The Josh Kagan Blog

Has Crapware Gone Too Far?

New PCs from certain vendors have always included at least some bundled software that is of dubious value to the purchaser, but after spending over an hour cleaning “crapware” from my grandmother’s new Acer PC, I wonder if at least one vendor has finally gone too far.

Whenever I visit, my grandmother always takes some time to ask me for help with various electronic gadgets around her home in southern Arizona.  And, likewise, I’m always eager to help her by checking the house for problems that might be obvious to me but not-so-obvious to her.  This time she threw a curveball at me: she decided to buy herself a new computer and wanted me to help her get started with it.

She certainly didn’t act a moment too soon.  Her old computer was equipped with an aging Pentium III processor that could barely run Windows XP adequately.  Over a hundred “Windows Updates” later and with new software like Internet Explorer 7 and the latest versions of her virus-checking software and some “utilities” suite, that computer’s performance was absolutely abysmal.  To replace it, my grandmother chose an Acer machine that she found at the local Costco that appeared to have impressive hardware specs, especially considering its price.  For $569, Costco sold her a computer with a dual-core AMD 64-bit processor clocked at 2.3 GHz, 2 GB of RAM, a fairly generous hard disk, and even threw in a 19″ widescreen flat panel monitor.  Not bad.

I think we both assumed that “help her get started” meant that I would assemble the new computer for her, configure it for internet and email access, transfer some files from her old computer, and then spend some time patiently answering her questions about how to use it to accomplish certain tasks.

Before you start laughing, understand that we were both sort of naïve.  The last three computers that I’ve purchased for my own personal use have been Apple Macs.  Macs aren’t cheap, but they ship pre-loaded with tons of high quality “full version” software like iPhoto, iDVD, iChat, and iCal that makes them ready-to-use right out of the box.  I’ve also had a two company notebook PCs issued to me by my last two jobs, but both of those were also extensively configured for me by an IT professional before I ever got to touch them.  When it comes to opening a new computer, I’m spoiled rotten.  And, as for my grandmother, she hasn’t purchased a new computer since sometime shortly after the birth of Christ.  The Compaq Pentium III that we replaced today was positively ancient.

So, even though I keep very up-to-date with respect to Windows news, and I even dual-boot Windows Vista Ultimate on my MacBook in addition to a desktop, nothing could have prepared me for what I faced when I booted up my grandmother’s new Acer computer for the first time.

The computer ran like molasses.  Mouse-clicks took whole seconds to register.  The Windows desktop was a mess of icons for “Trial”-this and “Demo”-that.  A “McAfee 30-day virus protection BUY NOW!” window popped up at twice during the first few minutes the computer was powered on.  The system tray was filled with littered with the icons of a backup application, a trial version Office 2007, and something called “Acer GameZone,” each with its own respective “bubble” begging me to click it and learn about its offer.  The top of the screen was occupied by an always-on-top “Acer Empower” windowpane application that could not be hidden or quit without accessing the Windows Task Manager.  Internet Explorer also had at least two non-standard toolbars, including Yahoo’s annoying one that simply duplicates the functionality of IE7’s built-in search bar.

My grandmother’s brand new computer was truly loaded to the brim with crapware.

I can’t say that it completely surprised me.  Apple CEO Steve Jobs has often made comments about how, in contrast to many PCs that ship with tons of bundled software that is either of poor quality or that the hardware vendor was simply paid to include, new Macs ship only with “software you’ll actually use,” like the iLife suite and other first-party applications like iTunes and iChat.  And I’ve read reports about how some vendors like Sony actually charge extra fees for computers that ship without crapware.  There’s no question in my mind that Acer was paid to include much, if not all, of this extra software with the computer.

In principle I don’t have a problem with this.  If vendors like Acer want to offer value-priced products like my grandmother’s $569 desktop and keep the price that low by agreeing to bundle third-party software that consumers might not otherwise be inclined to install on their own, they’re absolutely free to do that.  But I also feel that PC vendors should be required to disclose when they do this.  It might affect a consumer’s decision to purchase a computer if she learned that she needs to spend potentially hours uninstalling demos, trials, and redundant toolbars (in addition to re-installing the appropriate non-trialware like the full version of Microsoft Office) before she can actually use the computer productively.  I’m sorry, Acer, but there was absolutely no way I could leave my grandmother with that computer as it came right out of the box; it was simply unusable.

What happened to the days when unboxing a new computer was something to look forward to?  Back in my retail days I was a firm believer that a customer’s opinion of a product is based primarily on her very first experience with it.  I think that consumers should at least be told what they’re getting themselves into.  This is exactly the sort of thing that companies like Acer should care about.  We have a very mixed opinion of Acer right now.  On the one hand, the hardware seems very good for the price and, now that I’ve removed over a dozen applications from it, the software seems adequate too (for a Windows PC of course).  But our out-of-box experience was irreparably marred by what we saw when we first powered on that computer.  Maybe it’s time that some PC vendors learned from Apple’s strategies.  If you ship a computer “clean,” with no stickers to peel off and no crapware to remove, ready to work right out of the box, consumers will love it from the first moment they hold it.  We love that kind of an experience.  It makes us feel like we just purchased something wonderful, and when you keep offering it, we’ll keep coming back to you for it over and over again.

Posted in Josh's Corner | No Comments »

Win For Open Source in Jacobsen v. Katzer

Does a software developer waive his right to sue for copyright infringement by releasing his code under an open source license?  This is the question to which the appellate court answered “no” today in Jacobsen v. Katzer.¹

The plaintiff in this case is the manager of an open source software project whose code was improperly used by the defendant in a commercial software product that did not comply with the plaintiff’s license.  But when the plaintiff brought an action for copyright infringement and moved for a preliminary injunction, the defendant argued that by releasing his code under an open source license the plaintiff waived his right to sue for copyright infringement and could now only sue for breach of contract under the license.  The defendants relied on language from Sun Microsystems v. Microsoft Corp.² that limited the rights of copyright owners to sue licensees for copyright infringement.  The problem here is that the defendant — and the lower court — seems to have misunderstood an important element of how a license works.

When a copyright owner issues a nonexclusive license to a licensee, he grants the licensee the rights to use the work for some purpose.  Here, the plaintiff wanted to ensure that his work remains available to the public in source code form so that anyone can edit and improve upon his work.  That’s why he chose to release the software under an open source license rather than some other kind.  In doing this, the plaintiff limited the scope of the license he granted the defendant as an end-user, and the defendant exceeded that scope.  Legally, this means that by using the plaintiff’s code in a way that was repugnant to the open source license, the defendant’s use was not a licensed use at all.

Consequently, the central issue in this case was whether the relevant requirements in the license were conditions for the license to be valid or merely covenants to which the receiver of source code contractually agreed.  A breach of a condition points toward copyright infringement liability because conditional language defines the scope of a contract.  On the other hand, promissory language merely serves to create covenants that are actionable only in contract law.³  Luckily for the plaintiff, the appellate court seems to have had an easy time finding that the relevant language in the license was conditional in nature.  Provisions such as “the intent of this document is to state the conditions under which [the program] may be copied” and that rights are granted “provided that” certain conditions are met weighed heavily in favor of the plaintiff in this case.  This should serve as an important reminder to anyone drafting a license agreement who wants to preserve his client’s ability to sue for copyright infringement.

Practical matters aside, one of the best things about this case is that the court reaffirmed that “copyright holders who engage in open source licensing have the right to control the modification and distribution of copyrighted material.”  All too often people seem to confuse “open source” with “public domain” when in fact they are very different.  In fact, open source relies heavily upon copyright law to exact its restrictions.  The peculiar thing about open source is that, while traditional software uses copyright as an offensive tool to thwart pirates, the copyleft movement uses the same body of law as a defensive shield to ensure that its work remains freely available and modifiable.

This weblog is an informational resource only. It is not designed to offer legal advice.

1. Full text available at http://www.cafc.uscourts.gov/opinions/08-1001.pdf. [↩]
2. 188 F.3d 1115 (9th Cir. 1999). [↩]
3. Graham v. James, 144 F.3d 229, 236-37 (2d Cir. 1998). [↩]

Posted in Copyright in the Digital Age, The Copyleft Movement | No Comments »

Ten Reasons Why Free and Open Source Software is Good for Society

1. Free software¹ promotes the study and improvement of computer programming methods.
2. Free software licenses like the GPL ensure that the whole community of users can benefit whenever an improvement is discovered, not just a few who “discovered it first.”
3. Open source code can be used to solve absolutely any problem for which it is suited or can be made to be suited, including new problems that the original programmer did not foresee.
4. Widespread use of certain free software applications like browsers promotes better security by making code available to audit by security experts.
5. Free software licenses like the LGPL promote efficiency by ensuring that good code snippets can be used again and again in new programs.
6. In the private sector, companies that contribute to free software can increase commercial innovation instead of participating in expensive patent cross-licensing lawsuits.
7. Free software promotes competition and improvement in the computer support industry because everyone has equal access to learn about the inner workings of open source code.
8. Free software projects provide outlets for the creative energies of populations who are dissatisfied with the status quo.  Don’t believe me?  Look at Firefox, which sparked an entire movement toward more standards-compliant HTML rendering.
9. Free software, when made available for download from the Internet, puts power in the hands of computer users worldwide, even in developing and oppressed areas of the planet.
10. Free software promotes global unity by permitting people from all over the world to contribute to projects and collaboratively resolve real-world problems.

1. It’s important to understand that I’m not referring to software that is merely “free as in beer” meaning that it is given away without cost, but specifically software that is “open” in that its source code may be used, studied, and modified without restrictions.  Another term for this is “free, libre, and open-source software” or “FLOSS.” [↩]

Posted in The Copyleft Movement | No Comments »

Shhh! The Anatomy of a Hacker’s Prior Restraint

It started out like a classic story:  Government creates RFID system.  Engineering students find loopholes in said system.  Engineering students start to tell others about said loopholes.

Except that this time, the last step didn’t happen.

DEF CON is an annual computer security convention where experts gather to hear about the latest in computer and hacking-related topics.  This year’s convention was held this past weekend at the Riviera Hotel & Casino in Las Vegas.  Three MIT students prepared a presentation for this conference in which they would have discussed the the “vulnerabilities in magnetic stripe and RFID card payment systems implemented by many urban transit systems.”  The scheduled presentation was the result of the students’ research project, conducted under the auspices of a renowned MIT computer science professor.  All was well until the Massachusetts Bay Transportation Authority (MBTA) filed suit in federal court to enjoin¹ the students from speaking at DEF CON because the disclosure of their research could compromise the MBTA ticketing system.  A federal judge, apparently agreeing that the students should not be permitted to speak, issued a temporary restraining order² that prohibited the students from presenting at the conference.

It’s not hard to see why the MBTA would want to shut these researchers down.  Their work, if disclosed to the public, would severely undermine the security of the card systems that the MBTA and other transit authorities have invested heavily in.  But the problem here is that, in agreeing with the plaintiff in this case, Judge Douglas P. Woodlock imposed a prior restraint on the students, which is generally unconstitutional except in extreme circumstances.  A prior restraint occurs when the government somehow prohibits someone from speaking before the actual speech occurs. It is a much stronger restraint on speech than censorship, and therefore as a matter of public policy it is close to taboo because of the fear of chilling effects.  Courts have traditionally held that prior restraints are unconstitutional except in extremely limited circumstances such as national security issues.³ Later cases clarified that “any prior restraint on expression comes . . . with a ‘heavy presumption’ against its constitutional validity”⁴ and suggested that even the “national security” exception requires some grave and irreparable imminent danger.⁵

When we apply these prior restraint standards to MBTA’s case, the results aren’t pretty.  The MBTA relies primarily on the Computer Fraud and Abuse Act,⁶ a law designed to criminalize unauthorized access and damage to computer systems, and the issue here is whether the danger of any criminal activity resulting from the students’ speech would have been sufficient to maintain a valid prior restraint.  The relevant case law points strongly toward there being a requirement of some imminent danger.  In the absolute worst case scenario here, if these students were allowed to present their research and a few evil-doers used the research to get free rides on the Massachusetts public transit system, the damage done would be a few subway fares.  Taken to an extreme, it could mean the premature obsolescence of the MBTA’s RFID card system.  While obviously not a desirable outcome, this still clearly doesn’t threaten national security.  For this reason, this prior restraint doesn’t seem to pass muster.

If you follow technology law, you might be drawing a parallel to the DeCSS case,⁷ in which the Court of Appeals for the Second Circuit held that a defendant could be enjoined from releasing a computer program that makes it possible to copy DVD movies in violation of the relevant provision of the Digital Millennium Copyright Act.⁸  But this case is easily distinguishable.  In the DeCSS case, the appellate judges skirted around the free speech issue by contending that computer programs have both “speech and non-speech” features, and that the injunction only targeted the “non-speech” ones.  That argument might fly for regulating computer programs, but I don’t think it’s possible to argue that a speech at an academic conference has any significant “non-speech” qualities that could be exempt from First Amendment protection.

It seems clear to me that the temporary restraining order issued in this case was an unconstitutional prior restraint.  However, I don’t place all of the blame here on Judge Woodlock.  There was a right and a wrong way for the MBTA to handle this situation.  The right way was to listen to (or read a transcript of) the students’ research into the inherent vulnerabilities of magnetic and RFID systems and to modify their systems to be more robust.  The wrong way was to silence public discourse on the subject and to continue pretending that their system is a good one.

Unfortunately, the MBTA chose the wrong course of action, and –worse — a federal judge let them get away with it.

This weblog is an informational resource only. It is not designed to offer legal advice.

1. An injunction is a judicial decree that orders a party to refrain from taking some action.  ”Enjoin” is the verb form of this term. [↩]
2. A TRO is an injunction that is issued for a short term before an issue is actually decided on the merits.  A judge typically uses this only when it is necessary to avoid some imminent harm to the moving party and the moving party appears likely to prevail on the merits. [↩]
3. Near v. Minnesota, 283 U.S. 697 (1931). [↩]
4. Nebraska Press Association v. Stuart, 427 U.S. 539 (1976), relying on Carroll v. Princess Anne, 393 U.S. 175 (1968) and Bantam Books, Inc. v. Sullivan, 372 U.S. 58 (1963). [↩]
5. New York Times Co. v. United States, 403 U.S. 713 (1971), popularly known as “The Pentagon Papers Case,” striking down a prior restraint by the Nixon administration that purported to rely on the national security exception. [↩]
6. 18 U.S.C. § 1030. [↩]
7. Universal City Studios, Inc. v. Reimerdes, 273 F.3d 429 (2d Cir. 2001). [↩]
8. 17 U.S.C. § 1201(a)(2). [↩]

Posted in Computer Crime, Free Speech Online | 1 Comment »

California Bar Exam

For the past few months I’ve taken some time off from this blog and most of my other online activities while I prepared for the Bar Exam. I’m back now, and I intend to resume posting later today.

Posted in Josh's Corner | No Comments »