EULAs For Malware

I Don't Believe in Imaginary Property writes "The authors of the Zeus malware have added an end-user license agreement to their product. The buyer is, of course, permitted to infect as many computers with Zeus as they please, but they have no right to distribute it for 'any business or commercial purpose not connected with this sale,' and they can't examine the source, use it to control non-Zeus botnets, or send it to anti-virus companies. Oh, and they commit to paying for future upgrades, too — wouldn't Microsoft love to be able to add that term to their EULA. While it seems silly to imagine Zeus's authors going to the authorities for violations of this EULA, if they're anything like the Russian Business Network, they probably have an extra-judicial means of contract enforcement named Ivan. That said, this is by no means the first EULA-encrusted malware."

Re:Removing malware == DMCA violation, the next st

[Fluffeh]

I can't imagine anyone enforcing an agreement contract (in this case EULA) that is installed without the user actually consenting it to be installed?

I mean, if you knowingly install something that snoops on your system and agree to the EULA you need to be kicked in the proverbials, but if something sneaks onto your system without you knowing about it what chance does any user agreement have?

Personally, I would like to see someone take Zeus to court about intrusion of their system. Wonder what the outcome would be.

Precedence?

[Anonymous Coward]

What would have precedence in a case pitting EULA-enforced DMCA and anti-cybercrime laws? Let's say a commercial AV outfit vs. the DMCA which would say that reverse-engineering the product was violating their copyright.

Re:Not Ivan ...

[s0litaire]

hell.... EVERY E.U.L.A. is invalid. You can't agree to a licence if it's inside a shrink wrapped box before you buy it!...... You can't use the software unless you agree to the EULA. The only way to agree to the EULA is to read it. Only way to read it is to open the Box. By opening the box you Agree to the EULA. Catch 22 without a law degree.

Re:Removing malware == DMCA violation, the next st

[RiotingPacifist]

Actually the EULA only applies to the company that buys the malware to distribute it.

GP is answered by

In cases of violations of the agreement and being detected, the client loses any technical support. Moreover, the binary code of your bot will be immediately sent to antivirus companies.

which covers the people the sell the botnet too, while i think that the article has a point when it says:

Data thieves and malware authors aren't going to win any "Most Likely to Respect Intellectual Property" competitions

Assuming that Zeus offers bespoke spyware for companies, or at least different enough that anti-virus companies cant detect them all from one sample (this is where its tricky because once the AV company has one sample they'll be able to figure out the rest), it is quite a good threat:
if your big enough to pay for mallware
your going to be big enough to do something with your network
your not going to risk loosing your network

Infact this seams like a bigger threat than most EULA, your hitting them hard, unfortunately I think its just as flawed as a normal EULA, its simply impossible to enforce ( i mean vista not on virtualisation, mac on apple only hardware, it just dosent work)

Perhaps Zeus would be better off by making its money through some shady anti-zeus company that offers 100% protection from zeus.

Re:Removing malware == DMCA violation, the next st

[cobaltnova]

Every time I have opened up a computer and started it up, I have been forced to click "Yes, I accept these license terms" when starting Windows the first time.

In fact, I believe that, since there is a phrase to the extent of, "If you don't accept this license, you may return it to the seller for a refund," you actually can get rid of MS junk (see this happy story [linuxworld.com])! Though, the follow up suggests that it is hard, if not impossible, to do this.

Re:astala-vista

[Anonymous Coward]

Clearly you haven't heard of Astalavista [astalavista.net] (might have been .com, not sure), taking the piss out of Altavista [altavista.com] back when people still used it.. Twas a warez and serials site which eventually became overrun by popups, spyware, malware and other general nasties. In it's place became asta-killer [asta-killer.com] against all the nasties, although most of it's sites linked now distribute as many as they can..

EULA

[ettlz]

How does one pronounce it? "Yoo-lah", or "Oi-lah"?

Dont you have to agree to an EULA ?

[Saint Gerbil]

Does it come up with a "I Agree" "I Disagree" buttons like all other programs now ? if so it would effect its spread rate since people would be able to disagree and therefore it should not install, or if you don't get the option to disagree or read it then it would cause problems when enforcing it legally.

Re:Not Ivan ...

[Zeinfeld]

Some clauses of some EULAs are enforceable. But many are not. But this particular EULA is clearly unenforceable (under common law at least) as the courts do not adjudicate disputes arising from criminal conduct. There is an ancient case where one thief sued another for failing to pay him his share of two pocket watched they stole. I don't think they expect the EULA to be observed. They would be fools to expect that as they spend more time ripping each other off than their intended victims (no honor amongst thieves). It is probably more of an attempt to gain notoriety by aping the business practices of legitimate companies.