Can Malware Firms Use EULAs To Ban Security Firms From Stopping Spyware?
from the interesting-tactic dept
The maker of a keylogger program that is advertised as a way for parents to watch what their kids do online is threatening an anti-spyware maker for listing their product as potentially being spyware. There have been some lawsuits like this before, over the issue of whether or not the product actually is “spyware,” but this case is different in some important ways. Instead of quibbling over the definition being used, the keylogger maker, RetroCoder, says it put a note in its end user license agreement (EULA) saying that the program could not be used by anyone who creates “a program that will affect this software’s ability to perform its function.” In other words, they’re trying to get around the issue by saying anyone who might disable their software is forbidden from looking at their software, as per the license agreement. Just think of the can of worms that opens up, if allowed. Any malware writer would just have to put similar language into an EULA, and antispyware firms wouldn’t be able to do anything. Hell, Sony could do the same thing with their little rootkit. Hopefully, this case actually does go to court (though, you’d have to think the lawyers for RetroCoder would understand it’s a bad idea), because it would help define the limitations of these EULAs. There is already some precedent. Back in 2002, Network Associates was sued for putting language in their EULAs that banned any negative reviews of the product. The company lost that case, making it clear that you can’t put just anything into those agreements.
Comments on “Can Malware Firms Use EULAs To Ban Security Firms From Stopping Spyware?”
If I have their software installed and running and I write a program that computes something, hence using CPU cycles, and my program runs at the same time as theirs, I may be “affecting their software’s ability to perform its function”, for example, by changing subtle timing characterists on the machine and hence be in violation of the EULA….
Can Malware Firms Use EULAs To Ban Security Firm
Re: Can Malware Firms Use EULAs To Ban Security
No they can’t get away with it. Case in point, California’s law specifically prevents companies from attempting to back out of liability using EULAs as Sony is discovering.
The wording of a EULA cannot ever be allowed to supercede the word of law. If a court allowed such a thing it would set an extremely dangerous precident. Fortunately, legal documents with wording that’s supposed to let them bypass certain laws have been repeated defeated in the courts. No judge in his/her right mind would allow such a thing to happen.
No unless they wanted to be disbarred.
Sunbelt Software == spammers
This is fight between scumbags: Sunbelt Software
are well-known spammers; have been for years.
Interesting to compare this mess the world’s got into with the open-source definition sections 5,6,8,9… 🙂
“Retrocoder Limited has NOT threatened to sue Sunbelt – we are currently looking at what legal options we have to defend our product.”
“As you can see, at the moment it is just a warning to them to stop blacklisting the program. Our program is not a “trojan” or “virus”, it is used to keep a remote “eye” on your kids or employees. The user must have access to the users machine in order to install the client. Only the installer of the program can view the client machine. Our program does not attempt to bypass firewalls or other such protection.” – Retrocoder (Slashdot)
(Note that this is governed by UK law which made pretty much all breach-of-copyright a criminal offense about 2 years ago. I thought this was stupid and complained to my MP, but almost nobody else did.)
How about an Installed Software Licensing Agreemen
Installed Software, recognize that this is my hardware you are running on. By installing yourself on my hardware you agree to:
1) being monitored by whatever means the end user wishes to monitor you with, be it other software or additional hardware.
2) do not change my hardware nor more software, nor my settings for either hardware or software without notifying me, and allowing me to change those settings back at any time if they are changed.
3) being modified for any reason by the end user, up to and including complete removal from the hardware.
4) must give the end user a way of removing you completely from the end user hardware. This is a separate issue from #3.
5) Updates are at the option of the end user (Are you listening Google? Apple?)
There’s more I’m sure, but that’s what I’ve got at the top of my head.