I'm pretty sure you're being too generous with the benefit of the doubt here... and EULAs carry no legal weight at all. uPlay may not have been intended as spyware, but its potential effect is more devastating than the majority of malware out there. That little plugin had the power to do ANYTHING on your computer, and they couldn't be fucked to make it secure? That's all kinds of irresponsible at the very least, criminal at the worst.insanelich said:1. I'm fairly sure Ubisoft buried clauses about uPlay in the EULA - making installing this at least somewhat legal. Now, settling out of court most definitely doesn't determine the legal status of anything, so the jury's still out.Furism said:1. Sony might beg to differ. [http://www.zdnet.com/sony-settles-class-action-lawsuit-over-drm-3039244664/] They had to settle out of court their own rootkit/copy protection problems.
2. It is a rootkit. It's installed without user's consent and allows running arbitrary code from a remote place. Even if the intent is not "evil", it's still a rootkit. You could argue that it's not a "rootkit" because it doesn't try really hard to hide itself, but at the very least it's a trojan.
2. This is simply not true. A rootkit is defined by how it hides itself - and uPlay doesn't do any hiding, so it's not a rootkit.
It is also not a trojan. Trojans masquerade as or within something legitimate. uPlay is quite open about what it is - and this problem was merely a flaw in the execution. If uPlay was meant to be a remote platform for spying, then it would be a trojan. As it is, it is merely a phenomenally badly thought out piece of software.
How edgy and cool. You want to see average workers lose their job. Screw the Man, right!nodlimax said:Origin should be considered awesome, simply because it seems that EA circling the drain much fast with it than without.
I've got a better idea: how about the update provides instructions on how to remove the plug in for those who don't know how, and you remove it entirely from your shitty DRM Ubisoft? And the only reason I'm advocating that is because I know they won't ditch the DRM entirely.The client should update itself automatically on restart, and Korchaa recommends running the updater without any web browsers open so that the affected plugin can update properly.
Actually, you are entirely safe as long as you don't have the plugins.Azuaron said:So Ubisoft has not only not fixed the problem, but they're lying to me and saying they have. Also, don't think you're safe just because you don't have the browser plugins.
Blerrgh, Firefox distinguishes between "addons" and "plugins", and I looked at my "addons". Plugins disabled, exploit blocked.insanelich said:Actually, you are entirely safe as long as you don't have the plugins.Azuaron said:So Ubisoft has not only not fixed the problem, but they're lying to me and saying they have. Also, don't think you're safe just because you don't have the browser plugins.
Show me proof of the "willful" part.faefrost said:Am I wrong in thinking that this isn't just a "oops we'll give everyone a coupon" type screw up and instead this is a "you go to Federal Pound me in the @zz prison!" Type of screw up? I mean this is willfull hacking on a scale of millions?
The point where it crosses the line is they went and modified a piece of your software that they neither sold you, nor informed you about. Their DRM wasn't just a DRM scheme. It went and modified Internet Explorer. Which thanks to previous court decisions can actually be viewed as seperate from the OS itself, and as such way out of bounds for Ubi to have been screwing with without informed consent. And yeah doing that wasn't a simple glitch. That was intentional. It's how their DRM program worked, not an unintended side effect. Their DRM worked by hacking another one of your applications. The massive security holes were the unintended consequence.insanelich said:Show me proof of the "willful" part.faefrost said:Am I wrong in thinking that this isn't just a "oops we'll give everyone a coupon" type screw up and instead this is a "you go to Federal Pound me in the @zz prison!" Type of screw up? I mean this is willfull hacking on a scale of millions?
That is also the key distinction for laws. Ubisoft will probably escape this with just bad PR - and frankly, uPlay is a bad PR machine anyway.