Forgot your password?
typodupeerror
News

Spyware Fights Back 680

Posted by michael
from the building-a-death-star dept.
sparcv9 writes "According to the latest issue of Spyware Weekly, the Radlight media player not only searches your hard drive for Adaware, but will uninstall it if found. How do they attempt to legitimize this? By including a clause in their EULA that reads: 'You are not allowed to use any third party program (e.g Ad-aware) to uninstall application bundled with RadLight. Such programs will be removed. If you want to uninstall them, you may do so via Add/Remove in Windows' Control Panel.' Yes, that's right. Not only do they say you are not allowed to use Adaware to remove their bundled apps, but they will forcibly remove Adaware for you to make sure you don't!" There's also a Newsbytes story.
This discussion has been archived. No new comments can be posted.

Spyware Fights Back

Comments Filter:
  • this is not legal (Score:5, Insightful)

    by WildBeast (189336) on Wednesday April 24, 2002 @04:13PM (#3403803) Journal
    and because they mention it in the EULA doesn't mean it's legal. Anyway, it's not like this player will be actually downloaded much.
    • by BLAMM! (301082)
      Hell, no, it's not legal. It's pretty damn arrogant, though!

    • by darkonc (47285) <stephen_samuel@nosPam.bcgreen.com> on Wednesday April 24, 2002 @04:19PM (#3403917) Homepage Journal
      I'm gonna have to write a piece of software where the EULA includes the phrasing:

      By downloading and using this program, I agree to give to the author, on demand, my entire computer system -- including software, licenses for said software and all data contained on said computer. Should licensee decline to abide for the agreement, the licensee will, in addition to the computer system mentioned above, be required to pay legal fees............
      (ianal).

      • by Denium (537999) on Wednesday April 24, 2002 @06:11PM (#3405124) Journal
        Quoting from totally.righteous.net [righteous.net]:
        By using the totally.righteous.net, you agree to be bound by the terms and conditions set forth in this agreement.

        totally.righteous.net is not responsible for anything, at all. By using the service, you consent to daily beatings, administered by any designee of totally.righteous.net.

        You agree to allow totally.righteous.net or designee to access your email, dialup, broadband or bank account as we deem necessary.

        totally.righteous.net or it's designee may obtain your passwords, PIN codes or credit card numbers whenever it may be useful to totally.righteous.net.

        You agree that totally.righteous.net can infect you, your computer or your family with viruses, worms or crotch crickets.

        You agree that totally.righteous.net may use you, your spouse, your children, your parents or your pets for sexual or other purposes

        You agree to complete monitoring of everything you do, or have done, or will do. Ever. totally.righteous.net can use whatever means are convenient to obtain this information, including but not limited to packet sniffing, telephone taps, log analysis, thumb screws, electric shock or bonus beatings.

        An electronic mail account has been created for you. Notices will be sent to that account. You are responsible for monitoring the account and performing orders as instructed by these notices. Failure to do so may result in bonus beatings.

        If you are an employee or representative of a telecommunications, cable, broadband or any communications company or organization, you agree to allow totally.righteous.net full and unrestricted access to all communications equipment.

        Any computer, router, switch, proxy, server or communications device requesting data from totally.righteous.net becomes the property of totally.righteous.net.

        If you are a representative or employee of Comcast Cable Communications, Inc., or are accessing totally.righteous.net from an address or IP controlled by Comcast Cable Communications, Inc., you agree that all equipment carrying traffic or data to or from totally.righteous.net becomes the permanent property of totally.righteous.net.

        Thank you for using totally.righteous.net.

    • Re:this is not legal (Score:4, Informative)

      by joebp (528430) on Wednesday April 24, 2002 @04:20PM (#3403925) Homepage
      Anyway, it's not like this player will be actually downloaded much.
      Quoting the article:

      "over 750,000 copies of RadLight had been downloaded from CNET as of February 2002."

    • According to the article, it was download from Download.COM > 750K times before they took it off the site.
    • by mobydobius (237311)
      and because they mention it in the EULA doesn't mean it's legal. Anyway, it's not like this player will be actually downloaded much.

      Hmm... I definitely agree that this practice is underhanded, unethical, and plain rude, but why do you say it is illegal?

      Is there anything on the books that infers that existing software can not be deleted by new software? If so, how does that work when a new piece of software needs to replace a common shared library, and that new shared library makes existing software unworkable?

      If the user was warned (and a EULA is at minimum a warning), does he really have any legal recourse?
    • and because they mention it in the EULA doesn't mean it's legal.
      I'm gonna have to take a step back here and ask, why the hell not? Shady, underhanded, evil, and a Very Bad Idea: yes. But legal, I don't see why not. You download a program. It tells you, in fairly clear English, that it's going to uninstall adaware. You click ok, and it does. As icky as it may be, I fail to see how a programming telling you it's going to do something, and then doing it when you agree to let it is illegal.
    • by Zeinfeld (263942) on Thursday April 25, 2002 @12:36AM (#3407015) Homepage
      and because they mention it in the EULA doesn't mean it's legal. Anyway, it's not like this player will be actually downloaded much.

      I am not a lawyer, this is not legal advice. I doubt that the clause is 'illegal', but it looks to be very unlikely to be enforceable and certainly not very likely to provide protection against claims for damages.

      I doubt that any laws are being broken by inserting the clause into the alleged contract. However intentional damage to a computer system is criminal in many jurisdictions and I for one doubt that the EULA is going to impress the court.

      The weenie Randite 'you signed a contract' brigade who yatter on interminably in much of this thread are fortunately wrong, contract law has never operated on the bizare principles they advocate.

      The enforceability of the term would depend on the prominence of the notice given. Since I have no intention of loading the program I am not going to find out for myself. If the notice is exceptionally prominent then the guy may get away with it, but only because it would be unlikely that someone would uninstall AdAware without giving consent. Unless the guy really is just making a point (a pretty stupid one) I kinda doubt that this is the case.

      What this comes down to is the sort of smart alex amateur lawyer stuff that is more likely to piss a court off than win a case. I suspect that a judge reading the EULA would take it as evidence that the defendant knew they were doing something illegitimate. If the judge decided that the plaintif did not receive actual or constructive notice of the term the EULA would actually hurt Radware. I suspect that Radware did not intend to give notice of the term and suspect that the judge would be likely to agree.

      Obviously someone who installed AdAware did so as a deliberate decision. The person who installs radware may not be the owner of the machine and so the fact that the installer agrees to the EULA may not be enough to fend off a lawsuit from the actual owner.

      Ultimately this is not a sustainable business model, but then neither is scumware in general. The market for Internet ads is pretty thin to start with. What sort of company advertises through scumware?

      Sensible businesses don't just consider the question 'would we win a suit'. If someone files any sort of lawsuit against you the costs are going to be large. I can't imagine a judge saying to a consumer irate with radware that the suit is so baseless that she is going to award costs.

  • I cant wait..... (Score:4, Interesting)

    by diorio (244324) on Wednesday April 24, 2002 @04:13PM (#3403805)
    .....to see how adaware will fight back on this....what a vicous cycle!
    • I also wonder if the anti-virus companies will start to consider features like what ad-aware provides. Many big corporations have products like Norton Anti-virus and they may want their systems protected from more than just viruses. In fact, some of these spyware products could be more of a pain than some of the viruses out there. I know that my companies sys admins have said that they are seeing significant network bandwidth getting consumed by spyware.
    • Re:I cant wait..... (Score:5, Informative)

      by ProfMoriarty (518631) on Wednesday April 24, 2002 @04:30PM (#3404064) Journal
      Well ... do like AntiVirus software does and just sit and monitor installs ... if it detects a spyware application ... kill it.

      Run as a service on 2K/XP ... and then the Spyware couldn't just delete the EXEs ... ALSO, make the monitor smart enough to remove itself from the "remove on next reboot" section of the registry.

    • by swb (14022)
      I could see ad-aware having some interactive de-installation step where you had to actually perform some non-automated task to deinstall it, like the way that some online services companies make you re-enter data presented as a blurry GIF or something -- failure to do that would terminate the deinstallation.

      If they're just brute-force deleting the application, randomize the name, size and date of the application to prevent that as well.

      It'd be nice to see antivirus products have a no-spyware add-in that would cause them to find and remove them as well.
  • by peddrenth (575761) on Wednesday April 24, 2002 @04:13PM (#3403810) Homepage
    Looks like we need Radlight-Lite (c.f. Kazza!)

    Or Winamp of course. I've never even heard of RadLight
  • by Zspdude (531908) on Wednesday April 24, 2002 @04:14PM (#3403825) Homepage
    Spyware will do what is necessary for it to be effective. Kind of a non-story this, because I wouldn't expect anything else from spyware... Of course it's going to disable things that can find and remove it!
    • Seriously. It's not like they're going to hold back on something like this because "it's unethical"

      S
    • by Anonymous Coward on Wednesday April 24, 2002 @04:34PM (#3404133)
      To Whom It May Concern,
      1. Spyware stuff.
      during the last few months the popularity of word "spyware" has
      raised amazingly. Actually, only a few peopla know what the programs considered
      as "spyware" do, but the name just sounds good, doesn't it ?
      SPYWARE... SPYWARE... hmm, I'm pretty scared... maybe I should stop
      watching the american thrillers. Someone is spying me... he knows
      what I'm doing, knows my girlfriends telephone number, knows where do I live,
      he just controls my life...HE KNOWS !!!!
      But take a closer look at the "spyware" programs. e.g. SaveNow.
      SaveNow HELPS people when bying over the internet. You want to buy
      a pack (a few hundreds) of recordable CDs.... searching on the net..
      AH, here...Oh, wait a moment, a popup window appears. When I click
      on the popup-window I can buy a pack of my favourite CDs and save
      up to 15% That's cool. I would even call it "HELPWARE". I'm happy.
      I got my CDs, some people got some money and everyone is happy.
      Some people say it collects some information and sends it over the
      internet... BUT. Has anyone "recorded" the data sent over the net ?
      I use it and didn't notice any data being stolen or anything happened
      to my data. Only my SaveNow database is growing and offering me more
      and more advantageous purchases.
      The banner advertising is widely spread on the internet. The targeted
      advertising like SaveNow does is much more efficient and much better payed.
      But some people don't like when the others are profiting.
      Ah... but the saveNow is not the only "HELPWARE" out there..
      Yes, there are MANY of them. And they are struggling for each user.
      And suddenly a programm appears to "uninstall helpware" or "MAKE YOUR
      COMPUTER SAFE" or "PROTECT YOU". But it doesn't uninstall all of the "helpware"
      programs, because SOME OF THEM are considered SAFE.... !!!! SOME OF THEM !!!
      And I ask : Why are they considered SAFE? What is considered SAFE?

      2. HELPWARE as a solution for free programs
      2 years ago, when we started working on RadLight, we had no problems at all.
      We were hosted on a free Slovak server. The bandwidth bas pretty low
      but as we had only 50 visitors a day, everyone succeeded downloading
      his program. Some time later the first download-CRC-FAILED mails began
      to arrive.. was it my fault ? The server problems began.
      A friend managed to get a server in Germany. It was a hot connection
      and the troubles were gone but the people downloaded RadLight more
      and more. As we have reached the 10GB/day traffic the server has died...
      And we had to decide : Either we will be regular Shareware or
      we will bundle other software.
      The first solution would lead to absolute popularity loss. Because the
      people are VERY unlikely to pay if they don't really need to.
      We decided to be FREE SHAREWARE but in a year of being FSW we got
      only some 300USD what is really FEW. I don't want to force anyone to pay me,
      because I wanted RL to be free, but we really couldn't afford to pay ANY server.
      That's why we decided to bundle SaveNow, thinking that people
      realize we had no other choice. Many people wrote MANY MAILS saying
      how is RadLight cool and how happy they are. But are they the only one to be
      happy ? WHY CAN'T I BE HAPPY TOO ? WHY SHOULD I HAVE PROBLEMS of
      making programs for people I don't even know ? But the people
      don't understand that installing HELPWARE is a way of their "THANKS".
      I am REALLY GRATEFUL to those people who registered RadLight = donated
      money to support RadLight, because the money we get from the bundle based
      on our userbase are only enough for paying my phone bill and the server
      we have now, especially to Todd Keller who even offered us a mirror hosting.
      I think that he is one of the few people knowing what problems does it make
      to host popular program.
      As I say : In these times the targeted advertising bundling is the only solution
      for popular programs if they want to stay free.

      3. Adaware app.
      Let's take a closer look at this application.
      The general description is : "An application that uninstalls spyware" or
      "An application that uninstalls helpware" or "An application that uninstalls
      programs being installed with your permission" because YOU are the one to
      decide whether to install them or not (at least in RadLight case). It's
      popularity is based on scarying people using the word "SPYWARE", based
      on considering users as not very clever.
      When an unexperienced user runs adaware and finds some app described
      as spyware he is really likely to click on remove button, because of the
      word "SPYWARE"... something terrible. I'd wonder what would happen
      if the latest windows version was described as "SPYWARE" ??
      And I ask again ? Why should I trust a program that looks into every directory
      on my harddisk, into every registry key, into my mails (it even wanted
      to delete my personal mails to WhenU) searching for SOMETHING rather than
      believing in MYSELF ? I felt like the local SWAT team just went through my house...
      When I AM THE ONE who installed the HELPWARE program, IT SHOULD BE INSTALLED.
      When I don't want to use it anymore, I can uninstall it either manually or going
      to CONTROL PANEL\ADD REMOVE PROGRAMS.
      As adaware's behaviour was hostile to our bundle, I had to defend.
      Other programs like KaZaa do bundle too. However if a half of their
      bundled programs are killed in action they still have enough money
      but my money income is enough for my sister to buy chewing gum.

      4. Some facts to think about.
      RadLight's top downloads count was about 45000 per week only from download.COM
      - that made 1.0MB x 45000 / 7 = 6.428 GB traffic per day only from download.com
      Adaware now
      - 0.85MB x 250 000 / 7 = 30.3 GB each day = 910.7 GB per month.
      - go and check some server providers how much would that cost !!
      - adaware has some $15 PRO version, but I STRONGLY DOUBT it would
      be enough to pay such a bill
      - WHO gives them the MONEY ??
      - Isn't here some concurency destroying trick ?
      - Why are some helpware programs considered spyware and some don't
      Helpware
      - As far as I know only few programs have bundled helpware mandatory
      - so if you DON'T LIKE ANY HELPWARE just DON'T INSTALL IT
      General about software
      - I've heard a saying : "about 99% of computer problems sit in front
      of the monitor"
      RadLight again
      - point of RadLight is to make watching of your video files easier
      and better than ever
      - point of RadLight is NOT to fight in any financial, political, social,
      economical, rasistic or any other war
      - I as the author of RadLight am sorry for users being scared of word
      "spyware" but I don't feel sorry for any uninstalled copy of
      program whose point is TO KILL.
      - the 5.2 License agreement clearly tells that adaware is not allowed
      with RadLight.
      You are the one to decide what software do you want and what software
      do you use.
      • by CynicTheHedgehog (261139) on Wednesday April 24, 2002 @05:00PM (#3404409) Homepage
        Bundling SPYWARE (the world "HELPWARE" is so much horseshit) is not problematic, so long as you clearly state, in understandable terms, what software is being installed, what it does, how much disk space it will consume, how much bandwidth it will use, what information it collects, where that information is going to be transmitted, and under what circumstances that information will be shared. Then let the user decide if the program is helpful or not.

        And never, under any circumstances, remove anything that you did not put their in the first place. I do not want you to HELP me get rid of software I paid for.

        Vague licensing agreements and shady installation procedures are not helpful. They are deceitful and they harm the consumer. How about DECEITWARE, or HARMWARE? Until you come clean, this bundled software will always be looked upon with scorn.
      • by Decimal (154606) on Wednesday April 24, 2002 @05:07PM (#3404484) Homepage Journal
        1. Spyware stuff.
        during the last few months the popularity of word "spyware" has raised amazingly. Actually, only a few peopla know what the programs considered as "spyware" do, but the name just sounds good, doesn't it? SPYWARE... SPYWARE... hmm, I'm pretty scared... maybe I should stop watching the american thrillers. Someone is spying me... he knows what I'm doing, knows my girlfriends telephone number, knows where do I live, he just controls my life...HE KNOWS !!!! But take a closer look at the "spyware" programs. e.g. SaveNow. SaveNow HELPS people when bying over the internet. You want to buy a pack (a few hundreds) of recordable CDs.... searching on the net.. AH, here...Oh, wait a moment, a popup window appears. When I click
        on the popup-window I can buy a pack of my favourite CDs and save up to 15% That's cool. I would even call it "HELPWARE". I'm happy.


        Oh, so this is one of those people who actually enjoy being interrupted during dinner to recieve a SPECIAL OFFER from company X if they switch phone companies. Now I see, they aren't telemarketers, they're tele-HELPERS!

        I got my CDs, some people got some money and everyone is happy. Some people say it collects some information and sends it over the internet... BUT. Has anyone "recorded" the data sent over the net? I use it and didn't notice any data being stolen or anything happened to my data.

        Likewise, this guy must be a-okay with having hidden cameras being in his shower. After all, if the data was wired right out of the house and on to the internet straight to some hidden-camera porn site, has anybody in the neighborhood "recorded" that pictures were sent from his household out over the net? He used the shower and might have noticed the camera, but that must be okay because he didn't actually see the pictures leaving the residence.

        I'm not going to go on. You already understand the truth, and so does this dishonest money-grubbing scumbag.
      • So if he's worried about HIS bandwidth costs, why didn't he upload his program to one of the many dedicated shareware/freeware servers (Tucows, Simtelnet, etc.) and let them worry about it? After all if his intent was to "keep it free" why not do the obvious to avoid incurring expenses?

        Answer: This was yet another excuse.

  • Can't users who want Radlight install Adaware afterwards? The story mentions Radlight checks for and uninstalls Adaware files on its first run. I assume it doesn't do the check everytime it runs - if so, isn't a post-install an easy workaround?
  • hack into a spyware company's server? That in effect is what they are doing to my computer... I don't have any moral qualms about doing such things, but would the law care? I guess it also makes a difference where the spyware company is located, but what if it is the US?
    I would like to give these bastards a taste of their own medicine...
    • The law does care about gaining unauthorized access into machines. Customers, assuming they read every word of the license agreement, are made aware of what a program potentially does and can opt not to install it.

      Not to defend spyware makers, but they're more "within the law" than a hacker is.
    • I wonder if you can try to charge a spyware company with some kind of computer crime. because it is like hacking a computer.

    • Radlight.net --
      Server: Apache/1.3.19 (Unix) (Red-Hat/Linux) mod_perl/1.24_01 PHP/4.0.6 FrontPage/5.0.2 mod_ssl/2.8.1 OpenSSL/0.9.6

      So apart from making it a little harder to open their server, this also shows that this company is using software generously donated by the free software community.

  • Radlight? (Score:3, Funny)

    by Zaknafein500 (303608) on Wednesday April 24, 2002 @04:15PM (#3403841) Homepage
    Does anyone even use this program?
    • Re:Radlight? (Score:3, Informative)

      by nzhavok (254960)
      I've used a much earlier version when I started using divx ;-) However it was quickly given up for BSPlayer [bsplayer.org] (yeah, great name :) which has done nicely until now. Apparently [ezboard.com] it's not spyware.

      I think at the time the only advantage Redlight had was to do with subtitles but I could be wrong.
  • Growing Trend (Score:5, Insightful)

    by the_rev_matt (239420) <slashbot@nOspam.revmatt.com> on Wednesday April 24, 2002 @04:16PM (#3403846) Homepage
    You're going to see more and more companies trying this sort of thing to prohibit you having software that they consider threatening on your computer. AOL used to screw with the setting of any competing ISP's on your system (on "accident"), IE used to cripple Netscape (on "accident"), and MSFT is now saying that you can't use some of their technology in conjunction with ANY GPL software. If we can't maintain our monopoly one way, we'll try another. This of course is a nasty step forward that even billg hasn't tried, but only because he knew there would be hell to pay. It's going to get worse before it gets better.
    • Re:Growing Trend (Score:3, Insightful)

      by NickRob (575331)
      Notice the use of the phrase 'Used to'

      Users respond very negatively to screwing with things. I doubt even in the quasi-legal MS audits that they will seek out GPL software and fine you. How can they legally hold you accountable for having other software?

      God, that's more monopolly garbage. Somebody needs to ask BG on the stand about this. If the prosecutors knew about this, it'd be a crushign blow.
  • by NetRanger (5584) on Wednesday April 24, 2002 @04:16PM (#3403857) Homepage
    ...Microsoft, sensing that they can copy another great idea, changed its EULA today to uninstall Linux when any of its software is run on a machine in the same building.
    • by ethereal (13958)

      Windows already overwrites your MBR if you reinstall on a dual-boot Linux system, doesn't it? So in a sense it already doesn't play well with others.

    • by bm_luethke (253362)
      been there, done that. We had an alpha machine running linux for some vizualation stuff where I work (trying to get a cluster to drive an immersadesk, this was several years ago). It initally had one hard drive with linux on it. We added a second drive for windows and proceded to install NT, it hapilly informed us we had an invalid filesystem and it was reformating it to ntfs, it never asked, it just did it (because, of course on the alpha's back then basically every one wither ran true64 or NT, it reconized it was neither so it "helped" us). We lost nearly three months of work because of this. I've also had windows 98 "fail" twice during install and trash my drive's partition table and file systems, strange that it only did it when linux was installed (what I would call a qui-ki-dink - pronounce kinda like a coincidence, basically something that could just have been a coincidence but not likely)
  • Virus-like? (Score:5, Insightful)

    by Dead Penis Bird (524912) on Wednesday April 24, 2002 @04:16PM (#3403859) Homepage
    It's one thing to add programs and fill your disk up with junk. But to actually remove a properly functioning, legal program like Ad-Aware almost seems like a targeted virus.

    And why can't you uninstall parts of their program? What happened to custom installation?

    This seems illegal to me.
    • Re:Virus-like? (Score:3, Insightful)

      by Danse (1026)

      You can't remove parts because you agreed to a EULA saying you wouldn't. You also agreed to let them remove programs such as Ad-Aware. The solution is to not use programs that put such onerous restrictions on you.

  • Foolish move (Score:5, Insightful)

    by Arcturax (454188) on Wednesday April 24, 2002 @04:17PM (#3403864)
    If you were saavy enough to download ad aware in first place, what is to stop you from reinstalling it and running it again once you've installed this product? The only ones who are going to get stuck with this spyware are people who didn't think to download ad-aware in the first place. Those who lose their copy to this will just chuckle and redownload it and remove the crapware that got installed with the product.

    Basically these guys wasted a lot of effort for naught and just end up looking like scum to boot.
  • Nothing new (Score:5, Interesting)

    by Zog (12506) <israelshirkNO@SPAMgmail.com> on Wednesday April 24, 2002 @04:17PM (#3403872) Homepage
    This really isn't all that new. I'm the computer nerd in my dorm, so every week or two, someone's computer starts acting funny, and I'll have already installed Ad-Aware, and it's just that the spyware has inserted itself into Ad-Aware's ignore list, so it doesn't get touched.

  • If they can uninstall anti-spyware during the installation process, what is to stop M$ IE from uninstalling netscape when you install it? I can't believe that someone else thought of this idea first?
  • EULA are used like a wash-it-out taking all responsability and making your computer not even your own.

    EULA may not even be legal in most country
    The problem is that since nobody fight the legality of the EULA, spyware and other abuser (or even proprietary OS maker) will make "you" consummer accept more and more in the EULA until it comes cracking down.
  • By reading this article, SlashDot has removed all bookmark links to legitimate news sites that report stories in a timely fashion.

    You are further banned from making and/or reading any disparaging remarks involving the words "Katz," "Jon," and any combination of the aforementioned and the phrases "mom in handcuffs" and "father riding a horse."
  • Terrible company (Score:5, Informative)

    by awptic (211411) <infinite AT complex DOT com> on Wednesday April 24, 2002 @04:18PM (#3403895)
    Did anybody else notice the page [216.194.92.96] that shows the first and last names of everyone who's registered? This company doesn't even respect the privacy of PAYING customers... now that's _LOW_
  • This means war. (Score:3, Insightful)

    by bbqdeath (314918) on Wednesday April 24, 2002 @04:19PM (#3403911)
    It's ugly. Gloves are coming off. Nobody tells me I can't uninstall software from my PC, ever. Anybody who does is going to go into the hurt locker for a long time.

    Anyone besides me smell an arms race between ad-aware and these other guys?

    Oh. And what if the ad-aware license text changes to say that other applications can't uninstall _it_? Will we have dueling license agreements?

    - I traded my sig for a glock.
  • To what ends... (Score:2, Informative)

    by bteeter (25807)

    ... will spammers go to spam us with their Ads? I mean that is all that this spyware really is - is another form of spam. Visit and Support sites like: http://www.scumware.com [scumware.com]

    They have a wealth of information on how to fight back against the Ad-ware, Spy-ware, Scum-ware or whatever we are calling it today!

    Take care,

    Brian
    --
    --
    100% Linux based Web Hosting [assortedinternet.com]
    Friendly Service and Knowledgeable support

  • DMCA anyone? (Score:5, Insightful)

    by nyet (19118) on Wednesday April 24, 2002 @04:23PM (#3403971) Homepage
    .. making Ad-Aware a circumvention device. Somebody should turn them in. I'd pay to see that trial.
  • by shayera (518168) on Wednesday April 24, 2002 @04:23PM (#3403974)
    http://216.194.92.96/phpBB2/viewtopic.php?t=226 (Radlight)
    Here the programmer of Radlight handwaves a lot, claiming it was just to point out it was possible to do so (the removal of other apps while installing) and that if he hadn't someone else would.. geeee..
    He's been caught redhanded, he ought to atleast apologise properly, and promtly stop doing it
    • Full Identity? (Score:3, Insightful)

      by ewhac (5844)

      Anyone have this guy's full name? I want to add him to our company's hiring blacklist. I encourage others to do likewise. Banishment/ostracization is the only effective tool we have right now for ethically reprehensible hominids such as this; might as well use it.

      Schwab

      • Re:Full Identity? (Score:3, Informative)

        by Otto (17870)
        The guy posts by the name of DAvenger.

        WHOIS info on radlight.com:

        Agentura Sociologickych Expertiz (template COCO-1106387)
        davenger@radlight.net
        Pusta 7
        Bratislava 4, SK 841 04 SK

        Admin Contact:
        Machacek Ladislav (COCO-1227589) machacek@stonline.sk
        +421 2 65422859 (FAX) +421 2 65422859
        Technical Contact, Zone Contact:
        Machacek Ladislav (COCO-1227590) machacek@stonline.sk
        +421 2 65422859

        CORE Registrar: CORE-71

        Record last modified: 2002-03-14 08:29:54 UTC by CORE-71
        Record created: 2001-08-23 11:29:58 UTC by CORE-71
        Record expires: 2003-08-23 05:27:49 UTC

        Domain servers in listed order:

        ns1.tera-byte.com
        ns2.tera-byte.com

        Database last updated on 2002-04-24 21:44:27 UTC
  • by fungus (37425) on Wednesday April 24, 2002 @04:23PM (#3403975)
    ...if they write it in their EULA.

    Would it be legal to write in an EULA that my software X cannot be used on the same computer than software Y, and uninstall it without warning if it finds it?

    Have Netscape, for instance, remove without warning Internet Explorer from your computer? (But have it written in small characters somewhere that you can't use another third party software to surf the web)

    How about having a software running in background to ensure that you dont download a competing package?

    People should make it clear that we, computer users, will not tolerate such things.
    • Want EULAs to be declared invalid? Write a popular software package that everybody wants, and then one day, change the EULA to say, "You may not use this software if you are not white." (Or "if you are white"...whatever, the point is to be arbitrarily racist.) If that's a little too radical for you, make it say, "You may not use this software if you are an employee of Microsoft or the U.S. Federal government".

      I suspect that the public outcry would have a lot more people scrutinizing EULAs very quickly.

      Or write an EULA that for one customer out of 100 comes up with, "You agree to allow us to publish your credit card numbers on the web for all to use." (As it turns out, this isn't very far from a lot of spyware EULAs, it's just much more to-the-point)

      In any case, abuse of EULAs has become so widespread that I suspect they're going to end up getting regulated, anyway. Let's hope it's sooner rather than later.

      • In any case, abuse of EULAs has become so widespread that I suspect they're going to end up getting regulated, anyway.

        Well you don't need regulation to give you your rights under the law. As far as I know, except for UCITA (blech), no law says that licenses are binding in any way. They are just pieces of paper included in the box for your amusement, or to wipe your ass with, or whatever. Feel free to do whatever you like with what came in that box, as long as it doesn't violate copyright or trademark or any other law (ie, don't use the CD to slit someone's throat).

        Of course, that doesn't mean company XYZ won't sue you over the EULA, but that doesn't mean they are in the right, just richer than you.

        This virus/media player/whatever that deletes files isn't magically justified in its behavior by the EULA (just consider the EULA as a verbose warning label: Warning, this product may delete files on your hard drive).

        And don't tell me that loading a copy into RAM is forbidden unless the EULA says I can, that's crap. Software has no other purpose but to be loaded into a computer's RAM (and HD), they can't be selling their software in good faith unless they know it will be put on computers.

        So let's hope the result of these abuses is that the legal system simply says: "if you want your customers to act any differently than the law allows them to, they must SIGN a CONTRACT, now get out of my courtroom."

        Or at least they should say a license can be like the GPL and GIVE you permission to do something that's otherwise not allowed, bu a license can't FORBID you from doing anything.

        That will save everybody a lot of trouble.

        The problem is of course that Microsoft, et al, will simply encode their favorite license terms directly into the law by greasing a few palms in Congress (this is how the entertainment industry was doing it for years), but at least in that case the results are a little more public (I don't know what half these EULA's say unless I read it in Infoworld, or /., but I certainly know the DMCA pretty well by now).

        In summary: this magical fiction of "software licenses" has to be put to an end, and quick. Software companies don't deserve a power over customers that no other industry has (where's the EULA on your screwdriver that says it can't be used to build computers unless you pay the computer fee? Where's the EULA on your ball-point pen that says all papers you write are the property of Sanford Pen Company?)

  • by NickRob (575331) on Wednesday April 24, 2002 @04:23PM (#3403979)
    Step One: Download the player
    Step two: Run player, see if the company isn't bs'ing
    Step Three: if adaware == missing Then change facial.expresson to 'Shocked'
    Step Four: Download a new version of AdAware that can disable the player's abilities. Step Five: Laugh. You have beaten the system, my friend! Today is a good day!
  • by jest3r (458429)
    So we can expect that Adaware will add a disclaimer to their EULA stating that:
    "Any attempt to uninstall our software will result in an uninstall upon reinstallation .. further more we will uninstall our uninstaller to prevent future uninstalls."
  • Maybe... (Score:2, Interesting)

    by Dr. Bent (533421)
    ...putting an insanely unreasonable clause in your EULA is a form of marketing now. Before today I had never heard of Radlight. No such thing as bad publicity, I suppose.
  • by timon (46050) on Wednesday April 24, 2002 @04:28PM (#3404035) Homepage
    This story immediately reminded me of some of the RIAA plans to hack your home machines [wired.com] (also mentioned here [oreillynet.com]). I can't wait for the day when the big virus/trojan du jour hammering corporate networks and bringing down servers right and left turns out to be from the RIAA or MPAA.

    "We were just protecting our copyrights, it's not our fault that your payroll files were lost!"
  • by smartipants (561845) on Wednesday April 24, 2002 @04:28PM (#3404036)
    I think one of the problems concerning spyware and intelligent agent type technologies is the fact that in order to get good performance people think they need to rely on implicitly collected data, in which case the user always wonders exactly what else they could be collecting. They justify the use of spyware to collect information that users never would take the time to submit themselves. This is a misguided approach, since good personalized recommendation technology is available with explicit user feedback instead (such as Stumbleupon [stumbleupon.com] for websurfing).

    I think that many companies feel such approaches are necessary in order to collect information without too much user hassle. The focus should instead be on improved interfaces which allow people to easily submit information as they desire. This way the benefits of personalization can be had, yet people know exactly how much information about themselves they have revealed...
  • EVAA Agreement (Score:4, Insightful)

    by CDWert (450988) on Wednesday April 24, 2002 @04:34PM (#3404124) Homepage
    Im about ready to come up with an
    E(nd)V(endor)A(ccess)A(greement)
    For my computer that superceeds any EULA and the vendors acceptance will be gained prior (on a click through link at in the signature of the email I order software through.

    Order X program from the author
    At the bottom of the email is a link stating
    something like (and of course be just as obstuficating) as the EULA's are that any software being installed on the computer this mail is originating from must accept the terms in the EVAA (access to MY , get it MY f***ing computer) and that sale or distribution of any software to this computer(the same one you are purchasing the software from) is an acceptance of the EVAA (and a link to the same)

    Wrap up and invert a EULA , one of the nasties most un-understandable ones you can find, and post it at that link, keep copies of the email correspondence and buy it.

    At this point your EVAA WILL in fact superceed the EULA, is this legal, yep !

    Will it hold up in court ? Let me just say just as much as a click through EULA will..

    If a EULA says I have to let them suck my toes, do I have to allow it ? No ! Why not ? Same reasons as "not responsible for lost stolen article" signs arent worth the plastic theyre printed on. You can say whatever the hell you want holding it up in court is another story.

    Next time your rearview mirror or antenna gets ripped off in an automatic car wash and the manager say but the sign is right there say, ok fine, write it down. I took this to court once, on a new car I was dammed if I'd pay 250$ deductible on ....guess what the judge told the car wash owner, wou can say whatever you want on a sign posted however conspicuosly you want, you are in fact still legally responsible, UNLESS Mr...signed a piece of paper waiving that right in FRONT of a witness, did Mr....do this ? Uhhh no your honor....Judgment in favor of plantiff $490.....next case!

  • by dJOEK (66178) on Wednesday April 24, 2002 @04:36PM (#3404154)
    If you must use a separate divx player, i find this one to do the job just nicely
    BSPlay [bsplay.com]
  • by Outlet of Me (90657) on Wednesday April 24, 2002 @04:41PM (#3404219)
    There's already a name for software that, when installed on a computer, goes through and deletes other data on the machine unbeknownst to the user. It's called a virus.

    Just because it's stated in their EULA that they can do that, doesn't allow them to circumvent the law. Of course IANAL, but it sounds like this struggle has gotten to the point where it is legally challengeable.
  • by teamhasnoi (554944) <teamhasnoi&yahoo,com> on Wednesday April 24, 2002 @04:41PM (#3404225) Homepage Journal
    All right, guys

    here I'm again. You have posted really good posts. There are intelligent reactions to my hints and I must admit that I have a bit underestimated how powerfull userbase Adaware has.

    I'm sure that many of you ask, WHAT WAS THE REASON of KILLING adaware right after each start NOT looking into default directory (like some people think) but using the uninstall registry keys and uninstaller LOG file (this is a hint for adaware developers to make it invisible) ?

    Actually, the point was NOT to destroy the adaware . This is almost impossible. BUT TO SHOW WHAT COULD HAPPEN IF THE PROGRAMS START UNINSTALLING EACHOTHER. As I believe that some of the "spyware" are just reguler legal programs I really feel for their authors to see how their program is being uninstalled. I WANTED ADAWARE TO SEE IT TOO and to revalue their pose to their "enemies". I understand that ads brought by some programs aren't doing the clean job and don't have approprietary uninstalling possibilites and they NEED TO BE REMOVED BY THE HARDEST WAY, but NOT all of them are such rude. When removing legal software (as you say now I remove adaware), having all what polite software should have (polite installer, EULA, Uninstaller and full description), it may be really VERY UNPLEASANT.

    They put me on the MOST WANTED list ? Yes, that's what I expected. It is natural and if they didn't do that it would look STRANGE, wouldn't it.

    They removed me from CNet ? Oh yes, again, I expected problems but you all must admit that adaware is a "remover" too.

    They wanted to send me to all AntiVirus companies ? Heh, detecting a "virus" having EXEPath in regisry and no other files copied in any directory would be pretty easy, don't you think ?

    You all are angry on me ? Yes, I expected it. But if I didn't do this and only started to talk about my opinions I would be just SOME ANOTHER GUY SAYING SOME BULLSHIT and ignored (my life-experience with many people). Generaly the people must see the acts first and then they will PERHAPS start thinking more.

    The non-adaware-killing RadLight was compiled 5 seconds after the adaware-killing version. I thought that people would find it out immedieately but it took more than a week until they noticed. It will be released immediately and no more software-removing actions will be taken. I can only hope that Lavasoft will think about the reasons why this happened.

    I know i will loose many of users who will ignore my player but It will at least solve my server problems and I may rest for a while.

    I can apologize now

    " I apologize to LavaSoft for all inconviences that happened by my RadLight software when removing the ADAWARE application silently and without users request.

    I apologize to all RadLight users who may be disappointed or hurt by these events.

    I apologize to all ADAWARE users whose adaware was removed when launched RadLight.

    Your indignation is an evidence for me that I succeeded and now, at least the people who read messages on this forum understand how does it feel when YOUR SOFTWARE is being removed.

    With friendly regards,

    Igor "RadScorpion" Janos

    _________________ Non Progredi Est Regredi

    I think that means, "all your base are belong to us." ;)

    • by Tintivilus (88810) <tintivilus@NoSPAM.tintivilus.org> on Wednesday April 24, 2002 @05:03PM (#3404442)

      You're missing one simple fact: I downloaded and installed ad-aware because I wanted to remove unwanted software from my computer. Property, check. Consent, check. Adaware makes no bones about what their software does.

      Radlight, on the other hand, tampers with my property without my consent. What, you say? Consent has an ethical (and legal) requirement that the consenting party posess all relevant information. Burying the ad-aware clause deep in a clickthrough agreement. This may meet the legal requirement, but certainly not the ethical one.

      In short, your argument would only be valid if you had a "click here to remove ad-aware" button in your installer, or some similar informational device. The absence of such marks this as either a temper tantrum or underhanded scheme.

    • by geekoid (135745) <dadinportland @ y a hoo.com> on Wednesday April 24, 2002 @05:57PM (#3404974) Homepage Journal
      "There are intelligent reactions to my hints and I must admit that I have a bit underestimated how powerfull userbase Adaware has. "

      this tells me that everything after it is worthless.
      You certianly imply that you where just doing it to make a point, but then why would you do that to something whose userbase isn't very big?
      Wouldn't have been better to back-up there registry then delete it? or there back ground?
      or any number of things?

      You got caught, now your trying to back peddle.
  • by Fantastic Lad (198284) on Wednesday April 24, 2002 @04:42PM (#3404236)
    When the automotive industry in agreement with the petrolium industry decide that no car on the market will have an aerodynamic efficiency above a certain figure, (so as to maintain a piggish rate of gas burning which might not otherwise be necessary), what can the average individual do?

    Aside from not owning a car, (which, btw, is an entirely viable option more people should look into), Joe-average can do very little.

    In the software universe, however, there are thousands of people who know how to program well enough to FIX intentional, greed-related corporate bullshit problems, and distribute those fixes to anybody who takes the relatively small amount of time required to learn how to implement them.

    Why are Hackors demonized by the media? Because they represent an annoying burr, a standing nail which refuses to be brushed away or hammered down. And through this, humanity is prevented from being jammed, (quite so quickly and neatly), into the square holes all neatly prepared for us. Hackors get in the way of the plans of the Control Reality which are being implemented around our ears as we speak.

    I am not a programmer. I am not a hacker. But I am proud that this aspect of humanity still exists. I am proud that people are having FUN in this way! (All important!) I salute those who know how to make the machines work for the common benefit, and who have the courage to do so!

    A tip of the hat to you all!


    -Fantastic Lad

  • power of eula's (Score:3, Interesting)

    by Anonymous Coward on Wednesday April 24, 2002 @04:43PM (#3404246)
    It seems these days EULA's are tricky bits of text, with many conflicting positions over how they hold up. Many software companies defend their actions, such as Radlight in this case, by saying "It was in the EULA." This is the case with most programs with spyware. They just write somewhere in the EULA that you are agreeing to install the spyware.

    But are people who use Ad-aware and break the EULA not guilty of anything? It is an agreement that you have to agree to in order to use the application. You agree to installing and running their spyware and ad supported program, then break that agreement by using Ad-Aware to remove it. God forbid someone wants to receive something in return (in the form of ad revenue) for their program which you use. I personally hate ads being forced on me, but this seems no different than cracked warez applications. In both cases you are using the program, but denying the creators any sort of revenue from yourself.

    In both of these cases the EULA seems to bear absolutely no value in the end.
  • If the EULAs were standardized and readable, normal aol-using folks would be able to understand what is really getting installed. Remember when they did that with food labels(in the US). Now all food labels look the same ie. "Nutrition Facts". It's clear and easy for everybody to read. For instance I found this at nutri-facts.com

    Facts About Food Labeling

    Under regulations from the Food and Drug Administration of the Department of Health and Human Services and the Food Safety and Inspection Service of the U.S. Department of Agriculture, the food label offers more complete, useful and accurate nutrition information than ever before.

    With today's food labels, consumers get:

    • Nutrition information about almost every food in the grocery store
    • Distinctive, easy-to-read formats that enable consumers to more quickly find the information they need to make healthful food choices
    • Information on the amount per serving of saturated fat, cholesterol, dietary fiber, and other nutrients of major health concern
    • Nutrient reference values, expressed as % Daily Values, that help consumers see how a food fits into an overall daily diet
    • Uniform definitions for terms that describe a food's nutrient content--such as "light," "low-fat," and "high-fiber"--to ensure that such terms mean the same for any product on which they appear
    • Claims about the relationship between a nutrient or food and a disease or health-related condition, such as calcium and osteoporosis, and fat and cancer. These are helpful for people who are concerned about eating foods that may help keep them healthier longer.
    • Standardized serving sizes that make nutritional comparisons of similar products easier
    • Declaration of total percentage of juice in juice drinks. This enables consumers to know exactly how much juice is in a product.


    Somebody should take that list and create the End User License Agreement Act, in which they list what MUST be clear and concise in the EULA. Until somebody passes a law requiring standardization, rogue software makers will continue to use the EULA to hide revelations of spyware.

    • by mwa (26272) on Wednesday April 24, 2002 @05:42PM (#3404810)
      No, they don't.

      They need to be formally, finally, and legally declared null and void. Like any other transaction, all terms and conditions need to be agreed to by both parties prior to the transfer of goods.

      And No, I don't know how a website determines that the downloader is, or is not, a minor and or otherwise has the legal authority to agree to anything prior to download. I guess software companies that require any sort of legal commitment from their customers can't make it available for download. That's the suppliers problem, and if they can't figure it out then it doesn't bother me a bit.

      If I buy retail software, I am NOT licensing that software. I'm buying it (just like a book, CD, or any other product that happens to be copyrighted). I guess if a company cannot gaurantee that a downloader can legally agree to a license they either have to a) not make it available for download, or b) consider it a sale at $0, with no obligation on the receiver. Without a contract, it can be no other way.

  • by realgone (147744) on Wednesday April 24, 2002 @04:56PM (#3404361)
    Oh yes, there's more. Much more.

    RadLight offers you and your family a whole line of fine merchandise at the RadLight Online Store [cafepress.com] . If you've ever felt like you've had too much voluntary control over your daily routine, why not try integrating some of their fine products into your lifestyle?

    Take, for instance, this fashionable long-sleeve RadLight t-shirt [cafepress.com] . It's luxuriously soft, 100% cotton -- and it forcibly ejects from your wardrobe any third-party sweaters, jackets, etc. you might mistakenly slip over it on one of those chilly summer nights. No more hassles choosing what to wear, and think of all the closet space you'll free up.

    Or how about this bright and cheery RadLight mug [cafepress.com] ? Guaranteed to keep your favorite beverage piping hot... as long that beverage is RadLight-branded Maxwell House Regular Roast. All other liquids will be drained through an emergency discharge valve at the bottom of the mug. (Please note: by filling the cup, the consumer absolves RadLight of all liability for any leg/groin/other scalding that may occur.)

    And, of course, there's always RadLight's crowing achievement: extra-roomy RadLight boxer shorts [cafepress.com] . All-cotton, open-fly, and completely impervious to access by any third parties. That's right, only you or an authorized RadLight employee (or an employee/consultant of any of its licensed subsidiaries and partners) will be able to get at what's behind that RadLight logo. Now how's that for peace of mind?

    Don't thank them now. That slightly pained smile on your face will be praise enough.

  • by Click 0 Nett (525613) on Wednesday April 24, 2002 @05:26PM (#3404664)

    "By existing in the same time-space continuum as this license agreement, you automatically transfer entire ownership of your being, body and belongings to ^Evil^ Inc. You now exist to serve ^Evil^ Inc, and therefor must comply will all commands. You will like, love, and worship ^Evil^ Inc. Click 'OK' below to relay your coordinates to our 'New Slave Arrival Department' for immediate pickup."

  • by Shihar (153932) on Wednesday April 24, 2002 @05:58PM (#3404986)
    Maybe the proper way to make a virus is just to throw in a EULA? Throw in small text:

    "By hitting agree, you agree to let the virus in question destroy your hard drive right after it gets done spaming the network and trying to send itself to everyone in your address book. You also have given us rights to your first born son and any virgin females in your house."
  • by verbatim (18390) on Wednesday April 24, 2002 @06:06PM (#3405071) Homepage
    This guy has decided that his revenue model is bundling his app with a third party program. This third party program is generally considered spyware but, at the same time, can be considered a legitamite app (just not the one that you were downloading).

    He _does_ have a legitamite gripe about adaware. That is, with or without the user's permission, adaware conspicously removes a portion of his application (specifically the part that presumeably pays him).

    This is fine, as far as I'm concerened. However, his installer is ass-backwards.

    How would I have done it (note: I wouldn't have done it at all, but to each his own): When the installer launches have it check for the presense of Adaware. If adaware is installed then tell the user something to the effect of "Aborting install: Adaware detected." This way it is (a) clear that the program does not play well with Adaware and (b) the author has a gripe about adaware.

    Instead he has written an installer that performs a virual function (destroying software without the users knowledge or permission) and is trying to legitamize it by pointing his finger at Lavasoft (adaware). Even if you accept his reasoning that Adaware is the evil culprit, that does not make his program any less evil. He is selling a video player and not an ad-remover remover.

    Basically he just found a whole new way to piss on his userbase.
  • by serutan (259622) <snoopdoug&geekazon,com> on Wednesday April 24, 2002 @07:54PM (#3405729) Homepage
    Dear RadLight,

    By accepting this message into your email system you agree to allow the embedded script to remove all data, applications and operating systems from your network.

    Removal process started.
    Have a nice d#* 7j
  • by mixbsd (574131) on Wednesday April 24, 2002 @09:23PM (#3406034)
    According to simtel.net [simtel.net] the latest version (rl3r52a.exe) does not un-install Ad-Aware. Think the damage has already been done to Radlight's reputation now, though :)

Help stamp out Mickey-Mouse computer interfaces -- Menus are for Restaurants!

Working...