ifarqhar@uunet.UU.NET (Ian Farquhar) (02/12/90)
For several weeks we have been monitoring the discussion in comp.virus
and elsewhere concerning the AIDS "trojan". There has been much
discussion about the motives of the author in publishing this virus,
and the general surprise that the accompanying program was quite
sophisticated.
We have recently received a copy of the AIDS trojan with the
accompanying license agreement, and upon reading this agreement I am
drawn to make several points. Needless to say, this copy was not
installed. Let me quote some of the relevant passages from the
license agreement:
"Read this license agreement carefully. If you do not agree with the
terms and conditions stated below, do not use the software, and do not
break the seal (if any) on the software diskette..."
"...you may not decompile, disassemble, or reverse-engineer these
programs or modify them in any way without consent from PC Cyborg
Corporation. These programs are provided for your use as described
above on a leased basis to you; they are not sold. You may choose one
of the following types of lease (a) a lease for 365 user applications
or (b) a lease for the lifetime of your hard disk drive or 60 years,
whichever is the lesser. PC Cyborg Corporation may include mechanisms
in the programs to limit or inhibit copying and to ensure that you
abide by the terms of the license agreement and to the terms of the
lease duration. There is a mandatory leasing fee for the use of these
programs; they are not provided to you free of charge. The prices for
"lease a" and "lease b" mentioned above are US$189 and US$378,
respectively (subject to change without notice). If you install these
programs on a microcomputer (by the install program or any other
means), then under the terms of this license you are thereby agree to
pay PC Cyborg Corporation in full for the cost of leasing these
programs. In the case of breach of this license agreement, PC Cyborg
Corporation reserves the right to take any legal action necessary to
recover any outstanding debts payable to PC Cyborg Corporation and to
use program mechanisms to ensure termination of your use of the
program. These program mechanisms will adversely affect other program
applications on microcomputers. You are hereby advised of the most
serious consequences of your failure to abide by the terms of this
license agreement: your conscience may haunt you for the rest of your
life; you will owe compensation and possible damages to PC Cyborg
Corporation; and your microcomputer will stop functioning normally.
Warning: Do not use these programs unless you are prepared to pay for
them..."
End quote.
This is not a trojan: it is a COPY PROTECTION SYSTEM. The
consequences of using the program without paying are quite adequately
laid out in the license, which apparently has not been read. It warns
quite clearly that:
a) You should not install this program unless you are going to
pay for it.
b) The program contains mechanisms that will ensure that the
terms of this license agreement will be followed.
c) That these mechanisms will affect other programs on the hard
disk.
I am led to make the following conclusions:
1. That all of the users who were adversely affected by this
supposed trojan either (a) did not read the license
agreement for the program which they were installing, or (b)
they read it and ignored it. Either way, they must accept
the consequences. The installation instructions first step
tells you to read the agreement on the reverse of the sheet.
2. That the people who have been harping on at length about
this trojan did not bother to read the license agreement
either. I am left wondering if the "excitement" of this
horrible "trojan" prevented them using some elementary logic
to ask if the program may be something else.
3. PC Cyborg laid out the consequences quite plainly in the
license agreement. It is a debatable point whether PC
Cyborg would have sent the "defusing" program for the time
bomb that this program installs, though the US invasion
would have defeated any attempt to do this (the invasion was
doubtless more illegal than this program).
4. That the people hurriedly disassembling the program actually
committed a breach of the license agreement, and are liable
for legal action from PC Cyborg. Equally, copying of this
program is as illegal and is as much piracy as copying any
commercial program.
I am stunned at the sheer volume of pointless garbage that this
program has generated, and it makes me seriously doubt any other
information received from these "experts". I would also point out
that self-destructing programs are not new, but one has never caused
such an outcry before.
If the author of this program is convicted, it will be the first
conviction ever for the hidious crime of writing a copy protection
system, and will be one of the biggest farces of justice ever
witnessed.
Disclaimer: These are my own opinions, and do not necessarily
represent the opinions of my employers.
"AI is also an acronym for Artificial Ignorance"
Ian Farquhar Phone : (612) 805-7420
Office of Computing Services Fax : (612) 805-7433
Macquarie University NSW 2109 Also : (612) 805-7205
Australia Telex : AA122377
ACSNet ifarqhar@macuni.mqcc.mq.oz.au ifarqhar@suna.mqcc.mq.oz.audavidbrierley%lynx.northeastern.edu@IBM1.CC.Lehigh.Edu (02/13/90)
In Virus-L 3:38 Mr. Ian Farquhar defended the AIDS "trojan" by
stating that it was only a copy protection system and that users were
properly warned. I would like to counter his remarks with a few
thoughts:
1) The AIDS disk did not have copy protection at all. Copy protection is,
by definition and tradition, a mechanism that attempts to prevent
unauthorized copies from being made. It is not a system that seeks out
and hides (or even destroys) the user's files that have nothing to do
with the software package in any way. Those unrelated files belong to the
user and it is the user which has the right to decide which software
packages should have access to them. I'd hate to think what it would be
like if any form of "copy protection," no matter how draconian, could
enjoy complete legal protection.
2) The disks were unsolicited. It is my uderstanding that none of the
organizations that were mailed disks asked for them, and therefore had
no way to learn about the software unless they actually used them. In
the US unsolicited objects received by mail are gifts, therefore, the
so-called license agreement is void (and may possibly be illegal). (Yes,
I know "you should never look a gift horse in the mouth.") I don't know
how the laws are in the nations that were infected but its very likely
that they are similar to those of the US. I would even wager that the
aforementioned postal regulation could be one of the reasons that the
disk's instructions stipulated that the software could not be used in
the United States.
3) The market to which the disks were targeted was especially sensitive.
It is very likely that vital medical records could have been tampered
with by the AIDS disk, since medical organizations were the ones that
received copies. If the author was truly professional, I'm sure he/she
would have marketed the package through conventional means (i.e. demo
disks, advertising, etc.) Of course this aspect may not be applicable
to the alleged author, if in fact his judgement has been impaired by his
psychological problems and/or treatment.
David R. Brierley
davidbrierley@lynx.northeastern.edulegg@ucsd.edu (David Legg) (02/14/90)
munnari!mqccsunc.mqcc.mq.oz.au!ifarqhar@uunet.UU.NET (Ian Farquhar) writes: >For several weeks we have been monitoring the discussion in comp.virus Quote of license agreement, summary of warning in same, and the conclusion that this is merely an elaborate copy protection scheme deleted for brevity. I too have been following the discussion, and while Mr. Farquhar presents a some reasonable comments, I think he should consider the following. A. The disks were unsolicited material. In the US, that means the receiver owns them free and clear, no matter what "agreement", invoices or other demand for payment is made. What is the australian (and other target countries) law in this regard. B The "COPY PROTECTION" prevented all subsequent use of the entire computer system, but only after it had been executed. It would not prevent copying the master disks on an unaffected system, nor would it have prevented the execution of those copyied disks on other systems. Ususal copy protection either prevents copying the master, or makes the copies useless on other systems. C For it to be "COPY PROTECTION" system, there must be something real to protect, I have not seen any mention of anyone finding any real programs or information on the disk. (The survey program I saw mentioned seemed to be more of a quick and dirty mockup than anything else.) C This is not another instance of a program which will self-destruct if used in an unlicensed environment. It effectively destroyed the entire computer environment. As Mr. Farquhar states, this might have been a recoverable event, we dont know if PC Cyborg would have sent a fix-up disk in response to payment, this is extortion. If PC Cyborg was really interested in leasing software about aids, there are well established methods for advertising, making demo versions, etc. The sophistication of the methods they employed demonstrates the level of skill and knowledge they have. The effects on the computer systems are intentional, not the results of faults in the code as in the case of many viruses. The cost of mailing the disk was significant. Therefore I think we can be sure that the authors knew exactly what they were doing and expected a large financial return for thier efforts. Disclaimer: These are my own opinions and not necessarily those of my employer. Dave Legg |Internet: legg%proton.uucp@ucrmath.ucr.edu Radiation Research Lab |UUCP: ...!ucrmath!proton!legg Loma Linda University Medical Center Loma Linda, CA 92354. (714) 824-4075
zmudzinskit@imo-uvax.dca.mil (zmudzinski, thomas) (02/14/90)
In Virus-L V3 #38 Ian Farquhar writes: .. > If the author of this program is convicted, it will be the first > conviction ever for the hidious crime of writing a copy protection > system, and will be one of the biggest farces of justice ever > witnessed. Zapping a hard disk and calling it copy protection is overkill. One is generally not allowed to use lethal force to protect mere property. (You may kill in self-defense, and you may defend your property, thereby making "self-defense" more likely, if that's your karma.) Rigging lethal deadfalls is a no-no (it's called "reckless endangerment" and similar verbage). Justice Holmes wrote that your right to swing your fist ends at the tip of my nose. The right to protect a person's intellectual property must end when it damages another's physical property. I consider most copy protection to be just that, a hidious crime. If I can't make my own back-up copy of a program, I feel that the vendor is responsible for providing me with a replacement when the original disk fails. Ideally this should be at no charge, including the prepaid return-mailer that would hold the failed disk -- and if we're talking about an applications package that I've become dependent upon (choose any software you'd hate to be without for 36 hours), I want damages! ^^^^^^^ ................................................................ : Tom Zmudzinski : "In just causes, there are no failures, : : DCS Data Systems : only delayed successes." - Robert Sheckley : : McLean, VA : "Why do I feel overly successful?" - me : :..................:............................................: