Forgot your password?
typodupeerror
Government Software United States News

UCITA By the Back Door 174

Posted by kdawson
from the get-off-my-lawn-forcement dept.
InfoWorld's Gripelog airs a subject that should interest this community — involved as we were with efforts against UCITA back in the day. One main aim of the derailed UCITA initiative was to give software manufacturers and content owners a degree of control over users' computers. Gripelog's Ed Foster informs us that UCITA is sneaking back in, under the cover of an anti-spyware bill, S. 1625, now making its way through the US Senate. One clause in this draft bill would legalize what the BSA calls "electronic self help" — i.e., the ability for commercial entities to cripple or disable software or networks on your computer if they believe you are violating their property rights.
This discussion has been archived. No new comments can be posted.

UCITA By the Back Door

Comments Filter:
  • by roc97007 (608802) on Monday June 16, 2008 @07:38PM (#23816891) Journal

    "(10) detection or prevention of the unauthorized use of software fraudulent or other illegal activities."

    When I hear of something like this, the first thing that occurs to me is how valuable the keys or mechanism or whatever that actually does the "preventing", how badly the criminal element would want to get hold of that information, and the inevitability that this will happen when the right price is found for whomever holds the keys.

    In other words, this kind of thing will eventually, inevitably, be used for nefarious purposes.

    • by nuzak (959558) on Monday June 16, 2008 @07:51PM (#23816999) Journal
      In other words, this kind of thing will eventually, inevitably, be used for nefarious purposes.

      You mean, like by the government or the corporations? This is not potential abuse, it is abuse on its face. Stop with the "criminals might get access", it's criminals that have the access right now!
      • > ... will eventually, inevitably, be used for nefarious purposes.

        Don't you think that all this anti-terrorism legislation should be balanced with at least a bit of pro-terrorism legislation?
    • And it's actually this kind of nonsense that keeps otherwise great software from being used on government systems. Large, boring processes are in effect in lots of places that look for phone-home or open ports created by software. Once such a beast is found in any revision of a program, all future releases are tainted and no one is allowed to use them.

      Of course, I say that, but XMLSpy and WGA do this and they still let it get used.

    • I will support any open framework. - Zombiebot signing off
  • by muellerr1 (868578) on Monday June 16, 2008 @07:39PM (#23816899) Homepage
    That's the best euphemism I've ever heard for legitimized corporate spyware and DRM. Big software companies will finally be able help themselves to my electronic devices.
    • by mangu (126918) on Monday June 16, 2008 @08:07PM (#23817161)
      I wonder, can this be used to monitor GPL violations?
      • by Darkness404 (1287218) on Monday June 16, 2008 @08:14PM (#23817207)
        But being GPL'd it would be just as easy to go into the source and take out the back doors and recompile it.
        • by mangu (126918)

          it would be just as easy to go into the source and take out the back doors

          I suppose people who violate the GPL wouldn't know how to do this. If you are good at coding you respect other people's code.

          • by debatem1 (1087307)
            Genius is not always scrupulous, even when the right path is obnoxiously clear. The high road is not so obvious here, given the obvious conflict between the ideals of the Free Software movement and the intentions of the code's author, not to mention that such schemes are usually trivial to break given access to source.
          • Depends. If they got bills to pay and $corporation demands it...
        • by ejecta (1167015)
          It would also be just as easy to review the code to understand its methods & concepts then apply these to your own code.

          However people choose to simply copy entire portions, because they are lazy and think no one will know.

          Never underestimate laziness.
        • by Talonius (97106)
          Even if they did remove the "backdoor" unless they distributed the binary, they weren't violating the GPL. The GPL applies to distributors, not to end users. (Well, GPL v2. I haven't read GPL v3 yet. Yep, I'm lazy.)

          If they distribute the unmodified binary, how are you to know that the copy you're disabling is in use or was distributed by the offending individual or corporation?

    • Only with your participation: by running proprietary software. Free software systems can be improved to continue to grant users power over their devices.
    • by Valdrax (32670) on Monday June 16, 2008 @08:35PM (#23817367)
      "Self-help" is kind of a legal term of the art for any extra-legal means that people use to resolve a dispute without the aid or sanction of the courts, usually with the implication of violent means of depriving people of property in dispute.

      For quite enlightened reasons (and the more cynical would say selfish ones too), courts tend not to favor resolutions that encourage self-help. Courts are not going to interpret the phrase "detection or prevention of the unauthorized use of software fraudulent or other illegal activities" to allow for deprivations of or interference with the enjoyment of personal property without due process. This law can't be interpreted in any manner to set up a due process satisfying procedure, so it's pretty much unconstitutional if interpreted to allow remote disabling or (suspected) pirated property.

      Assuming that the above language even means to imply the "software fraudulent" is a meaningful term, given that it appears nowhere else in the US Code, and there's no definitions section for the bill. The sentence makes a lot more sense if "...software for fraudulent..." was their intended language.

      In that context, it seems less like a backdoor attempt to insert remote disabling into law and more like a phrase in line with preventing malware. UCITA was dangerous because it allowed people to contract away their protection against this sort of thing, which is less constitutionally suspect than just writing into law at large.
      • Re: (Score:2, Insightful)

        by iminplaya (723125)
        ...it's pretty much unconstitutional...

        Aaaand... that means what, exactly?
      • by Odder (1288958)

        This is wishful thinking:

        Courts are not going to interpret the phrase "detection or prevention of the unauthorized use of software fraudulent or other illegal activities" to allow for deprivations of or interference with the enjoyment of personal property without due process.

        Like they kept NBC and Vista from blocking recording of TV shows? People holding the appropriate offices at the DOJ were probably cheering the censorship potential of that and they are rooting for even better illegal wiretaps.

        It w

        • Theres nothing in law that says that NBC or Microsoft *must* let you record something - its a common misconception here on Slashdot that the fair use clauses force a copyright holder to comply with them.
          • by Odder (1288958)

            People can't be punished for time shifting [virtualrecordings.com]. Society did not consider time shifting a publication and does not prevent it to enforce the created right of copyright. Recent rulings on the broadcast flag all reached the same conclusion so both their broadcast and listening for and obeying the broadcast flag are voluntary - ie a pointless competitive disadvantage that outrages customers.

            In time, encrypted works will not be considered publications and lose copyright protection. Encrypted works may never ent

            • Re: (Score:3, Informative)

              But theres nothing in that ruling that *requires* NBC or Microsoft to allow you to record something - and thats my point and you have precisely fallen into the same trap most people seem to when it comes to the fair use clauses in US copyright law (which I am using as an example, its pretty similar in most other copyright law I am familiar with).

              While there are rulings saying time shifting is not illegal, those rulings do not place vendors under a requirement to ensure you have the ability to carry out a
      • by Talez (468021) on Monday June 16, 2008 @10:26PM (#23818085)
        For quite enlightened reasons (and the more cynical would say selfish ones too), courts tend not to favor resolutions that encourage self-help. Courts are not going to interpret the phrase "detection or prevention of the unauthorized use of software fraudulent or other illegal activities" to allow for deprivations of or interference with the enjoyment of personal property without due process. This law can't be interpreted in any manner to set up a due process satisfying procedure, so it's pretty much unconstitutional if interpreted to allow remote disabling or (suspected) pirated property.

        But that's the thing. The vendors do not consider said software your personal property. They consider it to be their property that you have a license to use and they would no doubt argue that all the way to the SCOTUS.
      • If it is used for preventing copyright infringement then perhaps you can have a court rule that it was not appropriate to disconnect you, but you are not allowed to do anything to protect yourself against it happening beforehand because it can be interpreted as circumventing means of protection against copyright infringement. And even if it does companies would be reluctant to provide tools to do it, so you're on your own.

        So if you're an organization that needs a license for 50 copies of whatever you'd get
    • And we'll be able to shut down government websites because they cause us harm. Right? .... RIGHT??
  • Can O Worms (Score:5, Insightful)

    by niiler (716140) on Monday June 16, 2008 @07:40PM (#23816913) Journal

    So if an entity (any virus writer, for example), incorporates, then it's legal for them to mess with your computer? All they need to do is claim that they have evidence that you are infringing some property rights of theirs?

    Is Congress insane?

    The real answer is that they don't tend to think of consequences. Rather they are more interested in rewarding their friends and financiers.

    • Close (Score:4, Insightful)

      by dreamchaser (49529) on Monday June 16, 2008 @08:01PM (#23817103) Homepage Journal
      They are certainly interested in rewarding their friends and financiers, but they are mainly interested in sound bite politics. It's an election year.
    • The real answer is they can't even think of the consequences because they don't understand the problem, they vote what their lobbyists and cronies tell them. I'm fairly sure if you told the congress TCP is the acronym of the Chinese secret service, half of them nods in agreement.
  • Screw 'em I say! (Score:5, Insightful)

    by zifferent (656342) on Monday June 16, 2008 @07:44PM (#23816941)
    You know what, give the lousy ba$tards what they want! They more than anyone else deserve it, and once they start disabling computers willy-nilly it will only beat a path to the OSS door. Why would any company in their right mind turn their entire company over to the trust of a greedy software vendor? They might as well hand over their bank-account numbers and power-of-attorney to BSA while their at it.

    It will frankly create a situation ripe for software-license blackmail and extortion.

    If they're so intent on shooting themselves in the foot, all the better for the rest of the world. Enough is enough.
    • That works fine until the same ba$tards outlaw OSS since it allows a user to work around their "Electronic Self-Help". Can't have that, can we?
    • by JPLemme (106723) on Monday June 16, 2008 @08:36PM (#23817377)
      I used to perform disaster recovery testing for a very big company. There was one particular test where a critical application wouldn't run because it was registered to the CPU's serial number and the software was refusing to run on the hardware at the DR facility. I'm pretty sure that the majority of proprietary mainframe apps work this way.

      The data restoration couldn't begin until the vendor fixed the license issue, which took ~45 minutes. Since we had a 12 hour recovery limit that was a long time. We worked with the vendor to make sure that our DR process wouldn't be affected by this issue, and it never happened again.

      Ergo, many companies in their right minds trust their vendors, just like they trust their banks not to steal their money. The difference between Very Big Companies and you is that each VBC is worth millions of dollars to the vendor, and screwing one VBC can cause many other VBCs to defect to vendors they can trust. You, OTOH, are worth about $59.99 and if they screw you most of their other customers will never know about it.
    • Re: (Score:3, Interesting)

      It will frankly create a situation ripe for software-license blackmail and extortion.

      Had that problem with AutoDesk a while back. One of our remote sites wanted to transfer an AutoCAD licence from one PC to another and decided the way to do this was without informing the IT Department.
      Uninstalled it from PC #1, installed it on PC #2 and got stuck trying to "activate" it. The portable licence transfer utility got removed in the process, so we couldn't do the licence transfer ourselves. Email AutoDesk and not only would they not help us out, they demanded we give them proof of purchase fo

    • Re: (Score:3, Interesting)

      by EdIII (1114411) *
      Excellent Point. Most Excellent POINT. Anybody else reminded of "Prima Nocta" from Brave Heart? :D I think that what happened to that Lord will be remarkably similar to possible events in the future.

      You did forget one group of people. The Simple End Users. Companies that would choose this type of behavior will screw these people over ridiculously fast. I don't think the receipt will make it into their pockets before they are bent over with a funny expression on their face. However, that is what hard c
  • Does it mean (Score:5, Insightful)

    by jmv (93421) on Monday June 16, 2008 @07:45PM (#23816951) Homepage
    GPL Violations [gpl-violations.org] is allowed (with author's permission) to break into the boxes of all GPL violators. *That* could be interesting.
    • by _KiTA_ (241027)

      GPL Violations [gpl-violations.org] is allowed (with author's permission) to break into the boxes of all GPL violators. *That* could be interesting.
      Of course not. Open Source doesn't pay enough lobbyists to break the law. You have to bribe people a certain amount each year to get that privilege.
      • by jvkjvk (102057)
        But if this makes it into law, then it wouldn't be breaking the law, would it?

        Any time I see stories like this, or making it legal for copyright holders to break into/destroy/etc. people's computers I tend to think that while it may help some big players in the short run a nice Akido type move is lurking in the background for the very small players as well.

        Incorporate, create some software (or some music) and leak it to the net. Now, anyone is a possible target for you because it is possible that they coul
    • Re: (Score:3, Interesting)

      by caseih (160668)
      Well the GPL doesn't apply to anyone until they are distributing software--it clearly states one can *use* the software under the GPL without agreeing to the license until I distribute the software to others. Then of course the full force of the GPL applies. Thus I can run GPL'd code in proprietary software all I want as long as it never leaves my machine. Obviously the people who are distributing this kind of software would definitely be in violation of the GPL. But I don't really see how the UCITA app
      • by Compuser (14899)
        But it could mean that if I were an author of some GPL software and I were to suspect the product from some manufacturer to use my GPL software without giving away source code then it would be OK for me to hack into their systems, "self help" myself to the code and start distributing it. Now there are lots of rumor there that Windows uses GPL code without compliance though no evidence as yet. But that could be enough for someone to legally hack Microsoft and if any small violation were found then to release
      • I do hereby assume you distribute software that you derived from GPLed software. If I got the law right, you have to prove you're innocent.

        So, would you please open the ports?
  • by IBitOBear (410965) on Monday June 16, 2008 @07:47PM (#23816967) Homepage Journal
    consider provisions of this bill "do not apply to any monitoring of, or interaction with, a subscriber's Internet or other network connection or service, or a protected computer, by or at the direction of a telecommunications carrier, cable operator, computer hardware or software provider, financial institution or provider of information services or interactive computer service..."

    and "(10) detection or prevention of the unauthorized use of software fraudulent or other illegal activities."

    Well clearly, as per the article they are slipping in "any enforcement we choose" actions regarding the ability of the BSA (etc) to pry into your computer with spyware like tools...

    But worse, the spyware perpetrators themselves gain free immunity to all their spyware actions if they can proved they are "a provider of an information service" which, in fact, they are. They provide my information to their paying customers.

    Now not only is spyware made penalty free (by accident) but Auditing Trojans that "accidentally" destroy all your data while "trying to detect" whether you have stolen Barbie's Big Adventure

    The corporations, both legal and illegal, now own your computer in every way that matters.

    Ta Da!
    • by Cathoderoytube (1088737) on Monday June 16, 2008 @08:26PM (#23817305)
      Just curious. Would this mean that software companies would have to make different versions of their software for the Canadian market? Since the bill only applies to the spying on and infringing of the rights of Americans. I would assume that these sorts shenanigans would be fairly illegal here in Canada because of our privacy laws.

      If worse comes to worse you could start buying your software from Canada, or it might be as easy as ticking Canada as your country during the installation process...
      • If worse comes to worse you could start buying your software from Canada, or it might be as easy as ticking Canada as your country during the installation process...
        Or change the locale in your OS.
      • Nah, they wait 'til the law passes and watch whether there is any backlash or fallout. Then they start something similar to what the Berne Convention is for copyright and start pressing down on other countries 'til they cave in.

        And given that the average government, no matter where, is quite favorable towards companies that sell thin air (i.e. content), since it doesn't require the import of a lot of resources while allowing the export of ... well, something that makes money, I'm sure it's gonna fly.
  • contempt (Score:5, Interesting)

    by nuzak (959558) on Monday June 16, 2008 @07:49PM (#23816989) Journal
    By writing themselves into the law as "above the law", I no longer feel particularly feel any moral obligation to obey the law. The only principle that guides my behavior now when it comes to dealing with the RIAA/MPAA is "don't get caught".

    Congratulations, you people just created another pirate.
    • Re:contempt (Score:5, Interesting)

      by TheGratefulNet (143330) on Monday June 16, 2008 @08:35PM (#23817369)
      Congratulations, you people just created another pirate.

      I keep saying that - its a self-fulfilling prophecy.

      the more unjust laws that lobbyists create, the more anger and disillusionment the customer (!) base will become.

      they have created more pissed-off customers than they realize. so any laws just become ignored by those in the current generation.

      I wonder where this will end? where will it extrapolate to? will the media industry ever 'get it'? this is an arms race and its not heading toward any kind of stability and in fact its heading quite out of control.

      our politicians are creating favorable laws for themselves and their lobbyist contributors. big business is having a cream-fest with all the new laws that have been passed in the last several years, to their benefit and to the detriment of the consumer.

      I encourage people to decide for themselves if they should follow UNJUST LAWS or not. for a long time, slavery was allowed and perfectly legal and laws supported it. it was bad to follow such laws back then and similarly, when you find bad laws its your patriotic duty to ignore them.

      we can't seem to change the laws - the power base is not ours. so, what we have left is to nullify the laws by challenging them and refusing to follow them.

      LONG LIVE CIVIL DISOBEDIENCE.
      • And this is exactly what's dangerous about such laws. I'm not even saying anymore "with your attitude", because I can't defend the laws anymore myself. I can't advocate following the law anymore.

        When the definition of a "good person" changes from "someone who doesn't break the law" to "someone who breaks unjust laws", because if you didn't the term "good person" could not be applied anymore, something is horribly wrong with the legal system.
        • I'm not sure I ever really defined 'good person' as someone who simply followed the laws. I always insist on having a middle layer (for myself, that would be 'me' [g]) in there that checks things and evaluates real-time on a per-case basis. I think that's what differentiates robots from humans; we can use judgement and I believe to deny use of judgement is to waste a valuable resource. blindly following rules is still a case of being ... blind!
          • I did not say following the law blindly could make you a good person. Only that it's a sign that good laws are in effect when following the law makes you a good person.

            No law should ever go unquestioned. Ever. Some of the biggest atrocities in the history of mankind were only possible because people failed to question their laws.
    • Congratulations, you people just created another pirate.
      Alright, matey! Let's go conquest the seven seas, YARRR!!! [thepiratebay.org]
    • by novakyu (636495)

      By writing themselves into the law as "above the law", I no longer feel particularly feel any moral obligation to obey the law. The only principle that guides my behavior now when it comes to dealing with the RIAA/MPAA is "don't get caught".

      Yes, laws like these should be disobeyed at all opportunities. But do you know what would really make RIAA/MPAA mad?

      Don't listen to their music or watch their movies AT ALL.

      By consuming their products (whether you pay for it or not), you let them maintain their cultural influence and dominance—and things like that can be used to make money, if not by direct sale. Drive them into irrelevance and obscurity by refusing to listen to or watch anything made by those who would make slaves of the general pop

  • UCITA isn't dead (Score:3, Informative)

    by MobyDisk (75490) on Monday June 16, 2008 @07:55PM (#23817047) Homepage
    The summary acts like the UCITA failed and is trying to come back. But UCITA passed Maryland and Virginia, and probably some other states too. I think Massachusetts actually passed an anti-UCITA law.
  • by ThreeGigs (239452) on Monday June 16, 2008 @07:57PM (#23817063)
    Without exceptions like those, things like the code that prevents (or at least discourages) the use of bots in games like WoW would be rendered illegal. Examining your system memory is *exactly* what the law is designed to prevent, and anti-bot code has to do just that.

    Yeah, maybe they could come up with a lot more specifics, thus making the law a lot more unreadable and drawn out, and potentially causing headaches for any circumstances that were left out. But I'm afraid there will probably have to be some sort of exceptions made along the lines of "unathorized software" and/or "fraudulent use" that are potentially over-generalized.

    • by Valdrax (32670) on Monday June 16, 2008 @08:57PM (#23817505)

      Without exceptions like those, things like the code that prevents (or at least discourages) the use of bots in games like WoW would be rendered illegal. Examining your system memory is *exactly* what the law is designed to prevent, and anti-bot code has to do just that.
      Why are your bloody games more important than my right to enjoy the use of my property without extrajudicial interference? I actually do work with my machine and might not let want it tampered with by a vendor who has another "Genuine Advantage" bug.

      It's not like WoW is more important than due process rights.

      (Not that that's what the bill actually does, but I'm kind of horrified to see someone supporting what the article purports that it to.)
      • by wasted (94866)

        ...Why are your bloody games more important than my right to enjoy the use of my property without extrajudicial interference? ...

        Because your lobbyist doesn't contribute as much to the appropriate candidates' election campaigns?
      • by TheGratefulNet (143330) on Monday June 16, 2008 @09:57PM (#23817907)
        what this might mean (if it actually comes to pass as a body of new laws) is that people will hard partition their various activities.

        ie, a work machine (or even many discrete ones), a home machine, a machine that can be task-related and shared, a machine that is ONLY private stuff and no commercial software, etc etc.

        so if there has to be 'crap' installed on some box, don't let it invade on ALL your boxes. partition the systems so that you limit exposure or damage potential. contain the 'viruses', so to speak.

        there was a slash story about nokia and their 'bright lines' between GPL and private code. same basic idea here but translated to keeping info on separate boxes and limiting what kind of programs get installed on each 'type' of box.

        PITA to have to think in those terms, though! ...I really hate the way laws are mostly just BAD, these days ;( I can't think of a single GOOD LAW they've passed in, well, YEARS.
        • Re: (Score:3, Insightful)

          by Opportunist (166417)
          PITA to have to think in those terms, though! ...I really hate the way laws are mostly just BAD, these days ;( I can't think of a single GOOD LAW they've passed in, well, YEARS.

          It's been quite a run, yes. The average thought that enters my mind when I read about a new law is usually "ok, how're they gonna screw me over this time?". Somehow I think it shouldn't be that way. Laws should be to the benefit of the general population. I might not agree with all of them. I might not benefit from all of them. But I
          • no, its not just you. its the general feeling of most of the posters here, from how I read things.

            people here (as a group) are fed up and don't trust ANY of the decisions by the current bunch of clowns that have been running our government.

            just like you, when I hear about some new law that is being proposed, I just *know* that its not being passed to fix a real problem and I know its not being proposed by anyone with a good clue-factor. its there for some interest group and its been paid for, with 100% ce
            • You know what's really sad? I am not even subject to US laws, and it's the same here. And there. And pretty much everywhere. You can't even escape this madness anymore.
              • its NOT a US only thing. its starting here, but it surely is spreading. the UK is way more of a nanny state than the US; australia and NZ are trying to catch up and even europe (proper) is feeling they want a piece of the anti-freedom pie, too ;(

                there is a world-wide trend in the collapse of individual freedom.

                there's nowhere to run or hide to. ALL governments are starting to like the taste of net.monitoring and data collection on a grand scale.

                (what the other gov's may not know is that the US gov (who t
    • I hope we can agree that it's a difference between infecting your machine with bogus CD drivers (aka "copy protection mechanisms") and bot-sniffing malware, and having it crammed down your throat, yes?

      I don't give a rat's ass about Blizzard or any other company trying to protect their precious game, if they infect my machine "just in case I might install" some of their crapware, I'll answer with a sensible DDoS. Let's see how much bandwidth those servers can really swallow.
  • by maynard (3337) <j,maynard,gelinas&gmail,com> on Monday June 16, 2008 @08:00PM (#23817099) Journal
    I would be open to this if the legislation placed control of whether software on a privately owned computer should be disabled in the hands of a court rather than in the hands of the software vendor. The problem with this legislation, and all DRM, is that it hands much too much control over to the vendor, which is a conflict of interest. Governments exist to protect property rights, not private corporations or individuals.

    I haven't read this legislation. But UCITA most certainly did not do that; it placed control completely in the hands of the software vendor (copyright holder). I think this type of DRM could fly with a real adjudication process that's fair and fully public.
  • It's one thing to be bought and/or rented by industry lobbyists. It's another to have our government's data and operations legally placed in jeopardy in the event some jackass might have installed some application that contains some code that disables the computer and/or network in the event it believes it is pirated or otherwise running in a way that conflicts with its license.

    This could also do very bad things to businesses under similar circumstances. And before any claims "but your users shouldn't be
  • Perhaps I'll sell a trojan for $0.99. Then I'll be able to access computers legally of people who do not pay for a license.
    • Re: (Score:3, Funny)

      by Fluffeh (1273756)
      So, you write and distribute a trojan. If the trojan works properly, you get to snoop about the users PCs and find out what you want to know then hose their system. If it doesn't work properly, you can claim violation of your property rights, and then inspect their systems and finally hose them.

      Today seems to be a good day for people wanting to cause grief on the net.

      Boy, I hope that Google makes a violation claim against Microsoft. Let the battle begin!
  • Isn't this just what foreign governments would love to have to manipulate, say, our armed forces?
    • Armed forces, c'mon. Too much manpower involved, too much custom software.

      I'd start by tapping into your economy. Lots of Windows machines, lots of standard software, lots of computer illiterates with a lot of interesting information and even more power (read: bankers, brokers, accountants and auditors).

      Why not make some important bank sell all their stock for a company you want to take over cheaply?
  • Publicity is key (Score:3, Interesting)

    by vanyel (28049) * on Monday June 16, 2008 @08:28PM (#23817317) Journal
    ...as Sony learned with the rootkit. Any software that does crap like that will quickly find itself shunned like the malware it is...
    • Yeah, Sony is about to go broke really soon now...

      Face it, people don't remember, even if they knew. Mr. Hesse (the Sony PR guy at that time) had it right. Why should people be bothered by our rootkit, most don't even know what it is. And that's pretty much how it is. People still buy Sony crap, people still even buy Sony content, no fallout at all from this.

      What would happen if some company decided to use this new "feature"? Why am I writing in subjunctive, what will happen when some company decides to use
      • by vanyel (28049) *
        Sony may not be going broke, but they stopped the rootkit. Even as big as they are, perhaps *because* they're as big as they are, publicity matters.
        • Nah. It's just that a detected rootkit is worthless, that's all. If anything, they might have gotten some suggestions from Blizzard [securityfocus.com] (or someone else, it's not like this is the only ... creative application for the "free" rootkit) to drop it or get some angry letters from their legal department.
  • by querist (97166) on Monday June 16, 2008 @08:28PM (#23817319) Homepage
    I've contacted mine! I have the distinct pleasure of being on one of my senators' "short list" of people to consult in computer issues, especially computer security issues (due to my Ph.D. in the subject), so I've already told him that this is a bad idea.

    Please contact your senators!
    • by querist (97166) on Monday June 16, 2008 @08:30PM (#23817331) Homepage
      I know - I shouldn't reply to my own posts, but...

      If any of you have recognizable credentials in the field, please try to contact your senator or congressperson and offer your assistance in these matters. I've received a very grateful response from my senator for this offer, and I've been called by his office before with questions about issues.

      Here's a chance to have more than your "fair share" of influence in certain matters.

      Take advantage of it.
  • Dumbasses, twice (Score:5, Insightful)

    by Weaselmancer (533834) on Monday June 16, 2008 @08:32PM (#23817351)

    Point the first: If they think this won't get hacked, they're out of their freaking minds. You think spyware is bad now, just leave a huge hole in your OS where other people can come in and change stuff. This proposal will make the problem worse, day one. Or should I say 0-day.

    Point the second: Accountability. Assuming this could get implemented and be magically unhackable, what all are they actually allowed to do, and who will oversee this?

    Put another way, let's say I release an email client that is legal to use for non-commercial purposes. May I read all of your email to see that you're sticking to the EULA? May I delete the ones that are commercial?

    How far can this go, and what checks and balances do they propose?

  • Any chance this violates the Constitution's provisions against (a) due process, and (b) unreasonable search and seizure?
  • by fuzzyfuzzyfungus (1223518) on Monday June 16, 2008 @08:41PM (#23817413) Journal
    There is something deeply ironic about a lot of the hyperagressive IP enforcement stuff going around. Orrin Hatch's self-destructing computers, Fritz chips, and now "electronic self help". All of these things are deeply antithetical to the notion of private property; but advanced under the banner of protecting private property.

    I'm surprised(but not too surprised) that this sort of thing doesn't get more attention from the free enterprise and private property crowd; it is, after all, a much greater threat than any of the pitiful remnants of Communism that still survive. If this sort of stuff persists, it will, in effect, be illegal to own almost any computerized device(sure, you'll own the actual hardware; but the software and firmware will be licenced-revocable-at-will from dozens of different firms, all with the authority to poke at your device whenever they want). I'm sure that some of the true believers will comfort themselves with the fact that it isn't the State that is to blame; but private property will be just as dead as if it were.
  • by kimvette (919543) on Monday June 16, 2008 @10:13PM (#23818007) Homepage Journal
    I unashamedly admit that I deprived BSA members of profits, and at least weekly encourage clients to do the same.

    I encourage the use of BSA-profit-depriving alternatives such as:

      * Linux rather than Windows
      * The OpenOffice.org and OxygenOffice suites rather than Microsoft Office
      * Thunderbird or Evolution+Lightning rather than Outlook
      * Moon Secure rather than the buggy, resource-hogging Symantec antivirus
      * Scalix, Zimbra, or even good old Postfix rather than Exchange
      * Mozilla Firefox rather than the insecure MSIE
      * Spybot S&D rather than commercial (OK this one is freeware not F/OSS but proprietary/free as in beer is great when the payware solutions suck!)
      * ASSP rather than Symantec's crappy spam filter - which after an automatic update deleted every single email attachment in my Exchange Info Store years ago, which prompted my moving almost everything at the office back to Linux. ASSP blocks more spam, incurs fewer false positives, plus it's FREE/OSS! I implement ASSP for clients running both Windows and Linux mail servers.

    That isn't to say I am opposed to buying software, nor is open source software a solution for everyone. I pay for my Linux distributions, I buy Crossover Office and Zend Studio, and I just bought a Windows game. There is an intern at one of my clients wanting to get everyone on open source across the board, and was asking me why I didn't do it. I pointed him to the fact that QCAD is 2D-only, PythonCAD is weak, other CAD solutions on Linux are immature, incomplete, incompatible (no LISP), or in planning stages, plus there would be HUGE training issues. Also, they NEED M$ office for some of the programs they need to run, and several engineering programs they use "might" run under wine, but there is no way the execs would approve of the training cost. We're planning a Linux server for them for some time sheet/project billing software, but there is no realistic way they can dump Windows. As it is, I have OOo.org, Firefox, PDF Creator (no more "pirating" Distiller), 7 Zip (no more "pirating" Winzip!), Filezilla (No more "pirating" WS_FTP), and various other F/OSS and freeware programs deployed there. When I pointed that all out he saw the reality of it: F/OSS is not the BFH that works for every solution, but when it can be used, it should be.

    In the architecture industry there are few alternatives to AutoCAD or DesignCAD, both of which require Windows.

    Also, for syncing up PDAs, smartphones, etc. nothing beats Windows and Exchange+Outlook.

    There isn't a good affordable alternative to Quickbooks - and none that I know of that run on Linux.

    You're a gamer? CVS Cedega, Cedega, and Crossover Games may play a lot of games, but not all. Like Microsoft Live games? Linux is probably not the best solution for you.

    I recommend F/OSS solutions whenever possible, because it's best for the client, it's best for the F/OSS community (exposure), and it helps keep the market forces (read: Microsoft) keep their prices in check.
  • by gumpish (682245) on Monday June 16, 2008 @10:27PM (#23818099) Journal
    If you're going to use a 5 letter initialism in the summary and repeatedly in the headline without saying what the fuck it is or at the very least linking it to a definition, I for one can only assume that you don't consider it important enough to warrant the extra 20-50 keystrokes to do so.

    This seems odd since the nature of the numerous comments is very alarming, however none of the comments mention what the initialism stands for.
  • I write in response to bill S. 1625, currently making it's way through the senate.

    This bill should not be passed in the state that it is in because it includes exemptions for "telecommunications carriers, cable operators, computer hardware and software providers, financial institutions or providers of information service or interactive computer services..." that could be decremental to consumers. These exemptions grant immunity to such companies and groups to impose on personal privacy for the followin
  • Instead of Congress yanking the FBI off of un-Constitutional privacy violations and other worthless, expensive investigations, in favor of protecting us from software attacks, Congress is abdicating yet more responsibility for protecting us, in favor of giving legal cover for unaccountable vigilantes.

    What do we pay those people to do, anyway? Ruin us? We can get that for free.
  • These problems would all go away if we just abolished copyright altogether.

  • From last week's Ed Foster column about Barracuda Networks,
    http://www.gripe2ed.com/scoop/story/2008/6/3/0529/41400 [gripe2ed.com]

    the spokesperson sent me this sample of a letter sent by Barracuda sales executives whenever they are made aware of a seller on eBay elsewhere offering used device for sale:

    "Please know that any resale of used Barracuda Networks equipment is unauthorized and your customer will be unable to receive Energize Updates or even use the products."

    It's unclear from that statement whether

    • Resale is a RIGHT. Its not a Privilege.
      This statement will NEVER hold in a court of law.
      And in addition, if i twist the MPAA president's speech: If i buy a chair, i can sit on it or pee on it, or sell it. If xyz Corp chose to remove the legs of the chair because my wife is sitting on it instead of me, they can expect a product liability suit, wire fraud suit, OSHA investigation (under Obama), and Damage to Private Property criminal cases.
      It will be long day before the CEO gets out of prison.
  • So you think just because I install your crapware on my computer, that you have the right to cripple MY PROPERTY at a whim? You, you, fuck you, you fuckin' FUCK, you, I say, and GOOD NIGHT, SIR! The first time I detect this sort of shenanigans occurring on any computer in my posession is the moment when I uninstall said software (or OS for that matter!) and seek a complete and full refund of any monies paid -- if not legal reparations in civil court. Fuck that noise! Again, some asshats are borrowing pages
  • by Tmack (593755) on Tuesday June 17, 2008 @02:05AM (#23819391) Homepage Journal
    I mean, thats what the A stands for right? Unsolicited C*ck In The Anus??? The next step up from UFITA... ohhh you mean THAT UCITA, guess its close enough anyway...

    tm

  • While the concept of forcing users to turn their computer over to any software vendor is abhorrent to me, I don't know if the consequences of this bill are as extreme as they sound.

    From my reading of the article it sounds like the bill adds additional "protections" to current law. Additionally the exemptions sound like they apply solely to this bill. That's fine because as the article notes, all of these things are already banned. If this bill replaces current laws restricting unauthorized access to comp
  • Huh, the world of Shadowrun is near. Imagine a brain implant connection to the net with some self-helping homepage. They can burn your brain (LEGALLY) if you just wander off the net in the wrong direction...
  • Corporations have so little power and support from the government in the U.S.

  • IF they think they have the right to "disable" my computer or any of MY property. Then that means I have the right to "disable" their corporation. "Bomb, Bomb, Bomb, Bomb Iran"......

Man must shape his tools lest they shape him. -- Arthur R. Miller

Working...