Software Customer Bill of Rights 293
Cem Kaner of Badsoftware.com has written up a Software Customer Bill of Rights. Very appropriate considering our recent stories about Microsoft viruses, Dell's BIOS-clickwrap licensing agreement, etc.
Sorry.... (Score:4, Insightful)
Wishful thinking (Score:1, Insightful)
customer has no rights (Score:1, Insightful)
Interesting... (Score:5, Insightful)
It's about time.. (Score:2, Insightful)
Utopia (Score:5, Insightful)
Remember, most computer users still think software crashes and glitches are part of life with a computer, that viruses and worms are the work of evil pirates and that Microsoft is the victim, not the cause, etc
In short: it'll never happen. Move along
Missed an important right (Score:1, Insightful)
What "Microsoft viruses?" (Score:4, Insightful)
How is it Microsoft's fault if users run the attachment? Is it Linus Torvalds' fault when there's a sendmail hole? Is that suddenly a "Linux hole?"
Just curious.
This is a DMCA violation! (Score:2, Insightful)
But the software is intended to allow the user to see what Microsoft wants them to see. Encouraging users to see all their own data is circumventing the grand Microsoft plan of Digital Domination. I demand the site is removed from all search engines.
They forgot one (Score:4, Insightful)
IMHO, there's one the omitted from the list:
11. The user shall have the right to view the source code on demand.
If I am running your software on my computer, I have the right to see what exactly it is doing. In 99% of the cases, I would not exercise this right, if I believe that the software is doing what it is supposed to do and I have no suspicions that it is doing something funny. I have a Red Hat Linux system but don't have most of the source code RPMs installed, or the full Linux kernel source installed. It's good enough for me to know that I can acquire it on demand.
And before I get flamed for sound like a clone of RMS, realize that seeing the source code is not necessarily the same as modifying and redistributing it. All Free Software is Open Source, but not all Open Source is Free Software. I would, however, object to having to sign NDAs to see source. You can tell me not to redistribute your source and I will abide by that, as that is simply following existing copyright law, but I would not accept a blanket gag order to not discuss the source at all.
Of course, this will probably never happen, but its a nice thought, anyway.
Without sounding like a 60's radical (Score:4, Insightful)
Re:Sorry.... (Score:2, Insightful)
fggf (Score:2, Insightful)
They take all the rights, with no responsibilities (Score:5, Insightful)
While these agreements become more complex and onerous, the people creating them have taken on no responsibilities to clarify the licenses, explain the reqstrictions, etc.
If the companies are allowed to use these licenses, they should be required to have an independent citizens rights group translate/rate the license to compare it to accepted norms of how restrictive the licenses are. Rather than expecting each person to read the complete license, or have their lawyer interpret it for them; it should be analyzed by a professional and summarized in simple language. It should also carry ratings on a few key points, like how much it tries to limit product usage, resale, reverse engineering.. and, related areas like privacy protection by the company.
Re:Live up to marketing???? (Score:5, Insightful)
And that's not the way it should be. An ad shouldn't be able to tell me that a product is something when it's not. It is not my job to guess about what parts are lies.
Re:Live up to marketing???? (Score:5, Insightful)
I've seen several boxed applications that have claims on the box that are simply not true... And I'm not talking about a game claiming to be able run on a 500MHz system.
I can name a number of MMORPGs that had big fat claims on their boxes/websites for features that were not (yet) in the games at launch. Hell, some of these games didn't even RUN after launch... With no refunds.
The section that you refer to is probably directed at things like that.
You know.. (Score:5, Insightful)
What I found, though, was a simple, precise set of terms that are wholly agreeable. Nothing in that document is the least bit complicated or overbroad.
Let us see the contracts before we have to agree to them. Don't take away rights we already have, like criticism and reverse engineering, and first sale. If you know about serious bugs, tell us. Don't lie about what the product does.
That's pretty straightforward, and should not be the least bit damaging to anyone selling decent software.
Re:I agree with most of it... (Score:5, Insightful)
Why? If I buy a car, I can dig around under the hood to my heart's content. If I buy a book, I can study the writing style. Why should software be any different, especially given that software interacts with other programs on my computer, and other systems on the net, in ways that can be important to know but are easily hidden from the use.
Re:Live up to marketing???? (Score:4, Insightful)
Living up to the claims means that when we go in the store, and the package actually says "Imports all microsoft office formats", and it turns out that is false... that they have to take it back, no questions asked. It's a false sale.
The reason this needs to be stated is that, although you have this protection with physical products, the license-ish nature of software has allowed some vendors to claim that you have no recourse, even though they lied.
It's not the same thing as false advertising... more like sale under false pretenses.
Re:Wishful thinking (Score:2, Insightful)
Following rule 1 is mandatory if you are including non-standard terms. GPL doesn't apply, as it is an optional component.
Following rule 2 is mandatory to a limited extent. While everyone should be aware of a defect, information on how to exploit it doesn't need to be revealed. Take a look at how Microsoft handles it right now - they have a dedicated Knowledge Base containing almost every "issue" with their produces.
Following rule 3 is mandatory. Failing to obey it is equal to false advertising - also known as lawsuit bait. Take "The Sims Online" as an example: nobody has filed a lawsuit, but it is considered a high risk for the publisher...
Following rule 4 is also mandatory, but is excusable in some cases. For example, Half-Life sends the CD-key to a central server which prevents piracy, but that's it.
Following rule 7 is mandatory, period. In most countries, judges would consider this term appearing in a boilerplate contract to be increadibly ludacrous and unenforcable (unless the publisher gives the customer money or something else in exchange...)
Out of the l0 rules posted in the link, the manufaturer is bound to honor five of them anyway. Of these five rules, the cost of following them is either neglegable, or lower than the cost of breaking them (loss through litigation, loss of opportunity sales, or loss from returned products.)
The remaining five rules are optional as they can vary from country to country. But just like the mandatory rules shown above, it would cost more for the publisher to break these rules than to obey them.
Re:What about when Linux fails? (Score:1, Insightful)
I've been trying to make this point here before but open source, linux in particular, is a religion here. You'll always get moderated down.
These zealots like to point out that linux is almost devoid of remote holes, viruses or worms. What they fail to realize is that if linux had the same market share as Windows, all the goddamn script-kiddies and black hats would concentrate on linux instead of the MS Windows. And given the errata of the most popular linux distros, they'd have a field day!
Re:It's about time.. (Score:3, Insightful)
4. User has right to see and approve all transfers of information from her computer
In the credit card case, you are talking about repetition of a single information transfer, which you will have seen the first time it is sent. If needs be, have an MD5SUM of each transfer so you can be sure it is the same.
There will always be a point between your saying "send it" and the data being sent where the computer could craftily do something to the information, and the only way to be certain about that is to view the source code.
Therefore I think you either have to conclude that this rule is crazy and useless, or that given the correct interpretation and some clever wording in the legal documents it is a very sensible rule.
Re:I agree with most of it... (Score:4, Insightful)
How do you think Ford ever got competition from the likes of GM, VW, Kia, etc.? How do you think Ford started making cars?
I think they can patent some ideas, based on non-obviousness and the rest of patent law, but when it comes down to it, Ford still buys all the newest GM models and takes them apart, just like everyone else.
US patent and copyright law was created to expand the public domain. To do this, it gives an incentive to people for inventing (patents) or creating (copyrights). If you ever stop people from learning how to invent or create, by stopping them from taking apart and investigating the products of others, then you are acting against the intent of the constitution.
Re:I agree with most of it... (Score:3, Insightful)
Copyright law?
"Ideas" get exactly zero legal protection, and rightly so. Only actual code requires any protection, and that is already covered by copyright. And frankly, given that software defects cost us $60 billion a year in damages, they should be grateful we even give them that much.
From a purely practical standpoint, how exactly do no-reverse-engineering clauses help companies anyway? It's not like they can monitor every user 24/7 to make sure they aren't studying the product's operation. If someone publishes a similar program, they can study it for potential copyright violations. If they can't find any evidence of copied code, well too bad. Having multiple products that do the same thing is the same sort of competition that all other industries have to live with.
Re:The other side (Score:3, Insightful)
Re:Awesome, but they missed a big one. (Score:5, Insightful)
Source code will be placed in bonded escrow (Score:4, Insightful)
Source code and documentation will be placed and maintained [updated] in bonded escrow.
If the software product or hardware product reaches end of life and the current company does not develop a follow-on product with corresponding upgrade offer to registered customers, then the source code [software and firmware and documentation in digital format] will be sent to registered software and hardware customers, and, the source code will declared open source and offered to all via internet. If the initial development company is sold, source code will be offered and sent, if requested, to registered software and hardware owners. If the initial development company ceases to exist, source code will be sent to registered software and hardware owners, and, the source code will be declared open source and offered to all via internet. If an operating system integer upgrade [v1.X -> v2.X] requires the user to purchase new operating system software or hardware, then the source code will be offered to registered customers.
Failure to make source code available when a product reaches end of life or other conditions listed above will result in the top five officers of the initial development company (and the top five of the purchasing company, if a company purchase is involved) [CEO, COO, CIO, CFO, etc] being fined no less than $1,000,000 each, not payable by insurance company or current company; and will result in their forfeiture of all of the monies the executives received from their respective companies; and, will result in their receiving three years in prison without possibility of parole.
Re:Sorry.... (Score:5, Insightful)
Quality and security of software is a market feature, and if the public ignores the continual security lapses of some particularly popular software, for instance, and if they accept that there will be X crashes per week, then so be it: The marketplace has spoken. We don't need anyone protecting us from ourselves, and feigning ignorance after the fact is incredibly weak.
Re:Simple Solution... (Score:2, Insightful)
If you don't like how a software product is marketed or how the EULA works, THEN DON'T BUY THE PRODUCT. Buy from a competitor, download open source software. You do have choices people.
And how do I make that choice if the EULA is only presented after I've bought it?
Re:Live up to marketing???? (Score:5, Insightful)
The same should be true of software. AOL can say that their software helps protect your children from inappropriate content, but they should not be able to say that it prevents your children form viewing inappropriate content. Such subtleties are everything in a court of law.
Re:What about when Linux fails? (Score:1, Insightful)
Linux distros have also proven that they can and will improve their security faster than Microsoft. Microsoft is such a big problem because not only do they have a lot of holes, they are slow to fix things. Microsoft also sells their products on the 'any idiot can install/use it' premise, while Linux still requires people to learn a little more, so they are less likely to do stupid things.
But frankly, we'd all be better off if NO single OS had the kind of market share that Windows does. The current software mono-culture is just not healthy. If Windows only had say, a 30 or 35% market share, Linux had 25 or 30% and MacOS had say 25 or 30% and the rest was split up amongst a few smaller players, then it would be much more difficult for a single virus/worm to wreak the kind of havoc that a Windows virus/worm does today. Given the much higher difficulty to achieve a lot of notoriety, its far less likely that as many people would bother.
Easy to point fingers ... (Score:2, Insightful)
Re:What about when Linux fails? (Score:3, Insightful)
Yeah, it's fashionable to want to sue Bill, but what if some guy creates some virus that brings a Linux system down to it's knees? Who do we sue? Linus? OSDL? Or will there be a double standard? Remember, if Bill gets to be sued, be prepared for your favorite OSS house to be liable as well. Otherwise it's just sheer hypocrisy to target MS. And remember, MS is made of of coders who went to the same schools as you. Contrary to OSS opinion, Bill does not write every single line of code in the products nowadays.
The difference with Free Software like Linux is that the source code is available. When you run Free Software you have just done exactly what the guy building XP over in Redmond does. So to a certain extent, you are just as responsible for the quality of the software.
Even if you don't go with that, the fact of the matter is that with Microsoft software you have no idea what you are getting and if there is something wrong, a security hole, something not working, etc. you are completely at Microsoft's mercy. But with Free Software you can change the software and it is not up to Linus to stop you.
Case in point would be the fights over preemptability, vm, and scheduling in the Linux kernel. Several people did not like the way it worked. They could see how it worked because they saw the source as well as the result on their machines. For some applications the Linux kernel just was not delivering; it was not suitable for their purpose.
But people disagreed on the right way to go, and Linus was not ready to choose. So people went off and wrote their own patches and distributed them and people used them. Now many of these enhancements are part of the 2.6 kernel.
p.By contrast, if you use Microsoft products and dislike the way they are designed, you are faced with an all-or-nothing situation. You can use them or not. There are vulnerabilities which Microsoft refuses to fix because they would have to rethink their design. This is not a problem with Free Software.
Re:Simple Solution... (Score:2, Insightful)
don't buy the product if you don't get to see the EULA until after you buy the product, dunce.
Last time I looked, most software packages don't have "There's a EULA in here, but we're not going to tell you what it is" written on the outside.
What happens when I buy a product and then find a hidden EULA, dunce?
Re:Sorry.... (Score:3, Insightful)
It is all the corporation's fault. Let me illustrate with a seemingly unrelated story.
I was flying home after a long day. In the airport. Tired. Plenty of time before my flight. Grab a bite to eat at a fast food joint. Then I need to visit a restroom. I start looking around for one. Finally, I ask a nearby employee where is the nearest restroom. She kindly points me to one very close nearby, and a sign even closer.
I briefly converse with her. You must get asked this question a hundred times per day? "Yes, I do."
I looked around at the surroundings wondering how I had missed such a large and obvious sign?
Then it hit me. The "visual noise" in the environment. Everywhere I looked there were electrically backlit signs in extremely bright colors just screaming at me for my attention. Buy this. Buy that. Consume. Spend money for free! Etc. In this environment, any signs with actual useful content were visually drowned out in the noise.
But you're right. It's all those stupid consumer's fault for not being informed with useful information. The corporations have no part in what it. The solution is "so simple, no wonder it's number one!"