Skip to main content

Notice

Please note that most of the software linked on this forum is likely to be safe to use. If you are unsure, feel free to ask in the relevant topics, or send a private message to an administrator or moderator. To help curb the problems of false positives, or in the event that you do find actual malware, you can contribute through the article linked here.
Topic: cdex is getting ripped off (Read 6262 times) previous topic - next topic
0 Members and 1 Guest are viewing this topic.

cdex is getting ripped off

saw this on /. (as I am sure many others did) but I figured I would pass along the links, as I know it would be of interest to many...

slashdot link

comments on download.com

cdex is getting ripped off

Reply #2
Heh. That already happened to CoolPlayer as well.

Some crook ripped it off, closed the source and called it "EK-AMP"

Thankfully, it seems gone now.

cdex is getting ripped off

Reply #3
That's one of the risks you have to take when you release OSS.  Morpheus PE is jsut a rip off of Gnucleus.  Taking OSS, putting your name it and adding spyware might be immoral, but it is released under the GPL.  Oh well, a few might fall for it, but if you look at the comments at download.com you will see most don't.

cdex is getting ripped off

Reply #4
Altough I don't support any kind of spyware or adware, this program is legal,
at the download page  it says:

"NeoAudio is open source software based on the CDex engine, distributed under the GNU General Public License. To download the latest source code, click on the link below:
NeoAudio Source Code : version 1.50.6 (.zip)"

So I think at least from a legal point of view they're covered.

edit:

The only thing that could use CDex author (I'm not expert, correct me if I'm wrong) to start legal actions against NeoNapster.com it's at point 10 of GPL:

Quote
10. If you wish to incorporate parts of the Program into other free
programs whose distribution conditions are different, write to the author
to ask for permission. For software which is copyrighted by the Free
Software Foundation, write to the Free Software Foundation; we sometimes
make exceptions for this. Our decision will be guided by the two goals
of preserving the free status of all derivatives of our free software and
of promoting the sharing and reuse of software generally.


I don't think they asked for authorization about the spyware/adware.

cdex is getting ripped off

Reply #5
yeah, with the GPL the way it is, a company could rerelease all the useful GPL'd programs with spyware/adware and flashier names and make quite a bit of money.  Methinks the GPL needs some updating to prevent this kind of quick-and-dirty hijacking of OSS for profit.

cdex is getting ripped off

Reply #6
Quote
Originally posted by floyd
Methinks the GPL needs some updating to prevent this kind of quick-and-dirty hijacking of OSS for profit.


What's the solution you propose?

I.E: What should be added to the GPL to prevent these acts?

cdex is getting ripped off

Reply #7
I'm not a lawyer (yet  ).  Maybe its not possible without scrapping the GPL entirely.  Maybe the authors don't even care, and it follows their vision of the GPL, so why should we care?  If it was my hard work, I would care.

The more I think on it, maybe the answer is more legislation on spyware/adware-supported software.  Is it legal to install software without the average users knowledge? (this includes hiding info about it in the EULA, which no one ever reads)

cdex is getting ripped off

Reply #8
Quote
Originally posted by floyd
(this includes hiding info about it in the EULA, which no one ever reads)


Well, people SHOULD read the EULA. The software devs can't be blamed if people press "next" right away when the EULA screen appears while installing.

Heh. Even that $%#@! RadLight is OK, even if it deletes AdAware from your system while installing. That is (was) mentioned in the EULA.

http://www.lavasoft.nu/latest.html

Regards;

Roberto.

Edit: AHAHAH, the damned RadLight author even calls spyware "helpware"
http://www.radlight.net/helpware.htm

Ridiculous...

cdex is getting ripped off

Reply #9
Sometimes, reading EULA is not that easy. Also, lastest changes that comes with Windows 2K SP3 and WMA 8's EULA ain't very legal due the fact they change a previous established contract.

cdex is getting ripped off

Reply #10
Well, part of the entire point of using a Free Software license is to allow other people to fork your code and release their own version of it.  You could say that XEmacs is just a "ripoff" of Emacs, since it took the entire Emacs code base and put a new logo on it (since then of course they've added a ton of other things too).  In fact, licenses that prevent this sort of forking are generally considered to not be either Free Software or Open Source licenses.

Now if the forked version includes spyware and adware and other things making it inferior, then hopefully users will choose the non-forked (original, superior) version, so it shouldn't be a problem.  But they still have the right to offer their crappy version of it.

The only legal issue I see here are some allegations that they stripped the copyright information from some of the CDex source files, which would be illegal (even though it's GPL-licensed, it's still copyrighted by the original author).  I haven't verified these though, and it seems like a mostly minor point.

A possible secondary point would be if the spyware programs actually integrate with the software; then they'd need to be GPL as well.  But if they're completely separate programs just distributed with the software (like Gator or Cydoor or something), then there's no legal issues.

cdex is getting ripped off

Reply #11
Quote
Originally posted by amp
Sometimes, reading EULA is not that easy. Also, lastest changes that comes with Windows 2K SP3 and WMA 8's EULA ain't very legal due the fact they change a previous established contract.


I was just doing a google search to find just that link!  Thanks!

cdex is getting ripped off

Reply #12
Can someone tell me where are spyware and adware source code in the neoaudio source archive ? If they don't give it it's a violation of the GPL.

cdex is getting ripped off

Reply #13
Is the original copyright information from Cdex deleted in NeoNapster? If so it violates the GPL AFAIK
Otherwise it seems ok as long as the sources of NeoNapster (AND the spyware) are completely available under the GPL (or in case of the spyware at least under one GPL compatible license)

I'm not a lawyer but thats at least my understanding of this

cdex is getting ripped off

Reply #14
well, mr. Faber has finally got what he has been asking for, because he's not a type of person who cares about someone else's licenses (*cough* Winamp plugins in cdex setup, without any kind of permission, any requests to remove them being happily ignored).
Microsoft Windows: We can't script here, this is bat country.

cdex is getting ripped off

Reply #15
Quote
Originally posted by ftc
Can someone tell me where are spyware and adware source code in the neoaudio source archive ? If they don't give it it's a violation of the GPL.
Not necessarily.  It depends on whether they can legally be determined to be a "derivative work" of the GPL'd source code.  If they're separate programs that are merely bundled with the GPL'd code, then source code isn't required to be distributed for them.  This is why, for example, you can buy a SuSE Linux CD that has some GPL'd stuff on it, and some proprietary stuff on it, without violating the GPL.

There's all sorts of of controversial grey areas in between as well.  The Free Software Foundation claims that the GPL's derived work clause encompasses a fairly broad range of activity (especially things like runtime linking), but whether this is valid has never been tested in court.

cdex is getting ripped off

Reply #16
Quote
Originally posted by Delirium
Not necessarily.  It depends on whether they can legally be determined to be a "derivative work" of the GPL'd source code.  If they're separate programs that are merely bundled with the GPL'd code, then source code isn't required to be distributed for them.


I think that spyware or adware are dll so they have to include the source code.

Quote
This is why, for example, you can buy a SuSE Linux CD that has some GPL'd stuff on it, and some proprietary stuff on it, without violating the GPL.


Suse Linux is an Operating System and it's clearely indicated in the GPL licence that you can use proprietary software with GPL as long as it's part of the OS or is normally distributed with it. With CDEx it's not the case. I don't think they use the great backdoors in Windows for their soft.

Quote
There's all sorts of of controversial grey areas in between as well.  The Free Software Foundation claims that the GPL's derived work clause encompasses a fairly broad range of activity (especially things like runtime linking), but whether this is valid has never been tested in court.


I think it will be difficult to legally defend GPL in many cases but most of huge companies had forbidden the use of GPL soft to prevent including some code in their soft.

By seeing commentaries at download.com, I think that most of people will anderstand that they'd better use CDEx.


PS: sorry for my very bad English, but you have to remeber I'm french.

cdex is getting ripped off

Reply #17
Quote
Originally posted by ftc
By seeing commentaries at download.com, I think that most of people will anderstand that they'd better use CDEx.
Yeah, I guess so too... Found some rather funny comments like this one: ""Best spyware I've seen in years!!!"
I've been using NeoAudio anally since it was first released. Forget CDex!!! CDex doesn't invade your privacy and solicit like NeoAudio does... NeoAudio is the BEST spyware out there, BAR NONE!!! "...

cdex is getting ripped off

Reply #18
Lol! The funniest comments can be read by pressing "only positive" reviews.
Quote
I love this program. I used to use CDex, but I was annoyed at the lack of useless spyware included in the download.
But judging from the way people rated "features", "output quality" etc. cdex must be a real crap piece of software.

cdex is getting ripped off

Reply #19
Quote
Originally posted by ftc
I think that spyware or adware are dll so they have to include the source code.


No.

They would only have to include source code if the Spyware code is required by NeoAudio (I.E: Statically linked - NeoAudio won't run without it) or if the spyware will interact with NeoAudio, making function calls to each other.

That doesn't seem to be the case here.

More info:
http://www.gnu.org/copyleft/gpl-faq.html#GPLPluginsInNF

Quote
By seeing commentaries at download.com, I think that most of people will anderstand that they'd better use CDEx.


Yes, but 36000+ people downloaded it neverthless.

cdex is getting ripped off

Reply #20
Quote
Originally posted by rjamorim
No.

They would only have to include source code if the Spyware code is required by NeoAudio (I.E: Statically linked - NeoAudio won't run without it) or if the spyware will interact with NeoAudio, making function calls to each other.

That doesn't seem to be the case here.


You're right, it's the first time I see a soft with spyware that continue to work after removing them.

Quote
More info:
http://www.gnu.org/copyleft/gpl-faq.html#GPLPluginsInNF


I knew this URL, I give it in an other thread some days before.


Quote
Yes, but 36000+ people downloaded it neverthless.


I downloaded it to see what changes have been added or removed.