lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
From: itsecurity at mq.edu.au (Ian Latter)
Subject: Yes, user education is a lost cause ;-)

> Unless of course you are like me and I am sure many on this list and 
> purchased the software through a bundle from a manufacturer and have 
> never used it, unpacked it, accepted the license...
> 
> In this case the license agreement does not apply and some remediation 
> should be possible because you have paid for "defective" software.

True; I forgot about the prebundling process - In a former role we had
to drop a vendor because he refused to ship a computer without 
Windows costed into it (even though we were building a non-Windows
server).

Isn't the relationship still with Microsoft, only via their "agent"? IANAL2;
thought presumably its condition to the terms with your supplier, in that
case.

 
> As another angle, the license agreement in these bundles is inside the 
> bundle and by breaking the seal you "agree" to the terms of the license 
> without having the chance to read the license.
> 
> I recall reading about an Egghead case similar to this only focused on a 
> store return policy and the position that if the package was opened the 
> software could not be returned, even if defective...

I remember Microsoft getting into trouble over one of the Win98 distro's
(an OEM ver?) that had a red tag that said something in the order of
"in breaking this seal, you agree to the license agreement on the
disc" - referring to the software that booted off the media; something
that couldn't be read from the packaging without breaking the seal.

Hmm can't find it .. maybe I am wrong .. I can only find this reference;
http://nl.linux.org/geldterug/license.html  to an article that has moved 
here;  http://www.brethertons.co.uk/corporateFiles/corpFileIss26.doc
regarding a Scottish court and Adobe. Yes, ok, it'll be in this lot;
http://www.linuxmafia.com/refund/coverage.html

That aside, point understood.


> IANAL but perhaps there is one out there that has not tuned out this 
> thread that can comment.



--
Ian Latter
IT Security Officer
Macquarie University

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ