|
-
February 23rd, 2005, 06:01 PM
#11
KuiXing,
The sad reality of the world is that there are always going to be cat-and-mouse games. Someone will invent spyware, then anti-spyware. By the time the law catches up with it, there will be something else against from which we will have to defend ourselves. So, until we come up with a better law, we will have to group them as spyware (by "we" I don't mean the AO community, but humankind in general).
BlackIce,
I totally agree with you. I don't want anything-ware on my computer unless I downloaded (or purchased) it and am willingly installing it.
I'm wondering, with these toolbars and stuff for IE, shouldn't there be an installation screen, a EULA, a way of removal, option to not install? IMHO, a production software that answers no to any of these is classified as "sneak"-ware, as BlackIce puts it.
Alright Brain, you don\'t like me, and I don\'t like you. But let\'s just do this, and I can get back to killing you with beer.
-- Homer S.
-
February 23rd, 2005, 06:07 PM
#12
A bit further
Hatebreed,
No one has the right to just install something on my computer with out my autorization
I would go a little further. Yes, no-one has the right to install something without my knowledge, but also, and maybe more importantly, no-one has the right to retrieve information from my computer without my permission, even if I did allow them to install a toolbar.
Of course, they usually take care of the permission by making you agree to a 100-page end-user agreement, where the finest of fine print says "oh, by the way, we are going to collect all the info we want from your PC".
I would be in favour of a law that forces companies to make you say yes to a big agreement button that says "YES, I allow you to take information from my computer without telling me again". Or better, force them to ask for permission anytime they want to send. That would make them think twice.
Anyway ... that's just my two cents. I'm off to run a spy-sweep again :P
Cheers,
BrainStop
"To estimate the time it takes to do a task, estimate the time you think it should take, multiply by two, and change the unit of measure to the next highest unit. Thus we allocate two days for a one-hour task." -- Westheimer's Rule
-
February 23rd, 2005, 06:27 PM
#13
I think the biggest problem in this case is that they're not installing anything without your authorization.
Here are the terms of the agreement - if you're stupid enough to agree to those terms, that's your problem, not theirs.
If you apply for a VISA "with 0% APR", and you don't read the small letters that state that the 0% APR is only for the first 2 months (after that, it's going to be 20%), isn't that your problem?
Try taking that to court - they'll laugh you away.
By clicking "yes" or downloading, installing or using the Software, you acknowledge that you have read and understand this Agreement and agree to be bound by its terms. If you do not agree to be bound by the terms of this Agreement, you may not download or use the Software, and shall close this window without downloading the Software or clicking yes to indicate your acceptance of this Agreement.
It goes on stating that you agree:
- that iSearch and/or the Software may, without any further prior notice to you, remove, disable or render inoperative other adware programs resident on your computer, which, in turn, may disable or render inoperative, other software resident on your computer, including software bundled with such adware, or have other adverse impacts on your computer.
- to enable iSearch and/or it's partners to provide and operate its Software, iSearch and/or it's partners may collect certain types of non-personally identifiable information about individuals who install the Software. This information may include your Internet protocol (IP) address, your domain, your operating system, your browser version, type and language and your Internet Service Provider.
- Advertisements may be displayed of advertisers who pay a fee to iSearch and/or it's partners and you may be provided with and/or redirected to content of other parties and/or links to third party websites or content or offered the opportunity to download software from third party software vendors.
- iSearch and/or it's partners may use invisible tracking or counting devices known as "web bugs" to register that a particular web page has been viewed and/or "cookies" or alphanumeric identifiers that iSearch and/or it's partners transfer to your computer's hard drive through your web browser to enable iSearch and/or it's partners systems to recognize your web browser.
and the list goes on and on...
That's spyware as far as I'm concerned, but that's not the point. I can definitely see why iSearch wants to distantiate itself from "spyware that's installed without your authorization" - I personally make the distinction between "you're infected by spyware because you're a moron that doesn't read agreements" and "you're infected by spyware because you're not that computer-savvy, not because you're too lazy/stupid to read agreements".
If this ever goes to court, it will probably boil down to a discussion on what exactly spyware is. Is it still spyware if you know that it's spying on you (or should know from the agreement you didn't read)?
-
February 23rd, 2005, 08:09 PM
#14
A new clasifacation on all spyware/malware scanners would help this i think. Maybe a "Questionable Software" tab would be good for programs that do have EULA's and such. That should not hurt the companies rep, and the user would be able to go through and say, "I didn't know/want this installed..." and have the option to select and remove said program. The main reason I use these programs is to see what kind of crap is there... I may have programs on there that I want, and thats ok, I can choose to keep them, but the point is to see everything that isn't easily removed or seen. If you start removing programs like weather bug (compatability problems for us) off the list, these programs become more and more useless to people like me.
-
February 23rd, 2005, 08:18 PM
#15
Negative, while that is indeed what the EULA claims, it is not necesarily presented at the time of install. iSearch comes as part of the Bube.d aka Win32.Beavis infection that we're seeing more of these days. In fact, having iSearch is one of the main signs I look for to see what I'm dealing with in a HJT log.
I installed the installer for Bube.d on my test box. At no point was I presented with a EULA. Doesn't do much good for all this legalese to exist if the person infected never sees it does it?
-
February 23rd, 2005, 08:27 PM
#16
Doesn't do much good for all this legalese to exist if the person infected never sees it does it?
You don't have to with this clause:
iSearch Internet - EULA
By clicking "yes" or downloading, installing or using the Software, you acknowledge that you have read and understand this Agreement and agree to be bound by its terms. If you do not agree to be bound by the terms of this Agreement, you may not download or use the Software, and shall close this window without downloading the Software or clicking yes to indicate your acceptance of this Agreement.
I've heard of these ones. Just by viewing a page, or in this case, downloading without even being asked to download, you agree to their terms. IIRC, there used to be software EULAs like this whereby if you broke the seal you agreed to the EULA but it was inside with the disks/cds. (Made it hard to read). Perhaps the precendent that set the reason to have the EULA on the outside of the package should be used against spyware (that is, it's not published visibly where I can review it before agree to it -- like when signing up at a forum).
I'm surprised that no one has challenged these guys on Computer Crimes and specifically USC 1030?
-
February 23rd, 2005, 09:24 PM
#17
Senior Member
i think we should just lump it all together and call it 'evilware'
I know your type, you think "I'll just get me a costume, rip off the neighborhood kids". Next thing you know, you've got a jet shaped like a skull with lasers on the front!
-The Monarch.
-
February 23rd, 2005, 09:43 PM
#18
Hey, y'all!
From where I sit, iSearch and iDownload are spyware. I have no way of knowing what they define as "non-personally identifiable" information and cannot verify their statements in their license. So, allowing this software to remain on our state-owned systems is probably in violation of FIRPA (that's the Federal privacy act as applies to student information), HIPPA (y'all know what that is) and a number of state statutes.
My users are not authorized to speak for the state and make agreements for the state based on that license agreement. So, that license agreement is null and void. I'm sure our state attorney general (whenever we figure out who that's gonna be), will disabuse them of any high and mighty claims they might have with regard to that.
From my experience to date, iSearch and iDownload are nasty. I find these on some systems where the user would not have purposely downloaded them (they all claim they don't know where it came from -- right). The problem is that getting it off is a real chore. iSearch, especially, hides in some pretty clever places and re-infects the system on the next reboot.
The real test of whether it is malware/spyware/whateverware is that the user cannot simply uninstall the package and have it stay uninstalled. Once on, it takes a concerted, expert effort to remove.
-
February 23rd, 2005, 10:33 PM
#19
Senior Member
Ms. Mittens:
I've heard of these ones. Just by viewing a page, or in this case, downloading without even being asked to download, you agree to their terms. IIRC, there used to be software EULAs like this whereby if you broke the seal you agreed to the EULA but it was inside with the disks/cds. (Made it hard to read). Perhaps the precendent that set the reason to have the EULA on the outside of the package should be used against spyware (that is, it's not published visibly where I can review it before agree to it -- like when signing up at a forum).
I wonder if there has been a class action lawsuit about the generalized wording of EULAs such that it allows software providers, or anyone who issues EULAs that provides themselves with blanket protection and privileges. I also noticed when reading iSearch's EULA - that they call their software "adware" - which as I believe should be a sub-category of spyware.
Ms. Mittens:
I'm surprised that no one has challenged these guys on Computer Crimes and specifically USC 1030?
Yes - interesting - I wonder what will come from that letter from iSearch's lawyer? Ms. Mittens - ever thought about going into law? I think you and Negative could actually make for some "good" lawyers - no really!
-
February 23rd, 2005, 10:36 PM
#20
By clicking "yes" or downloading, installing or using the Software, you acknowledge
Emphasis added. This kind of language isn't enforceable in court. There's no way anyone
can know the state of mind of the person clicking the link. What if it is a minor, who
"buys" an expensive item online. The sale is null and void. It's almost as bad as
a cop interrogating you and saying "by not answering the question, you are acknowledging
your guilt. An agreement takes two parties communicating, not one party
dictating terms. "By drinking that beer, you are granting me permission to drug and rape you"
I came in to the world with nothing. I still have most of it.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
