Forgot your password?
typodupeerror
Software

P2P vs. The Clones 289

Posted by CowboyNeal
from the hidden-payloads dept.
smash writes "Rebranding software then loading it with spyware and adware (or just selling it for profit) has become a recent trend with oversea individuals trying to make a few bucks. We all remember the KaZaA Gold, don't we? Shareaza, which recently went open source under the GPL, has been subject to a similar type of theft by a company going by the name RockSoft Development. Surprisingly enough, their software labelled as 'Go Music' hasn't been pulled from C|Net's Download.com after more than a week."
This discussion has been archived. No new comments can be posted.

P2P vs. The Clones

Comments Filter:
  • Hahaha.... (Score:5, Insightful)

    by Izago909 (637084) * <tauisgod@@@gmail...com> on Thursday August 12, 2004 @07:13PM (#9953862)
    You can never go bankrupt betting on the ignorance of average PC users.
    • Re:Hahaha.... (Score:3, Interesting)

      by JPriest (547211)
      Something I was thinking about the other day. It is pretty obvious that spyware is a gray area in legislation, but maybe there would be a loophole in this. Say I require anyone that develop software for my OS have a free license to do so. I could simply refuse less than credible companies a license. Instead of going after them for writing intrusive software, you could go after them for license violations.

      A big company like MS could never get away with this, but I wonder if one could build a Linux distro

  • by Anonymous Coward on Thursday August 12, 2004 @07:13PM (#9953864)
    This does, in fact, represent a flaw in current open-source licenses such as GPL, and in the free (as in speech) software movement in general.

    I've noticed this happening more and more as I am called upon to uninstall this kind of garbage from my friends' computers; "Uhh, this looks rather like Gnucleus; you could have just gotten that for free, without the spyware, you know...."

    The idea is that adding spyware to open-source projects circumvents the "You can't take this software and sell it" restriction of the licenses because it's not being sold. It's just adding spyware to. And in some cases, the source code isn't even modified, so there is no need to redistribute the modified source code as per the license. It's just open-source software bundled with spyware in an installer.

    The problem in using a license such as the GPL, and giving people essentially unlimited rights to incorporate your code into their software is that you'll end up with situations like this, and most critically, have absolutely no recourse against them so long as they are following the letter of the agreement.

    (In this particular case, I don't know if they're following it or not. I don't see them providing the source code for download, so they may be in violation if they have modified it. But I may just have missed the link, and I'm not about to install their spyware fest on my box to see if it comes with source code or some such.)

    The solution, unfortunately, would seem to be to add more restrictions to the licenses, similar to how the you-cannot-sell-this-software-for-more-than-the-co st-of-copying-and-the-media clause works. The difficulty comes in deciding exactly what needs to be restricted, and how to word it properly. You then combine this with a proper copyright on the code, and you have something you can enforce.

    Because at that point, once you can clearly show that the company pulling this crap is in violation of your license, you can start using the DMCA as your friend, and issuing takedown notices to their ISP. Do you think for a minute that C|Net would still have the files available for download if they'd been told that they are an illegal distribution of copyrighted material? Doubtful.
    • The solution, unfortunately, would seem to be to add more restrictions to the licenses, similar to how the you-cannot-sell-this-software-for-more-than-the-co st-of-copying-and-the-media clause works.

      What clause? Gnucleus, Shareaza, and eMule are licensed under the GNU General Public License. This license lets a redistributor sell copies or digital deliveries of a covered program provided that the source code is either included or available at cost.

    • By rereleasing the software with spyware included, they have modified the software. Certain linux distributions contain proprietary software, but linux = the kernel. linux does not equal the distribution.

      gnucleus, gtk-gnutella, etc are covered by the GPL. So modifying the program itself means they MUST release the source code at no additional charge.

      They aren't actually doing anything wrong by charging a price for this software either. Technically, they could justify it for their "enhancements" to the
      • By rereleasing the software with spyware included, they have modified the software.

        No. They have released an installer which installs spyware, and coincidentally also installs UNMODIFIED p2p software. GPL does not address this issue. And really, does it make a difference? Realisticly, no one is going to sue tham.

        • by djeca (670911)
          Yeah, this stuff may fall under the 'aggregate' clause that covers proprietary-enhanced Linux distros. That's the sort of thing a court needs to decide, but in all honesty I think that if SuSE Linux is OK (and was back when YaST was proprietary), then so is this form of bundling.

          However, the point isn't whether or not you can sue them, it's whether or not you can force download.com to delist them with a DMCA takedown notice. And to do that, all you need is evidence that the scumbags aren't following every
      • There seems to be some fixation with a requirement to distribute source if it is modified. Just for clarity, it is the distribution, not the modification, that brings with it the source requirement as indicated in this quote from the GPL [gnu.org]:

        For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their

    • If someone managed to package up something they found for free, and sell it to somebody, good for them! They managed to separate a fool from his money. That's what the economy is all about, after all.

      Users are supposed to not be stupid. They should shop around, check out the market. If they do that, they will find that the software is available for free, and they don't need to pay for it, or even download a re-branded form of it. Caveat emptor!

      Stupid users are always going to end up with spyware on

    • by pavon (30274) on Thursday August 12, 2004 @07:25PM (#9953953)
      This doesn't change the main point of your argument, but you are slightly misinformed about what the GPL says about selling software. The GPL allows you to take the software and sell it at any price you want, bundled or not. However, you must either

      A) include the source with sold binary, or
      B) make it available seperately at additional cost.

      It is just this additional cost that is limited to reasonable compensation.
      • being a bit more specific

        From the GPL: "1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program.

        You may charge a fee for the physical act of t
    • Not exactly correct. Acctually very wrong. First, the GPL doesn't say you can't sell a piece of software. You actually can and many people do(Red Hat, SUSE, etc.).

      To counter the rest of your argument, its unclear as to how far the GPL extends, but some people read it to say that if you distribute GPL source inside your _product_ the product must be licenced under the GPL. This is because the definition of a Derivative Work is kind of hazey as far as software is concerned. It sounds like these people
      • The GPL goes into a good bit of detail about what exactly consistutes "part of the software", and it's likely that bundled apps would not be required to be covered under the same license as the original GPLed executable or library depending on how they communicate with it.
    • and trademark or copyright ancillary components bundled as part of the aggregate. You can aggregate non-free and free stuff, you know.

      That way, when someone gets a Red Hat distro, they know it's "official", if the law has been followed.

      Yes, yes, that's a big "if". But it's a start: you can have the GPL and still restrict what others can pass off as an "official" version.

      The next step, of course, is to have a trusted source sign the aggregate and important components thereof. That has the advantage tha

    • I'm reminded of this quote:

      "The only freedom which counts is the freedom to do what some other people think to be wrong. There is no point in demanding freedom to do that which all will applaud. All the so-called liberties or rights are things which have to be asserted against others who claim that if such things are to be allowed their own rights are infringed or their own liberties threatened. This is always true, even when we speak of the freedom to worship, of the right of free speech or association, or

      • In short, you cannot have freedom -- true freedom -- unless you allow what you see as abuse.

        • We aren't talking about government here, no one is forcing you to use the GPL.
        • If you want to allow others to abuse you, thats fine, but not everyone agrees with you on that score.
        • The GPL's extra restrictions are there solely to insure the code *stays* free. Some see that as a restriction of the code's "liberty", as you do, others however see it as added protection for the code's "liberty", as I and others do.
  • by JeffSh (71237) <jeffslashdot@@@m0m0...org> on Thursday August 12, 2004 @07:15PM (#9953886)
    Well, DUH!! you cant just give away source code and not expect this to happen. This is what you open source people get!! /begin astroturfing
    • I so much agree with you. You can't possibly give away something and later on say: Oh no! Look what they've done with it! Let's prevent that!

      The line between malware/spyware/crapware and regular software is often very thin, hence probably impossible to define in lawman's terms.

      Hence the impossibility to enforce these kind of things.
      • I so much agree with you. You can't possibly give away something and later on say: Oh no! Look what they've done with it! Let's prevent that!


        Ah, but if these people don't provide the source to Go Music, we can go after that. The spyware's presence just ticks people off enough to do this.
  • by prostoalex (308614) on Thursday August 12, 2004 @07:16PM (#9953893) Homepage Journal
    Tune in next week for my version of EnhancedOffice Gold Edition for WinXP [openoffice.org] with super enhancements such as

    Internet accelerator

    Bandwidth optimizer

    Password manager (Gator, the industry standard)

    HotBar

    and many other goodies you would have never got off some open source site.

  • Kazaa gold? (Score:4, Interesting)

    by Billobob (532161) <[moc.liamg] [ta] [bobollib]> on Thursday August 12, 2004 @07:17PM (#9953900) Homepage Journal
    If anything, this reminds me more of how Morpheus completely ripped off Gnucleus after Kazaa kicked them off their networks, leaving Morpheus pretty much screwed. They changed a few pictures, and originally presented none of the code to the public.
  • #1 problem (Score:4, Insightful)

    by deutschemonte (764566) <lane,montgomery&gmail,com> on Thursday August 12, 2004 @07:18PM (#9953904) Homepage
    These programs are the #1 problem I encounter when I get the oh so common call from friends and family about how their PC just keeps popping up ads and is running really slow.

    Damn them all to hell!

    This being /. I am sure a great deal of you know my pain.
    • These programs are the #1 problem I encounter when I get the oh so common call from friends and family about how their PC just keeps popping up ads and is running really slow.

      Damn them all to hell!

      This being /. I am sure a great deal of you know my pain.

      No. This is Slashdot. We don't have friends, and family doesn't invite us over anymore.

    • by Veridium (752431)
      I say God bless them.

      They've been nothing but good for my consulting business. Buhahaha.
  • by Kenja (541830) on Thursday August 12, 2004 @07:18PM (#9953906)
    Ever since download.com went from a free listing of free/shareware to a pay for listing service they've gotten far less scrupleless. They realy dont seem to care what they host so long as they get paid.
    • Ever since download.com went from a free listing of free/shareware to a pay for listing service they've gotten far less scrupleless

      Ok, I don't think scrupleless is even a word. Do you mean "having less scruples" by that word? If so, are you saying that now have more scruples through the double negative? I'm honestly not trying to be a Nazi here, I'm just trying to figure out what you attempting to say. Some people must understand because you've already been modded insightful.

  • by nlinecomputers (602059) on Thursday August 12, 2004 @07:19PM (#9953914)
    How can you steal something that is free? I admit that I have yet to read the links. Off to do that now but that line in the story above sure seems incorrect to me.
    • Actually there is some precedent for being charged with stealing free things, for instance in some states its a crime to steal a free newspaper, granted you need to take a bunch for it to count, but if you take 100s they can charge you...
  • by brokencomputer (695672) on Thursday August 12, 2004 @07:19PM (#9953916) Homepage Journal
    Those user opinions have got to be fake. " "I like it :)" No spyware is bundled with it, and it is a fairly reliable software package. This must be the best Thing in the world. Now my life is excelent!" ""Great Program No Ads!" Fast, easy to use, plenty to choose from My roommate and I both use this program and we think it's stupendous! This program is excellent." Give me a break. They could have at least made it a little less obvious.
  • by B747SP (179471) <slashdot@selfabusedelephant.com> on Thursday August 12, 2004 @07:26PM (#9953963)
    A quick read of the user comments pages on C|Net makes it pretty clear that all of those positive comments are written by the same person with the same fractured ESL English and the same misgivings about what is 'really cool' and how to make one's life 'complete'.

    Some might call this 'astroturf', but I reckon that even blind freddy could see that this grass is brown!

    • The last time I remember this happening, it was with the open-source CD ripper CDex (BSD license). Downloads.com didn't de-list it, but did add a big yellow spyware warning label, and user comments quickly caught up with it. The same thing will probably happen here - even automated astroturfing will only take you so far.
  • by Anonymous Coward on Thursday August 12, 2004 @07:27PM (#9953972)
    "Shareaza, which recently went open source under the GPL, has been subject to a similar type of theft by a company going by the name RockSoft Development."

    Oh, so When you steal something from a record label, it's copyright infringement, but when you steal GPL software, it's actually theft?
    • by ad0gg (594412) on Thursday August 12, 2004 @07:54PM (#9954147)
      Oh, so When you steal something from a record label, it's copyright infringement, but when you steal GPL software, it's actually theft?

      Welcome to slashdot newcomer! Please follow the following guidelines when posting in order of importance

      1. Microsoft = Bad
      2. GPL = Good
      3. Linx = good
      4. Copyright/Patent = bad
      5. RIAA/MPAA = Bad
      6. Apple = good
      7. Real = Buffering
      I hope you enjoy your stay.
    • I'll bite - grabbing a mp3 and selling a GPL app as your own are different - I say that 98% of every mp3 downloaded are never resold. The difference is in the profit. People who close source GPL software and sell it for a profit are taking the work of those who have already decided to donate their time and code for the common good and using it for their own selfish gain.

      It's the difference between photocopying a book, and plagiarizing one.

      All statistics are from here [outofmyass.com].

  • ...someone from taking a popular open source application, adding some nefarious code of their own, rebranding and selling it as a proprietary, closed product?

    If the license violation was detected, would anyone have the resources to enforce the license? E.g., if someone in Shanghai pulls this off, who's the FSF going to sue?

    Perhaps this has already happened. Anyone know?
    • That is why it is a good idea to assign your copyright to the FSF or Sun. They will follow up, threaten and prosecute it necessary.
  • by mbrubeck (73587) on Thursday August 12, 2004 @07:34PM (#9954019) Homepage

    I work on the Audacity sound editor [sourceforge.net], a free software project that is being re-branded and sold on eBay under names like LuxuriousitySound [audacityteam.org]. Most of the sellers try to conceal the app's identity, and of course they don't mention that it's free and open-source. The same vendors are also selling rebranded versions of Open Office and GIMP. We get a lot of messages from angry users who find out that they payed $15 for software that's free for everybody.

    The vendors are obeying the GPL, so they aren't guilty of copyright infringement. They're careful not to use the software's real name, so of course they aren't guilty of misusing our trademarks. They might be in violation of deceptive advertising laws, or eBay's own "Brand Name Misuse Policy," but eBay hasn't yet acted on any of the buyers' complaints.

    • If I understand you correctly, I don't see the problem with this scenario.

      Audacity is distributed under the GPL - therefore anyone can take the code and distribute the application providing they make the code accessible - and of course, the GPL allows it to be sold for a fee.

      Sounds like a perfectly legal, profitable, albeit arguably immoral, business model. Guess thats a potential drawback to using the GPL.

    • Not only open source (Score:4, Interesting)

      by ad0gg (594412) on Thursday August 12, 2004 @08:01PM (#9954199)
      I've seen this all applied to public domain works by the government. I've seen the US Census data being sold for up to $750, when you can just download it from their site. I've also seen people selling access to NOAA weather images for a subscription rate of $100 a year. It all comes down to marketing, there's no way a producer of free content can compete against someone selling their stuff on the marketing side.

      Selling NOAA data for $100 a year [terrafin.com]

    • Looking through the adverts for things like "Professional photoeditor 4" (otherwise known as GIMP 2) on ebay, the thing that really shocks me is just how stupid people must be. From the buyer feedback there must be real people buying the software - even if you assumed every positive feedback is fake, there are enough negative ones there as well.

      Who buys software from a company with adverts so badly spelt, with english so bad as to be incomprehensible in places? Who can't type "free photo editor" into googl
    • Nothing wrong if they package it nicely, give a printed book and phone/email support.
    • Good thing too. Most businesses pay their sales people, and the adoption of an open source program as a standard is a good thing for the program. I guess the only problem is the 'spyware' end of things.

    • Thanks for working on audacity! Pretty soon free/open source software will be so good for general purposes, people won't be tempted to buy most other pay software (as they will already have / know to look for FOSS alternatives).

      This eBay thing is just temporary :).
  • by Rai (524476) on Thursday August 12, 2004 @07:40PM (#9954061) Homepage
    "Rebranding software then loading it with spyware and adware (or just selling it for profit) has become a recent trend with oversea individuals trying to make a few bucks. We all remember the KaZaA Gold, don't we?"

    Doesn't the original KaZaA client have it's own spyware? I don't see a reason to cry over someone robbing a company of spyware revenue in favor of their own spyware revenue. Now, if someone robs the client to remove the spyware altogether (like KaZaA Lite supposedly did), I'm all for that.
    • by sinner0423 (687266) <sinner0423@gmail . c om> on Thursday August 12, 2004 @07:59PM (#9954190)
      Doesn't the original KaZaA client have it's own spyware? I don't see a reason to cry over someone robbing a company of spyware revenue in favor of their own spyware revenue. Now, if someone robs the client to remove the spyware altogether (like KaZaA Lite supposedly did), I'm all for that.

      Kazaa came bundled with a client for BDE [brilliantdigital.com] which was used to sell your spare cpu cycles to someone else. Basically like a huge distributed computing project, that the end user had absolutely no idea about.. I believe this single act kick-started the whole anti-adware/spyware movement.

      I'd recommend using KazaaLite K++, which has removed all of the extra FUD. Although, good luck finding a legitimate download. 98% of the files on Kazaa are fakes, planted by the RIAA to dissuade you from downloading music. In the end, it is not going to matter what client you use, if all of the files on the network are bogus.
      • I always wondered if it were possible to build some sort of moderation/md5 checksum on files. It a file is actually an RIAA garbage file, then the client recieving that file can flag it somehow. That md5 should be red-flagged whenever found...

        maybe it is just a trusted set of users, sharing a .txt file of md5 checksums of all corrupt files found on their p2p app of choice. And then have the search/download function of said p2p app filter out files that match those corrupt files.

        A similar approach exists w
  • by reallocate (142797) on Thursday August 12, 2004 @07:42PM (#9954071)
    Marketing a product that secretly does something other than what the seller acknowledges seems to me to be equivalent to fraud.

    Before the F/OSS community gets all hot and bothered about changing licensing language (ignoring how they might enforce any language) maybe the best course is to go after spyware using the fraud laws.
  • So? (Score:3, Insightful)

    by amalcon (472105) on Thursday August 12, 2004 @07:42PM (#9954074)
    If a user is too lazy to type the name of their software into google before they download it, that's their loss.
  • by clubin (542806) on Thursday August 12, 2004 @07:48PM (#9954117)
    It can't have spyware; it's site says it doesn't.

    "It is totally free from spyware, adware and other similar stuff."

    "And the best thing about this program is that it has been thoroughly checked and built so it is free from spyware , adware , pop up ads etc."

    See?!
  • by RPoet (20693) on Thursday August 12, 2004 @07:58PM (#9954180) Journal
    Look at the user comments [download.com] at download.com. The newest comments are shown first, which are users warning about the GPL theft and bundled spyware. Then there's a LOT of REALLY HAPPY users.

    Three different users actually say "This must be the best Thing in the world. Now my life is excelent!"

    "This is a great program, works well and easy My roommate and I both use this program and we think it's stupendous! Would recommend this to anyone"

    "I'm using only best well-tested soft, and here it is."

    "The speed is shocking"

    "It id very-very-very and one million more times very NICE stuff i ever had" ... and so on.

    The entire happy part of the user base seem to apply bad punctuation and similar spalling erors ;)
  • I almost think I'd prefer the title 'Star Wars: Episode 2, P2P VS The Clones' rather than 'Attack of the Clones.'

    Padawan 2 Padawan VS The Clones!
  • by Numen (244707)
    And those bastards at Redhat and Mandrake stole Linux too!!
  • by DAtkins (768457) on Thursday August 12, 2004 @08:42PM (#9954508) Homepage

    We can sit here and laugh at people who downloaded this stupid, stupid program. Heck, if one of us did it I think we would all laugh and laugh.

    But this sad problem is the same problem that every new computer user has. No matter if you use Windows or Linux or Mac or / all new users have a tough time learning which program they need to accomplish a specific task. Hell, I spend more time telling people what program to use, more than actually fixing something.

    Do you family and friends a favor. Since we all know the OSS versions of these programs, why not just post a list of what you use in your daily life so they can just look it up? Seems the easiest way to prevent non-computer people from getting screwed is for geeks to post their program list. Now that OSS has come around, I'm sure more of us can actually do that!

  • by Handpaper (566373) on Thursday August 12, 2004 @08:47PM (#9954538)
    Here [suprnova.com] and here [suprnova.net]. The genuine article [suprnova.org] has even changed the title of its home page to draw attention to the problem.
    Mind you, when somebody can't even look [google.com] for [google.com] the [ask.com] site probably deserves to be scammed.

  • Irony? (Score:3, Insightful)

    by stubear (130454) on Thursday August 12, 2004 @08:58PM (#9954612)
    Am I the only one who sees the irony in shit statement, "...has been subject to a similar type of theft by a company going by the name RockSoft Development"?
  • Ironic (Score:2, Insightful)

    by WiggyWack (88258)
    Sorry, but I find the 'theft' of GPL code of P2P software ironic.

    Flame away.
  • by kgroombr (608645)
    It mispronounces giga as in gigabyte. Although most people say it as a hard "G", it is pronounced (correctly) with a "J" sound. Derived from the greek word gigantikos. Example: Pronounce: gigantic, giant Same root word.

  • I know this doesn't fit into the model most open source champions prefer...but inflexibility is the mother of nothing, so here goes (no flames please).

    Is there a license that is essentially open source (i.e. you can take this source, do what you want with it, use the program, go nuts etc) but restricts redistribution (i.e all redistributions have to be approved by the project leader).

    I know it's not 100% the spirit of open source...however since the two features that everyone touts as being the main b
    • Is there a license that is essentially open source (i.e. you can take this source, do what you want with it, use the program, go nuts etc) but restricts redistribution (i.e all redistributions have to be approved by the project leader). In a strange way, the GPL has that, except the 'project leader' you're discussing is the distribution requirements in the GPL. The biggest uncoolness with these Go Music folks is more GPL related than failing to acknowledge its roots. And, as you can see, in this situat
  • Another one (Score:4, Interesting)

    by zjbs14 (549864) on Thursday August 12, 2004 @10:27PM (#9955140) Homepage
    Here's another one, looks like the same folks doing it:

    http://www.download.com/Music-Master/3000-2196_4-1 0306583.html?tag=stbc.gp [download.com]

    The negative review are stacking up for Go Music, let's add some to Music Master too.

  • oversea individuals trying to make a few bucks

    ???

    • Answering myself:
      the submitter seems to have ineptly reworded somthing from one of the sources PacketFour [packetfour.com]:

      The company behind it all, RockSoftDevelopment, has a very unprofessional website and interestingly enough, has its domain WHOIS information masked. Its domain servers are registered as NS1.DOWNLOADFILES.ORG and NS2, and www.downloadfiles.org is just a picture of a Israeli star. (star of David) Looks like someone overseas is tryin' to make a few bucks off good ol' Mike!

      The use of "oversea", aside fr

  • by Blic (672552) on Thursday August 12, 2004 @11:04PM (#9955320)
    Everyone's favorite torrent site suprnova.org has two knockoffs - suprnova.com and suprnova.net (both seem to be the same ripoff site) that want you to sign up with an email address before using them, past which who knows? I'm not gonna check.

    Maybe they have spyware laden versions of the BitTorrent client and who knows if they just steal listings from suprnova.org or link there directly...
  • What can I say (Score:3, Interesting)

    by Orion Blastar (457579) <orionblastar@@@gmail...com> on Thursday August 12, 2004 @11:25PM (#9955433) Homepage Journal
    a friend of mine told me that he paid for a subscription to Kazaa Lite network. I tried to tell him that Kazaa Lite was no longer being made, and never had a subscription model, but he didn't listen. Besides, I told him, it is based on Kazaa without the spyware/adware, and thus illegal. I am not sure what exactly he got, but it is some Kazaa named P2P program that you apparently pay a monthly fee for.

    P2P file sharing is full of such scams, because people are gullable. Apparently file sharing, to them, is illegal, unless you pay a monthly fee for access to the files, and then it is legal? Internet Pirates with a business plan, who'dathunkit?

    Once he wises up, I'll have to uninstall the malware from his system for him.

If it smells it's chemistry, if it crawls it's biology, if it doesn't work it's physics.

Working...