Spyware Maker Sues Detection Firm

Luigi30 writes "ZDnet reports that RetroCoder, makers of the SpyMon remote monitoring program, are suing Sunbelt Software, makers of ConterSpy, a spyware detector program, for detecting the SpyMon as spyware. According to the EULA, SpyMon can not be used in 'anti-spyware research,' and detecting it is therefore a violation of it. 'In order to add our product to their list, they must have downloaded it and then examined it. These actions are forbidden by the notice,' a RetroCoder spokesperson said."

i hate spyware....but..

[atarione (601740)]

their EULA is GENIUS>.... evil evil genius.

Re:i hate spyware....but..

[piquadratCH (749309)]

No, it isn't genious. It's only the crap you'd expect from an asshole...

Asshole is right. Look at this...

[bigtallmofo (695287)]

Everything about these idiots screams "asshole". Look at their web site advertising their product:

Don't know what your kids are doing on the net?
Worried that your partner is cheating on you?
Want to see what your employees are really doing instead of working?
Ever wanted to be a hacker like in the movies?

Great product niche - allowing paranoid idiots to spy on everyone in their life. Then there's a fantastically smug notice at the bottom of the web site that says:

Please note that the "crack" by "team tbe" doesn't work anymore. ;)

Like I said - everything these guys do and say has asshole written all over it.

Re:Asshole is right. Look at this...

[AntEater (16627)]

Was I the only one who saw this subject line and though goatse.... ?? I must admit, it made me flinch.

Re:i hate spyware....but..

[mr100percent (57156)]

It doesn't have to be genius. My first idea of defense would be, maybe they were scanning someone else's computer, someone who had previously installed it and had no idea that another person would be using anti-spyware research on that machine. They might then go and sue the installer of the system for negligance or something. Who knows.

Re:i hate spyware....but..

[Rocketship Underpant (804162)]

1. EULAs are BS. The spyware company happily uploaded a copy of their software to the anti-spyware company on request. Clicking the install button below a 3000 word pile of legalese after you've been given the software isn't a valid contract, for reasons well explained many times before on this site. Heck, the spyware company doesn't even know what individual supposedly "agreed" to the EULA. The janitor? A 12-year-old child? Could have been anyone.

2. Why is the industry so lawsuit crazy? Lawsuits are supposed to reimburse you for actual unlawful damages done. What damage was done by the anti-spyware company downloading the software? A few cents' worth of bandwidth at the most. What damage was done by installing it? None at all. This is surely the most baseless lawsuit ever.

(I know that including the spyware definitions in anti-spyware software will [one hopes] hurt the spyware company, but that's not what the suit is about.)

Simple solution

[CarpetShark (865376)]

Dear Sunbelt Software, I just wanted to complain to someone about a crappy bit of software. c:\abc.exe is has been pissing me off for ages now. It does X, Y, and Z. I really wish there was some software out there to remove this crap. Thanks for listening.

Dear Pissed Off User, We actually make anti-spyware software, but I guess we can add this to the list, just because it bugs you so much. Have a nice day :)

Message for SpyMon developers

[50m31sl4sh. (854939)]

By reading this post, you agree to pay me $1,000,000.

Re:how about this EULA

[indifferent children (842621)]

Scott Adams did it better. Dilbert didn't read the EULA which stated that by installing pkg X, he was agreeing to become Bill Gates' towel-boy.

If it looks like a duck and sounds like a duck...

[VGPowerlord (621254)]

Since when could a company dictate to other companies what how they could classify the software?

If it looks like a duck, and sounds like a duck, then it must be a duck. :P

Re:If it looks like a duck and sounds like a duck.

[by Anonymous Coward]

But if it weighs the same as a duck, it must be a witch.

The answer...

[by Anonymous Coward]

...is for the detection firm to add a section to their EULA that forbids anti-anti-spyware research!

Re:The answer...

[slavemowgli (585321)]

You moderators might think that's Funny, but it's actually a very interesting point. If I can, basically, say "you're not allowed to come anywhere near my software" in the EULA as a spyware maker, why can't I say the same thing as an anti-spyware maker?

What's nice about this is that it works out no matter whether such a clause would be accepted: if it is accepted, then the spyware maker would have violated the anti-spyware product's EULA by looking at how it classifies the spyware. If it's not accepted, on the other hand, then the corresponding clause in the spyware's EULA would also not be accepted.

Myself, I think that such clauses aren't valid, but I also think that even if a court thinks they are, it'd be pretty impossible to actually get a case, as they could trivially be circumvented. For example, if I visit a friend and use their computer to do something in Photoshop, am I then bound by Photoshop's EULA? Of course not; I didn't buy the program, I didn't install it, I didn't agree to anything. My friend might be (or not), but I certainly am not. A spyware maker could do the same thing: just don't install the spyware yourself, but rather classify it after it infected someone else's computer. (On a side note, I doubt that most spyware actually presents a EULA to the user where he can clearly see what is going to happen, where he's given the opportunity to say "no, thanks" and where, if he does, the spyware will not be installed, anyway).

I'm not sure which is scarier...

[laughingcoyote (762272)]

The fact that someone actually is trying this, or the fact that I'm half-afraid it might work.

Let's all hope not.

Re:I'm not sure which is scarier...

[meringuoid (568297)]

I'm actually quite glad of this. The outcome of this case will determine just what is and what is not enforceable in an EULA.

For instance, how about that bit about not disassembling, decompiling or reverse-engineering software that's in so many EULAs? That's the same kind of thing as this 'not use in spyware research' clause. If the one is unenforceable, then is the other one too?

Re:I'm not sure which is scarier...

[Sierpinski (266120)]

That's one thing I never really understood. Historically, its never been the case (legally at least) where just because you write it down and make someone agree to it, it becomes legally binding. If I put in the EULA for software that I wrote, that if you click OK and install this software, you immediately forfeit all rights to your house, all cars, and all cash assets to me, you know someone would just click through that without reading, but of course they wouldn't be legally bound to give me their assets. Any court in the country would overturn that, which just goes to show, just because you write something down doesn't make it legally binding.

If I got you to sign a paper saying I could beat the snot out of you, and a police officer walks by during the act, what do you think said cop would say if I said "Its OK officer, he signed a waiver saying I could do this to him." Its just ridiculous.

Congress should outlaw EULA agreements altogether, even the part that says 'If this breaks we aren't responsible.' They wrote the software saying that it works, and if it breaks, they SHOULD be responsible.

Does it work against FBI agents too?

[SuperBanana (662181)]

According to the EULA, SpyMon can not be used in 'anti-spyware research,' and detecting it is therefore a violation of it.

Anyone remember those MOTD's on pirate-software FTP sites giving us a pseudo-legal-brief about President Clinton signing some law, and then "FBI AGENTS YOU CANNOT ENTER THIS SITE"?

Re:Does it work against FBI agents too?

[Kjella (173770)]

Anyone remember those MOTD's on pirate-software FTP sites giving us a pseudo-legal-brief about President Clinton signing some law, and then "FBI AGENTS YOU CANNOT ENTER THIS SITE"?

They never stopped, FTP simply lost importance. IRC fserves used to have them too. Websites, DC++ hubs, eMule hubs, WinMX shares as well. It's funny, I've had people present me that and then ask me if I'm a cop as well. Even after sending them this [snopes.com] and this [snopes.com] they still think it is for real. I guess it's some kind of mental self-defense, denial or whatever that makes them go LALALALALA I can't hear you.

Kjella

Re:Does it work against FBI agents too?

[welshsocialist (542986)]

I remember this too. According to Snopes [snopes.com] and this blog post [adamparnes.com], these warnings - boiled down to the simplest level - told law enforcement and other groups that going after them was a violation of non-existing 1995 Internet privacy law signed by former President Clinton.

It isn't true.

I dont think they'll win

[bjason82 (820735)]

This kind of thing is not likely to stand up in court. Spyware has been proven to be a malicious type of software that voilates one's privacy, therefore I would be shocked if the courts find in favor of the spyware maker. The spyware maker might have thought it was clever adding that clause in their EULA, but essentially what they've stipulated was people cannot investigate how their software works in order to prevent it's unwanted installation on to one's system. Not likely to stand up in court.

Don't need to

[JanneM (7445)]

They don't need to be able to win. All they need is to have enough of a case to threaten them with long, costly litigation - and once the expected cost of defending themselves is greater than the cost of caving in, most businesses will cheerfully cave. In fact, for publicly traded companies you can make a decent case that it's their duty to do so.

Re:Don't need to

[Hortensia Patel (101296)]

once the expected cost of defending themselves is greater than the cost of caving in, most businesses will cheerfully cave. In fact, for publicly traded companies you can make a decent case that it's their duty to do so.

Except that if a clause like this were upheld, all the spyware makers would start adding similar clauses in short order, and anti-spyware makers would be out of business. It shouldn't be too hard to explain this to shareholders.

Re:I dont think they'll win

[shawb (16347)]

Maybe, if this was actually spyware. Okay, it does "spy" on the user, but it is monitoring software. It gets installed on the computer for the express purpose of monitoring another user's activities, such as a boss monitoring their employees or a parent monitoring what their children are doing. This software has to be purchased and intentionally installed, it doesn't just get surreptiously installed along with some screen saver, video game or internet cursors.

I personally think this is generally moral

I can see it now...

[bravehamster (44836)]

So, the next virus I get on my computer will have embedded in it's source code: "By reading this source code, you agree that W32.SonyRootKit.C will not be added to any antivirus definition lists or be recognized by any heuristics."

I can just see the coder in his dimly lit basement cackling while rubbing his hands in glee: "I have you now Norton!"

Prove my invisible friend ISN'T Jesus.

[CosmeticLobotamy (155360)]

If you do produce a program that will affect this software's ability to perform its function, then you may have to prove in criminal court that you have not infringed this warning.

Is it legal for contracts to include conditions that are physically impossible to do? If so, my next bit of software is coming with a "If you can't prove you didn't make copies of the software, you owe us for as many copies as could possibly have been made between the time you first run the program and the time we sue you." Since nobody reads those things anyway.

On a mostly unrelated note, I wrote a program that shows funny pictures. It's awesome, and it's only 1 cent, for... processing purposes, if anyone's interested in a download.

Heuristics ? Or the admit in the EULA

[tines (806906)]

First: they almost admit in the EULA that is a spyware product. Who the fuck else would put such an idiot line in the EULA. Second: the antispyware company might have used some sort of heuristics. No install required. I would really like to see this go in court: isn't there a limit on the kind of shit people put in that EULA ?

Don't agree to eula!

[pawstar (930281)]

Em. I don't get it. Who says the the company has to agree to the eula to look at it? If the spyware company declines the eula agreement they are not bound to it and as a result the proggy is not installed. How does that restrict they spyware company from analyzing the binaries present in the setup program? Decompress the archive and create a fingerprint done!

Other great EULA small print

[by Anonymous Coward]

Section 6783.

You agree that in using this Software, You give Us the right to your first born child.

Section 6784.

You agree that in using this Software, you will never hit the "g" key on your keyboard between 4:50AM and 3:15PM. This clause will survive termination of the Agreement.

Section 6785.

You will never call the Software a Piece Of Shit in public or in private.

Unenforceble I'd Say

[amelith (920455)]

What's next? Passing a note to a bank teller "By reading this note you have agreed to let me rob your bank and not press the alarm button"?

EULAs are becoming increasingly cluttered with unenforceable and in cases downright silly things. With any luck a few frivolous lawsuits might see some of them struck down.

Ame

Re:Unenforceble I'd Say

[theonetruekeebler (60888)]

It's more like

• By reading this note the teller agrees that the Funds Recovery Action undertaken by the Funds Recoverer is not a bank robbery.
• Teller agrees to withdraw and surrender such funds as the Funds Recoverer demands.
• Teller agrees that the Funds Recoverer is not responsible for any financial loss resultant from Teller's participation in the Funds Recovery Action.
• Any attempts at funds recovery undertaken by Teller or his or her employeer against the Funds Recoverer is expressly disallowed as a derivative work of this Funds Recovery Action.
• Any video recordings of the Funds Recovery Action are expressly disallowed as a derivative work of this Funds Recovery Action and are the property of the Recoverer.
• Teller agrees to fund all legal and medical expenses incurred by the Recoverer resultant from the Teller's refusal to cooperate in the Funds Recovery Action.
• Teller agrees that any violation of this Agreement, including refusal to accept the Agreement, shall entitle the Recoverer to financial compensation of twice the amount demanded in the original Recovery Action.
• Now put the money in the bag and lie down on the fucking floor.

No shame!!

[cra (172225)]

Have they no shame!??

The spyware people should be treated like programming commands and scripts: "Carried out and executed".

In general, I think the USA should change its name to "SueSA". When are people going to take responsibility for their own actions? If someone walks on my sidewalks and trips in a hole in it, it's their own g*dd*mn f**ing fault for not watching where they are going, not mine.

Virus creator sues McAffee for USD 200$ Mio

[lightweave (522226)]

++++ fake ticker ++++ Johnny Bash, famous for writing applications like WORM32 and Trojan.Hoax, has today filed a lawsuit against McAffee. His complaint is that the EULA for this applications specifically forbids the reverse engineering or analyzing of the code for anti-virus companies. He says that by downloading and installing his latestes achievment, McAffee implicitly agreed to the conditions and thus violated the EULA by including the anti-virus measures in their latest software.

So much fun

[pepeperes (731972)]

U.S. lawsuits are merrier and merrier all the time! Very few surrealist artists had as much imagination as some lawyers do!

EULAs in general.

[catwh0re (540371)]

EULAs in general are difficult to enforce, because they are often ambiguous, have clashing clauses or as they say in the legal world "have more holes than a lattice fence".
Legal documents are written with the intention of covering all possible situations, and often worded such that each clause is as broad as possible this is to avoid said lattice fence gaps. This is because once a gap appears it is exploited by lawyers to make the entire document sound ridiculous. (Which is often the case anyway.)

For example a lawyer will jump right onto this clause, and talk about all the other methods of research, they'll attempt to broadly classify what research is (including using the software at all.) His final point will be that it's impossible to satisfy the terms of the agreement in any way, making it an invalid document. For example the phrase "by reading this line you agree to not read this line", is obviously ridiculous, but essentially any lawyer will be able to make this EULA analogous to this.

EULAs are not valid contracts...

[vhogemann (797994)]

At least here at Brazil.

To a contrat be valid, it must be an agreement between two parts. In the case of an EULA the consumer doesnt have any power of negociation, and in pratice cant change anything on the EULA.

The brazilian legislation also states that you cant be forced to agree with a contract that prejudice, or denies, any of your rights. This way no EULA can really be enforced here.

Just my 2c.

EULA's on individual computers

[pilybaby (638883)]

Perhaps there should be a system where any software installed has to agree to a license on that computer. So I can add my own EULA to my computer and any software vendor that has their software on my computer has to agree to it. There can be a nice API that can be used to get at the license and everything. If I have to agree to an EULA when installing their products on my machine, they should have to agree to my EULA to run their software on my machine. If they break it then I can sue them.

This is fair too, because as much as I don't understand their EULAs, they wont be able to understand mine. Vive la revolution in software consumer rights!

It can be downloaded without OKing the agreement

[by Anonymous Coward]

Just go to

http://www.spymon.com/downloads/install.exe [spymon.com]

Then you can extract the files from the installer exe without agreeing to anything.

Hasn't a crime been commited by Sunbelt?

[doubledutchdesigns (930301)]

Retrocoder Limited has NOT threatened to sue Sunbelt - we are currently looking at what legal options we have to defend our product.

This is a copy of the text sent to Sunbelt:

"If you read the copyright agreement when you downloaded or ran our
program you will see that Anti-spyware publishers/software houses
are NOT allowed to download, run or examine the software in any
way. By doing so you are breaking EU copyright law, this is a criminal
offence. Please remove our program from your detection list or we will
be forced to take action against you."

The action will be that we may be (in our opinion) forced to get the UK police authorities involved with Sunbelt over copyright theft. This is a criminal offence, not a civil one I believe.

Retrocoder Limited as the copyright holder, has the right to say who may or may not have its program. If someone has its program without permission, are they not guilty of a criminal offence?

For example, if you have a copy of Windows without MicroSofts permission, is this not a crime?

Below is a copy of the text sent to Joris Evers (who wrote the original article from it):

"As you can see, at the moment it is just a warning to them to stop
blacklisting the program. Our program is not a "trojan" or "virus",
it is used to keep a remote "eye" on your kids or employees. The user
must have access to the users machine in order to install the client.
Only the installer of the program can view the client machine. Our
program does not attempt to bypass firewalls or other such protection.

This is very different from "trojans" and "viruses" - they replicate
themselves and spread uncontrollably, you do not usually need direct
access to the users machine. They often try to bypass firewalls in
order to "reach" the internet.

Our problem is that companies like Sunbelt do not properly look at
software before they blacklist it. They clearly ignored legally
enforceable warnings that what they would be doing is not allowed by
the copyright holder. This shows that either they do not examine
programs properly or that they ignore copyright law. In order to add
our product to their trojan/virus list they must have downloaded it
and then examined it. Both of these actions are forbidden by the
copyright notice.

A similar situation arose with Grisoft with the AVG product. We sent
a similar warning letter out to them and they responded by removing
our programs from their blacklist. This resolved the situation and no
further action has been taken.

I will be consulting with our solicitor in the next few weeks about
companies like Sunbelt, what civil/criminal laws have been broken, and
how best to involve the UK Police authorities in action against them."

Maybe they never downloaded it in the first place

[Skapare (16644)]

Maybe they never downloaded it in the first place. Maybe they are acting on the basis of experience that is typically gathered by a practitioner of the field who also works to diagnose malfunctions in client computers where previous detection efforts have failed. This would not necessarily mean your software caused any such problems, but rather, your software may have co-existed on a machine with previously undetected malware which was also performing similar spying actitivies, although for malicious intentions. On the basis of these activities, they would never have agreed to your EULA in the first place as they would never have downloaded a copy of the software.

The ability to detect software like yours, which presumably has no ill-intent, is still necessary, IMHO, because of the existant possibility of ill-intended installation by other parties, such as kids spying on their parents first (it happens), or one spouse spying on the other in domestic issue civil cases (it happens a lot). Unless you can prove that your software has unbreakable facilities that prevent anyone from installing the software except in cases where it would involve only legal spying (e.g. parents spying on kids), I don't think you have a valid basis for demanding that your software be exempted. And I do not see how the software is capable of evaluating the domestic role of the person doing the installation.

My real concern has nothing to do with your software. It has everything to do with all spyware in general, and the establishment of legal defenses that they all may use if you take this matter to court and prevail. Such a ruling would be universally harmful to everyone.

In an unrelated issue, how is your software going to spy on kids that are skipping Windows and booting up a Knoppix CD instead to get to the internet to surf for 7un3z, w4r3z, and pr0n? You know kids are doing it, and not just the smart ones. Do you warn parents that your software cannot detect all these cases?

Re:Hasn't a crime been commited by Sunbelt?

[Frenchy_2001 (659163)]

Retrocoder Limited as the copyright holder, has the right to say who may or may not have its program. If someone has its program without permission, are they not guilty of a criminal offence?

For example, if you have a copy of Windows without MicroSofts permission, is this not a crime?

Actually, the answers are NO and NO.
When you buy a copy of Microsoft windows in a store, you enter a tacit sellin contract with that store. Then, on TOP of that, Microsoft tries to limit your possible use of that good, which may or may not be legal. But the only restriction that Microsoft places legally and in an unchallenged way is that you have to BUY their product.

In the same way, once you have allowed people to download the software, you cannot restrict who can use it or not. It would be discrimination.

Microsoft does not prevent researchers or black people or foreigners to use their software, they just prevent people WITHOUT a LICENSE. Then, on top of that, they want to restrict your rights to only USE the software. Here, you grant a license to all (free download) and then say that some kinds of people (anti spyware researchers) are not allowed to use it. It is like saying that french people could not use it. Or any group of people. It is discrimination, pure and simple.

Even restricting a type of use for a product you have the right to use may or may not be legal. A court maintained the right of a company to disassemble a program they had bought to keep it working and improve it.

Re:My god

[gazbo (517111)]

I'm not sure there's a problem - this is how things should be. No, come back, I'm serious!

The modern world is completely founded on contracts of one form or another - an EULA being an example of such a contract. Now this case is clearly ridiculous, and as such I fully expect the challenge to fail (and further could set interesting precedents regarding the reach of EULAs). BUT the company should have the right to bring the challenge, and should be heard by a judge.

You cannot just wave your hands at someth

Re:My god

[Mattcelt (454751)]

Since when did EULAs become meritorious in any way, shape, or form?
They've been stuck down as non-binding as many times as they've been upheld;
they often have clauses in them which are not only onerous, but downright illegal;
they do not have any form of traditional contractual agreement methods, wherein both parties have the ability (allowed by contract law) to modify the contract to their satisfaction;
and they represent the interests of one party to the exclusion of the rights of the other.

Tell me again why this sort of dispute should be allowed past the doors of any courtroom?

Re:My god

[ezberry (411384)]

It isn't true that both parties have to have the ability to modify the contract to their satisfaction (I'm in law school and I've taken contracts... ). EULAs are adhesion contracts, which force the accepting party to the terms of the offering party. From Obstetrics & Gynecologists Ltd. v. Pepper (693 P.2d 1259) 'An adhesion contract need not be unenforceable if it falls within reasonable expectations of the weaker or "adhering" party and is not unduly oppressive. However, courts will not enforce against an adhering party a provision limiting the duties or abilities of the stronger party absent plain and clear notification of the terms and an understanding consent.' So, in the end, you are right that this won't be enforced, but for the wrong reason.

Re:My god

[cp.tar (871488)]

Oh, don't worry... they can't possibly win this case.

The EULA only enforces certain rules if you want to use the program. If you do not use the program - which would mean running the binaries, if I'm any judge - you may not use the program.

It would be most interested to see whether their EULA contains something along the lines 'this software is provided as-is, and is not fit for any express purpouse' - something similar can IIRC be found in MS Office. That clause would counter and dispel the clause that claims it can not be used in spyware research - regardless of the fact that the program does not have to be running for it to be examined. It doesn't even have to be installed, and the EULA doesn't even have to be read, let alone agreed to.

The package can be extracted, binaries examined... And, if the sued company wants to be evil, they can just claim that any software that forbids the end-user to include it in spyware research (and how in the world would you enforce that rule against NOD32's heuristics and automatic mailing suspicious binaries to their lab really escapes me) deserves to be added to their spyware list. They never had to get past reading the EULA to add the program to their list, so they never would have installed it and, of course, never agreed to the EULA in the first place. If they never installed the program, the EULA is unenforceable.

Finally, proving a negative is not what the US court system is based on, at least from what I've heard about it - innocent until proven guilty (unless it's a terrorism accusation, but I don't really want to troll right now). So the spyware maker has to prove that there was no possible way for the sued company to examine their binaries without agreeing to their EULA. If the sued company can prove that there is at least one way for them to do that, the spyware maker cannot prove that they didn't do it. Innocent until proven guilty.

Hell, I could successfully defend them against this, and IANAL.

Re:My god

[RevMike (632002)]

The general gist is correct, but "innocent until proven guilty" is a principle that applies to criminal matters, not civil matters.

Re:My god

[jcr (53032)]

Oh, don't worry... they can't possibly win this case.

This isn't the kind of case that's filed to win in court, its purpose is to intimidate the defendant. Hopefully the court will smack them good and hard.

-jcr

Re:My god

[Spock the Baptist (455355)]

Ah, but Sunbelt *never downloaded* it. They obtained their copy otherwise, thus the *PDA* is unenforceable in their case. SpyMon was already on a client's computer, and was giving the client grief. It was from an examination of this computer at their client's request that SpyMon was detected, and further dealt with.

Sunbelt never *ran* SpyMon, nor did they ever download it, therefore no EULA[1], nor PDA was violated.

[1] Other post deal satisfactorily with the *run* issue.

Re:My god

[OrangeTide (124937)]

Ah. the popular "Bend Over" EULA.

Re:My god

[AnonymousBystander (927218)]

Ah.. the popular soviet russia joke...
spywares sue YOU now becomes reality

Next, write this on your T-shirt
"By looking at me, you agree to ...

yes and no

[TubeSteak (669689)]

Yes, spyware companies leaned on the likes of ad-aware, spybot, etc

BUT

no, because their delisting was contingent on the company modifying the way their software installs/removes/whatever

some spyware companies changed a few of their nasty ways and were rewarded by being delisted. The anti-spyware companies (of course) have reserved the right to relist lapsed spyware makers.