funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: UK: Commercial Keylogger Challenges Anti-Spyware Vendor Sunbelt

From: Kevin McAleavey <kevinmca () nsclean com>
Date: Fri, 11 Nov 2005 07:41:34 -0500
 We were directly involved in that mess, AND prevailed ... the company was UltraAccess Networks of Florida and they 
sued us. Heh. Our company was the only one that didn't cave, in fact we made things a whole lot worse for them as a 
result of the settlement we obtained prior to trial in New York ... the "cure" is still in BOClean and now that they've 
been gone for five years, will be removed in our next release. Here's the story though:

Excerpt from our "PSC Newsletter-MEDIA DISCOVERS "SPYWARE?"
Friday, 13 May 2005 ...

BOCLEAN GETS SUED FOR "RESTRAINT OF TRADE"

In the summer of 2000, the NETBUS trojan was sold to a Florida Corporation who decided to resell Netbus as "a 
legitimate remote administration tool." When they learned that BOClean was detecting the Netbus trojan as "Netbus 
trojan" their lawyers took action against Privacy Software Corporation, demanding a "cease and desist" on our detection 
of Netbus. Our corporate lawyer and our management contested the assertion, and prior to trial came to a settlement 
with the dealer (now defunct) which determined that BOClean would be provided with a "Do NOT detect Netbus" option in 
order to stop BOClean from detecting Netbus *IF* the end user so desired. A legal precedent was also set under New York 
jurisdiction (we're a New York Corporation legally) by this settlement which was upheld by the courts. Our "option" to 
NOT detect at the discretion of the end user was an "adequate remedy" under New York State law, and BOClean is governed 
by same.

BECAUSE we were not a "common carrier" in that there is no "evaluation copy" available to the "general public" BOClean 
is seen legally as a "subscriber service" and our decisions to cover or NOT cover certain malware is legally seen as a 
"service" rather than an obligation and thus legally, because we do NOT offer "to the general public," we are a 
"private club" and thus entitled to ANY discrimination "on behalf of our subscribers" as WE see fit. Netbus therefore 
had no legal standing to challenge our decision. AND, because we agreed in a settlement to place the "Do NOT detect 
Netbus" in our configuration screen, the embarassment of the "this is bad, but ignore it" display in our product only 
served to bury Netbus as a "legitimate remote administration tool."

The outcome is there is already legal precedent for BOCLEAN under the law, and whereas other antimalware had 
surrendered to bogus legal claims (but eventually relented after we won the decision) and dropped the detection of 
malware, BOCLEAN is under no such legal obligation. We act on behalf of our "subscribers" BECAUSE there are no "free to 
the general public" releases of BOClean.

=======

This settlement has been our ace in the hole for a number of latter similar situations, including SONY's little "issue" 
this past week.   :)

At 10:40 PM 11/10/05, you wrote:

Little new there -- I forget the company's name, but whoever took over 
the commercial (shareware??) distribution of NetBus 2.0(and any later 
versions) had the same beef with the big (at least) US AV developers.  
This (amongst other similar situations) is what prompted NAI/McAfee to 
add the "possibly unwanted program" classification to their scanner and 
the detection of things because they were "misnamed and/or misplaced" 
(basically "not installed in the default directory and/or with the 
default filename for the .EXE).

That was sometime back when I was working in the UK -- 97-99-ish, or 
_just_ after I left the UK...


Regards,

Nick FitzGerald

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.


----------------------------------------------------
 NSClean Privacy Software division
 Privacy Software Corporation
 http://www.nsclean.com
 kevinmca () nsclean com

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: