Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
United States

Ask Slashdot: What can we do about UCITA? 209

Ben Woodard asks: "I've read several articles describing the evils of the UCITA and the fact that it has passed (and this article from LinuxTicker), but not one of them has said anything about what we can do about it. Since it is now only a suggested law and has to be adopted by each states isn't there time to do something? What can we do? Who should we contact? Is anyone organizing a lobby against it? Have the Open Source companies taken a stand regarding it? Is it time for the Open Source community to band together and hire lobbyists to represent our issues to the government?" The UCITA isn't law yet, but you can bet folks are going to try to push it through. Sounds like its high time to go on the defensive.
This discussion has been archived. No new comments can be posted.

Ask Slashdot: What can we do about UCITA?

Comments Filter:
  • by Anonymous Coward
    hes got the right idea. we have many end-users that really lack the skills to respectably own a machine, but do anyway... and their rights are as good as ours. surely we cannot throw away "oss's greatest gift" for them... it all boils down to the need for linux for the masses. get that down, and have this put a major disadvantage to using commercial softs, and open source will win out much sooner then it was first predicted.
  • by Anonymous Coward
    Anyone stupid enough to buy software under those terms deserves exactly what they get.
    That means anyone who is using commercial software. While it might be good for open source in the long run, it still hurts a lot of innocent people in the short run.
  • While I agree 100% with your intention, in the end I think it won't make that much of a difference (at least that example):

    1. People from outside the US have no restriction on reverse engineering the format. They can then release the results as open source to the benefit of the entire community. (Of course, I don't know if it would be legal, but it seems like a reasonable loophole).
    2. Isn't MS Word going to an XML format? That, hopefully, would be easily reverse engineerable. (I can see it now...MSXML, oh wait, that already exists :)
    3. Civil disobedience. I know that I will disobey unjust laws such as these. I'm sure many millions more will as well.

    Never underestimate the power of the individual

  • Anything that is "xxx-compatible" was created through reverse engineering. Do you think Microsoft published the format of Word files, to help their competitors be "Word-compatible"? People had to reverse-engineer it.

    Not to defend MS, but this is actually false. Microsoft does publish it's binary file formats for all of the Office suite on its msdn web site (the Word 97 format is at link [] and display the TOC). And, before you say that you have to pay for it, that's wrong, too. It is available without a membership to the MSDN. Now that I've said that, I read a passage that makes the file format a little less "open". "To access data within a Word binary file, the file must be opened using the OLE 2.0 docfile APIs, and it must be read with the appropriate docfile APIs." So, it is dependent on the openness of the OLE 2.0 docfile APIs.

    Anyway. Microsoft has always claimed that all of their APIs are open. I don't believe them, because WINE has not been completed and has very smart people working on it. There are undocumented APIs. Theoretically, it should have been able to create WINE without reverse engineering. Microsoft knows that even if they publish their APIs, few companies have the resources to duplicate them quickly enough to cause concern (if Corel writes an import feature 3 months after Office XX comes out, that's 3 months that Microsoft has had to sell Office XX without a compatible competitor).

    I don't know if the SMB protocol is published at all. I think the Samba team does reverse engineering, but that may just be to optimize (not to do basic implementation).
  • No it doesn't make sense. The SAMBA developers are already known to use reverse-engineering to figure out NT's network protocols. You could find this out by reading trade publications, Linux web sites, etc. Why would a computer have to announce "Here's what user X is doing"? If reverse-engineering becomes illegal, that throws SAMBA's legal status into question, period. That would make any business gun-shy of going near SAMBA.
  • Why does no one in a place to actually have an effect on this (Congress, Legislatures, Courts) ask this?

    Simple. They're either stupid or corrupt.

  • Umm... Samba originated in Australlia...
  • Sorry if this is a repeat, I browse at 2...

    The ACLU [] helps defend matters relating to civil rights.

    This, IMHO, is indeed a violation of basic rights, not the least of which is freedom of speech. This bill allows organizations to, among other things, dictate and enforce regulations regarding "proper use" of their software. That means that Microsoft (for example) could say "you are not allowed to use Word to disparage Microsoft" and shut down your license if you do. Given the fact that most people don't read their EULA's, items of this nature can and will appear.

    Another effective tack would be to vote with your money. Educate your employer about the dangers of using UCITA-protected software and suggest free or non-UCITA alternatives. It sounds to me from the nature of this bill that would merely allow EULA's to contain clauses allowing things such as remote shutdown -- if product EULA's don't include this clause, then UCITA is ineffective. Simply put, if it's UCITA, don't buy it.

    Also, take the time to let vendors know that you will not purchase any software from them if it is protected under UCITA.

    Disclaimer: I am not a lawyer (IANAL), nor a lawmaker -- my interpretations are subject to error. Further, I am human... :P

    Posted by the Proteus

  • As I see it this can only be good news for the Open Source movement. If it passes then IT professionals will begin looking for cheaper solutions. If it doesn't pass it still will raise enough hype to make the Open Source concept so much more appealing.
  • I might be missing something obvious (I am up past my bedtime, afterall), but it seems to me that nothing could be better for the alt-OS market (Linux, FreeBSD, Be, etc) then for this bill to pass. When people are angry at a provider of a good or service, they tend not to use/purchase their product. Not to mention the large number of markets that this kind of action could lock out for a company that actually used this functionality ... heh, and you don't think Microsoft hasn't already drafted up a new end user license.

    The advantage for the Open Source folk (who I am partial to -- Debian all the way!! -- ) is obvious. This legislation doesn't change the way Open Source products work in the least. So OSes like Linux will be able to carry on as if nothing had happened. Other OSes, like Be, which is not based on an OSS model, have a couple of different options. They can either try to use the law to their advantage and perhaps make a few extra dollars in the short run before they see their customer base dwindle to zero, or they can change their license to explicitly state that they will not utilize the powers given by the legislation. This could then, of course, become the centerpiece of a powerful marketing scheme.

    Such a marketing scheme would quite possibly be very effective. Just how mad do you think the average American will be when his copy of Microsoft whatever just up and quits, leaving a nice little bit about sending a check to such and such address if they want to continue to use Microsoft whatever. And then you have the people who have put a second morgage on their house so they could buy Office 2000, and because of either some dolt at a control panel in the hallowed halls of Redmond or a bug in the auto-shutdown software their copy of Word shuts down right as they're putting their finishing touches on that big report that was due in yesterday. It won't be too long before the general public starts to get extremely fed up and begin to look for alternate solutions to their computing problems.

    Then there is the whole governmental angle. Do you actually think that the government would allow software to be used in the offices of Congressmen and Senators that could be remotely shut off by some third party. While I don't think the suits at the Capital building are the most computer savvy blokes around, all it would take is either one incident or a buzz about what would happen to peoples' jobs if such an incident were allowed to happen. And who do you think the government would turn to? OS/2? Be? I doubt it. With such legislation in place, their only option would be to go with a form of OSS based software, which is immune to the ramifications of this legislation.

    Of course all of this is pure late-night speculation on my part, fueled by a boiler loaded to capacity with 'what ifs', but I just don't see how this legislation could be anything but bad for any commercial software company. Americans will put up with a lot and turn a blind eye to many things, but there does exist a threshold, and once it is crossed things can get very ugly. And I also realize that I've been portraying this like Microsoft would be the only company who would use this legislation to their financial benefit, and while this would certainly not be the case, I think when people read about this law the spooks up at Redmond are the first group of undesireables that come into mind.

    You got to wonder where Microsoft's PR people have gone. Public opinion may not matter much in the short term, but if enough of the public hates you, life can be very very difficult. Good press helped Microsoft immensely when they were fighting 'Big Blue' ... have they forgotten that, or have they just ceased to care. I'm not sure which timebomb would cause the most damange.

    Well, to anyone that has gotten this far, sorry I've burnt up so much of your time with my frivilous surmising, but hopefully you found some small pieces somewhat interesting and/or mildly entertaining.
  • If you set your machine up to respond automaticly, and documented it in /etc/issue or a web page or something, you could claim it's a 'service, freely available to anyone who does such and such', and if a script kiddie sets it off and gets burnt, that's their problem. Particularly if you warn against misuse in the documentation. Of course, this all hinges on the fact that they shouldn't be misusing your system, and should have read the documentation.
  • No. UCITA is a step in the wrong direction. It outlaws reverse engineering. It makes EULAs enforceable.

    The tighter they squeeze, the more justification they have for squeezing tighter. Don't count on them going too far, seeing the error of their ways, and then swinging them back.

    think of it as war. every battle counts.

    information is free.
    the only question is:

  • UCITA sounds like a fair law to me...and i could
    really care less, i don't use any software that
    has such restrictive licenses that would need to
    be recalled in such a manner.

    also, how do companies plan to remotly shut down
    their products? i don't see how you can't just
    undo what ever they do to disable it (edit windows
    registry, reinstall software, block w/ firewall),
    of course, this would be piracy i guess, since
    you're no longer authorized to use the
    software...but if you break the license, even w/o
    UCITA, couldn't MS just call you up and demand you
    stop using Micosoft Foo '99?
  • Instead, kill a million birds with one stone by replacing all career politicians by community delegates with strict 1-year tenures, rather like doing jury duty, requiring all laws to take 2 years to be voted in, and banning all access to government by external lobbies.

    Then, stupid delegates wouldn't matter, nobody would have time to build up a power base which is the root of all corruption in politics, and there would be far fewer stupid laws passed because the absence of lobby power would mean that delegates would only create laws if the topic interested them and hence if they knew something about it from their previous occupation.

    But hey, obviously that won't happen, so we're stuck with a totally assanine political system. Don't worry about it. Nanotech is just around the corner, and then everything will change.

  • Fortunately good cryptography is rare. A secure key exchange would be unlikely to break. I have more ideas on how to make it impossible to break secure cryptography, but I won't post 'em here for fear "they" might implement it. Just say I've seen it done in research.
  • I meant to say "I have more ideas on how to make a software distribution system that's impossible to break with secure cryptography" but somehow hit sumbit instead of preview. need coffee...
  • Once UCITA gets passed, software companies could do something similar to what DIVX players did. Require the program to contact some central server once a month or so. If the customer is still allowed to use the program, the central server will send the program the insanely large private key that goes with the correct one of a large sequence of public keys stored by the program. If the private key matches the public key, then the program will continue to work. Else, the program will shut down until someone feeds it that private key.

    The strength of this plan is that it requires action on the part of the installed program. So simply blocking communication between the installed program and the central server will not help you escape the restrictions. Similar safe guards could be used to make sure that you don't just reinstall the program (every freshly installed program needs to contact the central server for a new set of keys, etc).

    Nothing is completely secure, but the above setup could be made very hard to circumvent.

  • Aren't a bunch of Attorneys General, about 10 or 12 states' worth, fighting this?

    (was this story really up for over 2 hours before someone posted? none of whom felt compelled to holler "First Post!"? Is this still Slashdot?)

  • I personally email every congrassman, and state legislator I can, whenever something like this come's up (I did for this action too). Unfortunately my email is apparently one of four:(

    No, the problem is that legislators (or, more accurately, their staff who deals with correspondence) know how easy e-mail is (and how easy it is forge a lot of messages to fake a groundswell of support), so they don't lend it much credence. I would guess that one real, paper letter is probably worth at least twenty e-mails.

    That said, an e-mail is better than nothing. But if you really want your voice to be heard, send a paper letter, or call your representative's office. If you can't or won't do that, at least send an e-mail...

  • The problem is that while individuals may not choose to use software with such (comparatively) draconian licensing terms, every day of our lives we are affected by people who do use that software -- the word processor at the office, the application development environment, etc. etc.

    I don't think any technical solution would NEED to be implemented for remote deactivation. That opens up a can of security worms that I'm sure most big software houses are sick to death of by now. In today's lawsuit-charged climate, if a ten ton boulder rolled down the hill and a lawyer issued it a cease-and-desist letter, that boulder would stop -- legal pressures are quite sufficient to implement the remote-deactivation clause.

    I sincerely doubt that the level of remote-shutdown "license recrimination" that many people are predicting will come to pass. It's much more likely that the no-reverse-engineering clause and the slippery-slope principle will get a lot of people. After all, how much time before the Samba team (housed in Australia) will find themselves on the business end of a lawsuit from the Australian government after something like UCITA passes down under?
  • Well, Reverse Engineering, I don't see to be much more enfourceble then in the past.

    When do you call it reverse engineering? I don't see that clearly defined in UCITA, it basically states it's illegal. If you haven't looked at the source code or haven't tried to disemble the program is it reverse engineering?

    Okay, I don't see Microsoft going after mom and pop small free software projects -- it would be just a pain in the ass for them (there are so many of them), it would be hard to prove, and most importantly it would be really bad press.

    Think of the headlines in the bussiness section, "World's Largest Software Maker--Attempts to Crush all others via. Power of UCITA", "Microsoft Tries to make Populuar Free Product Illgal", etc.

    Blunders like this don't look good -- they make the software company look like a large tyrant trying to hurt everybody out there. And if enought software developers just get fed up, they will choose to go with another existing software plaform, and build on top of that (such as Linux, FreeBSD, Mac OS X, Amiga NG etc.)

    Reverse Engineering has been illegal for years -- but it's almost never enforcable for sevral reasons:

    1) It's Hard to Create Enough Proof
    2) Laws allow it partially -- as long as it's not an obivious copy.
    3) It's too much time and money to waste on small companies.
    4) At least with free software, who do you sue?

    There is nobody to sue, as said in the license, except for maybe support companies, which already have rules in place to avoid that. Lawsuits against the FSF won't seem to go to far -- since FSF can claim that software is done by indivuals and not themselfs. And suing a non-profit organisation is quite hard to do legally, especially if they didn't blatently do something illegal.
  • Reverse Engineering is kind of a strange thing -- since it is quite difficult to prove... especially if you didn't decompile the program, and how can one prove that you accutually reverse engineered the protocol instead of actually completely clean boxing the code.

    WINE is probally mostly designed clean boxed -- I don't see them use Microsoft code themselfs, it is written by the programmers themselfs, and is quite different for Microsoft code (that's why the widgits look different and why some programs refuse to work with WINE). AFAIK, none of the WINE developers have yet to get there hands on Microsoft Windows source code.

    So you get a policy like this with WINE: It may be compatible with Microsoft Windows products, but it may not. This is an entirely new set of API's designed to make it easier for software developers to easily port there programs to Linux x86. No code was taken from Windows, nor was any code reversed engineered -- all was based on documented APIs (from various programing manuals or from populuar open source progams) and based on completely Free code.

    Samba is kind of the same thing -- it was designed to work with other pieces of hardware, using a protocol similar and possibly comaptible with Windows NT SMB networking, but it contains no Microsoft code, and was not reversed engineered, therefore, none of the developers had access to Windows NT SMB source, it may not be compatible with your network, or it might be. Samaba is a totally new protocol, in which some cases may be compatible with Windows NT SMB, but it may not be.

    Making sure that you don't claim your product is 100% compatible with a piece of software, and claiming that your software is totally new, and contains non code from a previous piece of software, makes proving reverse engineering almost impossible to prove.

    As long as you can prove your code is 100% clean and contains no code from previous places, and was not reversed engineered, your okay. Since Open Source Software is completely open, and any person can look at it, it would be quite hard to find spefic lines that have been reversed.
  • I am not sure that would make WINE illegal, if you look at the clause you could say WINE is just a compatiblity layer to help ease porting of programs to Linux x86 (such as Corel). It does not contain any Windows code at all, and is simply a system to remap API's from populuar programs, that run on systems with implementations of Win32 APIs or Win32-similar APIs.

    WINE could be claimed by it's authors that it's not neccessarly an clone of Windows, but a compatiblity layer, designed to work with many populuar programs, that use these APIs.
  • Yep. And MS Instant Messanger
  • Didn't the details of GIF compression get mostly published as well...?

  • Also, might it be possible to hit MS for all the reverse engineering they do?

    Makes me wonder: If you're not even allowed to take their software apart, how do you prove that they did reverse engineer parts of it?
    Or, to take this further: How, for example, could we prove that they're using GPLed stuff?

    Worried (even though not located in U.S.A.),

  • Or... what if SAMBA becomes contraband in USA due to its reverse-engineered nature. Product of an illegal act....

    That's when I say to hell w/ it, I'm packing my parka and heading for Sweden..

  • Both of the letters presented in that link are very good, and either could be used.

    I still really think that one of the more major orginazations need front-page links to these types of letters. Wether they are sent by email or by snail mail they are still seen by the legistlature. Send them to your local, state, and national representatives and senators. Send links to colleagues and friends that may be interested in the topic. Get The Word Out in other words.

    If I get time tonight I might write a quick page that has links etc to all the important sites, with example letters and such. mmm... javascript.

  • I know the EFF has standard form letters for these different causes (which reminds me, they should really get involved in this).

    Is there a spot for a form letter for this occasion? I'm sure if it was advertised properly, it could be of enormous help. I know I've not written cause I really don't know what to say without sounding rather dumb. Then provide links to the sites mentioned that provide state legistlature addresses. ...

  • Not to defend MS, but this is actually false. Microsoft does publish it's binary file formats for all of the Office suite on its msdn web site (the Word 97 format is at link and display the TOC). And, before you say that you have to pay for it, that's wrong, too. It is available without a membership to the MSDN. Now that I've said that, I read a passage that makes the file format a little less "open". "To access data within a Word binary file, the file must be opened using the OLE 2.0 docfile APIs, and it must be read with the appropriate docfile APIs." So, it is dependent on the openness of the OLE 2.0 docfile APIs.

    The usefuleness of those documents is actually restricted by the MSDN EULA (based on the assumption that accessing MSDN from the MS web site also falls under its EULA). See section 2.1.b which contains this passge:

    b. In addition, for the MSDN Library, this EULA grants you, as an individual, a personal, nonexclusive License to make and use an unlimited number of copies of any documentary material ("Documentation"), provided that such copies shall be used only for personal purposes and are not to be republished or distributed (either in hard copy or electronic form) beyond the user's premises and with the following exception: you may use Documentation identified in the MSDN Library as the file format specification for Microsoft Word, Microsoft Excel, Microsoft Access, and/or Microsoft PowerPoint ("File Format Documentation") solely in connection with your development of software product(s) that operate in conjunction with Windows or Windows NT that are not general-purpose word-processing, spreadsheet, or database management software products or an integrated work or product suite whose components include one or more general-purpose word-processing, spreadsheet, or database management software products. Note: A product that includes limited word-processing, spreadsheet, or database components along with other components that provide significant and primary value, such as an accounting product with limited spreadsheet capability, is not considered to be a "general-purpose" product.

    Thus to avoid a potentially expensive lawsuit from MS you really have to do a "clean-room" implementation of document reading and writing. Its really too bad that is is even legal to hold hostage the data someone creates like this.

  • Try GNUcash.
    It's no Quickbooks but it is a start!
    ^_^ smile death approaches.
  • That will never work, i'm sure people will find a way to exploit it.

    That's the obvious problem some not so obvious problems is interaction between programs.
    Say program X,Z depends on program Y remove Y and you cripple X,Z.

    If X,Z are important server programs, that could take down your network. It would be problematic if you could not reestablish the programs because the network is down and the codes can't reach the programs. Now lets say these are mission critical machines, you can loose millions of dollars in downtime.

    I'm sure companies like Netscape have to use Microsoft programs to get some projects working. If Microsoft decides it does not approve of what Netscape is doing, they could disable servers. Could goverments be held by the balls by companies like Microsoft? Who is going to regulate the ability to use this power? I now understand why protections like copyleft and GPL exist. Businesses are not looking out for you, they are looking to get a piece of you.
    Please avoid dumb ideas like these they can only cause problems in the long run. Support licenses that protect you, own software and don't let software own you.

    Wow it is late let me stop ranting!!!
    ^_^ smile death approaches.
  • What will we do about this? Probably nothing. This piece of rap legislation will get shoved down our throats like the CDA only there is no secion of the Bill of Rights upon which this can be overturned.

    We take this shit lying down and the people who propose it get bolder with each pass. You non-thinking law and order types who spout drivel like "Kevin Mitnick is getting exactly what he deserves. Don't give me any of that 'constitutional rights' crap you anarchist!" are the very reason for this. Bad laws should never come into being, if they do they should be nullified.

    How long before GM and Ford make an EULA for their cars? You can't reverse engineer your new Mustang, so that design flaws are forever a protected secret under the force of law. If you allow this to happen it will get worse. You can't allow the camel to get his nose under the tent.

    This is not some minor change in copyright law, this is a VERY big deal. It has to do with whether or not you have the right to control what is in and on your own computer.

    Are geeks the gutless wimps that they say we are? Or are we strong and capable of uniting against a common enemy? UCITA is that enemy. If we can't unite to stop this, we may as well bend over right now, because implied consent to anal rape will be added to EULAs next and there's not a thing we will be able to do to stop it.

  • Here's a place to create a petition on any subject. There's a list of Congressment, the President and more that you can choose from to receive the petition. I'm not all that familiar with UCITA, so i'm not sure who the petition should go to. If someone will create the petition and post the url here, i'll sign it.
  • You personally may use all GNU/open source software, but as someone else pointed out with Foobar Inc, your bank, grocery store, ect. probably uses commercial software. With the ability to change license agreements after the sale of a product and the ability to disable software remotely, companies can hold their customers by the soft spot because their customers may depend on their software. You know why Microsoft supports UCITA? They can sell Brand X Inc Windows 2000 Uber-super preium server edition but then Brand X Inc hits it off with an IPO or their product kills everyone on the market, Microsoft says "hmmm, they can afford a hugely inflated license fee now", then they change the EULA so all Uber-super preium server editions need extra licensing fees whenever someone visits a website hosted on the server. Microsoft gets a huge cut of Brand X Inc's profit but then Brand Y Inc which didn't have a successful IPO and hasn't made much money cant afford the new EULA, they go out of business. Don't ignore this or pass it off because you personally use open source software, not everyone else does and you have bank accounts with them or buy groceries from them or maybe they're you're local elementary or high school.
  • Hmm, I haven't noticed anyone else comment on this
    so I will..
    Imagine if a piece of software listened on a particular port, and if the right code came in, the software would disable itself.
    I could have so much fun with that actually.
    Next time some script kiddy annoys you with some lame nuke attack that'll never work (because you don't use faulty software like Windows), just disable their copy of Windows.
  • OK, all the advocates who think this is a Good Thing(tm) because it makes Open Source look better than commercial software, consider this (slightly at best) scenario: I have both personal and home business accounts at my local credit union. It's a small organization, completely insured, with good rates. However, being a credit union and not a huge multinational bank, their IT budget is rather tight. Let's say their using FooBar Inc. software for all of their database and financial transactions. UCITA is passed, and the clause in FooBar's EULA states that they maintain the right to change the terms of the license without notifying their customers (a common clause, I'm sure). Then one day, My Little Credit Union, receives an invoice stating that the terms of FooBar's EULA has been modified, and all users of their software must pay a rental fee of twice the original purchase amount, or immediately cease using remove all (now unlicensed and illegal) software from their computers. Since the credit union does not have the funds to pay such an outrageous 'rental fee', they call their attorneys to pursue available legal options. Meanwhile, FooBar Inc. decides that the payment window has passed, and promptly disables their software in use at the credit union remotely. This will stay in effect at least until a judge can hear arguments and issue a preliminary ruling on whether FooBar Inc. has to reactivate the software while fighting things out in court. So, during this time, me and all of My Little Credit Union's other customers have: 1) No way to access our money. Since the computers have been disabled, my account details can't be accessed. 2) Many small businesses are also locked out of their accounts. Payroll checks cannot be issued, nor those already issued cashed. 3) Personal and business bills go unpaid, causing a wide array of problems, from auto repo's, to mortgage forclosures, to business backruptcy and loss of jobs. All this because FooBar Inc. knows that their software is used by 80% of the financial institutions in the world. If one puny credit union doesn't play by their new rules, SO WHAT! All the bigger fish will, especially now that an "example" has been set. This may seam a bit far fetched, but is it really? This type of scenario is what is needed to wake the sleeping non-technical masses up. When someone tells you, oh *I* won't be affected by that stupid computer law, I don't even own a PC! An example like the one above illustrates that even though *they* don't use FooBar Inc.'s software, business and institutions critical to their well being *do*. Just a thought... I'm sure someone's bound to call this an overreaction... So be it~
  • OUCH! Just noticed the nasty formatting... Sorry!

    That'll teach me to submit a rant this late at night! Guess I should've used that handy "Preview" option Rob gave us!

  • Who is going to be prosecuted in an open source development effort?

    Even if your program is given away, you can still be sued for taking business away from whatever company. This is the whole case the music publishers have against MP3: The people giving it away on the Net aren't making money, but they are causing the studio execs to lose it. But whether or not your actions are "illegal" depends on just how much of it is theft and how much is "reverse engineering".

    It's pretty obvious how important reverse engineering is to the current state of technology. For example, what would the personal computer industry look like today if Compaq and others couldn't make PC clones? It would stifle competition. We would be running $10,000 IBM PCs with 386's and $12,000 Macs with little black and white screens.

    This sort of thing has cropped up before. And it has always been due to human error.

  • you cannot be punished tomorrow for something that becomes illegal today that you did yesterday

    That's right. It's called the "Grandfather Clause".

    But maybe that wouldn't be so bad. Think about it: MS-DOS was reverse-engineered from CP/M. So, MICROS~1 would have been established upon an illegal act, which means all derivative products (like Windoze) would have to be pulled from the market, and they would owe Digital Research (who made CP/M) some 100 billion dollars.

    It is rather odd that we see the banning of reverse engineering once large companies like MICROS~1 no longer have use for it, and at the time when open source projects are appearing on the scopes of these companies.

    This sort of thing has cropped up before. And it has always been due to human error.

  • i think that federal laws automatically take precedence over state laws-- i mean, it seems like if a federal law specifically states that something is legal intead of simply failing to outlaw it, that would keep a state from outlawing it?

    are there any lawyer-type people reading who could elaborate?
  • umm.. of course it would be illegal. you missed the original posters point.

    winnuking, Denial of Service attacks, and beating random people on the street with baseball bats are all illegal. Yet people do these things, either because they want to hurt the person being nuked/DOSed/beaten, or just because they can.

    The point is that if there is some way that the company who made the software can disable the software, then there will always be some way for random hackers to disable the software, whether or not it's legal. And once that way is found, you'll have a thousand script kiddies disabling people's software at random without any thought for the consequenses.

    Think about it. I doubt the people who made USCITA did.

    - mcc-baka
  • interesting point. but you wouldn't have to declare yourself an independant state-- just go into international water.

    There are already companies that get people on boats, go ten miles offshore where you're no longer under the control of any one state, and then do things which would be illegal under the anti-gambling laws of the state they're located in.

    I'd assume that would mean that any reverse-engineering done on a boat eleven miles offshore would be untouchable by USCITA and legal. Unless USCITA intends to make _usage_ of reverse-engineered software illegal, in which case a lot of IBM-combatible PC clones are immediately contraband.
  • I would email my state rep but she doesn't have an email address.

    Use snail mail then. :-)
  • Yeah. But nobody stays on top forever. And the longer they do, the more despotic they tend to become (probably because power attracts the power-hungry, who frequently also have other problems). This might be an easy way down. (Usual dethronements involve war, and I'd just as soon avoid that thank you.)
    That said, I still hope it gets defeated. I'd prefer that others rise economically that that US decline.
  • If a term is not defined in the laws, then it will be defined in the courts. How good are your lawyers?
  • 1) You don't need to be convictable. You just need to be chargeable. Lawyers are expensive.

    2) The government is already against the use of secure crypto. They'd love another reason to justify their stance.

    3) Prominent monopolies are the only ones likely to benefit from this law. But they frequently give large political campaign contributions.

    The only true defence is that non-US countries don't have any reason to enforce this law, even if they pass it, as it is purely in the interest of large monopoly powersm (not even the small monopoly powers!). It may, however, drive all "compatible" software development out of the US. (Well, there's SUSE and KDE and ...) Red Hat might need to relocate (O, wait, they've already opened offices in Germany! .. make that expand their foreign offices).

    It would really be bad for the US.
  • The idea is correct, but it's the state legislator that you need to write to. And it's probably better to be polite....
    Also, it would be better if you could point to a specific bill, but AFAIK, it isn't yet on the calendars of any states. (That will probably change soon.)
    Does anyone know how important the bill number is when writing to a legislator?
  • My suspicion is that what will really happen is software with an embedded expiration date, and you will need to go to the vendors site to get it unlocked every so often. But they need to take steps to make resetting the codes illegal before they activate this process. Possibly they need to take steps to make resetting the codes both illegal and traceable (as in, every time you log onto the internet your guid [assigned at time of registration {activation}] is broadcast to the central site, together with the amount of time that you have remaining. If a month goes by without a reply coming back, your software starts complaining about the need for an upgrade. Etc.
  • That's a really nice argument. But it doesn't get me a printer driver for an HP1150C.
    It would "obviously" be in HP's benefit to make, or enable to be made, such a driver. They don't, and they won't. They claim to support Linux, too. Everytime I hear their name recently I think to what kind of "support" that means.
    I sent questions in about it, and only ever got one reply, which basically said: "O, I'll pass that request on to the developers." That was over 6 months ago.
    I don't think it's a WinPrinter, either. I think they just won't tell. But they won't even tell me that.
  • Anyone stupid enough to buy software under those terms deserves exactly what they get.
    At any one point in time, there is only a certain amount of capital available for investment. The businesses that respect their customers' intelligence, and the businesses that try to provide genuine services for the ignorant, are competing for capital investment with the businesses that exploit customers' stupidity.

    Therefore, if you are a smart customer, laws that prevent businesses from exploiting customers' stupidity are in your enlightened self-interest.

  • "Every day it gets clearer and clearer that yesteryear's methods of democracy just don't cut it these days."
    I have to wonder - when in any time in the History of Man has there been a method of democracy that did cut it? Haven't people always been "dictated to by a group of essentially greedy and corrupt 'leaders'"? (Even the ancient Greek democracy of Athens(?) was a democracy of upper class men - not everyone, IIRC.)
    Thank goodness we now have the internet and places like Slashdot to learn about these important issues and like Project Vote Smart to help us make our voices heard.

    We all need to become more aware of more issues that affect us. (I know, duh!) I'm a computer geek and my wife's a pharmacist. For every issue like UCITA or encryption regulations that could significantly affect geek and non-geek alike, there are at least as many similar issues in the pharmaceutical/medical fields. I laugh (or cry) at how some news stories about computer virii or such get skewed by the media - and she does the same for many medical-related stories, ones that without her corrective input I'd have gone, "oh, wow that sounds bad/good" on the media's word alone. That's scary to me.

    How many other aspects of life are we being manipulated for others profit without our voice being heard? I suspect almost every one. And that's sad because our best choice is to become more knowledgable about all these issues - and who's going to have the time or desire to spend that much time and effort on issues, especially as they get more and more distant from one's areas of expertise and interest? I'm thankful there are consumer-protection groups out there - but I will have to get off my butt on more issues, make my opinions known more often to my representatives, and not rely on them or the sand my head gets stuck in to protect me. We all should.

  • If you refuse to buy such software, then you have just protected yourself from UCITA

    But only at home. I'll still have to face crummy licenses here at idiot central (err, work). Those of us who aren't self-employed are still at the mercy of fools.

  • So, you advocate laws based on how BAD they are for the people that they affect?
  • but I just had to say:

    "this AC probly works for microsoft"
  • I work for a small software company. One thing that we have been asked to do is to write new (Linux) software to run an old communications protocol. The protocol lacks documentation, so we must reverse-engineer the protocol by watching every byte transmitted and received. We have successfully implemented the protocol by using RE in this manner.

    If this proposed law passes, then we would no longer be legally able to implement an old, undocumented protocol in the future as we can do today.

    On a similar topic, the most disturbing thing I have noticed is that here in Australia, it is very difficult to read the licence of computer software before purchase. To read the licence, you have to buy and open the shrink-wrapped box, but once the box has been opened, the software retailers refuse to give you a refund. You therefore have no choice but to accept the agreement, or be out of pocket. This is a classic catch-22.

    It should be a legal requirement to give prospective purchasers of software every opportunity to read the software agreement before any money changes hands. (It probably is already, under standard contract law.)
  • once businesses understand the security and legal ramifications, they will flee to OSS in droves.

    That's my take on this too. What exactly is so bad about this proposed law? Anyone stupid enough to buy software under those terms deserves exactly what they get.

  • Wah (walkindude50@NOexcite.comSPAM.PLEA.SE)writes...
    Unfortunately the political power of the /. populace is next to nil (lots of college students and computer geeks all of which are too *busy* to vote on a regular basis). . .

    Too busy to VOTE ?? Sorry, friend, but if you're too busy to vote, then you're too busy to bitch about the results of not voting. Vote absentee if you have to: the lack of voting brings us things like the CDA, Senior Citizens bleeding us dry, and UCITA. . .
  • Most politically active people will tell you that email is pretty low in effectiveness when contacting a politician, snail mail is much better and a phone call is much better than that. A personal appearance is the best, but not too likely.

    Personally I'm conflicted over UCITA. It's bad, but may be good in the long term by pushing more people towards opensource
  • I know her stands on other issues it is a waste of time. The other problem is she got well over 65% of the vote last time.

    In short sometimes goverment doesn't work to your advantage or sometimes at all.
  • I would email my state rep but she doesn't have an email address.

    Sounds like a major project to get her up to speed!
  • You might be right. The local state rep. is a lost cause but the AG has eyes for the govenor's office. She likes to brag on her pro consumer stance even though she doen't do that much really. Afer all it is her job to go after fraud.

    While I am at I should tell the State school board that evolution is a fact even if they don't like it. Yea that is right I am from Knasas.

  • Yep, spring for some stamps and tell your representatives what you think, but don't forget that there are lots of people who have no idea this is going on. Find ways to get this issue to people who aren't aware of the UCITA and how it will affect their businesses if it is enacted. Recent posts here on this subject prompted me to inform the person who handles computer issues (editorially) at my community newspaper, and here's the payoff: First Byte [].

    Write letters to the editor as well as letters to your state legislators.

  • I am strongly suggesting that everyone (US citizens here) write your state representatives in both your state governments and federal governments. If you don't know who your reps are, just go to Vote-Smart [] and enter your ZIP code.

    If you do write your reps, try to mail the letter the old fashioned way, since it is most effective because they are required to file every letter they receive.

    For those of you who need a starting block as to what to say, here is what I am sending. It fits on a single page. Obviously, you may modify it if you want (you will probably want to replace the stuff in the brackets []):


    August 11, 1999



    Dear [STATE REP],

    I am writing you due to my concern over the Uniform Computer Information Transactions Act (UCITA) that has been approved by the National Conference of Commissioners on Uniform State Laws (NCCUSL). This proposed law will most likely come to the floor of the [YOUR STATE] State Legislature in the near future. I strongly request that you VOTE AGAINST this proposed law.

    The legalities contained in the UCITA aim to protect the large computer software corporations who are sponsoring the law, while severely limiting consumer rights. Also contained within the UCITA is a ban on reverse engineering. This is by far the most disturbing amendment of the UCITA. If reverse engineering were to become illegal, a large portion of computer software and computer software businesses would cease to exist. Reverse engineering is a central point of computer software. Reverse engineering allows a developer to create software that is compatible with existing software. If reverse engineering were banned, a large portion of existing software would become illegal, while the remaining "legal" software applications would suddenly have monopoly status. This would destroy small computer software businesses and severely harm consumers due to limited choices. The amendment for banning reverse engineering only benefits the large corporations by allowing them to further secure their monopolies.

    As a professional computer software engineer, I am asking you to VOTE AGAINST the proposed UCITA law. It is not good for [YOUR STATE] and it is not good for The United States.

    For more information about why the UCITA is an unbalanced law, please point your Web browser to the following addresses: (talks about Uniform Commercial Code Article B2 of the UCITA) tml (letter from the ACM President) ?/features/990531ucita3.htm (general issues) reed/990531sr.htm (other issues) (informal review)

    Thank you,


  • I say let softawre companies build in these features and lets see who sells more products companies that respect their customers or Companies that snoop or cut off service to their customers. It might even be a chance for a new company to get a foothold in the market if they can play up the fact their software wont ever erase itself or they wont login and scan your computer. Most of this is irrelevent to me as I mostly use open programs
  • Is this really a bad thing? I could see this seperating the proprietary from the open when open standards are becoming stronger and propreitary solutions weaker. I, and I assume many slashdot readers, have been using commercial solutions less and less as open alternatives become available. Commercial vendors will see this as a bad thing, and so will lawmakers when no one can sell software. It seems as though any new law concerning electronic information is written by a neo luddite... that is to say it's made harsh and out of fear under the cover of protecting people. I'm inclined to believe that it won't stop until it's so bad that our entire legal system will have to be redesigned. I see the UCITA as one step closer to that, and convenient for people like myself in the meantime. I know that sounds selfish, but most people don't seem to mind when their rights are taken away, and maybe that will wake them up.

    On the other hand, much of the computing industry is driven by entertainment, very little of which resides in the context of open source and standards. Take, for instance, DVD. Anything that would let you watch DVD movies on your linux box can't be open source because of the encryption codec, I think (I'm not especially clear on that issue). And I'd hate if something like DIVX couldn't be avoided because of something like UCITA, and I'd have to end up going to the theatre and getting carded all the time.

    I apologize for any inaccuracies, it's hard to read the manual from my soapbox.
  • Of course when Opensource loses all connectivity to proprietary software (after Samba is declared illegal or M$ changes a stack) its appeal will basically disappear for all but the hardest core.
  • E-mail friends in the U.S. or use some other tactic to spread the word on this. Unfortunately the political power of the /. populace is next to nil (lots of college students and computer geeks all of which are too *busy* to vote on a regular basis), especially when compared to the senior vote (which is VERY powerful) which would most likely support this initiative considering their steel grip on technology issues.

    (run-on sentence provided at no charge)
  • However, even considering the damage this could do to free software if it passes, its only possible ultimate effect is to create instability in the software market, and instability is always good for the revolutionary. Imposition of order equals escalation of chaos.

    I think if this passes and is enforced it would be devastating to the free software movement. Far from creating instability it would create total software dependance, moving from vendor to vendor would be made more difficult and extremely expensive.
    What this does is lock down the status quo, which would have to be the big reason M$ is supporting it.

    Linux isn't to the point that most folk can trash M$, so they'd be stuck and then totally unwilling ot move.
  • Personally I'd like to avoid that scenario, "It's good to be the king!"
  • Of course, when every copy on Windows need a key from M$ to install you guys should be just fine. (serious question) Anybody know what percentage of software is created in the U.S.? What percentage of the Internet?

    Also, what kind of implications would this law have on Internet based apps (organizers, e-mail, word procs, yada yada yada)?

  • Sorry, friend, but if you're too busy to vote, then you're too busy to bitch about the results of not voting.

    That was the implied reading. If you look at what I wrote more closely you'll see that all I was doing was pointing out that the majority of /.'s clientele are not the voting type and therefore not even on the radar of politicians and other policy makers. I was hoping on some deep level that my post might create that extra bit of social responsibility required to motivate said demographic to visit a voting booth. True, sterotyping can lead to trouble, but it's how my company makes money, mainly because it works when looking at the big picture.
  • The easiest way to avoid the yuckiness of the UCITA seems to be using Free Software (Noone can claim you reverse-engeniered software you were given the source code to :)

    As for politics, hopefully the
    Libertarian Party will raise a stink soon.
  • Perhaps, but for those of us who believe Reverse Engeniering is a form of free speach, it's a diffrent issue =] Especially annoying to then would be special interest groups conspiring w/ government to take that freedom away...
  • I remember when IBM was _GIVING_ away COMMENTED SOURCE to the PC BIOS.

    board schematics, etc...

    oh how I long for those days...
  • If reverse engineering is banned, will that doom the Human Genome Project?

    1/2 ;-)

  • Every day it gets clearer and clearer that yesteryear's methods of democracy just don't cut it these days. Individuals don't get a chance to have their say; they are invariably dictated by a group of essentially greedy and corrupt "leaders".

    This "Ask Slashdot" broaches a subject that every Free Software advocate must have felt before.

    What is the only technology that can bring it down? Communication. Currently manisfested as the internet.

    In an ideal democracy, every person gets the right to have their say on every matter. Soon the network infrastructure will be there to enable this.

    Here are the first steps:

    1. Some kind group sets up a forum through which people can delegate selected signing authority. A convenient method for allowing them to vote on critical matters. Set your opinions on subjects, then leave it. This group regularly sends in automatically generated petitions to parliament.
    2. This group gains enough reputation to make it to the mainstream press. Word is spread of the true democracy.
    3. The numbers get large enough that the government is pressured into making the technology available to the greater populous of the world with Taxpayer money.
    4. Power to the people!

    Ok, this is pretty idealist, and there are obvious steps missing. There are also big, open ended questions - do you really want people who know squat about a subject having a vote that casts as strongly as a world class authority? Still, it can't be worse than the current situation.

  • As long as UCITA doesn't threaten gun ownership and doesn't tighten existing marijuana laws I doubt the libertarian party will care. They have nothing to do with freedom, just with shooting things and smoking dope.
  • Didn't Microsoft use reverse engineering (otherwise described as "stanadard programming methods") to make MSN messenger with with AIM?

    Funny that.
  • Didn't Microsoft use reverse engineering (otherwise described as "stanadard programming methods") to make MSN messenger work with AIM?

    Funny that.
  • It's the clause that reads "No Bill of Attainder or ex post facto Law shall be passed." Read &graph url=&court=US&case=/us/3/386.html">Calder v. Bull (1798 [] for the binding precedent.
  • Please note that this law doesn't *require* the bad aspects of it. It simply allows them. Perhaps we can keep it from being enacted in the various states? If we don't succeed, we can still fight it in the marketplace by refusing to purchase software which has unacceptable shrink-wrap terms.
  • Forget politics -- it takes more than one person to make a difference, and nobody cares to. Instead, don't buy software that has crummy licensing terms. If you refuse to buy such software, then you have just protected yourself from UCITA -- and isn't that worth doing?
  • There's a simple solution, promote open source software. Since most projects are distributed free (in the beer sense), there is little incentive for the coders to include such back doors. At any rate, if it's open source, just remove the offending code. As for commercial vendors, well companies like M$ will love this and it may even give them some short term profits, but once businesses understand the security and legal ramifications, they will flee to OSS in droves.
  • well, I was gonna yell SECOND POST!!!, but somehow it didn't have that certain ring to it....:)
  • Had this law existed a few years ago...nobody but Microsoft would be allowed to read Word and Excel files.

    Good point; I wonder if Word would have sold so well if it hadn't been able to read WordPerfect files. As I recall, one of their big target markets was legal firms using WP. I doubt such companies would have switched if they hadn't been able to open their old files directly in Word.

    Wouldn't it be ironic if this legislation were documented in a proprietary format and that company stopped supporting that product? If the legislators upgraded their computers, they'd be unable to read their own legislation, since they'd be prevented from copying the old software to the ones and competing products couldn't read it either.

    Proprietary file formats are bad; legally protected proprietary file formats are worse.

  • The first thing is this is not "passed" until various states enact the model legislation. The first line of defense is to write your state legislators and get active at the state level to oppose this legislation.

    Second, write your US Senators and Representatives. The federal government has typically left this type of regulation to the states but the federal gov't has the power to set nationwide standards in this area tha override the states. I wrote my Congressman (woman, actually) already (there's a copy of my letter someplace in the slashdot archives. Search for me and UCITA. I think it's a pretty good template letter).

    Third, use free software! Reject all proprietary "solutions".
  • somewhat offtopic,

    ...some lame nuke attack that'll never work (because you don't use faulty software like Windows)

    Is that why thousands of boxes running faulty software like Linux were crashed by teardrop.c?
  • The UCITA would make the anti-reverse engineering clauses in software licenses legally enforceable. That could chill the development of such things as SAMBA, which is dependent on reverse-engineering NT protocols.
  • Here [] led by Ed Foster, who first brought this to public attention.
  • Do me a favor and look up their license for that data, please. Is it only licensed for making plug-ins for Microsoft products?

    Anyway, they didn't document SMB that way.



  • Nope,

    There's not a thing you can do about it. Why?
    It takes more than one person to make a difference, and nobody cares to.

    Those are just the facts, I personally email every congrassman, and state legislator I can, whenever something like this come's up (I did for this action too). Unfortunately my email is apparently one of four:(

    Until we reach a point where the general population does something more than just complain, it will always be the same.

    My personal recommendation if you are not discouraged by now, is to take the initiative and find out who your state reps' are, and email them.
    Hell we will spend four hours sweating over HOWTO's over one little doohickey, but we can't spend 2 minutes searching with altavista? Take that 2 minutes. Maybe you won't make a difference with your emails, but I tell you from experience, you'll feel more justified when you complain, cuz you actually tried to do something about it.

  • One of the main reasons the UCITA is required for shrink wrap licenses to work is that shrink wrap licenses break one of the primary requirements of any contract -- that both sides have to be aware of the terms of the contract before agreeing to it. With shrink wrap licenses, you basically agree to the license before even getting the chance to read it (since it is inside the shrink wrap and becomes effective as soon as the shrink wrap is broken).

    Therefore, you can't just refuse to buy stuff that has outrageous licenses, because you won't know what the license is until *after you buy it*.

  • This point isn't getting the attention it deserves: If "reverse engineering" is banned, then open systems and system compatibility will be victims. This will push any dominant product toward a monopoly, and will entrench existing monopolies.

    In fact, I suspect Microsoft was a major lobbyist for this particular clause of UCITA. Don't forget, in the Halloween Documents, they talk about the threat of Samba and they propose to complicate SMB just to make it difficult to reverse-engineer.

    Anything that is "xxx-compatible" was created through reverse engineering. Do you think Microsoft published the format of Word files, to help their competitors be "Word-compatible"? People had to reverse-engineer it. This is true for any proprietary file format or network protocol, like SMB for Samba. If reverse engineering becomes illegal, then all software that can read Word or Excel or Powerpoint or Whatever files will become illegal! Samba will become illegal.

    This would greatly damage any migration path that would allow users and businesses to escape from a proprietary system.

  • I agree that this makes OSS even more attractive, but we have to be realistic here; OSS can't do it all yet....(and I stress yet).

    We have to deal with pesky little things like users. How many common everyday end-users would be willing to give up their cushy Windows9x point and click box for a Linux box running X (lets face it many of these people don't like clicking on "Start" and then "Programs" in the Windows world)?

    And then there are the apps that just aren't there yet in the OSS world. I would LOVE to find an OSS Accounting app that can compare to comercial products like Solomon, Great Plains, or Oracle Financials (or hell even QuickBooks), in capabilities and usability. These are the apps that are driving small-medium sized companies (which there are a lot of out there) and there just aren't any OSS solutions available.

    I'm all for an end to comercial software, and achieving the Software Utopia that we all are working for, but it's a ways off yet.

    Personally I plan to draft a few letters to a few offices of a few of the State Officials hanging out around town (I happen to live in the State capitol).....maybe if I convince a few more people to do so something will happen.....(is that Arlo I here?).....

    Dr. Random
  • I recommend that you write your state legislator and your governor. Your letter should be short and simple at this point:

    Dear [whoever]

    I am deeply concerned about (and opposed to) the Uniform Computer Information Transactions Act, which may soon be introduced in our state's legislature. Would you advise me when (if) this bill is introduced in our state?

    Yours truly


    Also, the Free Software Foundation has come out against UCITA. Check .against.abu.html.


    Don't kid yourself that this bill is just about software. It governs electronic information in general. Libraries have come out en masse against UCITA because of its effects on them.

    Additionally, UCITA creates a precedent that makers of other kinds of merchandise want to use. There is nothing different about hiding the terms of a software contract from the customer until after the sale and hiding the terms of any other kind of merchandise. It is partially because non-software manufacturers got pretty excited by the UCITA sales rules that they invested a lot of money in "tabling" a technical revision (12 years in the making) to Uniform Commercial Code Article 2 (the current Law of Sales in the US.) The bill was tabled in a way that seemed calculated to insult the drafting committee for Article 2. And, indeed, the Reporter (senior author) and Associate Reporter of Article 2 resigned shortly after the draft was tabled. Next year, I predict that we'll see something for traditional merchandise that looks a lot more like UCITA.


    Carol Kunze, is one source of information about UCITA. The site has a pro-UCITA bias, even though it carries some of the opposition materials. I point to a few other materials at my site,


    26 attorneys general, the Federal Trade Commission, libraries, software professional societies, insurance companies, and many others opposed UCITA. see for a list and links.

    UCITA passed despite this breadth of opposition. A lot of money will go into supporting it in the state legislatures. This is a powerful example of law for sale.

    We CAN fight this turkey, by bringing pressure on our representatives, by asking the press to look at it (write a letter to your local paper's editor, asking for more coverage), and by providing examples of the problems that a bill like this can create.

    It won't be easy, but it is far from impossible.
  • by Bruce Perens ( 3872 ) <> on Tuesday August 10, 1999 @06:00PM (#1753324) Homepage Journal
    Unfortunately, the prohibition on reverse-engineering only helps keep Microsoft entrenched. Had this law existed a few years ago, there would have been no Samba (at least in the states where it applied), and nobody but Microsoft would be allowed to read Word and Excel files.

    It's something we need help from the large Open Source companies on - the Red Hats, etc., of the world. I'm not sure it fits in the Linux International charter, though - it might have to be through a different organization. A number of us were discussing how to go about this today at LinuxWorld Expo.



  • by ewhac ( 5844 ) on Tuesday August 10, 1999 @08:59PM (#1753325) Homepage Journal

    Good folk, I respectfully submit that this issue is of gargantuan importance and that we must mobilize ourselves at once to inform our state legislators that this proposal is an astonishing step backwards in consumer protection, from the standpoints of both product liability and baseline consumer protections in the implied contracts governing retail sales.

    As I see it, this legislative proposal is a transparent attempt to completely re-write the rules governing retail sales of copyrighted works. By enacting UCITA, purveyors of "information" -- which includes not only software, but digital recordings of music, books, movies, etc. -- can exempt themselves from consumer protection laws and fair use provisions in copyright law. I do not believe I overstate the issue when I assert that this is absolutely unacceptable. Advocates of software publishers (like the SPA) would counter that unfair provisions would not stand in court. The argument falls apart, however, when one observes that litigation is still obscenely expensive, giving the publishers an almost insurmountable advantage; and that such cases would be tested in the nauseatingly complex world of contract law, rather than in the (relatively) simpler and more straightforward arena of copyright and consumer protection law.

    Moreover, I further argue that there is no compelling reason for this legislation to exist at all. Existing copyright law has proven more than adequate protection for software vendors and, to date, no one has offered an undesirable (not to mention realistic) scenario whose only solution is legislation of this kind. Many of the arguments I've heard run along these lines:

    • "Someone could disassemble our software and clone it."
      • Correct. This is also true of just about everything else you can buy in a retail venue, from power drills and washing machines to cars. All of these devices can be taken apart by their owners and inspected, tweaked, and learned from. None of the corresponding industries is in remote danger of going out of business.

        People are going to take apart your software. Deal with it. If you don't want your product taken apart, you have precisely the same option as everyone else in all other industries: Don't sell it in a retail space.

    • "People don't need to disassemble their software."
      • How the fsck would you know? People don't "need" to take apart their cars, either, but it's done every day. General Motors is still in business. This is a non-argument.
    • "We spent $(LARGE_SUM_OF_MONEY) developing this software; that gives us the right to dictate how it may be used."
      • No, it doesn't. Again, the example of General Motors suffices. Indeed, if dollar figures are to be quoted, General Motors has an even more "compelling" argument to constrain use of their products after the fact, as their R&D investment easily dwarfs even Micros~1's. GM still hasn't made such demands on their customers, and GM continues to be profitable. Non-argument.
    • "It's our ball; you have to play by our rules."
      • Ah, the real reason emerges, and it is a valid one. However, you may find life more rewarding if you grow up. You are not an island. The most casual inspection of the Open Source movement illustrates that hoarding software is not only silly, it dooms you to stagnation.

    However, there is the, I think, more important issue of how this would affect users of "non-traditional" computing systems. Think "Internet Appliance" here. All the proposals on the table for Internet Appliances are extremely closed systems, WebTV being the most obvious example. Do you know all the data the WebTV box is squirting back to Micros~1? With UCTIA in place, Micros~1 can make it illegal for you to find out. Want to install a proxy to filter out all the fscking ad banners? Sorry, that's not allowed, go to jail, do not pass Go...

    Heck, forget the Internet Appliances, think Nintendo. Right now, Nintendo is laboring under the delusion that they have the right to dictate who can and can't write software for their machines. UCITA will allow them to enforce this idea. Same deal with cell phones, PDAs, and other "small-scale" "dedicated" devices where the user "doesn't need" to get in and fiddle with it. There are a lot of organizations with a lot of money trying to make these devices happen, and they are drooling all over the UCITA, which will allow them to lock down the box, screw the user, and absolve themselves of any responsibility.

    I'm sorry, but this is just plain wrong, and I challenge anyone in the industry to argue convincingly otherwise. Anyone who wants to take apart their software and computers should be able to. Anyone who wants to write software for a particular platform should be able to, without having to justify themselves to the vendor. How would Gutenberg be remembered today if he had forbidden people from using his printing press to print anything other than "approved" writings?

    While I agree widespread adoption of this travesty would be a boon to Open Source solutions, Open Source is still not the primary solution that comes to mind for all classes of computing products. Moreover, the average consumer doesn't understand the subtle implications of selecting Open Source over Micros~1 or Nintendo or whatever. While we could argue over whether they should understand such issues, I personally don't feel that Caveat Emptor needs to be raised to such stratospheric heights.

    This is your mom and dad we're talking about here; people who think they will be protected from exploitation by existing hard-won consumer protection laws, when in fact they'll be "signing" their rights away. This isn't just us techno-geeks who will be screwed, it's everyone.

    I urge active opposition to the UCITA.


  • I am not sure you people are
    aware of the magnitude of
    reverse-engineering that has
    taken place in Linux. In short,
    Samba is lossed but this is only
    the beginning. Much of the kernel
    code was and even is being reverse-
    engineered as well as very key
    hardware drivers. Also, some of the
    compiler coding was reverse engineered.
    To make matters worse, any exiting
    data/file format that is labeled
    proprietary would have to be reverse
    engineered to employ it. So, with no
    Samba, no kernel, no drivers, no compiler
    what is left of the open source
    movement. This is a clear reinforce
    existing monopoly law that affirms
    the government's ability to enforce
    anti-competitive behavior. Also, think
    about this, who would dare to use
    any proprietary software and be locked
    into proprietary formats forever.
    But with not alternative remaining
    what choice would anyone have.
    My point is don't be naive to think
    that you only lose Samba. There is
    reverse engineering at many levels
    which was in fact necessary as the
    coders did not have enough money to
    buy the protocols outright and release them.
    And even if they did this what would
    prevent an existing monopoly to change
    protocols after they sold out the
    rights to previous ones. Think of the
    ramifications of this law as it extneds
    not just to software but also to
    hardware as well. It really only serves
    to maintain the current anti-competitive
    status quo. The real question is why money
    is allowed to buy out this government
    despite its purported (but not actualized)
    obligations to its citizens.
  • by Zippy the Pinhead ( 3531 ) on Tuesday August 10, 1999 @06:02PM (#1753327)
    The ACM [] has a page on the UCITA [] and other copyright concerns. There are links to several other good sites. Also, check the Consumer Project on Technology's Protest Page [] for excellent links to articles and sample letters.

    At this point, it's up to the 50 states to individually ratify the UCITA into state law. So write your state legislator. Snail-mail counts most, short letters with useful arguments are easier for staffers to handle. Basically, (I think) you want to have 'em amend or strike UCC Article 2B. The remote-deactivation provisions will be the most odious and easiest to fight. You can even cite the fact that it will be bad for the commercial software indistry 'cos it'll pressure s/w-dependent businesses to switch to free and homegrown s/w just so they don't have to fear pissing off their s/w vendor.

    To find your state legislator: Project Vote-Smart [] or the Democracy Network [].

If it's not in the computer, it doesn't exist.