Forgot your password?
typodupeerror
The Courts Government Software News

Safe Harbor Spells Win For Kaspersky In Malware Case Against Zango 93

Posted by ScuttleMonkey
from the hire-good-engineers-instead-of-lawyers dept.
suraj.sun writes to tell us that the 9th Circuit Court of Appeals has ruled in favor of security company Kaspersky in the recent case questioning their classification of Zango software as malware. "The court ruled that Kaspersky Lab, which classified online media company Zango's software as malware and 'protected' users from it accordingly, could not be held liable for any actions it took to manufacture and distribute the technical means to restrict Zango software's access to others, as Kaspersky Lab deemed it 'objectionable material.' Zango sued Kaspersky Lab to force the Company to reclassify Zango's programs as nonthreatening and to prevent Kaspersky Lab's security software from blocking Zango's potentially undesirable programs. In the precedent-setting ruling for the anti-malware industry, the Court of Appeals for the Ninth Circuit affirmed a lower court ruling that Kaspersky Lab is a provider of an 'interactive computer service' as defined in the Communications Decency Act of 1996 . Part of the Communications Decency Act of 1996 states: 'No provider or user of an interactive computer service shall be held liable on account of ... any action taken to enable or make available to information content providers or others the technical means to restrict access to [objectionable] material.'"
This discussion has been archived. No new comments can be posted.

Safe Harbor Spells Win For Kaspersky In Malware Case Against Zango

Comments Filter:
  • by sakdoctor (1087155) on Thursday July 02, 2009 @12:16PM (#28558949) Homepage

    So I looked it up:

    Zango, formerly ePIPO, 180solutions and Hotbar

    Oh look, they've had four different names, because they have to keep running away from how scummy they are.
    KILL IT WITH FIRE!

    • Re: (Score:2, Funny)

      by Anonymous Coward

      What? They're just cute, harmless lil trojans...

    • by riboch (1551783)
      "It's a trick. Get an axe."
    • by DaMattster (977781) on Thursday July 02, 2009 @12:33PM (#28559219)
      Both 180solutions and Hotbar were the bane of my existence back in the day. Both these malware items would just keep coming back like persistent, antibiotic resistant strains of bacteria. You think you've got every last little registry entry and file removed and lo and behold it would be back. This wouldn't be malware if the company provided honest instructions for the removal of these programs. In some cases, I had heard, the removal instructions simply added code to reinforce the malware. However, because they are being deceptive about its install and automatic re-install, it makes the behaviour unethical. Therefore Zango and its ilk should take the slap on the ass and go sulk in a corner somewhere.
      • Re: (Score:2, Funny)

        sulk in the corner...? No, beat them badly, kill them, and then crush them into a fine powder like the Box Network executives in Futurama.
      • by NecroPuppy (222648) on Thursday July 02, 2009 @12:54PM (#28559623) Homepage

        Only half my problem was the uninstall of these items.

        The other half was the users (bless their hearts) who would reinstall them. It took threatening to fire the next person who installed HotBar before they stopped.

        • by Gerzel (240421) *

          Why? What exactly was so appealing about HotBar that they kept on reinstalling it? What service was it providing?

        • I know what you mean. The general rule of system administration and work in general is: If they can do it wrong, they will! And if you tell them, they will forget it as soon as you leave the room.

      • by TheSpoom (715771) *

        I used to have problems with it. And then I stopped doing tech support as a career and started using Linux personally.

        Ignorance is bliss.

    • by fataugie (89032) on Thursday July 02, 2009 @12:42PM (#28559367) Homepage

      I say we blast off and nuke the site from space...it's the only way to be sure.

    • Re: (Score:3, Insightful)

      by Em Emalb (452530)

      KILL IT WITH FIRE!

      Nah, that would allow the "phoenix" company to rise from the ashes...just using a different name. I'd humbly suggest the following:

      Invite a horde of angry Mongols to their office building. Ask said Mongols to do what they do best. Once the flames, smoke, and lamentations of the women die down to a dull roar, invite the US Army to do some tank maneuvers over the remains.

      Then, till the soil, salt it, and nuke it repeatedly from orbit. After the land becomes habitable once again, repeat t

      • by Tanktalus (794810)

        I see you prefer the "pansy" approach. Hopefully someone else will be sufficiently peeved to propose something a bit harsher.

      • Sigh! It's salt, then till. That way the salt gets worked into the soil.
        • by Em Emalb (452530)

          Sigh! It's salt, then till. That way the salt gets worked into the soil.

          LOL, this part of that inane post is what you chose to latch onto? ;-D

      • MY GOD, MAN!

        What would you do if they **really** pissed you off? /cringes

      • by icebrain (944107)

        Meh. Vikings are more entertaining. And they have cooler hats.

        Oh, and you might skip the separate salting of the soil and nuking stages, and instead just use enhanced-radiation devices ("neutron bombs") with cobalt jackets. Make sure you use ground bursts too, they're dirtier. Just don't stand downwind... the fallout's a bitch.

    • by Abreu (173023)

      YES, KILL IT WITH FIRE! [killitwithfire.com]

  • As long... (Score:4, Insightful)

    by Twillerror (536681) on Thursday July 02, 2009 @12:19PM (#28559001) Homepage Journal

    As long as the anti-malware gives me the choice and some basic information they can clasify Firefox as malware.

    Chances are if you don't recognize the software name it was either installed by the OEM or was installed without your knowing...

    Plus the open market will sort this sort of thing out. If they start clasfiy incorrectly no one will use them.

    • Re:As long... (Score:4, Interesting)

      by Anonymous Coward on Thursday July 02, 2009 @12:26PM (#28559107)

      For once, a market solution works.

      Kind of reminds me of when AVG [slashdot.org] started to play by different rules. The users were vocal and loud; AVG got the picture and fixed their problems.

      It's a shame that we need courts to affirm common sense.

    • Re: (Score:3, Insightful)

      by Gerzel (240421) *

      Not really.

      The open market is very stupid when it comes to software for the most part. They just go with whatever is installed with little to no research into what the program actually runs like or long term performance. It is mostly advertising that gets new software onto computers with a little word of mouth after that. Problems are only noticed when the computer stops "running like it used to" or shows other major faults.

  • by Brian Gordon (987471) on Thursday July 02, 2009 @12:20PM (#28559015)
    We actually need a court precedent for deciding if adding a feature to your program is legal?
    • by blueg3 (192743) on Thursday July 02, 2009 @12:29PM (#28559155)

      Courts deciding whether we can add features to programs is nonsense.

      Of course, I might be biased. I just added an undocumented feature to our popular medical records management software that allows doctors to access patients' medical records over the Internet. Encryption and access restrictions work just fine, I think, provided the software is configured properly...

      • Why does that "undocumented feature" scare me? Encryption and access restrictions are certainly not full proof. Even the AES-256 encryption scheme might have a significant flaw as reported in slashdot yesterday. If you are 100% certain that your system is full proof, I certainly wouldn't buy it. Your solution might be good but it might make use of other run time libraries and shared objects with notorious leaks that would let a would be intruder gain, not just access, but root level access. Your over c
      • by maxume (22995)

        Your sarcasm is inane. I'm perfectly comfortable with the legislature mandating that doctors and health care providers use software that meets certain standards when storing patient information, but I do not want a court deciding what those standards are.

        • by blueg3 (192743)

          They don't -- they decide if a particular piece of software meets those standards, which is the job a court does.

    • by Crazy Wolverine (1274920) on Thursday July 02, 2009 @12:30PM (#28559165)
      I think even more alarming is the fact that Zango didn't get laughed out of the courtroom, and that this case made it all the way to the 9th circuit court of appeals. Back when they were 180Solutions, they were one of the most notorious adware companies around.
      • Re: (Score:3, Funny)

        by fataugie (89032)

        I think even more alarming is the fact that Zango didn't get laughed out of the courtroom

        You mean like SCO?

        Thank you, thank you....let the Karma flow ;)

      • You have to realize *how* Zango lost in the lower court.

        There's a bit of the law, meant for internet filter companies, that says you can't sue if someone filters your site/product incorrectly.

        Zango getting trounced in court is a good thing of course (they should have flat out arrested them when they showed up to the courthouse), but this law being upheld for a new, unintended purpose of the original bill, leaves legitimate products without recourse as well.

        Also, *anyone* can file an appeal, prior to the SCO

    • by jhol13 (1087781)

      Well, it does make a sense, a bit. Think if Microsoft (or Apple - for e.g. iPhone) would prohibit everything made by Brian Gordon.

      Obviously situation here is quite different, but Zango definitely is (was?) trying to make thing look the same.

    • We actually need a court precedent for deciding if adding a feature to your program is legal?

      Like everything else, that would depend on what your program does and what laws apply, wouldn't it?

      Say you're a convicted monopolist, and your program does ... see where I'm going?

      As regards this case, if a claim of tortious interference with contractual rights, violation of the Washington Consumer Protection Act, trade libel, and unjust enrichment can be made, then yes, you may need a court precedent.

      That's not to

    • Re: (Score:3, Interesting)

      We actually need a court precedent for deciding if adding a feature to your program is legal?

      Well, the court was deciding if Kaspersky was illegally interfering with Zango's business and customers. That's been a role of teh court in the US for a long time. You can be held liable for interfering with someone else's business; the flip side of this is if someone's software blocked you from installing a competitors or accessing their web pages, even if you wanted to use the competitor product as well.

      And to stave off the inevitable "but Zango is evil and so deserved it..." responses:

      Yes, and I think t

    • by mea37 (1201159)

      How glib. (In spite of the fact that 3 or 4 moderators apparently don't think so.)

      The law governs all manner of simple actions that can be described with harmless-sounding generalisms, under certain circumstances. It's the context and effect of doing those general things that either is, or is not, legal.

      Is it legal to twitch my finger? But what if my finger is wrapped around the trigger of a gun, which I'm pointing at a clerk at a convenience store? Do I need a court precedent for deciding if moving my

  • It's about time (Score:2, Insightful)

    by cyberzephyr (705742)

    Zango and all of it's various iterations have been a plague for countless people. I'm glad the court ruled against them and i hope it sets a good example.

  • I'm pleased with this, but I'm confused.

    Wasn't the CDA shot down way back?

  • Serves them right. (Score:4, Informative)

    by LikwidCirkel (1542097) on Thursday July 02, 2009 @12:36PM (#28559275)
    I certainly remember 180-Solutions for being the last straw for me ever using MSIE. Several times they got me with their creative drive-by-installs back in the day, and those were just about the only malware infections I've had in my life. They're an absolute scumbag company and I'm glad about the outcome of this.
  • What's next? (Score:2, Insightful)

    by JobyOne (1578377)
    Child molesters suing to have their name removed from the registered sex offenders databases?
    • Re:What's next? (Score:4, Insightful)

      by FrostDust (1009075) on Thursday July 02, 2009 @01:08PM (#28559947)

      Even the most virulent of scumbags deserve their day in court.

      • Re: (Score:2, Insightful)

        by JobyOne (1578377)
        What worries me isn't so much that people are allowed to sue if they feel they have been wronged (that's a wonderful freedom).

        What worries me is that we've built a society where the answer to every little thing has become "sue them." We also built this stupid society on top of a court where the most expensive legal team wins.

        It's a nasty world for the little guys.
        • by idontgno (624372)
          Well, in a world of people with strongly-held and violently-opposed opinions, the courts are a slightly less socially damaging decision process than some of [wikipedia.org] the [wikipedia.org] alternatives [wikipedia.org].
          • by JobyOne (1578377)
            Yeah, it's all well and good that there aren't international corporations fighting it out in the street.

            What do I do though when I'm wronged by one of these massive entities? I suck it up and get on with my life. When Allconnect fucked up and cost me $150 what did I do? I called their support line a couple times, and when they refused to help I filed a complaint with the Better Business Bureau and moved on ($150 poorer).

            There isn't a damn thing I can do in the face of a massive corporation, even wh
  • So it's come to this. Kaspersky has to rely on a crappy law to avoid getting in trouble. This should be simple - freedom of speech! And the scummyness or otherwise of the plaintiff (or the defendant) should not be relevant.

    • by 0racle (667029)
      1st amendment rights only apply to (as should all constitutional rights) citizens.
    • by mea37 (1201159)

      The 1st Ammendment protects expression, not action. Even the protection on a written piece is diminished if it is functional. With program code, your "audience" is a machine; it cannot appreciate any ideas you might exprses, but can only function according to your instructions.

      I expect it would be a rare day that software functionality would be protected by the 1st Ammendment.

  • I don't see any standard that says what, precisely, "objectionable" materials might be. If this is used only in a very limited sense, it is probably OK.

    However, I suspect there might be a considerable outcry if AVG decided to make their free tool treat various BitTorrent clients as "objectionable" but their paid-for version did not. Without extremely strict well-defined guidelines for what constitutes "objectionable" this sort of thing can be used to target anything and now there is a court precedent sayi

  • by Animats (122034) on Thursday July 02, 2009 @01:17PM (#28560141) Homepage

    This expands the "safe harbor" of the CDA to cover ad-blockers. Now, ISP's can offer ad removal as a service. Corporate firewalls can provide ad-blocking. This would cut web traffic way down and speed up browsing.

    • by velen (1198819)

      browsing what? no revenue from ads, no traffic from ads = bad.

      • by stei7766 (1359091)

        It might encourage ad people to have their ads not be obnoxious pieces of crap.

        Probably not, but I can hope.

      • by seekret (1552571)

        browsing what? no revenue from ads, no traffic from ads = bad.

        Not neccessarily, it would encourage people to have a business model that wasn't dependent on advertising. I hate that so many companies and people rely on ads for money, why don't they try offer a service or product that people can pay for instead? I'm not opposed to advertising when it's done right as a supplementary income, but it's ridiculous that you can offer nothing yet still profit off it simply by linking to someone else.

    • This expands the "safe harbor" of the CDA to cover ad-blockers. Now, ISP's can offer ad removal as a service.

      That'd be a sure-fire way to get a sort of reverse net-non-neutrality from the part of hosts. "You are attempting to visit adinfested.com. Your ISP filters ads, so we will not send any content. Choose a different ISP to view this site."

      • by seekret (1552571)
        That I agree with, and I should have mentioned in my previous reply a few seconds ago that I don't think the ISP's should be blocking us from any site for any reason, even if it's because of ads.
  • Zango sues Kaspersky for interfering with their business model. This is a legitimate move on Zango's part (and yes, I know they're scum but go with me here).

    Kaspersky blocked Zango in the first place for being malware. What is malware? There is software out there that installs on a computer for the purpose of using customer data to make money for the software company or some related company. However to be classed as malware it has to be either installed via deceit or be non compliant when a user is performi

    • by TimSSG (1068536)

      Am I going crazy here, or did what I just type make complete sense?

      I think what you said made complete sense; but, in no way can I confirm or deny your sanity. Tim S.

  • . . . sounds like an open invitation to hot and cold running censorship straight from your ISP's tap.

It is surely a great calamity for a human being to have no obsessions. - Robert Bly

Working...