Forgot your password?
typodupeerror
The Courts Government Security News Your Rights Online

Spyware Maker Sues Detection Firm 503

Posted by CowboyNeal
from the every-trick-in-the-book dept.
Luigi30 writes "ZDnet reports that RetroCoder, makers of the SpyMon remote monitoring program, are suing Sunbelt Software, makers of ConterSpy, a spyware detector program, for detecting the SpyMon as spyware. According to the EULA, SpyMon can not be used in 'anti-spyware research,' and detecting it is therefore a violation of it. 'In order to add our product to their list, they must have downloaded it and then examined it. These actions are forbidden by the notice,' a RetroCoder spokesperson said."
This discussion has been archived. No new comments can be posted.

Spyware Maker Sues Detection Firm

Comments Filter:
  • by atarione (601740) on Friday November 11, 2005 @04:49AM (#14006043)
    their EULA is GENIUS>.... evil evil genius.
    • It's just a lame attempt that is doomed to failure.

      I can't believe that a court would find in their favor.
    • by piquadratCH (749309) on Friday November 11, 2005 @04:54AM (#14006073)
      No, it isn't genious. It's only the crap you'd expect from an asshole...
      • by bigtallmofo (695287) on Friday November 11, 2005 @09:04AM (#14007056)
        Everything about these idiots screams "asshole". Look at their web site advertising their product:

        Don't know what your kids are doing on the net?
        Worried that your partner is cheating on you?
        Want to see what your employees are really doing instead of working?
        Ever wanted to be a hacker like in the movies?

        Great product niche - allowing paranoid idiots to spy on everyone in their life. Then there's a fantastically smug notice at the bottom of the web site that says:

        Please note that the "crack" by "team tbe" doesn't work anymore. ;)

        Like I said - everything these guys do and say has asshole written all over it.

    • It doesn't have to be genius. My first idea of defense would be, maybe they were scanning someone else's computer, someone who had previously installed it and had no idea that another person would be using anti-spyware research on that machine. They might then go and sue the installer of the system for negligance or something. Who knows.

    • by Rocketship Underpant (804162) on Friday November 11, 2005 @05:37AM (#14006246)
      1. EULAs are BS. The spyware company happily uploaded a copy of their software to the anti-spyware company on request. Clicking the install button below a 3000 word pile of legalese after you've been given the software isn't a valid contract, for reasons well explained many times before on this site. Heck, the spyware company doesn't even know what individual supposedly "agreed" to the EULA. The janitor? A 12-year-old child? Could have been anyone.

      2. Why is the industry so lawsuit crazy? Lawsuits are supposed to reimburse you for actual unlawful damages done. What damage was done by the anti-spyware company downloading the software? A few cents' worth of bandwidth at the most. What damage was done by installing it? None at all. This is surely the most baseless lawsuit ever.

      (I know that including the spyware definitions in anti-spyware software will [one hopes] hurt the spyware company, but that's not what the suit is about.)
      • What damage was done by the anti-spyware company downloading the software? A few cents' worth of bandwidth at the most. What damage was done by installing it? None at all. This is surely the most baseless lawsuit ever.

        Though I am by NO means defending a spyware company, damage you overlook can most certainly be alleged to have been done. For example, having your program classified as spyware and blocking it from being installed costs said spyware company "customers" and hence, potentially at least, reven
    • A company or individual can sue for slander. I'm no legal expert however maybe RetroCoder could consider CounterSpy as slandering them when they mark SpyMon as spyware. This however would have nothing to do with the EULA in particular. You hear about this kind of court case usually in regards to the media, if I review your software and give it an unfair and bad review I just might end up on the receiving end of such a lawsuit. I would think though that given the nature of SpyMon that this would be exceeding
    • Simple solution (Score:3, Interesting)

      by CarpetShark (865376)
      Dear Sunbelt Software, I just wanted to complain to someone about a crappy bit of software. c:\abc.exe is has been pissing me off for ages now. It does X, Y, and Z. I really wish there was some software out there to remove this crap. Thanks for listening.
      Dear Pissed Off User, We actually make anti-spyware software, but I guess we can add this to the list, just because it bugs you so much. Have a nice day :)
    • by 50m31sl4sh. (854939) on Friday November 11, 2005 @06:40AM (#14006427)
      By reading this post, you agree to pay me $1,000,000.
    • I don't think I'd call it "genius", it's not so smart a move. I'd call it dareful, however. And the reason why a small evil company that nobody cares about has the balls to come with absurd clauses on their EULA is that well-known, large and renowned evil companies rotinely do so [slashdot.org]. Kinda like those weak bullies who bullied you in high school only when the bigger bully was around.
  • by VGPowerlord (621254) on Friday November 11, 2005 @04:50AM (#14006046) Homepage
    Since when could a company dictate to other companies what how they could classify the software?

    If it looks like a duck, and sounds like a duck, then it must be a duck. :P

  • by Anonymous Coward on Friday November 11, 2005 @04:52AM (#14006060)
    ...is for the detection firm to add a section to their EULA that forbids anti-anti-spyware research!
    • Even better answer would be detect it as SCOndomware.... and then say it is 'probably spyware, but cannot be clssified as such for probably legal reasons'.
    • Re:The answer... (Score:5, Insightful)

      by slavemowgli (585321) on Friday November 11, 2005 @08:14AM (#14006828) Homepage
      You moderators might think that's Funny, but it's actually a very interesting point. If I can, basically, say "you're not allowed to come anywhere near my software" in the EULA as a spyware maker, why can't I say the same thing as an anti-spyware maker?

      What's nice about this is that it works out no matter whether such a clause would be accepted: if it is accepted, then the spyware maker would have violated the anti-spyware product's EULA by looking at how it classifies the spyware. If it's not accepted, on the other hand, then the corresponding clause in the spyware's EULA would also not be accepted.

      Myself, I think that such clauses aren't valid, but I also think that even if a court thinks they are, it'd be pretty impossible to actually get a case, as they could trivially be circumvented. For example, if I visit a friend and use their computer to do something in Photoshop, am I then bound by Photoshop's EULA? Of course not; I didn't buy the program, I didn't install it, I didn't agree to anything. My friend might be (or not), but I certainly am not. A spyware maker could do the same thing: just don't install the spyware yourself, but rather classify it after it infected someone else's computer. (On a side note, I doubt that most spyware actually presents a EULA to the user where he can clearly see what is going to happen, where he's given the opportunity to say "no, thanks" and where, if he does, the spyware will not be installed, anyway).
  • The fact that someone actually is trying this, or the fact that I'm half-afraid it might work.

    Let's all hope not.

    • by meringuoid (568297) on Friday November 11, 2005 @05:01AM (#14006106)
      I'm actually quite glad of this. The outcome of this case will determine just what is and what is not enforceable in an EULA.

      For instance, how about that bit about not disassembling, decompiling or reverse-engineering software that's in so many EULAs? That's the same kind of thing as this 'not use in spyware research' clause. If the one is unenforceable, then is the other one too?

      • by Sierpinski (266120) on Friday November 11, 2005 @10:06AM (#14007447)
        That's one thing I never really understood. Historically, its never been the case (legally at least) where just because you write it down and make someone agree to it, it becomes legally binding. If I put in the EULA for software that I wrote, that if you click OK and install this software, you immediately forfeit all rights to your house, all cars, and all cash assets to me, you know someone would just click through that without reading, but of course they wouldn't be legally bound to give me their assets. Any court in the country would overturn that, which just goes to show, just because you write something down doesn't make it legally binding.

        If I got you to sign a paper saying I could beat the snot out of you, and a police officer walks by during the act, what do you think said cop would say if I said "Its OK officer, he signed a waiver saying I could do this to him." Its just ridiculous.

        Congress should outlaw EULA agreements altogether, even the part that says 'If this breaks we aren't responsible.' They wrote the software saying that it works, and if it breaks, they SHOULD be responsible.
  • by SuperBanana (662181) on Friday November 11, 2005 @04:54AM (#14006074)
    According to the EULA, SpyMon can not be used in 'anti-spyware research,' and detecting it is therefore a violation of it.

    Anyone remember those MOTD's on pirate-software FTP sites giving us a pseudo-legal-brief about President Clinton signing some law, and then "FBI AGENTS YOU CANNOT ENTER THIS SITE"?

    • by Kjella (173770) on Friday November 11, 2005 @05:17AM (#14006192) Homepage
      Anyone remember those MOTD's on pirate-software FTP sites giving us a pseudo-legal-brief about President Clinton signing some law, and then "FBI AGENTS YOU CANNOT ENTER THIS SITE"?

      They never stopped, FTP simply lost importance. IRC fserves used to have them too. Websites, DC++ hubs, eMule hubs, WinMX shares as well. It's funny, I've had people present me that and then ask me if I'm a cop as well. Even after sending them this [snopes.com] and this [snopes.com] they still think it is for real. I guess it's some kind of mental self-defense, denial or whatever that makes them go LALALALALA I can't hear you.

      Kjella
    • I remember this too. According to Snopes [snopes.com] and this blog post [adamparnes.com], these warnings - boiled down to the simplest level - told law enforcement and other groups that going after them was a violation of non-existing 1995 Internet privacy law signed by former President Clinton.

      It isn't true.
  • by bjason82 (820735) on Friday November 11, 2005 @04:57AM (#14006088)
    This kind of thing is not likely to stand up in court. Spyware has been proven to be a malicious type of software that voilates one's privacy, therefore I would be shocked if the courts find in favor of the spyware maker. The spyware maker might have thought it was clever adding that clause in their EULA, but essentially what they've stipulated was people cannot investigate how their software works in order to prevent it's unwanted installation on to one's system. Not likely to stand up in court.
    • Don't need to (Score:4, Insightful)

      by JanneM (7445) on Friday November 11, 2005 @05:10AM (#14006148) Homepage
      They don't need to be able to win. All they need is to have enough of a case to threaten them with long, costly litigation - and once the expected cost of defending themselves is greater than the cost of caving in, most businesses will cheerfully cave. In fact, for publicly traded companies you can make a decent case that it's their duty to do so.
      • Re:Don't need to (Score:5, Insightful)

        by Hortensia Patel (101296) on Friday November 11, 2005 @05:17AM (#14006190)
        once the expected cost of defending themselves is greater than the cost of caving in, most businesses will cheerfully cave. In fact, for publicly traded companies you can make a decent case that it's their duty to do so.

        Except that if a clause like this were upheld, all the spyware makers would start adding similar clauses in short order, and anti-spyware makers would be out of business. It shouldn't be too hard to explain this to shareholders.
    • by shawb (16347)
      Maybe, if this was actually spyware. Okay, it does "spy" on the user, but it is monitoring software. It gets installed on the computer for the express purpose of monitoring another user's activities, such as a boss monitoring their employees or a parent monitoring what their children are doing. This software has to be purchased and intentionally installed, it doesn't just get surreptiously installed along with some screen saver, video game or internet cursors.

      I personally think this is generally moral
      • The difference is who they report to, if the spy software was recording on the same computer a encripted file that has some key that only the person who installed the software could open. Also it should be able to uninstall the program (maybe with a password of the original installer). And I would expect that other user would have some kind of warning that they are being monitored.

        If this software is being selected as spyware it probably reports to the vendor an undisclosed number of information collected
  • by bravehamster (44836) on Friday November 11, 2005 @04:58AM (#14006091) Homepage Journal
    So, the next virus I get on my computer will have embedded in it's source code: "By reading this source code, you agree that W32.SonyRootKit.C will not be added to any antivirus definition lists or be recognized by any heuristics."

    I can just see the coder in his dimly lit basement cackling while rubbing his hands in glee: "I have you now Norton!"

  • by Anonymous Coward
    Although the EULA does state the defendant must prove in court they didn't use the accused spyware program in research, isn't it possible that the spyware detecting application made (exclusive?) use of heuristic profiling to detect the actual spyware app?
  • by CosmeticLobotamy (155360) on Friday November 11, 2005 @05:00AM (#14006102)
    If you do produce a program that will affect this software's ability to perform its function, then you may have to prove in criminal court that you have not infringed this warning.

    Is it legal for contracts to include conditions that are physically impossible to do? If so, my next bit of software is coming with a "If you can't prove you didn't make copies of the software, you owe us for as many copies as could possibly have been made between the time you first run the program and the time we sue you." Since nobody reads those things anyway.

    On a mostly unrelated note, I wrote a program that shows funny pictures. It's awesome, and it's only 1 cent, for... processing purposes, if anyone's interested in a download.
  • by tines (806906) on Friday November 11, 2005 @05:02AM (#14006109)
    First: they almost admit in the EULA that is a spyware product. Who the fuck else would put such an idiot line in the EULA. Second: the antispyware company might have used some sort of heuristics. No install required. I would really like to see this go in court: isn't there a limit on the kind of shit people put in that EULA ?
    • First: they almost admit in the EULA that is a spyware product. Who the fuck else would put such an idiot line in the EULA.

      Did you even look at what the program is, or did you just post a kneejerk reaction without even looking into the matter?

      The person installing the software KNOWS that it's used to spy. It's computer monitoring software - you know, the kind that bosses have installed on their workers' computers to see if they're actually working instead of screwing around on company time and property. T
  • CYA Notice to federal agents and other interested parties:

    The subject line of this post is intended to be humorous. It is not an endorsement of terrorism nor is it intended to encourage anyone to commit any illegal act.... except of course for jaywalking, sodomy, and mopery with intent to loiter.

    The llamas responsible have all been sacked.

    Lee

  • by pawstar (930281) on Friday November 11, 2005 @05:06AM (#14006131)
    Em. I don't get it. Who says the the company has to agree to the eula to look at it? If the spyware company declines the eula agreement they are not bound to it and as a result the proggy is not installed. How does that restrict they spyware company from analyzing the binaries present in the setup program? Decompress the archive and create a fingerprint done!
  • by Anonymous Coward on Friday November 11, 2005 @05:07AM (#14006134)
    Section 6783.

    You agree that in using this Software, You give Us the right to your first born child.

    Section 6784.

    You agree that in using this Software, you will never hit the "g" key on your keyboard between 4:50AM and 3:15PM. This clause will survive termination of the Agreement.

    Section 6785.

    You will never call the Software a Piece Of Shit in public or in private.
  • by amelith (920455) on Friday November 11, 2005 @05:10AM (#14006147) Homepage
    What's next? Passing a note to a bank teller "By reading this note you have agreed to let me rob your bank and not press the alarm button"?

    EULAs are becoming increasingly cluttered with unenforceable and in cases downright silly things. With any luck a few frivolous lawsuits might see some of them struck down.

    Ame
    • by theonetruekeebler (60888) on Friday November 11, 2005 @08:23AM (#14006858) Homepage Journal
      It's more like
      • By reading this note the teller agrees that the Funds Recovery Action undertaken by the Funds Recoverer is not a bank robbery.
      • Teller agrees to withdraw and surrender such funds as the Funds Recoverer demands.
      • Teller agrees that the Funds Recoverer is not responsible for any financial loss resultant from Teller's participation in the Funds Recovery Action.
      • Any attempts at funds recovery undertaken by Teller or his or her employeer against the Funds Recoverer is expressly disallowed as a derivative work of this Funds Recovery Action.
      • Any video recordings of the Funds Recovery Action are expressly disallowed as a derivative work of this Funds Recovery Action and are the property of the Recoverer.
      • Teller agrees to fund all legal and medical expenses incurred by the Recoverer resultant from the Teller's refusal to cooperate in the Funds Recovery Action.
      • Teller agrees that any violation of this Agreement, including refusal to accept the Agreement, shall entitle the Recoverer to financial compensation of twice the amount demanded in the original Recovery Action.
      • Now put the money in the bag and lie down on the fucking floor.
  • No shame!! (Score:4, Insightful)

    by cra (172225) on Friday November 11, 2005 @05:11AM (#14006154) Homepage
    Have they no shame!??

    The spyware people should be treated like programming commands and scripts: "Carried out and executed".

    In general, I think the USA should change its name to "SueSA". When are people going to take responsibility for their own actions? If someone walks on my sidewalks and trips in a hole in it, it's their own g*dd*mn f**ing fault for not watching where they are going, not mine.
  • by lightweave (522226) on Friday November 11, 2005 @05:13AM (#14006169)
    ++++ fake ticker ++++ Johnny Bash, famous for writing applications like WORM32 and Trojan.Hoax, has today filed a lawsuit against McAffee. His complaint is that the EULA for this applications specifically forbids the reverse engineering or analyzing of the code for anti-virus companies. He says that by downloading and installing his latestes achievment, McAffee implicitly agreed to the conditions and thus violated the EULA by including the anti-virus measures in their latest software.
  • Am I the only one who views the use of law in this sort of a case as an admission of technical ineptitude?
  • By putting statements such as "SpyMon can not be used in 'anti-spyware research'", isn't the spyware firm basically admitting that they are distributing spyware? Why would a legal, non-dodgy software company put such a clause in their EULA? I think if the judge rules in favour of the spyware company (unlikely), this will basically give green light to all other spyware and scumware vendors.
  • So much fun (Score:5, Funny)

    by pepeperes (731972) on Friday November 11, 2005 @05:39AM (#14006257) Homepage Journal
    U.S. lawsuits are merrier and merrier all the time! Very few surrealist artists had as much imagination as some lawyers do!
  • This is a commercial product, so it's clearly beyond the "research" phase. Sounds more like "analysis" to me. I bet it wouldn't be hard to convince twelve jurors of that.
  • "By running Linux, BSD or any other operating system lacking either a Win32 or NT API, you are preventing the installation of the Software and in violation of this agreement, for which you may be liable for damages..."
  • EULAs in general. (Score:3, Insightful)

    by catwh0re (540371) on Friday November 11, 2005 @05:59AM (#14006323)
    EULAs in general are difficult to enforce, because they are often ambiguous, have clashing clauses or as they say in the legal world "have more holes than a lattice fence".
    Legal documents are written with the intention of covering all possible situations, and often worded such that each clause is as broad as possible this is to avoid said lattice fence gaps. This is because once a gap appears it is exploited by lawyers to make the entire document sound ridiculous. (Which is often the case anyway.)

    For example a lawyer will jump right onto this clause, and talk about all the other methods of research, they'll attempt to broadly classify what research is (including using the software at all.) His final point will be that it's impossible to satisfy the terms of the agreement in any way, making it an invalid document. For example the phrase "by reading this line you agree to not read this line", is obviously ridiculous, but essentially any lawyer will be able to make this EULA analogous to this.

  • Putting anything into the EULA means nothing if you cannot prove that the other guy ever accepted it.
    This is spyware, so it's main purpose is to install it without the user noticing, right?
    A user that doesn't notice the install obviously doesn't read and accect a f*cking EULA, so it doesn't matter what the EULA says.
    Sunbelt might just as well have examined a contamined PC.
  • by vhogemann (797994) <victor@NoSpAM.hogemann.com> on Friday November 11, 2005 @05:59AM (#14006325) Homepage
    At least here at Brazil.

    To a contrat be valid, it must be an agreement between two parts. In the case of an EULA the consumer doesnt have any power of negociation, and in pratice cant change anything on the EULA.

    The brazilian legislation also states that you cant be forced to agree with a contract that prejudice, or denies, any of your rights. This way no EULA can really be enforced here.

    Just my 2c.
    • I think this is the case in most countries in the world (except maybe the USA?)

      Like terrorism, EULAs mainly serve as a mechanism for threat. They can be referred to in letters from attorneys. In an actual court session they don't have much value.
  • by pilybaby (638883) on Friday November 11, 2005 @06:00AM (#14006326)
    Perhaps there should be a system where any software installed has to agree to a license on that computer. So I can add my own EULA to my computer and any software vendor that has their software on my computer has to agree to it. There can be a nice API that can be used to get at the license and everything. If I have to agree to an EULA when installing their products on my machine, they should have to agree to my EULA to run their software on my machine. If they break it then I can sue them.

    This is fair too, because as much as I don't understand their EULAs, they wont be able to understand mine. Vive la revolution in software consumer rights!
  • by aiken_d (127097)
    The next time some "Microsoft is 100% evil" or "IBM is 100% benign" topic shows up, can we all remember this?

    Companies are staffed by people, some of whom are bright, some of whom are stupid, and some of whom either get or don't get the way the world works.

    In short: a lot of people running companies, or purporting to run companies, are no more mature or adult than your average 3am slashdot reader (hey, wait, that's me!). Look at what they've done here: picked a fight they can't win, gotten more press for t
  • by Anonymous Coward on Friday November 11, 2005 @06:22AM (#14006382)
    Just go to

    http://www.spymon.com/downloads/install.exe [spymon.com]

    Then you can extract the files from the installer exe without agreeing to anything.

  • Who reads these? If you don't agree do you actually not install and/or use this program? Someone could add a "This will blow up" warning, a la Inspector Gadget and I would have no idea what hit me. I'm probably the only one..
  • by leuk_he (194174) on Friday November 11, 2005 @06:30AM (#14006408) Homepage Journal
    from the article (page 2):

    Copyright law plainly wasn't designed for what RetroCoder is using it for, said Christopher Brody, a partner at Clark & Brody in Washington, D.C. "Copyright laws prevent copying, not examination, and I question the enforceability of such a clause based on copyright ownership," he said.

    Well since copyright is alos used to prevent the unauthorized copying of banknotes, copyright is actually quite powerful. But copyright will not prevent you from studyding bank notes, it might prevent you from creating machines that can help you to duplicate bank-notes (try scanning in a bank note into photoshop and you get the point.)
    • Well since copyright is alos used to prevent the unauthorized copying of banknotes, copyright is actually quite powerful. But copyright will not prevent you from studyding bank notes, it might prevent you from creating machines that can help you to duplicate bank-notes (try scanning in a bank note into photoshop and you get the point.)

      The designs of US currency, like other works of the US government, are public domain. Depiction of currency is restricted by the Counterfeit Detection Act. Adobe have, at t

  • I wonder that EULAs can hold up anywhere in court, even in US. After all, it would be easy to write a program that shows the EULA for a splitsecond and inserts a button or keypress into the messagequeue. In fact smiilar techniques have been used by dialers in germany. After the regulation authorities decided that the fees, created by a dialer, can be challenged, when the user creates a backup of the binaries and sends it in for examination. The dialer would be installed by the authorities, so that they can
  • It won't fly... (Score:3, Informative)

    by TheZorch (925979) <thezorch@ g m a i l .com> on Friday November 11, 2005 @07:33AM (#14006642) Homepage
    A previous court case a few years ago declared that reverse engineering is legal. Few, very few, judges will go against a precident that's lasted that long.

    Also, legal documents like EULAs and Contracts cannot by their wording violate the US Constitution, the constitute of the State in which it is written, nor current Federal, current State, County, and City laws. EULAs and Contracts do not give companies and individuals the ability to bypass the Word of Law.

    A few examples of companies trying to get away with this are:

    * Company rules restricting employee fraternization - They may have the right do to this in company premises, but I'd like to see them try to enforce such a rule in an employee's private residence. I can smell Civil Rights Violation a mile away. The ACLU would drool at the chance to handle a case like this.

    * At Will causes in company contracts - In my state some business I worked for have "AT WILL" clauses saying they can let you go for any reason or no reason at all. Technically this is an attempt to circumvent Labor Laws and Equal Opportunity Labor Laws and likely wouldn't hold up in court.

    There are just some examples of what companies are trying to get away with. No one person is above the law and no company should be allowed to be above it either.
  • by theonetruekeebler (60888) on Friday November 11, 2005 @08:33AM (#14006906) Homepage Journal
    I can download it without installing it, right? If I don't install it, I don't violate the EULA. I'll just examine the contents using third-party tools and do some good old fashioned reverse-engineering.

    And I'm 90% sure this part of the EULA wasn't written by a lawyer. Defendant can basically say "This isn't research" and tapdance all the way to the bank.

    Honestly, next thing they'll be saying is that strapping these dummies to a table and yanking their entrails out with an iron hook is "anatomical research." It'll be fun to win that case by telling the jury I wasn't doing research---I was drawing and quartering a spyware manufacturer. The best part will be hearing the foreman say "not guilty on account of he was drawing and quartering a spyware manufacturer. And here's the addresses of a few spammers I know about."

  • by Ender Ryan (79406) on Friday November 11, 2005 @08:33AM (#14006910) Journal
    DIE! DIE! FUCKING DIE! FUCKING DIE MOTHERFUCKERS! DIE! DIE! DIE!

    That's the only response I could come up with. When the whole world's gone crazy, how does one respond rationally?

    Seriously, purveyors of spyware should be brought up on charges in criminal court. We do the same for virus writers, how is malware any different? Can you imagine the courts allowing a virus writer to sue AV firms? :)

  • by doubledutchdesigns (930301) on Friday November 11, 2005 @08:55AM (#14007013) Homepage
    Retrocoder Limited has NOT threatened to sue Sunbelt - we are currently looking at what legal options we have to defend our product.

    This is a copy of the text sent to Sunbelt:

    "If you read the copyright agreement when you downloaded or ran our
    program you will see that Anti-spyware publishers/software houses
    are NOT allowed to download, run or examine the software in any
    way. By doing so you are breaking EU copyright law, this is a criminal
    offence. Please remove our program from your detection list or we will
    be forced to take action against you."

    The action will be that we may be (in our opinion) forced to get the UK police authorities involved with Sunbelt over copyright theft. This is a criminal offence, not a civil one I believe.

    Retrocoder Limited as the copyright holder, has the right to say who may or may not have its program. If someone has its program without permission, are they not guilty of a criminal offence?

    For example, if you have a copy of Windows without MicroSofts permission, is this not a crime?

    Below is a copy of the text sent to Joris Evers (who wrote the original article from it):

    "As you can see, at the moment it is just a warning to them to stop
    blacklisting the program. Our program is not a "trojan" or "virus",
    it is used to keep a remote "eye" on your kids or employees. The user
    must have access to the users machine in order to install the client.
    Only the installer of the program can view the client machine. Our
    program does not attempt to bypass firewalls or other such protection.

    This is very different from "trojans" and "viruses" - they replicate
    themselves and spread uncontrollably, you do not usually need direct
    access to the users machine. They often try to bypass firewalls in
    order to "reach" the internet.

    Our problem is that companies like Sunbelt do not properly look at
    software before they blacklist it. They clearly ignored legally
    enforceable warnings that what they would be doing is not allowed by
    the copyright holder. This shows that either they do not examine
    programs properly or that they ignore copyright law. In order to add
    our product to their trojan/virus list they must have downloaded it
    and then examined it. Both of these actions are forbidden by the
    copyright notice.

    A similar situation arose with Grisoft with the AVG product. We sent
    a similar warning letter out to them and they responded by removing
    our programs from their blacklist. This resolved the situation and no
    further action has been taken.

    I will be consulting with our solicitor in the next few weeks about
    companies like Sunbelt, what civil/criminal laws have been broken, and
    how best to involve the UK Police authorities in action against them."

    • Sounds like the action of someone who understands spyware/trojans and is fully aware that their software could be used in such a capacity. And is seeking to protect their revenue stream in effect by tying the hands of spyware/trojan etc detection publishers.

      It may not be a virus as you say - so GRI would be right to remove it as such - but it could be used as a trojan as you are very well aware.

      If someone had installed this on my system, I would want to know it was there. Would you?

      If it's my system and I h
    • You should have consulted a solicitor before you embarked on this course of action, as you clearly have no understanding of copyright law. If you had consulted one they would of explained the "doctrine of first sale", (aka exhaustion) to you, and you would understand that you have no case.

      For example, if you have a copy of Windows without MicroSofts permission, is this not a crime?

      It is not a crime.

      The action will be that we may be (in our opinion) forced to get the UK police authorities involved

    • by Skapare (16644) on Friday November 11, 2005 @01:59PM (#14009766) Homepage

      Maybe they never downloaded it in the first place. Maybe they are acting on the basis of experience that is typically gathered by a practitioner of the field who also works to diagnose malfunctions in client computers where previous detection efforts have failed. This would not necessarily mean your software caused any such problems, but rather, your software may have co-existed on a machine with previously undetected malware which was also performing similar spying actitivies, although for malicious intentions. On the basis of these activities, they would never have agreed to your EULA in the first place as they would never have downloaded a copy of the software.

      The ability to detect software like yours, which presumably has no ill-intent, is still necessary, IMHO, because of the existant possibility of ill-intended installation by other parties, such as kids spying on their parents first (it happens), or one spouse spying on the other in domestic issue civil cases (it happens a lot). Unless you can prove that your software has unbreakable facilities that prevent anyone from installing the software except in cases where it would involve only legal spying (e.g. parents spying on kids), I don't think you have a valid basis for demanding that your software be exempted. And I do not see how the software is capable of evaluating the domestic role of the person doing the installation.

      My real concern has nothing to do with your software. It has everything to do with all spyware in general, and the establishment of legal defenses that they all may use if you take this matter to court and prevail. Such a ruling would be universally harmful to everyone.

      In an unrelated issue, how is your software going to spy on kids that are skipping Windows and booting up a Knoppix CD instead to get to the internet to surf for 7un3z, w4r3z, and pr0n? You know kids are doing it, and not just the smart ones. Do you warn parents that your software cannot detect all these cases?

    • by Frenchy_2001 (659163) on Friday November 11, 2005 @02:11PM (#14009863)

      Retrocoder Limited as the copyright holder, has the right to say who may or may not have its program. If someone has its program without permission, are they not guilty of a criminal offence?

      For example, if you have a copy of Windows without MicroSofts permission, is this not a crime?

      Actually, the answers are NO and NO.
      When you buy a copy of Microsoft windows in a store, you enter a tacit sellin contract with that store. Then, on TOP of that, Microsoft tries to limit your possible use of that good, which may or may not be legal. But the only restriction that Microsoft places legally and in an unchallenged way is that you have to BUY their product.

      In the same way, once you have allowed people to download the software, you cannot restrict who can use it or not. It would be discrimination.

      Microsoft does not prevent researchers or black people or foreigners to use their software, they just prevent people WITHOUT a LICENSE. Then, on top of that, they want to restrict your rights to only USE the software. Here, you grant a license to all (free download) and then say that some kinds of people (anti spyware researchers) are not allowed to use it. It is like saying that french people could not use it. Or any group of people. It is discrimination, pure and simple.

      Even restricting a type of use for a product you have the right to use may or may not be legal. A court maintained the right of a company to disassemble a program they had bought to keep it working and improve it.
    • If you read the copyright agreement when you downloaded or ran our program you will see that Anti-spyware publishers/software houses are NOT allowed to download, run or examine the software in any way.

      I am not a lawyer, I just read about law on Slashdot.

      As far as I know, copyright law gives you the right to control transfer (copying) of the program. It doesn't give you the right to control how someone who is in possession of your program uses it.

      Furthermore, since you as the copyright holder perfectly

    • Although you spoke with rhetorical flourish, your entire post shows your ignorance of the issues at stake and is quite illogical. You know for a fact that when someone discovers that your software is running on their system (installed by someone else), there is no way they can have read your EULA and it's obvious that the anti-spyware researchers who may be examining their system are not aware of the EULA either. So, the burden of proof lies upon you to prove that they were pirating a version of your soft
  • by damieng (230610) * on Friday November 11, 2005 @09:20AM (#14007142) Homepage Journal
    Check out http://www.sunbelt-software.com/CounterSpyEnterpri se.cfm [sunbelt-software.com]

    "Microsoft shares their spyware definitions with Sunbelt, but SunBelt uses the threat information differently."

    That would mean SunBelt haven't violated any EULA's and that the lawsuit should be aimed at Microsoft...

  • by fdiskne1 (219834) on Friday November 11, 2005 @09:39AM (#14007251)

    One or the other. It's bad enough the company has this in their EULA, but the fact they are trying to enforce it through the courts proves one of two things. They either have a legal department/management team with serious balls or their legal department/management team is out of their mind. One or the other. I personally would believe the latter. I can't wait until it gets laughed out of court or, even better, the judge takes the evidence and does whatever he has to do to get the company prosecuted.


    Since I'm not logged in yet when posting this message, I have to type in a captcha. This one is "agree". By typing this, what am I agreeing to? Crap, time to get my lawyer to read this page before pressing preview.


  • by Nom du Keyboard (633989) on Friday November 11, 2005 @02:48PM (#14010203)
    So what if the Victim doesn't agree to the EULA for the software running on their computer? Does this mean that the software cannot be used to spy on the Victim until they agree to the EULA, and must be removed.

    Not a funny question at all when you consider the ramifications of one person installing software on a computer and agreeing to an EULA that a second person then uses. How do you sort this out?

There are worse things in life than death. Have you ever spent an evening with an insurance salesman? -- Woody Allen

Working...