Spyware Fights Back

sparcv9 writes "According to the latest issue of Spyware Weekly, the Radlight media player not only searches your hard drive for Adaware, but will uninstall it if found. How do they attempt to legitimize this? By including a clause in their EULA that reads: 'You are not allowed to use any third party program (e.g Ad-aware) to uninstall application bundled with RadLight. Such programs will be removed. If you want to uninstall them, you may do so via Add/Remove in Windows' Control Panel.' Yes, that's right. Not only do they say you are not allowed to use Adaware to remove their bundled apps, but they will forcibly remove Adaware for you to make sure you don't!" There's also a Newsbytes story.

this is not legal

[WildBeast]

and because they mention it in the EULA doesn't mean it's legal. Anyway, it's not like this player will be actually downloaded much.

Re:this is not legal

[BLAMM!]

Hell, no, it's not legal. It's pretty damn arrogant, though!

Re:this is not legal

[tenman]

Justin, Josh, John, (what ever your name is, your sig doesn't show up here on the reply form)

I am the programmer that would be so unedthical to write profit like that. I would like you to realize the importance of the statment that you just made. If I don't want my program to reside on the same disk as another, I am allowed to refuse my install until the other application in gone. I may, as a matter of convenince to you, prompt you with that information, and then start the uninstall process for you. One way or the other one of the programs is not going to be on that machine at the end of the day. I can be the biggest biggot you have ever seen, and still I am allowed to demand that my application not be installed on a machine with a particular application.

Now the problem is if I uninstall it without your knowledge. They are not uninstalling the application as part of thier install routine. Thier installer waits on the other application to be uninstalled before it writes it's own space. It actually prompted me and allowed me to control the uninstall. When I canceled the uninstall, redlight stoped it's own install with a message like "when you are ready to get rid of adaware...".

It's not illigal, and it's not unethical.

Reach Fer It, Yuh Varmint...

[FFtrDale]

One way or the other one of the programs is not going to be on that machine at the end of the day.

Thar just ain't enuf room on this Hard Drahv fer both o' us...Draw!

Re:this is not legal

[ScuzzMonkey]

I would say it's unethical unless there is some valid, technical reason why your program would not perform its core function properly while the other piece of software is installed. Ethically, you don't have any reason to meddle with what the user chooses to have or not have installed on his or her computer; it's simply none of your affair. If you have some political reason to not want Adaware on people's systems, fine--but that does not mean it's ethical to remove it, even if you are prompting the user. It may be ethical to simply refuse your own install unless the other piece of software is removed, but I think initiating the un-install for the other product is probably not kosher unless for valid technical reasons.

Legally is a different matter; there are plenty of things that are legal but unethical (heck, lawyers in general... nevermind) but I think the legality of this is questionable at the very least. 'Click to agree' EULAs are questionable in the first place, even before you add language to them that arguably has nothing to do with the nature of the product being installed. I could include language in an EULA to require people to wear a pink tuxedo every time they chose to use my product, or agree to sign over half their life savings to me, or whatever--but I doubt it would hold up in court. I doubt this would, either, but until someone challenges it, I guess you can continue to labor under the assumption that you have complete control of your product in all circumstances.

Re:this is not legal

[Darren Winsper]

"wouldn't the reason here be that the other application is going to uninstall a core part of my application?"
Interesting thought. However, AdAware does not do this automatically. I install AdAware and run it, it tells me what it found and I tell it to remove the crap it found.

However, your software starts installing, and then promptly uninstalled software I want on my machine without even asking me to (I don't count the EULA, since it's legal standing is questionable).

Tell me, how would you like it if MS decided to remove your software when Media Player 9 is installing?

Re:this is not legal

[RML]

MS does remove your software when Media Player installs: the WMP installer looks for hacked versions of the Fraunhofer mp3 codec, and deletes them if found.

Re:this is not legal

[ScuzzMonkey]

I think your definition of 'core functionality' is a little weak... this uninstalls a chunk of adware installed alongside the app, not a hunk of the code, does it not? Tell me this--does the app continue to do what it says it will do after Adaware screens it? I would guess that it does--most do, otherwise people wouldn't bother to run Adaware--no point if it actually disabled the functionality they got the app for in the first place. Your example with the TCP/IP stack binding to the adware app is presented as just that--an example. Is this something you do, or not? Are you just inventing examples to avoid the real point? And if the user doesn't need that, why would you think it is a 'core' function?

I can understand you're feeling a little emotional at the moment, but unfortunately it seems to have gotten the better of you and you're reacting to what you thought I said instead of what I actually said. I never said the app performed illegally--I said the legality of the click-to-agree EULA was questionable. When you say "Check the law!" it makes it very clear that you have not done so--there is good reason to doubt this sort of EULA will hold up in court. It's not illegal, it just may not be legally binding. See Softman vs. Adobe--different circumstances, but it has some implications for your naive assertions that anything stuffed in an EULA is binding.

My suggestion would be that if the pristine state of the box your code runs on is so important to you, that you simply not release it. The fact that you have authored something just plain doesn't give you unlimited authority to dictate when and how and where and with what people use it. It's a common misconception, from corporate America on down, but it's just not true--consumers have rights, and you can't simply disregard them because they don't suit you. Unless, of course, you have Congress in your pocket. ;)

Re:this is not legal

[tenman]

fair enough... but all this application does, is "help" you remove ad-aware. it doesn't hide what it's doing and then all of the sudden ad-aware is gone. it starts the uninstall proccess, and then you have the chance to click cancel at that point. It checks to see if you completed the uninstall and then continues its own install. but the think that everyone is missing here, is that it asks/tells you about ad-aware removal before the removal process even starts.

Re:this is not legal

[darkonc]

I'm gonna have to write a piece of software where the EULA includes the phrasing:

By downloading and using this program, I agree to give to the author, on demand, my entire computer system -- including software, licenses for said software and all data contained on said computer. Should licensee decline to abide for the agreement, the licensee will, in addition to the computer system mentioned above, be required to pay legal fees............
(ianal).

Re:this is not legal

[Denium]

Quoting from totally.righteous.net [righteous.net]:

By using the totally.righteous.net, you agree to be bound by the terms and conditions set forth in this agreement.

totally.righteous.net is not responsible for anything, at all. By using the service, you consent to daily beatings, administered by any designee of totally.righteous.net.

You agree to allow totally.righteous.net or designee to access your email, dialup, broadband or bank account as we deem necessary.

totally.righteous.net or it's designee may obtain your passwords, PIN codes or credit card numbers whenever it may be useful to totally.righteous.net.

You agree that totally.righteous.net can infect you, your computer or your family with viruses, worms or crotch crickets.

You agree that totally.righteous.net may use you, your spouse, your children, your parents or your pets for sexual or other purposes

You agree to complete monitoring of everything you do, or have done, or will do. Ever. totally.righteous.net can use whatever means are convenient to obtain this information, including but not limited to packet sniffing, telephone taps, log analysis, thumb screws, electric shock or bonus beatings.

An electronic mail account has been created for you. Notices will be sent to that account. You are responsible for monitoring the account and performing orders as instructed by these notices. Failure to do so may result in bonus beatings.

If you are an employee or representative of a telecommunications, cable, broadband or any communications company or organization, you agree to allow totally.righteous.net full and unrestricted access to all communications equipment.

Any computer, router, switch, proxy, server or communications device requesting data from totally.righteous.net becomes the property of totally.righteous.net.

If you are a representative or employee of Comcast Cable Communications, Inc., or are accessing totally.righteous.net from an address or IP controlled by Comcast Cable Communications, Inc., you agree that all equipment carrying traffic or data to or from totally.righteous.net becomes the permanent property of totally.righteous.net.

Thank you for using totally.righteous.net.

Re:this is not legal

[joebp]

Anyway, it's not like this player will be actually downloaded much.

Quoting the article:

"over 750,000 copies of RadLight had been downloaded from CNET as of February 2002."

Then CNET should delist this

[Glorat]

If they have delisted Kazaa for it's deceptive practices, surely CNET should remove RadLight for similar reasons. This is way over the top.

Re:this is not legal

[cdrudge]

In 2001, 89% of all statistics are made up on the spot. This is up 45% from 2000.

Re:this is not legal

[handorf]

According to the article, it was download from Download.COM > 750K times before they took it off the site.

Re:this is not legal

[mobydobius]

and because they mention it in the EULA doesn't mean it's legal. Anyway, it's not like this player will be actually downloaded much.

Hmm... I definitely agree that this practice is underhanded, unethical, and plain rude, but why do you say it is illegal?

Is there anything on the books that infers that existing software can not be deleted by new software? If so, how does that work when a new piece of software needs to replace a common shared library, and that new shared library makes existing software unworkable?

If the user was warned (and a EULA is at minimum a warning), does he really have any legal recourse?

Re:this is not legal

[Jondor]

>Hmm... I definitely agree that this practice is
>underhanded, unethical, and plain rude, but why do
>you say it is illegal?

He doesn't. He says that writing it in a EULA doesn't automatically make it legal. They can write whatever they want but it still has to be upheld in court.

Re:this is not legal

[AaronStJ]

and because they mention it in the EULA doesn't mean it's legal.

I'm gonna have to take a step back here and ask, why the hell not? Shady, underhanded, evil, and a Very Bad Idea: yes. But legal, I don't see why not. You download a program. It tells you, in fairly clear English, that it's going to uninstall adaware. You click ok, and it does. As icky as it may be, I fail to see how a programming telling you it's going to do something, and then doing it when you agree to let it is illegal.

Re:this is not legal

[cpt kangarooski]

Realistically however, no one reads EULAs; in fact most people don't even read the vast vast majority of dialogs that come up. Don't kid yourself that people are affirmatively agreeing.

At any rate, the enforcability of contracts is a matter of public policy. It is undesirable to permit people to create a contract that would be legally binding that required someone to kill someone else. Both parties might be completely happy with it -- but that doesn't matter. SOCIETY, not any private individuals, determines what can be agreed upon and what cannot, via the courts. Private corporations do NOT decide the law, and do NOT decide what parts of their contracts are valid.

Frankly, had I the option, I would declare ALL EULAs invalid, with two exceptions. One, where the license provided rights not normally afforded by an ordinary sale transaction, e.g. with site licenses. (note that copying software into RAM and HD in order to use it, and making backups are both provided for by law, and have no place in contracts) Two, where the contract was presented as a PRECONDITION of sale. e.g. where you could not purchase anything without having already agreed to the contract, or where you could not download without having already agreed to the contract.

If something is downloaded to me, in most situations, it has been given to me for free. What is to stop me from opening up the installer archive and extracting the software myself, bypassing the license altogether? (aside from crappily written software that makes that more difficult than necessary)

You give too much credit to software publishers -- software should be like books, or CDs or videotapes. Sold, and virtually never licensed. It makes things easier for everyone, and it avoids having to bother waiting for the mere possibility of private parties doing the same thing. (GPL software is also sold or freely given away, and NOT licensed for normal use)

Re:this is not legal

[Zeinfeld]

and because they mention it in the EULA doesn't mean it's legal. Anyway, it's not like this player will be actually downloaded much.

I am not a lawyer, this is not legal advice. I doubt that the clause is 'illegal', but it looks to be very unlikely to be enforceable and certainly not very likely to provide protection against claims for damages.

I doubt that any laws are being broken by inserting the clause into the alleged contract. However intentional damage to a computer system is criminal in many jurisdictions and I for one doubt that the EULA is going to impress the court.

The weenie Randite 'you signed a contract' brigade who yatter on interminably in much of this thread are fortunately wrong, contract law has never operated on the bizare principles they advocate.

The enforceability of the term would depend on the prominence of the notice given. Since I have no intention of loading the program I am not going to find out for myself. If the notice is exceptionally prominent then the guy may get away with it, but only because it would be unlikely that someone would uninstall AdAware without giving consent. Unless the guy really is just making a point (a pretty stupid one) I kinda doubt that this is the case.

What this comes down to is the sort of smart alex amateur lawyer stuff that is more likely to piss a court off than win a case. I suspect that a judge reading the EULA would take it as evidence that the defendant knew they were doing something illegitimate. If the judge decided that the plaintif did not receive actual or constructive notice of the term the EULA would actually hurt Radware. I suspect that Radware did not intend to give notice of the term and suspect that the judge would be likely to agree.

Obviously someone who installed AdAware did so as a deliberate decision. The person who installs radware may not be the owner of the machine and so the fact that the installer agrees to the EULA may not be enough to fend off a lawsuit from the actual owner.

Ultimately this is not a sustainable business model, but then neither is scumware in general. The market for Internet ads is pretty thin to start with. What sort of company advertises through scumware?

Sensible businesses don't just consider the question 'would we win a suit'. If someone files any sort of lawsuit against you the costs are going to be large. I can't imagine a judge saying to a consumer irate with radware that the suit is so baseless that she is going to award costs.

Re:this is not legal

[r_barchetta]

Not that I disagree with you totally, but I think a lot of people will perceive a difference between running Adaware voluntarily and this bit of software removing a separate program during installation.

When you run Adaware, you (probably) know what you're doing and what the program will do.

When someone installs Radlight there is a good chance they will not read the EULA closely. (Yes, people should read the EULA, but that is another matter...) This is what Radlight is banking on - that people will not know what the installer is doing.

I think that's more sneaky and underhanded than what Adaware does, but that's just me.

-r

Re:this is not legal

[plover]

When you run Adaware, you (probably) know what you're doing and what the program will do.

This isn't exactly true. You don't KNOW what AdAware does. When you run it, you get a list of files that it claims are spyware. For example, when I ran it last night (version 5.71 with the new RefUpdate thingie) it found BDE. For a few seconds, I didn't remember what BDE was, and there was no "help" or "click here for a description of this spyware". It just waited for me to blindly approve the listed files and click continue.

(My son had installed Morpheus last November, but I had since uninstalled it and pointed him at Gnucleus. The uninstall for Morpheus obviously did NOT remove BDE.)

Sure, I'm being the devil's advocate here, but the author of this sh!tware has almost an equally valid point as the author of AdAware. You are trusting that Lavasoft is somehow "right" in claiming RadLight is spyware, malware or evilware and should be removed. He's counter-claiming that RadLight is justly removing the evil, anti-capitalistic AdAware software.

If Lavasoft wants to hammer home a legal win with a sledgehammer, they should include a "description" box of what the malware is and what its affect on you can be, much like the anti-virus software does. A popup window that says "BDE is a program that will use your network connection to redistribute advertising to other people's computers" or "RadLight is a program that intercepts your purchasing process, preventing web page authors from collecting referral fees" would go a long way toward convincing the people who count that AdAware is indeed a tool of the "good guys".

I think it's legally (not ethically) a much finer line than arguing over the legitimacy of an anti-virus program. I agree completely with you that RadLight is over that line, but our opinions probably won't carry much legal weight.

Re:this is not legal

[plover]

I have two reasons why I need to know what's going on with AdAware.

First, I need to know that Morpheus was responsible for installing BDE, so I can eradicate Morpheus. I need to find a non-spyware replacement for Morpheus (gnucleus). [sourceforge.net] I have to remember which of my friends have Morpheus so I can help them get rid of it. I need to know who published Morpheus [musiccity.com] so that I can never install anything by them ever again.

Next, I'm also saying that anti-virus software tells you what the viruses are before it removes them, and I'm equating that with some measure of responsibility. When they detect a virus, they pop up a message box that says "Foo.dll has the Bar/W32 virus. Click [OK] to fix foo.dll, click [here] for details on the Bar/W32 virus."

I'm the guy who clicks there for details.

I need to know what the virus is, what it does, how it works, and everything about it so I can figure out how I got it, and how I can get rid of it. I do indeed search the net for other commentary on the virus. I find what other people have done, check for other clean-up utilities, etc. We found a dormant virus that had only recently been added to the A/V detection list, but in the mean time had been burned on a software distribution CD and installed in 67 locations. (It had unfortunately infected a UPS utility, and was triggered only when there was a power failure that launched this utility. Talk about a perfect distribution mode for a sleeper!) It was vitally important to take it seriously, and we did nothing but focus on that damn virus until it had been eradicated from our side of the network. That cost me and about ten other people a week's worth of work and sleep.

As to how this might apply to LavaSoft, consider this example: the Nertin Company, authors of the Nertin Utilities, decided to have their flagship Nertin AntiVirus remove the competing Berland Utilities in order to foster sales. So Nertin hands out virus signatures that just happen to trip on the Berland Utilities. As an end user, I would see "berDiddly has a virus, click [OK] to remove it or click [here] for details."

Who's to say LavaSoft isn't doing the same thing?

It's all based on trust. I am "trusting" LavaSoft's opinion that BDE is spyware, and that they're going to delete only spyware. I would be much more comfortable if I knew WHY it was deleting BDE\bdeFoo.dll

I cant wait.....

[diorio]

.....to see how adaware will fight back on this....what a vicous cycle!

Re:I cant wait.....

[timothy_m_smith]

I also wonder if the anti-virus companies will start to consider features like what ad-aware provides. Many big corporations have products like Norton Anti-virus and they may want their systems protected from more than just viruses. In fact, some of these spyware products could be more of a pain than some of the viruses out there. I know that my companies sys admins have said that they are seeing significant network bandwidth getting consumed by spyware.

Re:I cant wait.....

[Drachemorder]

Let's see. I would consider a program that is attached to another program (spyware) and does damage to your system (deleting AdAware) to fall under the definition of a Trojan Horse, which falls under the sphere of what are popularly known as "viruses".

So by that logic, this spyware at least could be considered to BE a virus.

Re:I cant wait.....

[ProfMoriarty]

Well ... do like AntiVirus software does and just sit and monitor installs ... if it detects a spyware application ... kill it.

Run as a service on 2K/XP ... and then the Spyware couldn't just delete the EXEs ... ALSO, make the monitor smart enough to remove itself from the "remove on next reboot" section of the registry.

Interactive deinstallation?

[swb]

I could see ad-aware having some interactive de-installation step where you had to actually perform some non-automated task to deinstall it, like the way that some online services companies make you re-enter data presented as a blurry GIF or something -- failure to do that would terminate the deinstallation.

If they're just brute-force deleting the application, randomize the name, size and date of the application to prevent that as well.

It'd be nice to see antivirus products have a no-spyware add-in that would cause them to find and remove them as well.

Re Spyware fights back

[peddrenth]

Looks like we need Radlight-Lite (c.f. Kazza!)

Or Winamp of course. I've never even heard of RadLight

Does this surprise anyone??

[Zspdude]

Spyware will do what is necessary for it to be effective. Kind of a non-story this, because I wouldn't expect anything else from spyware... Of course it's going to disable things that can find and remove it!

Re:Does this surprise anyone??

[TheTomcat]

Seriously. It's not like they're going to hold back on something like this because "it's unethical"

S

Re:Does this surprise anyone??

[Dephex Twin]

Seriously. It's not like they're going to hold back on something like this because "it's unethical"

Definitely not. They might do it because it's illegal though (which it may well be... we'll see).

mark

A message from the RadLight Admin

[Anonymous Coward]

To Whom It May Concern,
1. Spyware stuff.
during the last few months the popularity of word "spyware" has
raised amazingly. Actually, only a few peopla know what the programs considered
as "spyware" do, but the name just sounds good, doesn't it ?
SPYWARE... SPYWARE... hmm, I'm pretty scared... maybe I should stop
watching the american thrillers. Someone is spying me... he knows
what I'm doing, knows my girlfriends telephone number, knows where do I live,
he just controls my life...HE KNOWS !!!!
But take a closer look at the "spyware" programs. e.g. SaveNow.
SaveNow HELPS people when bying over the internet. You want to buy
a pack (a few hundreds) of recordable CDs.... searching on the net..
AH, here...Oh, wait a moment, a popup window appears. When I click
on the popup-window I can buy a pack of my favourite CDs and save
up to 15% That's cool. I would even call it "HELPWARE". I'm happy.
I got my CDs, some people got some money and everyone is happy.
Some people say it collects some information and sends it over the
internet... BUT. Has anyone "recorded" the data sent over the net ?
I use it and didn't notice any data being stolen or anything happened
to my data. Only my SaveNow database is growing and offering me more
and more advantageous purchases.
The banner advertising is widely spread on the internet. The targeted
advertising like SaveNow does is much more efficient and much better payed.
But some people don't like when the others are profiting.
Ah... but the saveNow is not the only "HELPWARE" out there..
Yes, there are MANY of them. And they are struggling for each user.
And suddenly a programm appears to "uninstall helpware" or "MAKE YOUR
COMPUTER SAFE" or "PROTECT YOU". But it doesn't uninstall all of the "helpware"
programs, because SOME OF THEM are considered SAFE.... !!!! SOME OF THEM !!!
And I ask : Why are they considered SAFE? What is considered SAFE?

2. HELPWARE as a solution for free programs
2 years ago, when we started working on RadLight, we had no problems at all.
We were hosted on a free Slovak server. The bandwidth bas pretty low
but as we had only 50 visitors a day, everyone succeeded downloading
his program. Some time later the first download-CRC-FAILED mails began
to arrive.. was it my fault ? The server problems began.
A friend managed to get a server in Germany. It was a hot connection
and the troubles were gone but the people downloaded RadLight more
and more. As we have reached the 10GB/day traffic the server has died...
And we had to decide : Either we will be regular Shareware or
we will bundle other software.
The first solution would lead to absolute popularity loss. Because the
people are VERY unlikely to pay if they don't really need to.
We decided to be FREE SHAREWARE but in a year of being FSW we got
only some 300USD what is really FEW. I don't want to force anyone to pay me,
because I wanted RL to be free, but we really couldn't afford to pay ANY server.
That's why we decided to bundle SaveNow, thinking that people
realize we had no other choice. Many people wrote MANY MAILS saying
how is RadLight cool and how happy they are. But are they the only one to be
happy ? WHY CAN'T I BE HAPPY TOO ? WHY SHOULD I HAVE PROBLEMS of
making programs for people I don't even know ? But the people
don't understand that installing HELPWARE is a way of their "THANKS".
I am REALLY GRATEFUL to those people who registered RadLight = donated
money to support RadLight, because the money we get from the bundle based
on our userbase are only enough for paying my phone bill and the server
we have now, especially to Todd Keller who even offered us a mirror hosting.
I think that he is one of the few people knowing what problems does it make
to host popular program.
As I say : In these times the targeted advertising bundling is the only solution
for popular programs if they want to stay free.

3. Adaware app.
Let's take a closer look at this application.
The general description is : "An application that uninstalls spyware" or
"An application that uninstalls helpware" or "An application that uninstalls
programs being installed with your permission" because YOU are the one to
decide whether to install them or not (at least in RadLight case). It's
popularity is based on scarying people using the word "SPYWARE", based
on considering users as not very clever.
When an unexperienced user runs adaware and finds some app described
as spyware he is really likely to click on remove button, because of the
word "SPYWARE"... something terrible. I'd wonder what would happen
if the latest windows version was described as "SPYWARE" ??
And I ask again ? Why should I trust a program that looks into every directory
on my harddisk, into every registry key, into my mails (it even wanted
to delete my personal mails to WhenU) searching for SOMETHING rather than
believing in MYSELF ? I felt like the local SWAT team just went through my house...
When I AM THE ONE who installed the HELPWARE program, IT SHOULD BE INSTALLED.
When I don't want to use it anymore, I can uninstall it either manually or going
to CONTROL PANEL\ADD REMOVE PROGRAMS.
As adaware's behaviour was hostile to our bundle, I had to defend.
Other programs like KaZaa do bundle too. However if a half of their
bundled programs are killed in action they still have enough money
but my money income is enough for my sister to buy chewing gum.

4. Some facts to think about.
RadLight's top downloads count was about 45000 per week only from download.COM
- that made 1.0MB x 45000 / 7 = 6.428 GB traffic per day only from download.com
Adaware now
- 0.85MB x 250 000 / 7 = 30.3 GB each day = 910.7 GB per month.
- go and check some server providers how much would that cost !!
- adaware has some $15 PRO version, but I STRONGLY DOUBT it would
be enough to pay such a bill
- WHO gives them the MONEY ??
- Isn't here some concurency destroying trick ?
- Why are some helpware programs considered spyware and some don't
Helpware
- As far as I know only few programs have bundled helpware mandatory
- so if you DON'T LIKE ANY HELPWARE just DON'T INSTALL IT
General about software
- I've heard a saying : "about 99% of computer problems sit in front
of the monitor"
RadLight again
- point of RadLight is to make watching of your video files easier
and better than ever
- point of RadLight is NOT to fight in any financial, political, social,
economical, rasistic or any other war
- I as the author of RadLight am sorry for users being scared of word
"spyware" but I don't feel sorry for any uninstalled copy of
program whose point is TO KILL.
- the 5.2 License agreement clearly tells that adaware is not allowed
with RadLight.
You are the one to decide what software do you want and what software
do you use.

Re:A message from the RadLight Admin

[CynicTheHedgehog]

Bundling SPYWARE (the world "HELPWARE" is so much horseshit) is not problematic, so long as you clearly state, in understandable terms, what software is being installed, what it does, how much disk space it will consume, how much bandwidth it will use, what information it collects, where that information is going to be transmitted, and under what circumstances that information will be shared. Then let the user decide if the program is helpful or not.

And never, under any circumstances, remove anything that you did not put their in the first place. I do not want you to HELP me get rid of software I paid for.

Vague licensing agreements and shady installation procedures are not helpful. They are deceitful and they harm the consumer. How about DECEITWARE, or HARMWARE? Until you come clean, this bundled software will always be looked upon with scorn.

Yeah, right.

[Decimal]

1. Spyware stuff.
during the last few months the popularity of word "spyware" has raised amazingly. Actually, only a few peopla know what the programs considered as "spyware" do, but the name just sounds good, doesn't it? SPYWARE... SPYWARE... hmm, I'm pretty scared... maybe I should stop watching the american thrillers. Someone is spying me... he knows what I'm doing, knows my girlfriends telephone number, knows where do I live, he just controls my life...HE KNOWS !!!! But take a closer look at the "spyware" programs. e.g. SaveNow. SaveNow HELPS people when bying over the internet. You want to buy a pack (a few hundreds) of recordable CDs.... searching on the net.. AH, here...Oh, wait a moment, a popup window appears. When I click
on the popup-window I can buy a pack of my favourite CDs and save up to 15% That's cool. I would even call it "HELPWARE". I'm happy.

Oh, so this is one of those people who actually enjoy being interrupted during dinner to recieve a SPECIAL OFFER from company X if they switch phone companies. Now I see, they aren't telemarketers, they're tele-HELPERS!

I got my CDs, some people got some money and everyone is happy. Some people say it collects some information and sends it over the internet... BUT. Has anyone "recorded" the data sent over the net? I use it and didn't notice any data being stolen or anything happened to my data.

Likewise, this guy must be a-okay with having hidden cameras being in his shower. After all, if the data was wired right out of the house and on to the internet straight to some hidden-camera porn site, has anybody in the neighborhood "recorded" that pictures were sent from his household out over the net? He used the shower and might have noticed the camera, but that must be okay because he didn't actually see the pictures leaving the residence.

I'm not going to go on. You already understand the truth, and so does this dishonest money-grubbing scumbag.

Re:A message from the RadLight Admin

[Reziac]

So if he's worried about HIS bandwidth costs, why didn't he upload his program to one of the many dedicated shareware/freeware servers (Tucows, Simtelnet, etc.) and let them worry about it? After all if his intent was to "keep it free" why not do the obvious to avoid incurring expenses?

Answer: This was yet another excuse.

What about installing Adaware afterwards?

[zorba1]

Can't users who want Radlight install Adaware afterwards? The story mentions Radlight checks for and uninstalls Adaware files on its first run. I assume it doesn't do the check everytime it runs - if so, isn't a post-install an easy workaround?

Re:What about installing Adaware afterwards?

[xkenny13]

• I assume it doesn't do the check everytime it runs - if so, isn't a post-install an easy workaround?

At least, until the next version of RadLight comes out...

Re:What about installing Adaware afterwards?

[mriker]

Ad-Aware has released a new version that will prevent RadLight from effecting it. Of course, that's obviously not the point here.

would it be legal to

[JeanBaptiste]

hack into a spyware company's server? That in effect is what they are doing to my computer... I don't have any moral qualms about doing such things, but would the law care? I guess it also makes a difference where the spyware company is located, but what if it is the US?
I would like to give these bastards a taste of their own medicine...

Re:would it be legal to

[zorba1]

The law does care about gaining unauthorized access into machines. Customers, assuming they read every word of the license agreement, are made aware of what a program potentially does and can opt not to install it.

Not to defend spyware makers, but they're more "within the law" than a hacker is.

Re:would it be legal to

[ArsonSmith]

I wonder if you can try to charge a spyware company with some kind of computer crime. because it is like hacking a computer.

Re:would it be legal to

[peddrenth]

Radlight.net --
Server: Apache/1.3.19 (Unix) (Red-Hat/Linux) mod_perl/1.24_01 PHP/4.0.6 FrontPage/5.0.2 mod_ssl/2.8.1 OpenSSL/0.9.6

So apart from making it a little harder to open their server, this also shows that this company is using software generously donated by the free software community.

Radlight?

[Zaknafein500]

Does anyone even use this program?

Re:Radlight?

[nzhavok]

I've used a much earlier version when I started using divx ;-) However it was quickly given up for BSPlayer [bsplayer.org] (yeah, great name :) which has done nicely until now. Apparently [ezboard.com] it's not spyware.

I think at the time the only advantage Redlight had was to do with subtitles but I could be wrong.

Re:Radlight?

[The_Sock]

Hey, it's got a bigger userbase then OS/2... I'm impressed.

Re:Radlight?

[Glytch]

Quantum computers have a bigger user base than OS/2.

Growing Trend

[the_rev_matt]

You're going to see more and more companies trying this sort of thing to prohibit you having software that they consider threatening on your computer. AOL used to screw with the setting of any competing ISP's on your system (on "accident"), IE used to cripple Netscape (on "accident"), and MSFT is now saying that you can't use some of their technology in conjunction with ANY GPL software. If we can't maintain our monopoly one way, we'll try another. This of course is a nasty step forward that even billg hasn't tried, but only because he knew there would be hell to pay. It's going to get worse before it gets better.

Re:Growing Trend

[NickRob]

Notice the use of the phrase 'Used to'

Users respond very negatively to screwing with things. I doubt even in the quasi-legal MS audits that they will seek out GPL software and fine you. How can they legally hold you accountable for having other software?

God, that's more monopolly garbage. Somebody needs to ask BG on the stand about this. If the prosecutors knew about this, it'd be a crushign blow.

In similar news...

[NetRanger]

...Microsoft, sensing that they can copy another great idea, changed its EULA today to uninstall Linux when any of its software is run on a machine in the same building.

Re:In similar news...

[ethereal]

Windows already overwrites your MBR if you reinstall on a dual-boot Linux system, doesn't it? So in a sense it already doesn't play well with others.

Re:In similar news...

[bm_luethke]

been there, done that. We had an alpha machine running linux for some vizualation stuff where I work (trying to get a cluster to drive an immersadesk, this was several years ago). It initally had one hard drive with linux on it. We added a second drive for windows and proceded to install NT, it hapilly informed us we had an invalid filesystem and it was reformating it to ntfs, it never asked, it just did it (because, of course on the alpha's back then basically every one wither ran true64 or NT, it reconized it was neither so it "helped" us). We lost nearly three months of work because of this. I've also had windows 98 "fail" twice during install and trash my drive's partition table and file systems, strange that it only did it when linux was installed (what I would call a qui-ki-dink - pronounce kinda like a coincidence, basically something that could just have been a coincidence but not likely)

Virus-like?

[Dead Penis Bird]

It's one thing to add programs and fill your disk up with junk. But to actually remove a properly functioning, legal program like Ad-Aware almost seems like a targeted virus.

And why can't you uninstall parts of their program? What happened to custom installation?

This seems illegal to me.

Re:Virus-like?

[Danse]

You can't remove parts because you agreed to a EULA saying you wouldn't. You also agreed to let them remove programs such as Ad-Aware. The solution is to not use programs that put such onerous restrictions on you.

Foolish move

[Arcturax]

If you were saavy enough to download ad aware in first place, what is to stop you from reinstalling it and running it again once you've installed this product? The only ones who are going to get stuck with this spyware are people who didn't think to download ad-aware in the first place. Those who lose their copy to this will just chuckle and redownload it and remove the crapware that got installed with the product.

Basically these guys wasted a lot of effort for naught and just end up looking like scum to boot.

Re:Foolish move

[argStyopa]

"Those who lose their copy to this will just chuckle and redownload it and remove the crapware that got installed with the product."
...and then post on /., ensuring millions of people will eventually know what a crappy product Radlight is. Nice job taking the long view, guys.

"If we're the brains of this operation, what's marketing - the boner?"

spyware lists

[YaRness]

here [spychecker.com]
here [grc.com]
here [tom-cat.com]
or of course, do your own google search here [google.com]

Nothing new

[Zog]

This really isn't all that new. I'm the computer nerd in my dorm, so every week or two, someone's computer starts acting funny, and I'll have already installed Ad-Aware, and it's just that the spyware has inserted itself into Ad-Aware's ignore list, so it doesn't get touched.

Wonder if M$ is taking notes

[delphin42]

If they can uninstall anti-spyware during the installation process, what is to stop M$ IE from uninstalling netscape when you install it? I can't believe that someone else thought of this idea first?

EULA take out all responsability/liability

[aepervius]

EULA are used like a wash-it-out taking all responsability and making your computer not even your own.

EULA may not even be legal in most country
The problem is that since nobody fight the legality of the EULA, spyware and other abuser (or even proprietary OS maker) will make "you" consummer accept more and more in the EULA until it comes cracking down.

Uh oh

[NiftyNews]

By reading this article, SlashDot has removed all bookmark links to legitimate news sites that report stories in a timely fashion.

You are further banned from making and/or reading any disparaging remarks involving the words "Katz," "Jon," and any combination of the aforementioned and the phrases "mom in handcuffs" and "father riding a horse."

Terrible company

[awptic]

Did anybody else notice the page [216.194.92.96] that shows the first and last names of everyone who's registered? This company doesn't even respect the privacy of PAYING customers... now that's _LOW_

Re:Terrible company

[p3d0]

It's ok, those are fake names anyway. I mean, come on: Blasius Floch?

This means war.

[bbqdeath]

It's ugly. Gloves are coming off. Nobody tells me I can't uninstall software from my PC, ever. Anybody who does is going to go into the hurt locker for a long time.

Anyone besides me smell an arms race between ad-aware and these other guys?

Oh. And what if the ad-aware license text changes to say that other applications can't uninstall _it_? Will we have dueling license agreements?

- I traded my sig for a glock.

To what ends...

[bteeter]

... will spammers go to spam us with their Ads? I mean that is all that this spyware really is - is another form of spam. Visit and Support sites like: http://www.scumware.com [scumware.com]

They have a wealth of information on how to fight back against the Ad-ware, Spy-ware, Scum-ware or whatever we are calling it today!

Take care,

Brian
--
--
100% Linux based Web Hosting [assortedinternet.com]
Friendly Service and Knowledgeable support

DMCA anyone?

[nyet]

.. making Ad-Aware a circumvention device. Somebody should turn them in. I'd pay to see that trial.

Re:DMCA anyone?

[handorf]

But then isn't RadLite an Ad-Aware circumvention device?

My brain hurts.

Hmm the programmer seems quite pleased

[shayera]

http://216.194.92.96/phpBB2/viewtopic.php?t=226 (Radlight)
Here the programmer of Radlight handwaves a lot, claiming it was just to point out it was possible to do so (the removal of other apps while installing) and that if he hadn't someone else would.. geeee..
He's been caught redhanded, he ought to atleast apologise properly, and promtly stop doing it

Full Identity?

[ewhac]

Anyone have this guy's full name? I want to add him to our company's hiring blacklist. I encourage others to do likewise. Banishment/ostracization is the only effective tool we have right now for ethically reprehensible hominids such as this; might as well use it.

Schwab

Re:Full Identity?

[Otto]

The guy posts by the name of DAvenger.

WHOIS info on radlight.com:

Agentura Sociologickych Expertiz (template COCO-1106387)
davenger@radlight.net
Pusta 7
Bratislava 4, SK 841 04 SK

Admin Contact:
Machacek Ladislav (COCO-1227589) machacek@stonline.sk
+421 2 65422859 (FAX) +421 2 65422859
Technical Contact, Zone Contact:
Machacek Ladislav (COCO-1227590) machacek@stonline.sk
+421 2 65422859

CORE Registrar: CORE-71

Record last modified: 2002-03-14 08:29:54 UTC by CORE-71
Record created: 2001-08-23 11:29:58 UTC by CORE-71
Record expires: 2003-08-23 05:27:49 UTC

Domain servers in listed order:

ns1.tera-byte.com
ns2.tera-byte.com

Database last updated on 2002-04-24 21:44:27 UTC

Software companies think they can do anything...

[fungus]

...if they write it in their EULA.

Would it be legal to write in an EULA that my software X cannot be used on the same computer than software Y, and uninstall it without warning if it finds it?

Have Netscape, for instance, remove without warning Internet Explorer from your computer? (But have it written in small characters somewhere that you can't use another third party software to surf the web)

How about having a software running in background to ensure that you dont download a competing package?

People should make it clear that we, computer users, will not tolerate such things.

Re:Software companies think they can do anything..

[IvyMike]

Want EULAs to be declared invalid? Write a popular software package that everybody wants, and then one day, change the EULA to say, "You may not use this software if you are not white." (Or "if you are white"...whatever, the point is to be arbitrarily racist.) If that's a little too radical for you, make it say, "You may not use this software if you are an employee of Microsoft or the U.S. Federal government".

I suspect that the public outcry would have a lot more people scrutinizing EULAs very quickly.

Or write an EULA that for one customer out of 100 comes up with, "You agree to allow us to publish your credit card numbers on the web for all to use." (As it turns out, this isn't very far from a lot of spyware EULAs, it's just much more to-the-point)

In any case, abuse of EULAs has become so widespread that I suspect they're going to end up getting regulated, anyway. Let's hope it's sooner rather than later.

Re:Software companies think they can do anything..

[Dr. Awktagon]

In any case, abuse of EULAs has become so widespread that I suspect they're going to end up getting regulated, anyway.

Well you don't need regulation to give you your rights under the law. As far as I know, except for UCITA (blech), no law says that licenses are binding in any way. They are just pieces of paper included in the box for your amusement, or to wipe your ass with, or whatever. Feel free to do whatever you like with what came in that box, as long as it doesn't violate copyright or trademark or any other law (ie, don't use the CD to slit someone's throat).

Of course, that doesn't mean company XYZ won't sue you over the EULA, but that doesn't mean they are in the right, just richer than you.

This virus/media player/whatever that deletes files isn't magically justified in its behavior by the EULA (just consider the EULA as a verbose warning label: Warning, this product may delete files on your hard drive).

And don't tell me that loading a copy into RAM is forbidden unless the EULA says I can, that's crap. Software has no other purpose but to be loaded into a computer's RAM (and HD), they can't be selling their software in good faith unless they know it will be put on computers.

So let's hope the result of these abuses is that the legal system simply says: "if you want your customers to act any differently than the law allows them to, they must SIGN a CONTRACT, now get out of my courtroom."

Or at least they should say a license can be like the GPL and GIVE you permission to do something that's otherwise not allowed, bu a license can't FORBID you from doing anything.

That will save everybody a lot of trouble.

The problem is of course that Microsoft, et al, will simply encode their favorite license terms directly into the law by greasing a few palms in Congress (this is how the entertainment industry was doing it for years), but at least in that case the results are a little more public (I don't know what half these EULA's say unless I read it in Infoworld, or /., but I certainly know the DMCA pretty well by now).

In summary: this magical fiction of "software licenses" has to be put to an end, and quick. Software companies don't deserve a power over customers that no other industry has (where's the EULA on your screwdriver that says it can't be used to build computers unless you pay the computer fee? Where's the EULA on your ball-point pen that says all papers you write are the property of Sanford Pen Company?)

How to Combat this

[NickRob]

Step One: Download the player
Step two: Run player, see if the company isn't bs'ing
Step Three: if adaware == missing Then change facial.expresson to 'Shocked'
Step Four: Download a new version of AdAware that can disable the player's abilities. Step Five: Laugh. You have beaten the system, my friend! Today is a good day!

whats next ..

[jest3r]

So we can expect that Adaware will add a disclaimer to their EULA stating that:
"Any attempt to uninstall our software will result in an uninstall upon reinstallation .. further more we will uninstall our uninstaller to prevent future uninstalls."

Maybe...

[Dr. Bent]

...putting an insanely unreasonable clause in your EULA is a form of marketing now. Before today I had never heard of Radlight. No such thing as bad publicity, I suppose.

similar to the RIAA's plans

[timon]

This story immediately reminded me of some of the RIAA plans to hack your home machines [wired.com] (also mentioned here [oreillynet.com]). I can't wait for the day when the big virus/trojan du jour hammering corporate networks and bringing down servers right and left turns out to be from the RIAA or MPAA.

"We were just protecting our copyrights, it's not our fault that your payroll files were lost!"

Voluntary information

[smartipants]

I think one of the problems concerning spyware and intelligent agent type technologies is the fact that in order to get good performance people think they need to rely on implicitly collected data, in which case the user always wonders exactly what else they could be collecting. They justify the use of spyware to collect information that users never would take the time to submit themselves. This is a misguided approach, since good personalized recommendation technology is available with explicit user feedback instead (such as Stumbleupon [stumbleupon.com] for websurfing).

I think that many companies feel such approaches are necessary in order to collect information without too much user hassle. The focus should instead be on improved interfaces which allow people to easily submit information as they desire. This way the benefits of personalization can be had, yet people know exactly how much information about themselves they have revealed...

EVAA Agreement

[CDWert]

Im about ready to come up with an
E(nd)V(endor)A(ccess)A(greement)
For my computer that superceeds any EULA and the vendors acceptance will be gained prior (on a click through link at in the signature of the email I order software through.

Order X program from the author
At the bottom of the email is a link stating
something like (and of course be just as obstuficating) as the EULA's are that any software being installed on the computer this mail is originating from must accept the terms in the EVAA (access to MY , get it MY f***ing computer) and that sale or distribution of any software to this computer(the same one you are purchasing the software from) is an acceptance of the EVAA (and a link to the same)

Wrap up and invert a EULA , one of the nasties most un-understandable ones you can find, and post it at that link, keep copies of the email correspondence and buy it.

At this point your EVAA WILL in fact superceed the EULA, is this legal, yep !

Will it hold up in court ? Let me just say just as much as a click through EULA will..

If a EULA says I have to let them suck my toes, do I have to allow it ? No ! Why not ? Same reasons as "not responsible for lost stolen article" signs arent worth the plastic theyre printed on. You can say whatever the hell you want holding it up in court is another story.

Next time your rearview mirror or antenna gets ripped off in an automatic car wash and the manager say but the sign is right there say, ok fine, write it down. I took this to court once, on a new car I was dammed if I'd pay 250$ deductible on ....guess what the judge told the car wash owner, wou can say whatever you want on a sign posted however conspicuosly you want, you are in fact still legally responsible, UNLESS Mr...signed a piece of paper waiving that right in FRONT of a witness, did Mr....do this ? Uhhh no your honor....Judgment in favor of plantiff $490.....next case!

Alternative to RL, spyware free ofcourse

[dJOEK]

If you must use a separate divx player, i find this one to do the job just nicely
BSPlay [bsplay.com]

This isn't spyware anymore...

[Outlet of Me]

There's already a name for software that, when installed on a computer, goes through and deletes other data on the machine unbeknownst to the user. It's called a virus.

Just because it's stated in their EULA that they can do that, doesn't allow them to circumvent the law. Of course IANAL, but it sounds like this struggle has gotten to the point where it is legally challengeable.

This is what the Radlight guy says...

[teamhasnoi]

All right, guys

here I'm again. You have posted really good posts. There are intelligent reactions to my hints and I must admit that I have a bit underestimated how powerfull userbase Adaware has.

I'm sure that many of you ask, WHAT WAS THE REASON of KILLING adaware right after each start NOT looking into default directory (like some people think) but using the uninstall registry keys and uninstaller LOG file (this is a hint for adaware developers to make it invisible) ?

Actually, the point was NOT to destroy the adaware . This is almost impossible. BUT TO SHOW WHAT COULD HAPPEN IF THE PROGRAMS START UNINSTALLING EACHOTHER. As I believe that some of the "spyware" are just reguler legal programs I really feel for their authors to see how their program is being uninstalled. I WANTED ADAWARE TO SEE IT TOO and to revalue their pose to their "enemies". I understand that ads brought by some programs aren't doing the clean job and don't have approprietary uninstalling possibilites and they NEED TO BE REMOVED BY THE HARDEST WAY, but NOT all of them are such rude. When removing legal software (as you say now I remove adaware), having all what polite software should have (polite installer, EULA, Uninstaller and full description), it may be really VERY UNPLEASANT.

They put me on the MOST WANTED list ? Yes, that's what I expected. It is natural and if they didn't do that it would look STRANGE, wouldn't it.

They removed me from CNet ? Oh yes, again, I expected problems but you all must admit that adaware is a "remover" too.

They wanted to send me to all AntiVirus companies ? Heh, detecting a "virus" having EXEPath in regisry and no other files copied in any directory would be pretty easy, don't you think ?

You all are angry on me ? Yes, I expected it. But if I didn't do this and only started to talk about my opinions I would be just SOME ANOTHER GUY SAYING SOME BULLSHIT and ignored (my life-experience with many people). Generaly the people must see the acts first and then they will PERHAPS start thinking more.

The non-adaware-killing RadLight was compiled 5 seconds after the adaware-killing version. I thought that people would find it out immedieately but it took more than a week until they noticed. It will be released immediately and no more software-removing actions will be taken. I can only hope that Lavasoft will think about the reasons why this happened.

I know i will loose many of users who will ignore my player but It will at least solve my server problems and I may rest for a while.

I can apologize now

" I apologize to LavaSoft for all inconviences that happened by my RadLight software when removing the ADAWARE application silently and without users request.

I apologize to all RadLight users who may be disappointed or hurt by these events.

I apologize to all ADAWARE users whose adaware was removed when launched RadLight.

Your indignation is an evidence for me that I succeeded and now, at least the people who read messages on this forum understand how does it feel when YOUR SOFTWARE is being removed.

With friendly regards,

Igor "RadScorpion" Janos

_________________ Non Progredi Est Regredi

I think that means, "all your base are belong to us." ;)

Re:This is what the Radlight guy says...

[Tintivilus]

You're missing one simple fact: I downloaded and installed ad-aware because I wanted to remove unwanted software from my computer. Property, check. Consent, check. Adaware makes no bones about what their software does.

Radlight, on the other hand, tampers with my property without my consent. What, you say? Consent has an ethical (and legal) requirement that the consenting party posess all relevant information. Burying the ad-aware clause deep in a clickthrough agreement. This may meet the legal requirement, but certainly not the ethical one.

In short, your argument would only be valid if you had a "click here to remove ad-aware" button in your installer, or some similar informational device. The absence of such marks this as either a temper tantrum or underhanded scheme.

Re:This is what the Radlight guy says...

[geekoid]

"There are intelligent reactions to my hints and I must admit that I have a bit underestimated how powerfull userbase Adaware has. "

this tells me that everything after it is worthless.
You certianly imply that you where just doing it to make a point, but then why would you do that to something whose userbase isn't very big?
Wouldn't have been better to back-up there registry then delete it? or there back ground?
or any number of things?

You got caught, now your trying to back peddle.

This is why Hackers are SO important!

[Fantastic Lad]

When the automotive industry in agreement with the petrolium industry decide that no car on the market will have an aerodynamic efficiency above a certain figure, (so as to maintain a piggish rate of gas burning which might not otherwise be necessary), what can the average individual do?

Aside from not owning a car, (which, btw, is an entirely viable option more people should look into), Joe-average can do very little.

In the software universe, however, there are thousands of people who know how to program well enough to FIX intentional, greed-related corporate bullshit problems, and distribute those fixes to anybody who takes the relatively small amount of time required to learn how to implement them.

Why are Hackors demonized by the media? Because they represent an annoying burr, a standing nail which refuses to be brushed away or hammered down. And through this, humanity is prevented from being jammed, (quite so quickly and neatly), into the square holes all neatly prepared for us. Hackors get in the way of the plans of the Control Reality which are being implemented around our ears as we speak.

I am not a programmer. I am not a hacker. But I am proud that this aspect of humanity still exists. I am proud that people are having FUN in this way! (All important!) I salute those who know how to make the machines work for the common benefit, and who have the courage to do so!

A tip of the hat to you all!

-Fantastic Lad

power of eula's

[Anonymous Coward]

It seems these days EULA's are tricky bits of text, with many conflicting positions over how they hold up. Many software companies defend their actions, such as Radlight in this case, by saying "It was in the EULA." This is the case with most programs with spyware. They just write somewhere in the EULA that you are agreeing to install the spyware.

But are people who use Ad-aware and break the EULA not guilty of anything? It is an agreement that you have to agree to in order to use the application. You agree to installing and running their spyware and ad supported program, then break that agreement by using Ad-Aware to remove it. God forbid someone wants to receive something in return (in the form of ad revenue) for their program which you use. I personally hate ads being forced on me, but this seems no different than cracked warez applications. In both cases you are using the program, but denying the creators any sort of revenue from yourself.

In both of these cases the EULA seems to bear absolutely no value in the end.

They need to standardize the EULA's

[techstar25]

If the EULAs were standardized and readable, normal aol-using folks would be able to understand what is really getting installed. Remember when they did that with food labels(in the US). Now all food labels look the same ie. "Nutrition Facts". It's clear and easy for everybody to read. For instance I found this at nutri-facts.com

Facts About Food Labeling

Under regulations from the Food and Drug Administration of the Department of Health and Human Services and the Food Safety and Inspection Service of the U.S. Department of Agriculture, the food label offers more complete, useful and accurate nutrition information than ever before.

With today's food labels, consumers get:

• Nutrition information about almost every food in the grocery store
• Distinctive, easy-to-read formats that enable consumers to more quickly find the information they need to make healthful food choices
• Information on the amount per serving of saturated fat, cholesterol, dietary fiber, and other nutrients of major health concern
• Nutrient reference values, expressed as % Daily Values, that help consumers see how a food fits into an overall daily diet
• Uniform definitions for terms that describe a food's nutrient content--such as "light," "low-fat," and "high-fiber"--to ensure that such terms mean the same for any product on which they appear
• Claims about the relationship between a nutrient or food and a disease or health-related condition, such as calcium and osteoporosis, and fat and cancer. These are helpful for people who are concerned about eating foods that may help keep them healthier longer.
• Standardized serving sizes that make nutritional comparisons of similar products easier
• Declaration of total percentage of juice in juice drinks. This enables consumers to know exactly how much juice is in a product.

Somebody should take that list and create the End User License Agreement Act, in which they list what MUST be clear and concise in the EULA. Until somebody passes a law requiring standardization, rogue software makers will continue to use the EULA to hide revelations of spyware.

Re:They need to standardize the EULA's

[mwa]

No, they don't.

They need to be formally, finally, and legally declared null and void. Like any other transaction, all terms and conditions need to be agreed to by both parties prior to the transfer of goods.

And No, I don't know how a website determines that the downloader is, or is not, a minor and or otherwise has the legal authority to agree to anything prior to download. I guess software companies that require any sort of legal commitment from their customers can't make it available for download. That's the suppliers problem, and if they can't figure it out then it doesn't bother me a bit.

If I buy retail software, I am NOT licensing that software. I'm buying it (just like a book, CD, or any other product that happens to be copyrighted). I guess if a company cannot gaurantee that a downloader can legally agree to a license they either have to a) not make it available for download, or b) consider it a sale at $0, with no obligation on the receiver. Without a contract, it can be no other way.

It doesn't stop at the software, folks.

[realgone]

Oh yes, there's more. Much more.

RadLight offers you and your family a whole line of fine merchandise at the RadLight Online Store [cafepress.com] . If you've ever felt like you've had too much voluntary control over your daily routine, why not try integrating some of their fine products into your lifestyle?

Take, for instance, this fashionable long-sleeve RadLight t-shirt [cafepress.com] . It's luxuriously soft, 100% cotton -- and it forcibly ejects from your wardrobe any third-party sweaters, jackets, etc. you might mistakenly slip over it on one of those chilly summer nights. No more hassles choosing what to wear, and think of all the closet space you'll free up.

Or how about this bright and cheery RadLight mug [cafepress.com] ? Guaranteed to keep your favorite beverage piping hot... as long that beverage is RadLight-branded Maxwell House Regular Roast. All other liquids will be drained through an emergency discharge valve at the bottom of the mug. (Please note: by filling the cup, the consumer absolves RadLight of all liability for any leg/groin/other scalding that may occur.)

And, of course, there's always RadLight's crowing achievement: extra-roomy RadLight boxer shorts [cafepress.com] . All-cotton, open-fly, and completely impervious to access by any third parties. That's right, only you or an authorized RadLight employee (or an employee/consultant of any of its licensed subsidiaries and partners) will be able to get at what's behind that RadLight logo. Now how's that for peace of mind?

Don't thank them now. That slightly pained smile on your face will be praise enough.

^Evil^ Inc.'s EULA:

[Click 0 Nett]

"By existing in the same time-space continuum as this license agreement, you automatically transfer entire ownership of your being, body and belongings to ^Evil^ Inc. You now exist to serve ^Evil^ Inc, and therefor must comply will all commands. You will like, love, and worship ^Evil^ Inc. Click 'OK' below to relay your coordinates to our 'New Slave Arrival Department' for immediate pickup."

Virus with a EULA

[Shihar]

Maybe the proper way to make a virus is just to throw in a EULA? Throw in small text:

"By hitting agree, you agree to let the virus in question destroy your hard drive right after it gets done spaming the network and trying to send itself to everyone in your address book. You also have given us rights to your first born son and any virgin females in your house."

A better way of pissing on users...

[verbatim]

This guy has decided that his revenue model is bundling his app with a third party program. This third party program is generally considered spyware but, at the same time, can be considered a legitamite app (just not the one that you were downloading).

He _does_ have a legitamite gripe about adaware. That is, with or without the user's permission, adaware conspicously removes a portion of his application (specifically the part that presumeably pays him).

This is fine, as far as I'm concerened. However, his installer is ass-backwards.

How would I have done it (note: I wouldn't have done it at all, but to each his own): When the installer launches have it check for the presense of Adaware. If adaware is installed then tell the user something to the effect of "Aborting install: Adaware detected." This way it is (a) clear that the program does not play well with Adaware and (b) the author has a gripe about adaware.

Instead he has written an installer that performs a virual function (destroying software without the users knowledge or permission) and is trying to legitamize it by pointing his finger at Lavasoft (adaware). Even if you accept his reasoning that Adaware is the evil culprit, that does not make his program any less evil. He is selling a video player and not an ad-remover remover.

Basically he just found a whole new way to piss on his userbase.

Re:A better way of pissing on users...

[verbatim]

You miss the point that Ad-Aware doesn't automatically remove anything. The user is informed of certain programs on their harddisk have been COVERTLY installed. It shows the user where these files are and gives them the option of (a) backing them up and (b) deleting them.

It creates a backup in case deleting them causes another program to malfunction.

The Radlight installer COVERTLY and MALICIOUSLY deletes Ad-Aware from the user's computer. Sure it's in the EULA, but licence agreements CANNOT grant ILLEGAL actions.

Imagine I'm selling you a house. You really want this house and are eager to sign the agreement papers (that you agree to pay and what happens if you don't pay, etc). I insert a clause that says I get your first-born child. You laugh at it but sign the paper anyway because you _really_ want this house.

Years later I come to collect your firstborn child. Do you honestly think that I have any legal right to claim that child? Absolutly not. Because there are inherint legal rights that you can NOT sign away.

The Radlight program is a movie player - not a virus scanner. The function of deleting a program that, in his perception, is a virus should NOT be handled by the installer. It is performing a function that is COMPLETLY contrary to the purpose of the software.

I run an installer to install a program.
I run a moive player to watch a movie.

I do NOT, however, want an installer to start covertly deleting software from my computer. It sets an ugly precident that I hope does not explode. What if Corel got in tune with Bonzai buddy and made it so any time you installed or ran Bonzai Buddy, Microsoft Office is deleted from your harddrive. You wouldn't want, nor would you expect something like that.

Now, I do think that he has a valid opinion about Ad-Aware (and I think I tried to express this in my original post). Yes, his software comes bundled with an app that he makes money from. You either take the whole package or nothing at all. The problem is that he doesn't really tell you this. I'll wager that his un-installer doesn't put back the Ad-Adware software (un-install should perform the exact opposite function of the installer). People should respect this and not remove the component unless they remove the entire package.

As for liability? He has written and release a program that performs a virual function. He could be in serious trouble if the program malfunctions in any way, shape, or form. Regardless of what his EULA states, there are things you are not allowed to do.

If I broke into your house and left a note on the door saying "I am not responsable for any damage that has occured as a result of my break-in" that wouldn't really mean anything beyond "hahaha, I broke into your house and trashed the place."

Just because it is written does not make it enforceable or even actionable.

Email to RadLight

[serutan]

Dear RadLight,

By accepting this message into your email system you agree to allow the embedded script to remove all data, applications and operating systems from your network.

Removal process started.
Have a nice d#* 7j

Newer version does not remove Ad-Aware

[mixbsd]

According to simtel.net [simtel.net] the latest version (rl3r52a.exe) does not un-install Ad-Aware. Think the damage has already been done to Radlight's reputation now, though :)

Re:Get rid of all spyware

[Quay42]

Surely you're kidding. I know people don't read the stories, but did you even read the description?

jw.

Re:Forever Loop

[mriker]

Naw, the author of RadLight has superficially apologized after catching a lot of heat, so I don't think this is going to continue. He actually said, and I quote, "...the point was NOT to destroy the adaware [...] BUT TO SHOW WHAT COULD HAPPEN IF THE PROGRAMS START UNINSTALLING EACHOTHER [sic]." Friggin' hilarious. You can read more of his amusing ass-kissing excuses and lies at the Lavasoft forums [lavasoft.nu].

In that case

[MoneyT]

If it is legal, I'm going to start bundling virii, trojans and password stealers with my programs. And include in the EULA that by clicking agree, you waive all responsibility to hold me liable for any damages or problems incurred from using and installing my software.

Re:hmmm

[Samrobb]

Ad-Aware is up front about this: it's a utility designed solely for finding, and removing, certain pieces of software. A specialized "rm", if you will. Certainly no different from Clean Sweep or other similar products, it is designed to allow the owner or operator of the computer to decide what files should be removed.

RadLight, on the other hand, has an entirely unrelated purpose. If it's removing random files without asking the user for permission to do so, it's either (a) buggy, (b) malicious. I'd argue that their mention of this in the EULA (as opposed to README or BUGS or a similar file) indicates that this was intentional on their part, which IMHO moves them from the category of "spyware" and into the category of "trojan".

Re:On the enforcability of EULAs

[ewhac]

Everyone seems to agree that EULAs are legal in as far as they are enforcable (just like any other contract). [...]

Wrong, right out of the gate.

Shrinkwrap "licenses" are a legal fiction with extremely shaky basis in law, and no basis in ethics, much less common courtesy. It is a fiction with a twenty year history, but a fiction nonetheless. See my long-ish editorial [vwh.net] on this subject for a more detailed analysis.

Moreover, a California court recently ruled that, no matter how persistently and shrilly you refer to the transaction as a "license", if the behavior you engaged in has all the characteristics of a retail sale, then the transaction is a sale. Whether the "license" effectively alters the terms of the sale after the fact is a question unanswered by the courts. However, any person with even a smidgen of common courtesy toward their fellow man will agree that no such "contract" should be held as valid.

So, no, the EULA doesn't save RadLight's legal posterior.

Schwab