Using Spyware to Report Pirates? 1013
An anonymous reader asks: "I have visibility to AUP complaints we receive at work, and we receive messages from a software vendor that make it obvious that their product is phoning home when it discovers it is running a cracked copy of itself." Apparently the software phones home, and then the publisher's legal department sends the administrator an e-mail. "The message goes on to detail the users IP, a timestamp, the product in question, the users PC name, username, and MAC address.
This falls under -my- definition of 'spyware.' What are your thoughts?" Software has been making surreptitious checks for "piracy" for over a decade, yet these checks are usually limited to the software itself, and not data on the user's machine. Do you feel software publishers should have the right to peer into users data, if their software suspects foul play on the machine, or should it do the easy and intelligent thing and just stop working?
What we want to know... (Score:5, Interesting)
Re:What we want to know... (Score:5, Interesting)
Re:What we want to know... (Score:5, Insightful)
You are seriously deluded if you think that fact that a piece of software thinks it's pirated is de facto evidence that it is in fact pirated.
Re:What we want to know... (Score:3, Insightful)
This is why everyone should run a decent firewall. The amount of programs that phone home is alarming!
Re:What we want to know... (Score:5, Interesting)
Re:What we want to know... (Score:5, Interesting)
Re:What we want to know... (Score:3, Interesting)
Re:What we want to know... (Score:4, Insightful)
Yes. Look into Firestarter. Look into iptables/ipchains.
"If not, Windows is more secure than Linux for a desktop user."
Thats flawed and uninformed reasoning. Amng many reasons why Linux is more secure for a desktop user is that a normal desktop user runing Linux has almost zero chance of double clicking on an atachment and hosing their system w/a virus.
Re:What we want to know... (Score:5, Interesting)
If Linux is to succeed on the desktop, then third parties must be allowed to write closed-source applications for Linux. (If, for no other reason, than to allow custom buisness software to continue to run on the systems.) In that case, a vendor very well could include spyware, and being able to block just that application would be very nice.
Can Linux block net access by individual program? I don't know - I think netfilter may be able to be hacked to do it, but I'm not 100% sure. (It looks like it might be possible to write a netfilter module to do it, but it may require modifying the netfilter system itself, which would involve kernel hacking. When I wrote this, www.netfilter.org [netfilter.org] was not responding, so I'm guessing based on documentation on other sites and what was available through the Google cache.)
Does this make Linux on the desktop less secure than Windows? Well, erm, not really. The Windows default firewall only exists in XP (or maybe some SP added it to previous versions, I dunno), and it blocks based on ports. Third-party firewalls like ZoneAlarm and the aforementioned Sygate Personal Firewall can block based on application.
So Linux is no more secure than Windows on its own. Add in some more software, and it can be. The next question is: if Windows had this feature, and Linux did not, would Linux on the desktop be less secure than Windows? I think the answer is yes, based on the idea that Linux on the desktop must be capable of using closed-source software, and that such software would be prevelant on a successful Linux desktop, and that there would exist users for the software.
Dismissing Linux as safe because there currently is no real spyware out for the Linux desktop does not really address the question. Assuming there were, it would be nice to be able to block just one application. Blocking a port would not be enough (since it could just use 80, then no web browsing for you...). Blocking an IP is the obvious "right way" but it still might not be the best solution if that cuts your off from the webpage or other important service.
So being able to block by a given application is probably better than only by packet info (like IP, port, flags, etc.). If the question were simply "OS/A can block net access by application, is it more secure than OS/B that cannot" would people still say "OS/A is more secure because it's open source?" Or is this an emotional response based on the fact that it was Linux vs Windows?
Re:What we want to know... (Score:4, Informative)
--cmd-owner name is the option to do so.
you can also make a rule based on uid.
Of course you can mix things up, for example you can allow an app to connect to some ports rather than to some others.
And of course an application cannot use port 80 (server socket) if it's not uid 0 or suid.
For example
iptables -A OUTPUT -p tcp --dport 80 -m owner --cmd-owner mozilla-bin -j ACCEPT
iptables -A OUTPUT -p tcp --dport 80 -j DROP
would let only mozilla connect to port 80 of a remote server.
I can tell you: you have got no idea how powerfull is iptables!
Re:What we want to know... (Score:5, Interesting)
Some of the appz/games in stores get cracked and put back on shelves. It happens all the time. And how many of you keep your sales receipt, box or even CD? I have software running that is paid for but I don't have evidence that I bought some of it; I still have a right to run it.
The problem is that while this monitoring is a good idea in theory, there are too many variables that would trigger reasonable doubt in court. This would tie up a court for quite some time with possibly unreliable evidence garnered as reasonable.
Re:What we want to know... (Score:5, Funny)
Re:What we want to know... (Score:3, Insightful)
Um, maybe for the same reason that American citizens care about the Constitution and understand the concept of a limited government?
"But the thing is, you don't have many suspects who are innocent of a crime. That's contradictory. If a person is innocent of a crime, then he is not a suspect." (former Attorney General) Ed Meese, US News & World Report, 10-15-85
Re:What we want to know... (Score:4, Insightful)
So all suspects are guilty? That doesn't make any sense to me.
Re:What we want to know... (Score:5, Interesting)
Where does the madness stop? What is the publisher had disabled the computer or reformatted the hard drive? Would that be justified? What is the software was actually *NOT* pirated?
Re:What we want to know... (Score:4, Informative)
You're wrong, for several reasons.
"if they choose to contact the individual or institution and there was just a flaw in the code that made it think that it was cracked when it was infact legit, all the acused would have to do to clear their name is prove that they have a legaly purchased copy"
In the US, we have a "innocent until proven guilty" court system, where the burden of proof is not on the accused to prove they are innocent, but on the accuser to prove that they are not. Secondly, it might not be that easy for a user to prove they have a legit copy. A few examples of this would be if the user's machine was compromised, and the key stolen and distributed, or if the user was part of a large corporation and had no idea of anything to do with the installation of the software, or if the user had bought a used computer with the software already on it.
"it's not like it gives out top secret information"
Again, wrong. RTFA, "The message goes on to detail the users IP, a timestamp, the product in question, the users PC name, username, and MAC address. " This information could be VERY harmful in the wrong hands. With a known IP, timestamp, PC name, username, and even MAC it is now very easy to locate a user's physical location within an organization. With some social engineering and a bit of luck, you can now do all sorts of nasty things (sneak a keystroke logger and BOOM, they're 0wn3d!) to someone. Also dangerous, since MACs are bound to the hardware, if someone could reverse lookup a certain piece of hardware bound to a MAC and then find a vulnerability in the hardware, they're in. And since I doubt this information is encrypted, and since it is obviously sent over the public internet, the right person sniffing the right packets can now grab all of it.
More importantly, I doubt that this "feature", if you can call it that, is well publicized. This is very important because without knowledge of such practices it could be hard for a sys/netadmin to account for the grossly insecure transmissions.
Hear, Hear !!! We found him !!! (Score:3, Funny)
So, dear sweet Tooth, can you answer a few questions for the
Next, on Slashdot : AC, or not AC !!!
Re:What we want to know... (Score:5, Interesting)
Re:What we want to know... (Score:5, Funny)
More details on that old thing (+1 nostalgia) here:
http://www-cse.stanford.edu/classes/cs201/project
Re:What we want to know... (Score:5, Informative)
I had two Konami games on the C64 that used this method. After about five times of going through this pain, I cracked the damn games. What was great was that the copy protection code in both games was the same, and they even ever so nicely made it easy to find the protection (the border color changed after the code was correctly validated). Three byte patch (JMP $XXXX) and hacked game.
Ahhh, the days of 8-bit computing.
-- Joe
Bypassing CD detection (Score:3, Interesting)
Once you put a CD drive on a Windows computer, it no longer is red book [secinf.net] class C2 certified. The obvious reason is that you can boot from a CD.
Obviously, you don't download a cracked version from Russia or China to improve security, but using virtual CD [virtualcd-online.com] drives or modifying registry keys to look other places is quite normal.
And this might be enough to trigger a program into thinking it is running a cracked version -- when in
Re:What we want to know... (Score:3, Insightful)
We bought one legal copy of Photoshop. We should have the right to run one copy, regardless of how many computers we own. This enforces that and makes us abide by the licenses we agreed to! It makes it impossible to violate their license!
So what did we do when we got this error message more and more and more? We decided "hey, we really need two copies". And we got another license. This actually
Re:What we want to know... (Score:3, Insightful)
This crap, and any access to MS nets is something I would block on principle.
Re:What we want to know... (Score:5, Interesting)
If you do it this way, then the real license holder will call to find out why it doesn't work, at which point you can try to find out why their serial number is pirated. Something like this could have prevented the 112-1111111 M$ thing from ever happening, without screwing things up for the end user. Put reasonable limits on how many duplicate licenses you can have, and if you've seen too many, put that number on the list. You won't stop the first few pirated copies, but you'll stop the last 90,000, and you'll find out who leaked the number in the first place. As an extra feature, for corporate keys, you could restrict it to the corporation's IP block.
Damn, maybe I should patent that... Oh well, consider it prior art.
SCO OpenServer (Score:5, Funny)
Re:SCO OpenServer (Score:5, Informative)
Re:SCO OpenServer (Score:3, Insightful)
Re:SCO OpenServer (Score:3, Insightful)
You're being lied to by people who don't know what th
Depends on how you look at it I suppose. (Score:4, Interesting)
You use the illegal software, I don't see any reason why someone who's life work might involve *writing* said software would not want to catch you pirating/using is Illegally.
I'n not all that sure how I feel about the users computer information being fired off in an email, but I have always considered that a possibility in the past. Seems like I was right.
Re:Depends on how you look at it I suppose. (Score:5, Insightful)
But doesn't this imply owners of the legal software are also being spied upon?
Re:Depends on how you look at it I suppose. (Score:3, Interesting)
Not an issue for most vehicle owners. But you steal it and you get caught easier.
Is this spying? While I won't say the analogy is perfect this is still very similar....
Re:Depends on how you look at it I suppose. (Score:5, Insightful)
Re:Depends on how you look at it I suppose. (Score:3, Insightful)
http://www.cadillac.com/cadillacjsp/mo d els/escalad e/onstar.html For example.
I am very aware that the analogy isn't perfect, but in the above example you are still trusting that Chevy isn't randomly "following" your vehicle for marketing or whatever reasons.....
Re:Depends on how you look at it I suppose. (Score:4, Insightful)
But doesn't this imply owners of the legal software are also being spied upon?
OK, I'll take serious stick for saying this but here goes (and there goes my karma).
Sometimes, people observe/stake out/spy on others and their suspicions/paranoia prove to unfounded and sometimes they prove to be well-placed. Not everyone who's under police surveilance, has a background check run on them or gets asked for additional ID verification when using a credit card is going to be guilty of wrong-doing, but does that mean the cops, your kids' schools or Amex should never be allowed to verify basic details?
If the software license made it clear up front that the package could and would periodically check that its use was within the boundaries set by the license (eg, full licensing) then I don't see anything wrong with a publisher checking up on its users in this way. After all, permission had been given, just as it had been given (implicitly or otherwise) in the real world examples I gave above.
One thing you need to ask yourself before you potentially start bashing this company's spyware (or whatever you want to call it): am I in violation of a software license or any laws? Make damn sure that their aren't any illegal copies of the software floating around your organisation before kicking up a major fuss otherwise this could really backfire for you.
Re:Depends on how you look at it I suppose. (Score:5, Insightful)
Some of them I do trust. If I find out Adobe is spying on me to be sure I bought my boxed copy of Photoshop 7, I'm not that worried, because I did. I see this in the same light as I see cameras in retail stores...sure, it's a little annoying that they might be laughing at my fat ass trying to squeeze into size 34 pants, but I can deal with that because I respect their right to stop shoplifters. When the guy who came to paint my house asked me to leave my garage open, I did so, because I was paying him scads of money and I trusted him not to walk out with my TV as well.
Really, with proprietary software it's all a matter of trust. It always has been -- it's why my uncle wouldn't let my cousin use his Renegade pirated floppies in his c64, he was afraid of some stupid code going haywire and messing up his $500 machine.
You worried about this spyware stuff? Go whole hog OSS, it's the only way to be sure. I happen to prefer the user interface and trustworthy behavior of some of my proprietary software and don't mind paying a little extra for it, money or privacy. Still, the day I catch ImageReady sending lists of my porn directories back home to corporate is the day i switch to (shudder, ew) The Gimp.
Re:Depends on how you look at it I suppose. (Score:3, Insightful)
My computer should never do anything I don't want it to do. Plain and simple. If I don't want you to scan my network for illicit copies, then don't do it. I don't really care about any legal "right" software companies have to do it. I don't want them to do it; I'm their customer
Re:Depends on how you look at it I suppose. (Score:4, Insightful)
I agree that I certainly wouldn't want the software to scan around my network looking for illicit copies of stuff. But that's not what we're talking about here. We're talking about a cracked program that, when started, determines that it is cracked, then reports that fact back to the publisher, along with information that will identify where the stolen property is.
This is almost like a Lojak system - the car is stolen, then the security system reports back to the police exactly where the car is. What if you stole the car and it's parked in your garage with the door closed? Yes, I understand that this example doesn't exactly parallel that of the article, but it is similar. The Lojak system doesn't check around the house to see if there are any other stolen things there...it's just concerned about one thing - the car. Much like the software that is described in this article.
Incidentally, neither I nor the article said anything about snooping around the network looking for stuff. And in the case of the software in question, it appears, at least from the limited information available to us in the article, that if this software is reporting information back to the "home office", it would be very hard to suggest that the user is anything remotely resembling a "customer". Unless you consider the guy who steals money from the bank to be a customer.
-h-
No Problem (Score:4, Insightful)
You don't like it then don't use it.
Another question... (Score:5, Interesting)
DecafJedi
Re:Another question... (Score:4, Funny)
Consent (Score:5, Insightful)
POPFile has an option to check to see if there's a new version available. It's incredibly innocuous: it hits a server and check it's version number, the server junks its logs daily. I keep no record. This was initially on by default but people were upset, it's now off.
The simplest solution is that a piece of software that thinks it is pirated start warning 30 days before it's going to shut itself off to give the user a chance to do something and finally disable itself. That is effective and friendly.
And get yourself a copy of ZoneAlarm so that you can see which apps would like to talk to the outside world.
John.
Re:Consent (Score:3, Insightful)
I think that's an excellent idea for a number of reasons:
* Perhaps the user had the software installed by a friend and didn't know it was pirated. A 30 day warning doesn't assume guilt.
* A lot of share/trialware does this already, so people are used to these kind of reminders.
* If it
Re:Consent (Score:3, Insightful)
Software that queries the internet to ensure unique serial numbers are fine, as long as internet access is required for the application to work (like Blizzard games, for multiplayer.) However, it would be rather annoying otherwise.
* Perhaps the user had the software installed by a friend
Re:Consent (Score:5, Insightful)
Imagine the scenario where I change the NIC card in my PC because of a hardware fault. Software X used the MAC address of the NIC for licensing purposes which has now changed and hence thinks it's been copied. One choice would for it to start secretly informing the company that created it that there's a problem, another would be for it to tell me "I think I'm stolen, I'm going to stop working in X days, here's what to do about this". The latter seems friendler to me and if I did steal it it's going to shut itself off and I wont be able to gain from the
crime.
Nor did I claim that stealing the software wasn't stealing. It is. That software was copyrighted by someone, copyright law is clear and if they license it to me for money then I have to pay. Pretty simple. That's why I was opposed to Napster and other "services" and said so publically on my web site. They were/are stealing from people.
Nor do I believe that privacy must be absolute. I just believe in this case that the method used to assist in the enforcement of a license agreement is unreasonable and there are workable alternatives.
John.
This isn't spyware (Score:5, Insightful)
It's not spyware, it's a fucking anti-theft system. Don't like it? Don't steal it.
Re:This isn't spyware (Score:5, Insightful)
In other words: you better be damn certain that you're tracking a pirate before you start sucking data off his machine.
However, if the alarm is legit- you really don't have a leg to stand on. Kind of like stealing a design for a new widget and having your prototype explode halfway through construction.
When you take a step into the illegal side of things, don't look to the law for help.
Re:This isn't spyware (Score:5, Insightful)
Not so. If you remember a few years ago, a judge ruled against Blizzard using spyware in their software even though all it was doing was helping them to squash bugs and prevent cheating.
So the transmission of even benign data without permission by the user is against the law.
Re:This isn't spyware (Score:3, Insightful)
Far better for the company and the user to simply send out a message saying, "You may be using pirated software, please contact us."
This doesn't jus
Re:This isn't spyware (Score:3, Funny)
Oh come on. Do you HAVE to ask? (Score:3, Insightful)
Let's say I am a small book publisher. I publish books about historical battles. I find out that there is someone out in the world who, instead of buying a copy of my book, has simply photocopied a friend's purchased copy of the book.
Now, let's say I track this person down. Then let's say I break into their house. Then let's say I rifle through all of their belongings. Let's say I get their credit card number, bank PIN number, passwords, social security number, medical history, personal communications, personal habits and all of this information for each person in their family, too. Then let's say I take all of this data and give it to the police or the government. Or maybe I even go much further and just burn the house down with everyone in it.
Was I justified? I mean, I must be right? After all the person had a photographed copy of my book and didn't pay me the $39.95 for a legitimate right to read it...!
"Oh come on," indeed... (Score:4, Insightful)
"the users IP, a timestamp, the product in question, the users PC name, username, and MAC address."
Every single piece of information transferred is accessible through the use of other, perfectly legitimate pieces of software, unlike medical records (which require a plausible reason to access); it should be clear that this program is not 'rifling through anyone's belongings.' And the mentioning of burning down the house is completely absurd; nobody is considering giving this data to law enforcement agencies or blowing up the user's computer if it's running pirated software (to relate your analogy to the situation being discussed). Please take your slippery slope arguments elsewhere.
Active copy protections... (Score:5, Interesting)
There's a legend that Microsoft actually encountered this back with Microsoft Word 1.0 - it formatted the hard drive if the CRC of the program changed. Bad karma there, hosing innocent users if they got infected. (BTW - I've seen Vesselin Bontchev reference it here [google.com] and other places, but it could just be he picked up a convenient rumor. Anyone have verification of this story?
If it's not documented in the EULA for the product, it might even be a potential civil suit against the company. Doesn't Europe have fairly restrictive privacy laws that could come into effect here? Could be criminal there if so, especially if it misfired on an innocent user. Although of course - IANAL.
BTW - what product?
Re:Word story is not a legend (Score:3, Informative)
And, found more in depth info from Bontchev [google.com] - seems he just misremembered later.
Was it VisualRoute? (Score:5, Informative)
Re:Was it VisualRoute? (Score:5, Insightful)
The right? No. But does it matter? (Score:5, Insightful)
If the software's anti-theft tracking was being put in place by the police, that would be a violation of the fourth amendment. On the other hand, this is being done by a private corporation which has far more rights.
Think about LoJack, the car anti-theft mechanism, that tracks the car. Isn't that effectively the same thing? That's perfectly legal.
I don't like the notion of a company installing such spyware because there's little guarantee that they are only reporting pirates. Furthermore, what's to keep them from reporting subtle violations of the license agreement that aren't in fact illegal under copyright law. Once the spyware is there, there's effectively no limit on what it can do.
Re:The right? No. But does it matter? (Score:4, Interesting)
Erm...while I grant you that in a civil case the rules of evidence will be much more lenient than in a criminal one, there are statutes related to industrial espionage which you could cover yourself with.
IANAL etc etc, but I am under the impression that, unless you explicitly agree to a function which is not arguably part of the 'core' raison d'etre of the software, things like collecting information without someone's consent on legitimately licensed PCs could be construed as breaking and entering, or the digital equivalent.
If the software only does this for unlicensed copies, I wonder whether you couldn't use a similar strain of argument (license was not active for arcane technical reasons, whatever.)
Admittedly, without starting an argument about it, I don't have strong moral qualms about piracy, and I do believe there are certain limits as to what's allowed in terms of evidence collection/snooping even if you are doing something legally "wrong".
Frankly, I think companies should try to use free/open software anyway if they can, so this never even becomes an issue (ask SCO!
windows ? (Score:4, Interesting)
This means that if say MS is checking the contents of my machine and starts harassing me over possibly illegal software that I would have no way of knowing that the info was retrieved using spyware. it's the stupidity of the 'presentation' that gives this one away, if they were a bit more clever about it you'd never have known that it was spyware related.
The best way to avoid this kind of trouble is to go completely open source or make sure your licenses are paid up
are you on the grapevine yet ? [wwgrapevine.com]
List o' Spyware (Score:4, Funny)
some more (Score:3, Interesting)
1. Admuncher http://www.admuncher.com/
2. Evidence Eliminator http://www.evidence-eliminator.com/
I found a quick (& better)replacement for Admuncher in the new google toolbar (http://toolbar.google.com/) to get rid of popups.
Evidence eliminator is crap, dont need a replacement.
In either of these cases they take you to a page showing your IP address with what they think is a scary message. If you do use a cracked version make sure your wind
What if it was a legit version? (Score:5, Interesting)
Why are they sending you this information??? (Score:4, Interesting)
"Oh no! One of our users is doing something illegal and it has nothing to do with us! Quick, pull the plug on him!!!"
Seriously...unless you are law enforcement, what could you possibly do with this information? If I wrote your ISP and told them I saw you smoking pot, should I expect them to pull the plug on your connection??? How is this any less rediculous?!?
Uh? (Score:5, Insightful)
Re:Uh? (Score:4, Insightful)
What this is really telling you is.. (Score:5, Insightful)
If you don't even know which software or machine is communicating with which outside hosts, don't be surprised when you find out some inside box is relaying spam or leaving out the welcome mat for unwelcomed visitors.
In any case, what exactly prevents you from naming the offending software? Why speak in generalities and obfuscation?
Use Free Software (Score:4, Informative)
Given that you undoubtedly agreed to allow the proprietary software to do a full body cavity search on you when you clicked through the EULA, the publisher has the right to do just that. Even if you're using a "legal" copy.
YOU have the right to refuse to use binary-only, spyware infected, jump-through-hoops licenced programs. Use Free Software instead.
"But I depend on the proprietary software to do my job." Then support the Free Software movement [fsf.org] so someday you won't need to depend on proprietary software anymore.
Re:Use Free Software (Score:4, Funny)
But, but, but.. I didn't click through any agreement! My cat must have walked across the keyboard when I was out of the room, honest!
Personal Firewall notifies you of this (Score:3, Informative)
You need to use your best judgement - when and why an application connects to the internet. Deny all connections by default.
A great way to discourage such... (Score:4, Insightful)
Some possible problems... (Score:4, Insightful)
And what about shared laptops. Somebody loads on some software while attending a conference and then hands the machine back.
Some floating software licensing schemes work on using IP addresses, MAC addresses, monitoring the real-time clock to make sure dates don't change. What if one of these circuits fails (stray cosmic rays, power surge), does that automatically make the user a criminal?
Sure, software companies have the right to protect their software, but I don't think they have the right to allow their applications to automatically generate crime reports. W It would be more for the application to request new short-term licenses and deny access than do anything destructive. If an application can detect that it has been cracked then it should just refuse to work.
Too easy for a false 'pirate' (Score:5, Interesting)
You go down to BigBox store, and buy 3 copies of X.
Back at the office, you use one CD to load all the machines. Leave the other 2 in the shrinkwrapped boxes, on the shelf. Perfectly normal...happens all the time.
The running s/w sees 2 other copies of the same s/n on the LAN, and phones home. PIRATE! PIRATE!
You're 'legal'. You have paid your fees for the 3 copies. But Company X, due to their incorrect reporting and intrusive networking, thinks you are in violation. They send the BSA after you, with all the attendant fees.
At this point, you're guilty until you can prove your innocence.
Absolute BS, I say.
What happened to respect for customers, privacy? (Score:3, Interesting)
Apple anyone? (Score:3, Interesting)
How about, not publish software? (Score:4, Insightful)
If a software publisher prices their software "out of the market" then a potential user has two recourses: 1. don't use it; 2. pirate it.
If the software publisher's decision is inappropriate (i.e., the value is $50 but they charge $2,000), then the user can't be blamed for pirating it. I mean, they can be, but let's face it you can't return software you don't like (because "you might pirate it"), so the default behavior is, pirate it to make sure you like it. Then, if you so choose, pay for it.
I think it's super cool though, that publishers are going to more and more draconian levels in order to "protect their profits" because it just makes open source/free software that much more attractive.
See the Ernie Ball story for more details. (I love that I saw the Ernie Ball and the optic-fiber sponge stories on Excite last night, and then saw those two posted here today.)
Entrapment (Score:4, Interesting)
Re:Entrapment (Score:3, Interesting)
Yes, and in any case it wouldn't be a good example of entrapment. In order to qualify as entrapment it has to be the case that the defendant would not have committed the crime in question if not for some sort of enticement or encouragement on the part of a law enforcement officer. There is no encouragement to pirate software here.
Re:why not? (Score:5, Insightful)
Where is the crime in spyware? (Score:4, Interesting)
The user still has all the information they started with. No one has been deprived of any information. All that has happened is that an additional copy of this information has been created and distributed.
In order to object to this, you have to admit that some information does have owners, and also that it is wrong to copy information without the consent of the owner.
Then, this being slashdot, you have to do a little song and dance, like this: "when other people create music and software and movies, and I make a copy of their stuff, it's fine. But when someone else makes a copy of information from me without my consent, that's wrong!"
Your information wants to be free; my information wants to be private. See?
My own beliefs are the same as Linus Torvalds: "He who writes the code chooses the license". If you don't like spyware, don't friggin run it. I don't.
Re:Where is the crime in spyware? (Score:5, Insightful)
Oh, come on. That's ridiculous. There's a distinction between public information and private information. Published programs, even if they're copyrighted, are published. They're not private, like the user's MAC address and personal grooming habits.
I'm not trying to justify running pirated programs, I just think you need to make a better argument.
Now, that's a better argument.Its not the same. (Score:3, Interesting)
My own beliefs are the same as Linus Torvalds: "He who writes the code chooses the license". If you don't like spyware, don't friggin run it. I don't.
I don't think Linus was talking about either EULA's or spyware, so it's an irrelevant quote.
You want to coerce me into running spywa
Really great at mixing issues... (Score:3, Insightful)
You're mixing up private and public with commercial and free.
Private means that noone else should have, the rest, free or commercial is public.
Commerical means that you can have it - for a price, and free means just that, for free.
When people say that information should be free, they mean that all public information should be free. If you make a speech at a meeting, or a concert performance, they claim that you should be able to
Criminal versus Civil (Score:3, Informative)
In civil cases, the standard is "a preponderence of evidence." Remember, civil cases involve two private entities coming to the state to settle a dispute. At the outset, the law has no judgement about which private party is correct; final judgement is issued based on who presents the most compelling ev
Re:why not? (Score:5, Interesting)
- Unplug the phone jack/ethernet card
- Find out where its' sending packets to, and edit your hosts file on your proxy/firewall accordingly
- Remove the software (duh!)
Or, to take the parent posters' idea of a virus (actually, a worm) to the next step, have it scout the net looking for legit copies, and installing the crack on their machines. So even legit customers would end up "phoning home".Seriously, just remove the software. If it does something you want/need, you have three choices:
- buy a legit copy
- develop a competing product
- put up with the knowledge that it is phoning home
Mind you, if I wrote it, I wouldn't have it phone home, - I'd have it phone a (very) expensive 900 number (say, $50.00 a call) that I'd own, and you'd end up paying for your license when you got your next phone billHypocrite: Re:why not? (Score:3, Interesting)
Dude, if you can't abide by the conditions that the authors have set: eg. price and license
THEN DON'T USE THE FREAKING SOFTWARE
I won't go into quality of the software, but I will touch on that fact that YOU CAN DO ALL OF THIS WITHOUT THEIR SOFTWARE.
I read excel spreadsheets, I write lots of documents. I don't use Microsoft software in my life.
I can afford it. I can't stand its LOW LOW quality (been writing milters
Re:why not? (Score:3, Insightful)
In the words of Frank Zappa, "There's the crux of the biscuit" :-)
This is why we have a huge problem with corporations running amok. They have somehow gotten the idea that they are not accountable for their actions. In reality, corporations have no more right to your personal information than the justice system. Even less so since the justice system does indeed need to get a warrant to search your personal space - unless you willingly g
Re:why not? (Score:5, Insightful)
Installing spy programs on someone elses computer and misapproriating their resources to send information about that computer back to you, OTOH, may certainly be a crime.
Re:why not? (Score:3, Informative)
Right, but copyright infringement isn't stealing. END OF STORY.
To steal, you must remove the property from the owner's hands *AND* have it in your possession.
ie: If I stole windows from microsoft, they would NEVER be able to sell windows against until they caught me, because I'd have all their copies. If I pirated it, I'd have a copy, and they could continue to sell it.
But that's a different crime. Copyright infringement is more like a speeding ticket. Nobody
Re:why not? (Score:5, Insightful)
No, it hasn't. Most parents (including yourself, I'm sure) tell their children, once they're old enough to read, that they should check the dictionary. I hope you don't mind if I do it for you.
theft [reference.com]
\Theft\, n. [OE. thefte, AS. [thorn]i['e]f[eth]e, [thorn][=y]f[eth]e, [thorn]e['o]f[eth]e. See Thief.] 1. (Law) The act of stealing; specifically, the felonious taking and removing of personal property, with an intent to deprive the rightful owner of the same; larceny.
Note: To constitute theft there must be a taking without the owner's consent, and it must be unlawful or felonious; every part of the property stolen must be removed, however slightly, from its former position; and it must be, at least momentarily, in the complete possession of the thief. See Larceny, and the Note under Robbery.
I don't know how much clear it can be than that, sorry.
>it's not the physical manifestation that's holds the majority of the value of the item, it's the intellectual property.
The only real IP I know of is Internet Protocol. "intellectual property" is a buzzword used by various anti-piracy groups to scare users. IMHO, it rates right up there with "speed kills" and "this baby is crying because it's dad was killed by a drunk driver".
>So, your thinking that even though you took it, the fact that they still have it (wow, magic), let's you off the hook is just plain wrong.
I'm not saying that. What I am saying is that piracy is not only a lesser crime (IMHO) than stealing, as it only deprives the owner of an imagined profit, and, in fact, does not cause a direct loss like shoplifting, it really bears no relation to stealing. The similarity ends at the word loss. Speaking of which, murder would be a loss of life, and therefore has the same amount in common with stealing as does piracy.
Again, just my humble opinion.
That being said, I feel that piracy ISN'T a good thing, that it is illegal, but that it is overzealously punished in today's times where steamboat mickey is still copyrighted property. The only way what people will wake up and stop the insanity (put copyright terms back into the hands of the people) is if people stop making it out to be something it isn't.
>By the way, you're not even close in interpreting how copyright laws apply to these situations.
Uhh, seriously, read a law dictionary. Without something being missing from the victim, and without it being in the hands of the perpetrator (preferrably at the same time) there can be no theft.
While the crime of copyright infringement is generally punished in a federal court, and the crime of speeding violations in a municipal or provincial (or, in the US, a state) court, the style of offense is identical. They're both victimless crimes. Sure, you could say I *would* have bought a piece of pirated software rather than pirating it, but at the same time, if I get a stolen (for real) camcorder for $50 that sells for $5,000 do you think there's even a chance in hell I would have bought it if it weren't stolen? The fact is there is normally no specifically identifiable victim from piracy that can prove a loss, which is just like when you receive a speeding ticket -- nobody can prove a loss. It's just illegal, that's all.
It's always a lot more complicated to convince someone a crime is bad when there is no victim, and *THAT'S* why the BSA (et al.) want you to (wrongly) think copyright is theft. Because then they have their victim -- english teachers.
In fact, you'll find my previous dictionary definition a little lax. Merriam Webster says:
theft: 1 a : the act of stealing; specifically: the felonious taking and removing of personal property with intent to deprive the rightful owner of it b : an unlawful taking (as by embezzlement or burglary) of property
When dictionaries start saying specifically, and highlight it; I think they're trying to curb an improper usage of the term.
Re:why not? (Score:5, Interesting)
As someone who makes a living writing peer-to-peer software, I completely disagree that "STEALING IS STEALING" as you say.
I don't want to get into semantics with you, but here goes:
Stealing involves the deprivation of someone's property, removing thier ability to benefit from it. (paraphrase)
Information "theft" is not really theft or stealing.
Thousands of my users probably "steal" my software, but guess what! I DON'T CARE! It is information, which I CANNOT OWN!
Noone, corporation or individual, has a right to profit.
Everyone has a NATURAL right to consume and reproduce information. How do I know? Look how we are physically built, for crying out loud!
Let me close with this somewhat fanatical thought: Every month new ground is broken in the attempt to produce objects by piecing them together molecule by molecule.
Now, it will probably take longer than my lifetime to occur, but EVENTUALLY you all will be able build a generic THING from its component molecular pieces.
Consider this "future" world for a moment: No more scarcity, no more hunger, no more epidemics caused by lack of medicines.
Now consider the same world, with *your* "STEALING IS STEALING end of story" claim: Should the first person/company that creates a new molecular structure have a monopolistic control over said structure? Should you be able to produce (from scratch, not by "physically stealing") a replacement Brake Pad for your car without paying Ford for the privelidge? What about creating your very own "claritin-like" substance for your allergies? Should you have to pay Mosanto?
I stated before, and firmly believe, that information wants to be worthless, in an economic sense. Information has no "owner" that I recognize, and, as such, I do not consider the "copying" of information to be "theft".
If someone broke into my office and stole the computer I was writing my source code on, then THAT is theft of information, as it has deprived me of it.
If someone copies (without my permission) my program and uses it without paying me, oh well! I haven't been deprived of anything! I still have my program! The only thing I *may* have lost is potential profits, but NOONE HAS A NATURAL RIGHT TO PROFIT! NOONE!
(Thats why "Step 2: ???" is so common! heh)
In the above "idealistic copying world" example above, noone could profit! There would be no object scarcity, therefore (almost) no intrinsic value to *ANYTHING*, let alone "strictly informational things."
Time to end this rant, but PLEASE PLEASE consider:
The end result of personal "posession & ownership" of information, combined with monopolistic control, and the added "Lets consider artificial entities with the stated goal of financial wealth accumulation (corporations) the same as people, with the same 'rights' to own information, etc, is a CORPORATE FEUDAL SYSTEM, not the (what I consider) ideallic, everything-copying society that we COULD have then.
The road we are starting down today is leading us towards the scarier of the two, I believe.
-vDave-
{dave -at- bearshare -dotcom-}
Help me out, and use BearShare [bearshare.com] for all of your p2p (INFORMATION COPYING) needs!
Re:why not? (Score:3, Insightful)
This is ridiculous. Allow me to make random analogies to support myself, because this is Slashdot, after all.
Consider a carpenter. If he builds a chair, it is a physical entity which one person (himself) owns. It cannot be reproduced effortlessly. Therefore, he can sell it and make money to compensate himself for his labor.
C
It is theft in a way. (Score:3, Insightful)
I think that pirating is theft in a way. The software itself isn't "stolen". What is stolen is the copyright owners "exclusive right" to do certain things. Whether anyone likes it or not that "exclusivity" is something they lawfully own and by making a copy you take that away from them.
That's not to say that I necessarily agree with al
Re:why not? (Score:5, Informative)
Yes, it is. Funny you should say that and then follow it with:
Stealing is stealing. Infringing upon someone's copyright is NOT stealing, it's infringing upon their copyright. Stealing is stealing, and using cracked software is something else entirely. That's why each is prohibited by a different law. You can't ``steal'' software unless you grab a boxed set and run out of the store.
That may sound like a trivial distinction, but it's not: it is the heart of the matter. It's this sort of sloppy thinking that makes it so easy for Disney to get copyrights extended another 40 years every time Mickey has a birthday.
It's important to remember that property rights are natural rights, which pre-exist our constitution (that's what our constitution says). Copyrights, patents, and the like are privileges which the constitution allows but does not require Congress to grant. When we equate copyright violation to theft, we blur that distinction, and play into the hands of those who would like to enclose the commons of our cultural heritage.
Re:why not? (Score:3, Funny)
Re:why not? (Score:5, Interesting)
And for those situations where stealing doesn't mean stealing?
Two trivial examples that I suspect most us us could get "caught" for:
First, a friend purchased (completely legal, nothing unkosher whatsoever, not even grey-market) a copy of Age of Empires - AoK. It has a rather annoying copy protection scheme, however, which annoys legitimate users (whereas pirates just run a cracked version with no hassles at all). So the solution? He uses a cracked copy of the game. A stupid software test for known program cracks would flag him as "stealing", yet he did no such thing.
Second, and even more difficult to deal with - I have all of my CD collection on my HDD, since I only ever listen to them while at the computer. Legal format-shifting as allowed even by the DMCA. Yet, can I "prove" to some stupid spyware bot that yes, in fact, I really do own the CD? Nope. And even if I could, I shouldn't NEED to; my computer serves me, I do not serve my computer.
More important than false positives, though, we should consider the issue of why we buy software in general. If I buy a game, I buy it to play that game. If nowhere in the documentation (or preferably, on the outside of the packaging) does it describe its "RIAA-friendly anti-piracy technology", it damn well better not have any. I don't buy software to spy on me, I buy it to do the task it describes itself as performing. Nothing more, and nothing less.
Re:why not? (Score:5, Insightful)
fine then you dont mind us installing a new tracking device on your cars to tell the manufacturer and your loan company and officer where your vehicle is at all times.
if you aren't doing anything wrong then why are you against it?
get the idea yet?
Re:why not? (Score:5, Insightful)
True.
And gathering personal information about a user, without his/her consent without a legal warrant is...
Seriously, this information is NOT what anybody can get from public records. If I gathered this information about someone, and that someone found me out, I'd be charged with cyberstalking or whatnot.
Re:why not? (Score:5, Interesting)
That's fine provided due process is followed. Calling home and saying "I'm cracked" is not evidence of guilt. I have a piece of cracked software on my laptop. Am I guilty of piracy? Have I stolen anything? Absolutely not! I paid for the software. However, I cannot have a dongle sticking out of the back of my laptop. It's not worth risking breaking of the dongle, or worse, the laptop.
End of story? Me thinks not. If somebody installs cracked software they haven't paid for simply to evaluate it, have they stolen it? Ethically speaking, no. The fact of the matter is that you cannot return software. The only people who are truely guilty of commiting theft are the people who acquire the software without paying for it, and make use of it.
I would advise not trying to oversimplify this down to black and white. It is nowhere near as 'end of story' as you're making it out to be.
Re:why not? (Score:3, Insightful)
Only if you make the wildly erroneous assumption that everyone who pirates a piece of software would otherwise have paid full price for it.
Re:What is "AUP," please? (Score:4, Funny)
PS - AKA Stands for Also Known As.
PPS - PS stands for... eh, forget it
Abso-dutely... (Score:3, Insightful)
Anyway, they absolutely should be free to use such methods. Of course, we are all free to not use their software if we don't like t