SirPrimalform: I was actually suggesting legit customers may take it to court, after all the dev still placed malware on their system. I'm not sure it has to have run for that to be a big deal.
RWarehall: Then you clearly no nothing of the law. The first thing any plaintiff must allege is actual harm to himself. Until you can explain how an inactive piece of code does actual harm to a legitimate user, then that case would be thrown out before in even goes to court.
I just love all the "internet" lawyers we have on these forums. How's that class-action lawsuit against GoG going over Mystery Boxes and gambling. The burden on proof is on the plaintiff to show harm. Not on the developer to show the software routine lacks bugs which is an impossible task. Try suing an automaker over some unknown defect and trying to get them to prove in court that their car is actually safe.
I get it. You hate DRM of all sorts.
As to real.geizterfahr, we aren't talking about 2 things. Imagine a thief breaking into a home with a freshly waxed kitchen, claiming the owner didn't post a sign warning him before he slipped and fell. In this case, people are alleging "malware" whose sole purpose is to gather identifying information in which to sue pirates. The only harm to the pirate is that his identity is revealed and leads him to court over his piracy. No court is going to take his side. Unless the harm is disproportionate to the crime he committed (like an electrocution trap set in one's home to catch thieves), no court is going to reward him.
Yes, gotta love internet lawyers.
Why is it that states pass castle doctrine laws? Because if you're out in the woods, you think a house is abandoned after knocking, but you need help now (maybe you need medical attention, were just raped, or something), you may break into a house to use their phone, only to get shot to death by the homeowner who didn't know your intentions. They treated this kind of issue as appalling, so it became illegal, but, then, it was also appalling that a homeowner would be obligated to let someone have free reign over their house, while they waited for someone to call police, because they weren't allowed to defend themselves against potentially dangerous attackers from a position of advantage.
Then there's laws on the book that if a kid breaks into your property, even if you have "warning, beware of dog" signs up, you get sued. You're obligated to make sure kids stay off your property and out of danger.
The more interesting thing about this case is the lack of security. Best part is, let's say my parents (since you are responsible for your children) pirate this program, and set off the bug. Now my personal information (assuming i'm a minor) is now being collected. What protections would I have? Or, better yet, what if someone broke into my house while i was on vacation and pirated the software through my computer, while they were downloading porn and other things? What about a bug in the program actually causing false positives, as opposed to figurative false positives? What if the software is extracted from the installer, and just unleashed into the wild as is? Do I sue them? Does getting information from this spyware actually constitute as proof of piracy?
Sure, the odds of someone breaking into my house and pirating something through my computer is slim to none, but the issue with the child is far from unusual, and neither scenario is OK, let alone the rest.
real.geizterfahr: You're right - from a moral point of view. But this is still all hypothetical and no court will sentence the developer because someone theoretically could hack their servers.
JAAHAS: What isn't hypothetical is the fact that they have now admitted having added a keylogger in their product that can collect data without consent from computers that they can't in any way prove beforehand to be only used by the suspected pirates, so they are in essence gathering a database of personal information that they have no justification in any reasonable point of view to have.
Whatever charges the developers should be facing, the possession of an unlawful database and the risk of it being leaked is just an added detail, but I would argue that the courts should also take a hard look on the level of security the developers have on their servers and if any blatant neglience is found, that should affect on how hard the sentencing goes.
Absolutely, as i do believe there are precedents for this. Usually you have to make reasonable steps to protect information. Base64 doesn't fulfill the requirement.
tremere110: Wow, the dev is in violation of section 2 of Microsoft Flight Simulator X EULA. You know, the part that says you can't use their software to gain unauthorised access to user accounts and interfere with user enjoyment of Microsoft software.
I'm just gonna go ahead and forward this to Microsoft's legal department. Have fun devs!
Good. Don't expect much, though, even though microsoft wrongly violated the law to protect people from malware before.