Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Software Government The Courts Your Rights Online News

Software Customer Bill of Rights 293

Posted by michael
from the we-the-people dept.
Cem Kaner of Badsoftware.com has written up a Software Customer Bill of Rights. Very appropriate considering our recent stories about Microsoft viruses, Dell's BIOS-clickwrap licensing agreement, etc.
This discussion has been archived. No new comments can be posted.

Software Customer Bill of Rights

Comments Filter:
  • Sorry.... (Score:4, Insightful)

    by Anonymous Coward on Sunday August 31, 2003 @02:25PM (#6839922)
    But this is America. Consumer rights are secondary to business rights...
  • Wishful thinking (Score:1, Insightful)

    by kevin_conaway (585204) on Sunday August 31, 2003 @02:25PM (#6839926) Homepage
    Nice thought but no one would ever adhere to these 'rights'. Its not profitable for commercial software vendors and open source vendors usually dont care or are too lazy to invest time and resources into making sure that these 'rights' are followed.
  • by Anonymous Coward on Sunday August 31, 2003 @02:26PM (#6839931)
    sad but true
  • Interesting... (Score:5, Insightful)

    by mgcsinc (681597) on Sunday August 31, 2003 @02:31PM (#6839958)
    "1. Let the customer see the contract before the sale. It should be easy for customers of mass-market software products and computer information contracts to compare the contract terms for a product..." It would be interesting to see how the court opinions which make this right one of the few listed which are already enforcable would serve as precident in relation to the new agreements imposed by microsoft as one installs mission-critical updates. Would drastic changes to EULA's made by Microsoft in software updates which are all but absolutly essential for the wellbeing of your data, etc, be court enforcable? Probably not...
  • It's about time.. (Score:2, Insightful)

    by sekzscripting (687192) * on Sunday August 31, 2003 @02:32PM (#6839965) Homepage
    This is a really well written, thought out, piece of work. But the only flaw I see is: 4. User has right to see and approve all transfers of information from her computer. (Basically says end-user should see un-encrypted version of what is being sent) If this law would be to put into use, we would have more of a problem with people stealing credit cards. I agree with what they are trying to do, but this looks like (to me) as if it's going to promote exploits.
  • Utopia (Score:5, Insightful)

    by Rosco P. Coltrane (209368) on Sunday August 31, 2003 @02:33PM (#6839974)
    Nice piece. Very nice, and very never going to happen. At least as long as opponents are large corps with armies of slick lawyers and proponents the EFF, RMS and a few computer-educated consumers.

    Remember, most computer users still think software crashes and glitches are part of life with a computer, that viruses and worms are the work of evil pirates and that Microsoft is the victim, not the cause, etc ...

    In short: it'll never happen. Move along ...
  • by Anonymous Coward on Sunday August 31, 2003 @02:40PM (#6840011)
    There should be no changing the contract terms in order to get bug fixes. (And no bundling bug fixes with new features to get around this provision.)
  • by Overly Critical Guy (663429) on Sunday August 31, 2003 @02:41PM (#6840019)
    Oh, you mean that one that was patched a whole month before? Or are you talking about that e-mail attachment virus, the one for which you apparently expect Bill Gates to show up at people's houses telling them not to run the attachment?

    How is it Microsoft's fault if users run the attachment? Is it Linus Torvalds' fault when there's a sendmail hole? Is that suddenly a "Linux hole?"

    Just curious.
  • by focitrixilous P (690813) on Sunday August 31, 2003 @02:41PM (#6840024) Journal
    5. A software vendor may not block customer from accessing his own data without court approval.

    But the software is intended to allow the user to see what Microsoft wants them to see. Encouraging users to see all their own data is circumventing the grand Microsoft plan of Digital Domination. I demand the site is removed from all search engines.
  • They forgot one (Score:4, Insightful)

    by stwrtpj (518864) <p.stewart@NOSpaM.comcast.net> on Sunday August 31, 2003 @02:44PM (#6840034) Journal

    IMHO, there's one the omitted from the list:

    11. The user shall have the right to view the source code on demand.

    If I am running your software on my computer, I have the right to see what exactly it is doing. In 99% of the cases, I would not exercise this right, if I believe that the software is doing what it is supposed to do and I have no suspicions that it is doing something funny. I have a Red Hat Linux system but don't have most of the source code RPMs installed, or the full Linux kernel source installed. It's good enough for me to know that I can acquire it on demand.

    And before I get flamed for sound like a clone of RMS, realize that seeing the source code is not necessarily the same as modifying and redistributing it. All Free Software is Open Source, but not all Open Source is Free Software. I would, however, object to having to sign NDAs to see source. You can tell me not to redistribute your source and I will abide by that, as that is simply following existing copyright law, but I would not accept a blanket gag order to not discuss the source at all.

    Of course, this will probably never happen, but its a nice thought, anyway.

  • by ctwxman (589366) <me@@@geofffox...com> on Sunday August 31, 2003 @02:46PM (#6840046) Homepage
    As long as software publishers can get an ear from congressmen and senators that I can't get... and can deliver cash for elections that I can't... they'll get benefits that I can't.
  • Re:Sorry.... (Score:2, Insightful)

    by s20451 (410424) on Sunday August 31, 2003 @02:47PM (#6840054) Journal
    But this is America. Consumer rights are secondary to business rights... ... and making things better is secondary to making smug, cynical statements.
  • fggf (Score:2, Insightful)

    by ascalon (683759) on Sunday August 31, 2003 @02:49PM (#6840067) Homepage
    Some guy posts his thoughts about how the software industry should run on his blog and it makes the front page. What happened to the "stuff that matters" clause? This isn't going to change anything.
  • by -tji (139690) on Sunday August 31, 2003 @02:51PM (#6840076) Journal
    The software and service licensing has become ridiculous over the last few years. They create these huge legalese documents, and imply agreement to them by opening a package or using a service. And, try returning a piece of software if you don't agree to the license, good luck.

    While these agreements become more complex and onerous, the people creating them have taken on no responsibilities to clarify the licenses, explain the reqstrictions, etc.

    If the companies are allowed to use these licenses, they should be required to have an independent citizens rights group translate/rate the license to compare it to accepted norms of how restrictive the licenses are. Rather than expecting each person to read the complete license, or have their lawyer interpret it for them; it should be analyzed by a professional and summarized in simple language. It should also carry ratings on a few key points, like how much it tries to limit product usage, resale, reverse engineering.. and, related areas like privacy protection by the company.
  • by CGP314 (672613) <.ten.remlaPyrogerGniloC. .ta. .PGC.> on Sunday August 31, 2003 @02:56PM (#6840091) Homepage
    When has any product ever "lived" up to the marketing claims? If I expected everything I bought to live up to their claims, I'd be dissapointed with every bar of soap, every beer, and every Big Mac.

    And that's not the way it should be. An ad shouldn't be able to tell me that a product is something when it's not. It is not my job to guess about what parts are lies.
  • by Riskable (19437) <YouKnowWho@YouKnowWhat.com> on Sunday August 31, 2003 @02:59PM (#6840115) Homepage Journal
    Well, a bar of soap leaving you "clean and fresh" is something of an opinion. A piece of software that claims to work on Windows XP, but does not is a different story.

    I've seen several boxed applications that have claims on the box that are simply not true... And I'm not talking about a game claiming to be able run on a 500MHz system.

    I can name a number of MMORPGs that had big fat claims on their boxes/websites for features that were not (yet) in the games at launch. Hell, some of these games didn't even RUN after launch... With no refunds.

    The section that you refer to is probably directed at things like that.
  • You know.. (Score:5, Insightful)

    by mindstrm (20013) on Sunday August 31, 2003 @03:01PM (#6840124)
    I went to read this article thinking I would probably end up posting and saying that the US is too litigous, that it's dumb to have agreement upon agreement, even on the side of good, and that it was probably just a bunch of whiny rights.

    What I found, though, was a simple, precise set of terms that are wholly agreeable. Nothing in that document is the least bit complicated or overbroad.

    Let us see the contracts before we have to agree to them. Don't take away rights we already have, like criticism and reverse engineering, and first sale. If you know about serious bugs, tell us. Don't lie about what the product does.

    That's pretty straightforward, and should not be the least bit damaging to anyone selling decent software.
  • by dvdeug (5033) <[dvdeug] [at] [email.ro]> on Sunday August 31, 2003 @03:08PM (#6840155)
    Companies have a right to sell software and to ban people from reverse engineering it.

    Why? If I buy a car, I can dig around under the hood to my heart's content. If I buy a book, I can study the writing style. Why should software be any different, especially given that software interacts with other programs on my computer, and other systems on the net, in ways that can be important to know but are easily hidden from the use.
  • by mindstrm (20013) on Sunday August 31, 2003 @03:12PM (#6840169)
    Marketing is not what we are talking about.

    Living up to the claims means that when we go in the store, and the package actually says "Imports all microsoft office formats", and it turns out that is false... that they have to take it back, no questions asked. It's a false sale.

    The reason this needs to be stated is that, although you have this protection with physical products, the license-ish nature of software has allowed some vendors to claim that you have no recourse, even though they lied.

    It's not the same thing as false advertising... more like sale under false pretenses.

  • by Sigma 7 (266129) on Sunday August 31, 2003 @03:18PM (#6840201)
    Nice thought but no one would ever adhere to these 'rights'. Its not profitable for commercial software vendors and open source vendors usually dont care or are too lazy to invest time and resources into making sure that these 'rights' are followed.
    Are you sure?

    Following rule 1 is mandatory if you are including non-standard terms. GPL doesn't apply, as it is an optional component.

    Following rule 2 is mandatory to a limited extent. While everyone should be aware of a defect, information on how to exploit it doesn't need to be revealed. Take a look at how Microsoft handles it right now - they have a dedicated Knowledge Base containing almost every "issue" with their produces.

    Following rule 3 is mandatory. Failing to obey it is equal to false advertising - also known as lawsuit bait. Take "The Sims Online" as an example: nobody has filed a lawsuit, but it is considered a high risk for the publisher...

    Following rule 4 is also mandatory, but is excusable in some cases. For example, Half-Life sends the CD-key to a central server which prevents piracy, but that's it.

    Following rule 7 is mandatory, period. In most countries, judges would consider this term appearing in a boilerplate contract to be increadibly ludacrous and unenforcable (unless the publisher gives the customer money or something else in exchange...)

    Out of the l0 rules posted in the link, the manufaturer is bound to honor five of them anyway. Of these five rules, the cost of following them is either neglegable, or lower than the cost of breaking them (loss through litigation, loss of opportunity sales, or loss from returned products.)

    The remaining five rules are optional as they can vary from country to country. But just like the mandatory rules shown above, it would cost more for the publisher to break these rules than to obey them.
  • by Eric Ass Raymond (662593) on Sunday August 31, 2003 @03:19PM (#6840203) Journal
    I fully agree with you.

    I've been trying to make this point here before but open source, linux in particular, is a religion here. You'll always get moderated down.

    These zealots like to point out that linux is almost devoid of remote holes, viruses or worms. What they fail to realize is that if linux had the same market share as Windows, all the goddamn script-kiddies and black hats would concentrate on linux instead of the MS Windows. And given the errata of the most popular linux distros, they'd have a field day!

  • by Telex4 (265980) on Sunday August 31, 2003 @03:19PM (#6840205) Homepage
    I just think you're interpreting the statement too literally...

    4. User has right to see and approve all transfers of information from her computer

    In the credit card case, you are talking about repetition of a single information transfer, which you will have seen the first time it is sent. If needs be, have an MD5SUM of each transfer so you can be sure it is the same.

    There will always be a point between your saying "send it" and the data being sent where the computer could craftily do something to the information, and the only way to be certain about that is to view the source code.

    Therefore I think you either have to conclude that this rule is crazy and useless, or that given the correct interpretation and some clever wording in the legal documents it is a very sensible rule.
  • by n.wegner (613340) on Sunday August 31, 2003 @03:20PM (#6840213)
    I think that if anyone could take apart a car that a company spends 1000's of hours designing, then what would stop people from making a similar car? It would be too easy to steal designs/ideas from companies which spend millions of dollars coming up with them.

    How do you think Ford ever got competition from the likes of GM, VW, Kia, etc.? How do you think Ford started making cars?

    I think they can patent some ideas, based on non-obviousness and the rest of patent law, but when it comes down to it, Ford still buys all the newest GM models and takes them apart, just like everyone else.

    US patent and copyright law was created to expand the public domain. To do this, it gives an incentive to people for inventing (patents) or creating (copyrights). If you ever stop people from learning how to invent or create, by stopping them from taking apart and investigating the products of others, then you are acting against the intent of the constitution.
  • by Anonymous Coward on Sunday August 31, 2003 @03:22PM (#6840221)
    what would stop people from using parts of that software in their own programs?

    Copyright law?

    too easy to steal code/ideas

    "Ideas" get exactly zero legal protection, and rightly so. Only actual code requires any protection, and that is already covered by copyright. And frankly, given that software defects cost us $60 billion a year in damages, they should be grateful we even give them that much.

    From a purely practical standpoint, how exactly do no-reverse-engineering clauses help companies anyway? It's not like they can monitor every user 24/7 to make sure they aren't studying the product's operation. If someone publishes a similar program, they can study it for potential copyright violations. If they can't find any evidence of copied code, well too bad. Having multiple products that do the same thing is the same sort of competition that all other industries have to live with.

  • Re:The other side (Score:3, Insightful)

    by Wesley Felter (138342) <wesley@felter.org> on Sunday August 31, 2003 @03:29PM (#6840259) Homepage
    In that case it will never work. If every piece of software can be run on N computers then businesses will buy 1/Nth as many copies, software companies will increase the price by a factor of N, and then home users won't be able to afford it. If you try to solve it by making a distinction among fields of use (home vs. business users) then I think you've just replaced one problem with another one.
  • by goon america (536413) on Sunday August 31, 2003 @03:34PM (#6840288) Homepage Journal
    I think what you really have in mind is Let software be installed on multiple machines by the same person. Let ownership be tied to the human being and not the computer. It actually makes a lot of sense, if you think about it.
  • by taaminator (185731) on Sunday August 31, 2003 @03:41PM (#6840324)
    I suggest that he add:

    Source code and documentation will be placed and maintained [updated] in bonded escrow.

    If the software product or hardware product reaches end of life and the current company does not develop a follow-on product with corresponding upgrade offer to registered customers, then the source code [software and firmware and documentation in digital format] will be sent to registered software and hardware customers, and, the source code will declared open source and offered to all via internet. If the initial development company is sold, source code will be offered and sent, if requested, to registered software and hardware owners. If the initial development company ceases to exist, source code will be sent to registered software and hardware owners, and, the source code will be declared open source and offered to all via internet. If an operating system integer upgrade [v1.X -> v2.X] requires the user to purchase new operating system software or hardware, then the source code will be offered to registered customers.

    Failure to make source code available when a product reaches end of life or other conditions listed above will result in the top five officers of the initial development company (and the top five of the purchasing company, if a company purchase is involved) [CEO, COO, CIO, CFO, etc] being fined no less than $1,000,000 each, not payable by insurance company or current company; and will result in their forfeiture of all of the monies the executives received from their respective companies; and, will result in their receiving three years in prison without possibility of parole.
  • Re:Sorry.... (Score:5, Insightful)

    by ergo98 (9391) on Sunday August 31, 2003 @04:11PM (#6840524) Homepage Journal
    This is also the America where consumers can ignore all of the information [mcdonalds.com] pummelled [thetruth.com] into [scrippshealth.org] them, make poor consumer choices, but then amazingly they can turn around and profess a child-like ignorance, actually suing [bbc.co.uk] because they should be protected from their own poor judgement [salon.com].

    Quality and security of software is a market feature, and if the public ignores the continual security lapses of some particularly popular software, for instance, and if they accept that there will be X crashes per week, then so be it: The marketplace has spoken. We don't need anyone protecting us from ourselves, and feigning ignorance after the fact is incredibly weak.
  • by mdwh2 (535323) on Sunday August 31, 2003 @04:45PM (#6840706) Journal

    If you don't like how a software product is marketed or how the EULA works, THEN DON'T BUY THE PRODUCT. Buy from a competitor, download open source software. You do have choices people.

    And how do I make that choice if the EULA is only presented after I've bought it?

  • by B'Trey (111263) on Sunday August 31, 2003 @04:54PM (#6840769)
    There is a difference in a statement of fact and an expression of opinion. If Acme Autos advertises that it's Super Spiffy model will do 0 to 60 in under 5 seconds, it had better do it. However, if they claim that the Super Spiffy model will make you super cool, that isn't an objective statement of fact. Ad companies are extremely careful to ensure that all statements of fact are accurate. They'll imply and insinuate all sorts of things, many of which are of dubious truth value. But statements of fact must be true or the manufacturer is liable.

    The same should be true of software. AOL can say that their software helps protect your children from inappropriate content, but they should not be able to say that it prevents your children form viewing inappropriate content. Such subtleties are everything in a court of law.
  • by Anonymous Coward on Sunday August 31, 2003 @06:37PM (#6841254)
    If Linux had the same market share as Windows does now it still wouldn't be as targeted as Windows is. Why? People just don't hate Linux like they do Windows, so while script-kiddies and black hats might pay more attention to Linux than they do now, it still wouldn't be as inviting and easy of a target as Windows is.

    Linux distros have also proven that they can and will improve their security faster than Microsoft. Microsoft is such a big problem because not only do they have a lot of holes, they are slow to fix things. Microsoft also sells their products on the 'any idiot can install/use it' premise, while Linux still requires people to learn a little more, so they are less likely to do stupid things.

    But frankly, we'd all be better off if NO single OS had the kind of market share that Windows does. The current software mono-culture is just not healthy. If Windows only had say, a 30 or 35% market share, Linux had 25 or 30% and MacOS had say 25 or 30% and the rest was split up amongst a few smaller players, then it would be much more difficult for a single virus/worm to wreak the kind of havoc that a Windows virus/worm does today. Given the much higher difficulty to achieve a lot of notoriety, its far less likely that as many people would bother.

  • by bucketman (120935) <ewillis&esande,com> on Sunday August 31, 2003 @09:20PM (#6842037) Homepage
    It's not exactly controversial to take this stand. The biggest argument against these initiatives that I can think of is that I don't believe that methods of delivering complex systems at a precisly characterized state of high quality are actually *known*. We're not really that far along as an engineering discipline.
  • by rifter (147452) on Monday September 01, 2003 @01:23AM (#6842959) Homepage

    Yeah, it's fashionable to want to sue Bill, but what if some guy creates some virus that brings a Linux system down to it's knees? Who do we sue? Linus? OSDL? Or will there be a double standard? Remember, if Bill gets to be sued, be prepared for your favorite OSS house to be liable as well. Otherwise it's just sheer hypocrisy to target MS. And remember, MS is made of of coders who went to the same schools as you. Contrary to OSS opinion, Bill does not write every single line of code in the products nowadays.

    The difference with Free Software like Linux is that the source code is available. When you run Free Software you have just done exactly what the guy building XP over in Redmond does. So to a certain extent, you are just as responsible for the quality of the software.

    Even if you don't go with that, the fact of the matter is that with Microsoft software you have no idea what you are getting and if there is something wrong, a security hole, something not working, etc. you are completely at Microsoft's mercy. But with Free Software you can change the software and it is not up to Linus to stop you.

    Case in point would be the fights over preemptability, vm, and scheduling in the Linux kernel. Several people did not like the way it worked. They could see how it worked because they saw the source as well as the result on their machines. For some applications the Linux kernel just was not delivering; it was not suitable for their purpose.

    But people disagreed on the right way to go, and Linus was not ready to choose. So people went off and wrote their own patches and distributed them and people used them. Now many of these enhancements are part of the 2.6 kernel.
    p.By contrast, if you use Microsoft products and dislike the way they are designed, you are faced with an all-or-nothing situation. You can use them or not. There are vulnerabilities which Microsoft refuses to fix because they would have to rethink their design. This is not a problem with Free Software.

  • by mdwh2 (535323) on Monday September 01, 2003 @09:02AM (#6844215) Journal

    don't buy the product if you don't get to see the EULA until after you buy the product, dunce.

    Last time I looked, most software packages don't have "There's a EULA in here, but we're not going to tell you what it is" written on the outside.

    What happens when I buy a product and then find a hidden EULA, dunce?

  • Re:Sorry.... (Score:3, Insightful)

    by DickBreath (207180) on Monday September 01, 2003 @09:25AM (#6844310) Homepage
    consumers can ignore all of the information pummelled into them, make poor consumer choices, but then amazingly they can turn around and profess a child-like ignorance,

    It is all the corporation's fault. Let me illustrate with a seemingly unrelated story.

    I was flying home after a long day. In the airport. Tired. Plenty of time before my flight. Grab a bite to eat at a fast food joint. Then I need to visit a restroom. I start looking around for one. Finally, I ask a nearby employee where is the nearest restroom. She kindly points me to one very close nearby, and a sign even closer.

    I briefly converse with her. You must get asked this question a hundred times per day? "Yes, I do."

    I looked around at the surroundings wondering how I had missed such a large and obvious sign?

    Then it hit me. The "visual noise" in the environment. Everywhere I looked there were electrically backlit signs in extremely bright colors just screaming at me for my attention. Buy this. Buy that. Consume. Spend money for free! Etc. In this environment, any signs with actual useful content were visually drowned out in the noise.

    But you're right. It's all those stupid consumer's fault for not being informed with useful information. The corporations have no part in what it. The solution is "so simple, no wonder it's number one!"

I've never been canoeing before, but I imagine there must be just a few simple heuristics you have to remember... Yes, don't fall out, and don't hit rocks.

Working...