Welcome to P2PNET.net - The original daily p2p and digital news site. Always First!
Register | Login
RIAA News
Cool Stuff
MPAA News
Games / Consoles
News
Music
Movies
TV
Open Source
Mobiles
Advertising
Product News
P2P
Off Topic
Freedom
Politics
Interviews
Security
DRM
Links
Kids and Kartels
Search: 
Search
 
Web P2PNET   
   Search: 
Search
Torrent Site Tracker
MP3Rocket
 
Add real-time p2pnet headlines to YOUR site ! Click here to download our newsfeed code

EULA for crooks!

p2pnet news | Security:- How’s this for cheek?

“The problem,” says Symantec, is, “You develop a software package that you want to sell in the underground community. However, your buyers are not the most reputable/trustworthy people.

“How do you prevent your product from being purchased once and then distributed freely afterwards? How do you enforce your ‘copyright’?”

Easy.

Do what everyone else does. Draw up an End User Licensed Agreement. Just like the one on the right.

The screen shot is from from malware package Zeus detected by Symantec as as Infostealer.Banker.C.

It’s written in Russian, but the post has a translation, to wit >>>

The terms of this licensing agreement place the following restrictions on the client (the buyer). (The below is not a word-for-word translation.)

2. The Client:

1. Does not have the right to distribute the product in any business or commercial purposes not connected with this sale.

2. May not disassemble / study the binary code of the bot builder.

3. Has no right to use the control panel as a means to control other bot nets or use it for any other purpose.

4. Does not have the right to deliberately send any portion of the product to anti-virus companies and other such institutions.

5. Commits to give the seller a fee for any update to the product that is not connected with errors in the work, as well as for adding additional functionality.

Er, Yes, but these guys are crooks. Or do they really believe there’s honour among thieves?

Not really.

“In cases of violations of the agreement and being detected, the client loses any technical support,” says Zeus.

And in case that’s not enough, “Moreover, the binary code of your bot will be immediately sent to antivirus companies.”

Adds Symantec:

“Despite the clear licensing agreement and the associated warnings, this package still ended up being traded freely in underground forums shortly after it was released. It just goes to show you just can’t trust anyone in the underground these days.”

;)

.Add to Technorati Favorites .Stumble It!

Symantec - Copyright Violations in the Underground, April 25, 2008

Use free p2pnet newsfeeds for your site. It’s really easy!

Subscribe to p2pnet.net | | rss feed: http://p2pnet.net/p2p.rss | | Mobile - http://p2pnet.net/index-wml.php

Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for details. Download here.

This entry was posted on Tuesday, April 29th, 2008 at 1:01 pm and is filed under Cool Stuff, Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

HOME

Viewed 8857 times

« previous Another bad day for the RIAA
Rogers ups the traffic throttling ante next »

4 Responses to “EULA for crooks!”

  1. Reader's Write Says:
    April 29th, 2008 at 11:23 pm

    so where can I “steal” a clean version that will not fuck up my own system?

  2. Stray Mongrel Says:
    April 30th, 2008 at 2:34 pm

    What does the software actually do, when used as intended?

  3. Reader's Write Says:
    April 30th, 2008 at 6:22 pm

    from what I understand
    Its one of those toolkits that makes it easy for clicky di click windows users to create their own trojan and binds it for example to a legitimate file.
    so this software will “steal” the computer [as in MS Rule one "it's not your computer anymore"] from its rightful owners and make it controlable over the net to do what ever the new owner want to do with the PC.

    For example Rent it to viagra sellers for sending out spam mails, have the PC paritcipate in a distributed denial of service attack or simply harvest information from the stolen PC like credit card infos passwords and stuff like that.

    If you will the software is a VNC solution “programmed for todays demands” ;-)

    Me asked for a clean copy not to do bad stuff!
    I’m not capable of writing some demonstration stuff for the “internet for beginners starting at 60+” class I teach in the VHS and bind it with some harmless features to some usefull software to demonstrate them live on their machines why it is extremely BAD! to run anything you get via mail or IM and not from an official site.

    so far I did it with an selfrunning server version of true vnc and the results when they see their content on my demonstration machine is overwhelming and they get the idea, but some are still claiming
    “but fritz, I would never run such a software, I only run stuff that really does what it says it does” so I need the ability to combine 2 programs together that will get not detected by AV (some still claim since they run AV they are absolutely safe and can switch off theri brain when clicking) [I guess real teachers of younger students know the feeling when you have to deal with some among them that are plain nonunderstanding idiots that simply do NOT WANT to understand a topic?!]

  4. Rekrul Says:
    May 1st, 2008 at 11:38 pm

    Intentional or not, this post makes it sound as if Symantec is promoting EULAs for malware. They’re only reporting what they found in a piece of malware. From reading the linked page I get the distinct impression that Symantec finds the whole idea as ridiculous as we do.

Leave a Reply

Please no Spam, flaming (attacking others), trolling, and posting off-topic. Thanks.

    Advertisements
GigaNews
 


Remove Spyware with AntiSpyware for Windows®