. It should be the responsibility of the person monitoring their PC to ensure that no Anti-Spyware programs are installed. If they can't do this they obviously don't have the authority to deploy a keylogger.

    Anti-Spyware companies are only doing their job.
  • by martinmcc ( 214402 ) on Tuesday November 15, 2005 @07:14AM (#14033660) Homepage
    Oh woe is me! A dupe. my eyes, my eyes!

    I must purge myself of this evil by adding to the multitute of wailing about duplicate postings, and add some extra comments about how much slashdot sucks, the only reason I come to it is to feel superior.

    It burn, oh how it burns!
     
  • By your boss to see what you are typing?

    Or commercial as in installed by a dodgy person at work who gains access to the boss' or sysadmin's workstation for a few minutes?

    Or commercial as in bundled with shitty software and then sends out what you type to criminals?

    First one - legal, if unethical.
    Second one - this type of installation should be removed by Spyware removers.
    Third one - the writers of the software should be castrated.
  • by kmmatthews ( 779425 ) <krism@mailsnare.net> on Tuesday November 15, 2005 @07:14AM (#14033665) Homepage Journal
    RETROCODER WRITES SPYWARE!!

    There, come sue me now you silly fucks.
  • by Rude Turnip ( 49495 ) <valuation@NOsPam.gmail.com> on Tuesday November 15, 2005 @07:18AM (#14033673)
    "Essentially, they're trying to hide a key logger behind copyright law."

    Copyright law doesn't have provisions for EULAs. They are using faulty contract law logic to harass security vendors. I honestly think people only think an unsigned, after-the-fact EULA means anything because they've been conditioned throughout their lives to blindingly accept authority, whether real or perceived.
    • In addition to posting a duplicate, the Slashdot editor "ScuttleMonkey" seems to have some funny ideas about what copyright is. Perhaps it would be good to know something about the subject before posting Slashdot articles.
    • I think I agree, but how do you answer this:

      In order to install the software you have to make a copy of it (either copy from the cd to hard drive, or copy from internet page to hard drive) but before you can copy you need a copyright license. What gives you that license if not the EULA?

      • In order to install the software you have to make a copy of it (either copy from the cd to hard drive, or copy from internet page to hard drive) but before you can copy you need a copyright license. What gives you that license if not the EULA?
        Copyright law gives you that licence. Making a copy in the memory of your computer is a necessary step in making use of software, therefore it's protected fair use.
      • by jrumney ( 197329 ) on Tuesday November 15, 2005 @08:21AM (#14033891)
        In order to install the software you have to make a copy of it (either copy from the cd to hard drive, or copy from internet page to hard drive) but before you can copy you need a copyright license. What gives you that license if not the EULA?

        The doctine of fair use. If, in order to use a product which you've purchased you need to make a temporary or permanent copy of it, then that use must by definition be fair.

      • I have never understood this logic. I am allowed to photocopy a book as many times as I like as long as I do not distribute the resulting copies. Distribution means passing on to another legal entity. A computer is not a legal entity.

        You also copy text from a book into your brain in order to read it, and in your brain it gets copied around lots of different areas, derivative works are created, etc etc, in order for you to comprehend the book. There is no distribution involved, because all areas of your brai
    • Copyright law doesn't have provisions for EULAs.

      Of course it does. The right to copy something (ie: copyright) can be Licensed to another party (say, an End User), who would have to accept the Agreement in order to receive the copyright license.

      I honestly think people only think an unsigned, after-the-fact EULA means anything because they've been conditioned throughout their lives to blindingly accept authority, whether real or perceived.

      Due to the faulty (IMO) notion that running a program is "copying" it
      • The right to copy something (ie: copyright) can be Licensed to another party (say, an End User), who would have to accept the Agreement in order to receive the copyright license.

        But the question of whether or not a given clause in the licence is enforcable falls within the scope of contract law, not copyright law. They are hiding behind contract law by including that clause, and then saying "as you broke the agreement, you have no licence, and so are violating copyright law".
      • Copyright law already includes Fair Use provisions.
        When I buy a painting and display it on the wall, I don't need any sort of EULA. When I buy a program and run it, I don't need an EULA either. Copyright law works fine in both cases. In fact, there is no law anywhere that says I have to agree to the EULA in order to use the software. I bought it, I don't agree with the EULA, therefore the EULA is not binding. The purchase is then covered under basic copyright law, which means I bought it, I can use it
      • The GPL isn't an EULA. The fact that many Windows ports and programs that have the GPL licence display it in the form of an EULA, is caused by (1) misunderstanding by the authors (2) the installer template which has a window to display an EULA in it.

        But that still doesn't make it an EULA.
      • Incorrect. US copyright law *specifically* allows the copying neccesary for use, and has since 1977.

        Your GPL statement is totally wrong in all ways since the GPL doesn't cover use, only distribution.

        The legal basis of EULAs is in contract law, and exists only because you were presented with the EULA. It's extremely shaky legal ground, although some jurisdictions give them explicit legal power (UCITA), and there have been some cases that accept thier force. Note that at least one of those cases only accept

    • I honestly think people only think an unsigned, after-the-fact EULA means anything because they've been conditioned throughout their lives to blindingly accept authority, whether real or perceived.

      Probably, I don't know. I really don't believe authority is morally given or waived behind obfuscation like a typical EULA, regardless of alleged legality.
  • Dupe is cool (Score:1, Redundant)

    by TFGeditor ( 737839 )
    It's dupe, dupe, dupe, dupeilicious!
  • Fine (Score:3, Funny)

    by Peregr1n ( 904456 ) <ian.a.ferguson@gmail.com> on Tuesday November 15, 2005 @07:23AM (#14033683) Homepage
    If every piece of spyware presented me with an EULA to agree to before installing itself I'd be much happier!
  • Wasn't this duped from the other day? Even so I didn't get a chance to comment on it... so...

    While I do read most EULAs that I get with my software, software like this that has no purpose on my machine is something I want to have removed. What gives them the right to say "While this has been installed on your machine (probably without your consent), you cannot have anything remove it from you system.

    I picture a small bald guy sitting in the background rubbing his hands together and cackling madly thinking
  • From the summary: While they are certainly not the first to do so, it is interesting that companies still take this approach.

    That's what you get when copyright laws are as draconian as they have become. Technically, they have every right to prevent others from examining their software.

    • Its not copyright, as I am sure was pointed out the last time this story was posted. Copyright protects in a rather restricted way against unauthorised copying and dissemination. Copyright could not protect against assessing or even decompiling software.

      This is about Eulas. Now, the question of whether the Eula is valid and binding depends on two issues. First, can Eulas be binding? The answer is yes, depending on what the conditions are. The second is, will this particualr Eula be binding? I suspec

      • My mistake. I was thinking that the DMCA or similar overreaching legislation might apply, but I see this is really just about their EULA.

        EULAs are a whole other can of worms. Obviously, EULAs should not be able to stop you from exercising fair use, but EULAs are still on shaky enough legal ground that anything could happen in court.

    • Technically, they have every right to prevent others from examining their software.

      I disagree. As far as I know, retroengineering is allowed by law in the US and in most countries in Europe. At least for ensuring interoperability. So they can not prevent me to examine their software if it is running on my computer.
    • Technically, they have every right to prevent others from examining their software.
      No they don't. That would abridge Freedom Number One. See here [gnu.org]. I will live to see this made law, or die trying.
  • by gone.fishing ( 213219 ) on Tuesday November 15, 2005 @07:33AM (#14033722) Journal
    Use their ELUA agianst them; list any "application" that prohibits anti-spy/anti-virus/anti-threat software from "testing, accessing, or evaluating the software" as a threat. Publish a policy that simply tells these vendors that if they want to be removed from the list they have two choices. They can either have the restricting statement(s) removed from the EULA or, they can provide the vendor with written permission granting them an exception, allowing them to access, test, and evaluate - making an independant decision on the status of the software.


    In otherwords, make it policy to call this crap a threat until it can be proven otherwise. This isn't "innocent until proven guilty" time.

    • The problem is that their EULA doesn't allow for a signature of their binaries to be created. There is no way for anti-spyware software to identify their application.

      I have a better solution. Simply send this company your own EULA. If they would like their software to run on our machines, they agree to the following terms yada yada yada...

      Make the letter a shrink wrap license. Simply by opening the letter, they agree to the terms. If they would like to rescind the agreement, they can send a refund to e
      • I understand the problem - I am just saying that if the EULA is worded so that spyware makers can't determine if it is spyware then they will assume it is. If the company wants out of that quagmire, they have to do something about it.
  • by Qa1 ( 592969 ) on Tuesday November 15, 2005 @07:33AM (#14033726)

    It is a well known fact that several p2p programs were attacked by the minions of various **AA, injecting malicious pseudo-clients into the essentially closed networks. Those attacks wouldn't have been possible without extensive technical analysis of the modus operandi of those networks. At least in most of those cases, it is pretty appearant that the attack was accomplished by downloading and examining the official client for that network.

    Couldn't those p2p networks utilize the same defense? I.e. establish in their EULA that their code and protocol may not be examined for the purpose of a malicious sabotage in their operation?

    I seem to recall that some p2p EULAs actually had such a clause. Was it ignored with no consequnces?

    • Changing the licence of a gpl project is only possible if you track down all the contributors and ask for their approval. VERY HARD. and even then hte old software is still available under the GPL. so even if it was possible and effective and acceptable, it is practically impossible.

      And don't forget emule was reversed engineered from edonkey to start with.
  • In Germany, it's normal that any company has some terms & conditions (TNC) to which other businesses have to agree, if they do business with them.

    It's time that end users also create a software TNC for their computer. If your software runs on my computer, using my resources, then it will have to comply to the following rules:

    - It has to use the resources to my direct(!) benefit.
    - It has to give me full control over it's behavior (e.g., uninstall possible)

    That's all. Simple, but powerful.

    It would be inte
  • They won't win (Score:1, Interesting)

    by Anonymous Coward
    This kind of thing is not likely to stand up in court. Spyware has been proven to be a malicious type of software that voilates one's privacy, therefore I would be shocked if the courts find in favor of the spyware maker. The spyware maker might have thought it was clever adding that clause in their EULA, but essentially what they've stipulated was people cannot investigate how their software works in order to prevent it's unwanted installation on to one's system. Not likely to stand up in court.
  • I don't want to give away the first word, but the rest of it is "Each Spyware Programmer and the Horse He (or sHe) Rode in On".

    Anyway, it's a totally worthless approach. The anti-spyware programmers could handle it in at least three ways.

    1. By doing business from a country with reasonable laws. (Putting this first because I think it is already true for some of them, so it really means they don't have to do anything.)
    2. Creating some tool that allows users to validate spyware and send them the signatures with
    • 1 By doing business from a country with reasonable laws. (Putting this first because I think it is already true for some of them, so it really means they don't have to do anything.)

      I would include the country the scumware manafacturers reside in as well. If they think the UK courts will allow this, they are in for a bit of a shock. (Even though apparently the Sony DRM thing would probably be legal in the UK) As this would be a Civil issue, the benefit to the public good would be taken into account, and

  • fsck em & feed em fishheads, their product is easily used for malicious purposes such as stealing creditcard numbers & identity theft, and i would imagine anyone clever enough could take their product and make it even worse in any number of ways & methods...
  • I see copyrighting a keylogger as similar to patenting "breaking and entering."

    It is too damn early to have a beer...
  • With EULAs like thisthat give the rest of us who still support copyright (at least in principle) a bad name.

    I hope Sunbelt have the courage and money to stand up to this in court. EULAs that attempt to impose restrictions such as this on end users are morally wrong and need to be declared unenforcable. I have no problem with the usual "no warranty, no guarantee, you're not allowed to copy this and give it to your friends, etc" sort of stuff, but this is bullshit.
  • ECLA? (Score:3, Interesting)

    by Scrameustache ( 459504 ) on Tuesday November 15, 2005 @08:22AM (#14033895) Homepage Journal
    how about we make our own End Computer Liscense Agreement:
    By installing your software on this computer you, the software maker, agree that no spyware, adware, or any other malware is contained within, included, or linked to by your software, under penalty of catapult. RANDOM BIT ALL IN CAPS ABOUT WAVING LIABILITIES FAR BEYOND WHAT THE LAW ALLOWS.
  • The funny thing is, (Score:4, Interesting)

    by jasen666 ( 88727 ) on Tuesday November 15, 2005 @09:05AM (#14034164)
    they're tying to enforce a EULA on 3rd and 4th parties. Who the hell installs keyloggers on their own computer? Obviously, the "user" of the software is installing this discretely on someone else's computer. So the EULA is trying to prevent this 3rd party from scanning and removing the illicitely installed software, and trying to prevent the 4th party (anti-spyware/virus vendors) from facilitating the 3rd party in keeping their machine clean.
    And if a piece of software is installed without my permission on my own computer, I'm sure as hell not bound by any EULA's. This is really a moronic attempt to legitimize their malware.

    The next trend in internet worms: hidden EULA's to prevent AV software from removing them?
    • This is exactly it. An end user is supposed to be bound by the license for sereptitious software, whose existence on a given machine is intended to be secret? What kind of a swirling illogical universe did these clowns emerge from?

      Since the whole point is that the end user doesn't know the software is installed, how can they adhere to the ridiculous conditions of the EULA? They can't, and therefore, the EULA is pointless.

      But analyzing or reverse engineering the software can be done. Somebody else needs

    • by J053 ( 673094 )
      Much as I think keyloggers, etc. are despicable, the parent is incorrect. This type of software is usually marketed to companies or organizations which then install it on their computers. The intended use is to monitor the computer usage of employees. In this case, the employees are not the owners of the computer, and it is in the interest of both the keylogger maker and the company installing it that it not be automatically removed by anti-virus or anti-spyware software.

      If the keylogger were installed on

  • The standard EULA is long, dull, and filled with legalese. The problem, as I see it, is that this gives software vendors the chance to hide malicious intent deep withen the contents of the EULA which customers can not reasonabily be expected to read.

    I'd like to see law be written that requires a second part of the EULA, in it's own sepearte 'click yes to continue' box that outlines anything the software or service does that users may find questionable. It should be written in plain, simple words that outlines the potential for more malicious uses, and requires a user to click a 'yes I understand' next to each item.

    For example:

    EULA PART II:
    THIS SOFTWARE MAY/WILL DO THE FOLLOWING.
    PUT AN 'X' NEXT TO EACH BULLET STATING YOU UNDERSTAND THE INTENT BEFORE CONTINUING

    [ ] o This software will collect personally identifible information and send it to third parties
    [ ] o This software will access your email contact lists and send them to third parties
    [ ] o This software will log your keystrokes and sufring habits and send them to third parties
    [ ] o This software does not have an easy 'uninstall' feature
    [ ] o This software will destroy data on your hdd
    [ ] o This software will install additional programs on your computer that has nothing to do with this software

    PUT AN 'X' IN THE BOX NEXT TO EACH STATEMENT STATING YOU UNDERSTAND AND CLICK YES TO CONTINUE BEFORE SOFTWARE IS INSTALLED.

    It won't happen, but it'd be nice.
    • THIS SOFTWARE MAY/WILL DO THE FOLLOWING...

      I'd like to see a EULA that doesn't use all caps ;)

    • And so you'll just get two copies of the EULA, but with one copy requiring you to check next to each section.

      How exactly do you define plain and simple words? How do you define malicious use? EVERY condition in the EULA is designed to limit the liability of the software vendor - if they were all stuff you'd agree to anyway they wouldn't bother to write it down. If they intend to give you free customer service, for example, they don't write it down, since you aren't going to turn it away simply because it
      • The second EULA is not intended for redundancy; it's there to explicitly inform the user if a piece of software is going to do something beyond what the user expects it to do that may potentially harm the person and/or his or her computer.

        When a piece of software is obtained, be it downloaded or purchased in physical media, a user has an expectation as to what that software should do. While in the process of installing that software, a user should be able to continue with the confidence that he or she will
        • Oh, I know exactly what you meant. My point was that it would be almost impossible to codify into law. Do you put a word limit on the 2nd page? If so, maybe somebody has a genuine need to make theirs longer. If not, why wouldn't they just give you two pages of legalese. The goal of the person writing the EULA is to be UNCLEAR - not for you to understand it.

          You'd almost need to have a standard EULA embodied in law (there was such a movement a few years ago which was massively protested by programmers ev
  • So their EULA prevents you from investigating it. Big fucking deal.

    Get Joe Random User to install it and agree to EULA.
    Get Joe Random User to agree to let *you* inspect his PC.
    You did not install the software or read the EULA, so you do whatever you feel like, and proceed to tell the world.

    Tada! Obnoxious EULA bypassed.
  • RetroCoder can't stop anyone from examining their code, unless they're going to encrypt it somehow. If it winds up on someone's machine, and that someone happens to work for a software security company, and he/she is an industrious hacker with the time and patience, they'll rip open the pathetic key-logging code, figure out its secrets at home on their PC, then bring the knowledge to work and poof -- key-logger neutralized. What's RetroCoder going to do, hire spys to follow everyone who works for all the so

  • Feedback (Score:4, Interesting)

    by xor.pt ( 882444 ) on Tuesday November 15, 2005 @09:41AM (#14034424)
    I just got some feedback from Spymom.

    We are not suing SunBelt - SlashDot got it wrong!

    From Sunbelt themselves:
    http://yro.slashdot.org/comments.pl?sid=167981&thr eshold=1&commentsort=5&tid=123&mode=thread&cid=140 09674 [slashdot.org]

    The original article:
    http://news.zdnet.com/2100-1009_22-5944208.html [zdnet.com]

    If you read the text on SlashDot linked to above you will see that we are not unreasonable, we just don't want our app that people have bought to be deleted without the owners permission or knowledge - as has happened with numerous "big" companies.

    When contacting these "big" companies - including Symantec about the problem they simply refuse to reply - we initially tried to contact them all about 9 months ago in order to bring about some kind of cooperative agreement, with information about detecting out program as a commercial keylogger and about uninstalling our program safely (if the user decided to do so).

    Our point is that commercial programs are different that trojans written by criminals. It is fair that they are pointed out by the anti-virus/trojan program, but not fair that they are automatically deleted. The user should be told that they are a commercial keylogger or similar and the default action should be to not delete. AVG by comparison deleted them without informing the user.

    We are open about what ports are being used and we do not try to bypass firewalls or shutdown anti-virus programs. All are easily possible as you probably well know and we feel that comparing it to programs written by criminals is unfair.

    We, as a company, are very easy to contact - if we had been contacted/replied to by the anti-virus companies (initially - before we had to put the download notice up) we would have told them how to safely uninstall the client program, and we would have also told them of a special flag - that if present would stop the client from installing again in the future. They would also have been given information that would have told the user WHO was attempting to spy on them! The condition would have been as above - that the user be informed that it was a commercial program and the default action would have been not to uninstall.

    Sunbelt will soon be given this information in the hope that other companies will follow in the way they list the program (if detected).

    Best regards,
      Anthony
  • Security Vendors (Score:3, Insightful)

    by PhYrE2k2 ( 806396 ) on Tuesday November 15, 2005 @09:42AM (#14034429)
    I'm really sick of this hiding behind licenses. Spyware makers claiming that by downloading, looking at, thinking of, pissing on, or whatnot you can't create a signature or identify it in any way. There are a ton of stories like this, but it's rediculous.

    It's up to the consumer to decide what goes on their computer, and if an anti-spyware maker wants to warn users of the threats, they have every right to. Otherwise, they're not doing the service THEY are promissing the customer, by identifying those things that spy on them. It really does perplex me how much people try and push with flawed licenses and poor IP laws. If there's any sign it needs to be revamped, this is it.

    -M
  • DRM at its best? I'm not sure that a EULA forbidding anyone from reverse engineering/detecting/removing their crapware would hold up in court. I imagine that the Sony/BMG rootkit deal will end up in court somewhere and that will tell us all just how far gone our rights are in this regard.
  • Sunbelt should include in their EULA:

    CounterSpy cannot be used by creators of spyware, virus, worms, or other forms of malware to determine if their malware is detected by CounterSpy.
  • Can't we just go the ultra-silly route and have the spyware companys make EULA's that claim that spyware manufacturer's are not allow to use, download, discuss or benchmark their spyware program without first getting written permission from the anti-spyware maker? This way, RetroCoder would be violating the EULA of the spyware detection developer by installing and discovering that the spyware detection program "finds" their spyware.

    Then we can build caged arena's where two men enter...one man leaves. Seem
  • You can't force something on someone unbeknownst to them and then outlaw any possibility they may have to find out about it. Someone banning spyware would be harming ALL the OTHER software on the machine. They can't legally do that. They're not the government.
    • put in yourEULA that if you are employed by a company that writes anti-spyware software you are not allowed to install, use or examine this product.

      • You could put in your EULA that the customer has to give you his daughter's hand in marriage too. EULAs are not valid if they break the law. And requiring someone to harm themselves is breaking the law.
  • That farking malware needs to have no protection based on its EULA. Just re-did a XP install because the user had forgotten to turn on the firewall on their sp1. Result: slowdowns, popups,autorun programs; re-formatting and firewall fixed it. And those ##$*@ are just waiting on the internet ready to pounce on new installs w/o firewall enabled. And that's just the stuff you didn't want. These days, ANY program installed could set off some security risk (see SONY) [slashdot.org] so the spyware and virus protection folks n
  • by darkonc ( 47285 ) <stephen_samuel&bcgreen,com> on Tuesday November 15, 2005 @10:26AM (#14034796) Homepage Journal
    If someone else installed the keylogger on my computer I haven't signed or read the EULA. When I find this 'unwanted gift', I'm free to forward it on to an anti-virus company after (or as part of the process of) removing it from my computer.

    In other words, I think that RetroCoder is going to have to prove that the people on who'se computers this stuff is running have seen the EULA. Then, of course there's the fact that RetroCoder is engaged in contributory violation of people's privacy, which means that they're coming to court with 'Unclean Hands".

    Of course Retro Coder could avoid this condrom if they always make sure that, whenever the progam starts up, it displays the EULA, notifying a 'user' that the software is running, how they can identify it (so that they can avoid 'infringement'), and automatically (and safely) removing itself from the computer it the end-user does not accept the EULA....

    Under any other conditions, I'd say that it's Retro that would be toast in court.

  • by Master of Transhuman ( 597628 ) on Tuesday November 15, 2005 @11:01AM (#14035175) Homepage
    Copyright and other IP law is an attempt to extend the principle of contract over the more basic principle of property.

    It's nothing but coercion masquerading as "agreement". That's why it's frequently hidden in EULAs and other "contracts" that nobody is likely to read and which depend on "opt-out" rather than "opt-in" such as actually having to sign a real contract and exchange value.
  • by meisenst ( 104896 ) on Tuesday November 15, 2005 @01:15PM (#14036448) Homepage
    ... to be an anti-spyware software publisher.

    Now, will they be in violation of their own EULA when their junk ends up on any PC that I use through no fault of my own? I certainly won't ask for their software to be installed of my own free will, but that is not how their model works, now is it?

    So, if we all sign on as developers of a FOSS anti-spyware project, are we all effectively protected from these people, as it is against their EULA for their software to be pushed to us? And who gets in trouble, us, or the operators of the sites that are responsible for feeding us this garbage?
  • "If you do produce a program that will affect this softwares ability to perform its function then you may have to prove in criminal court that you have not infringed this warning. Infringement of a copyright licence is a criminal offence," RetroCoder's End User Licensing Agreement (EULA) states.

    IANAEB (I am not an English Barrister), and I admit I have no idea how things work in that part of the world. In the U.S. civilians can't bring criminal actions, only a prosecuting attorney (e.g., District Attorney,

The Tao is like a glob pattern: used but never used up. It is like the extern void: filled with infinite possibilities.

Working...