Malware Licensing

Wow. More here.  And here.  And here (from the original Symantec Alert).  (For those who don’t want to click the links, a malware author inserted a EULA into their virus code.)

First, let’s be clear.  Even though the software could be used for malicious purposes, this doesn’t affect the ability to license it.  Copyright protection doesn’t have any exceptions when it comes to things that might be used in a bad way.  So, midway through the article where it says “While not legally binding…”, the author is incorrect.

However, what the software license holder would potentially have trouble with is enforcement. If you don’t want to make it known that you’re the one creating malware, it will be quite difficult to be public enough to obtain license compliance.

But I am impressed with the idea, as well as the creativity involved in coming up with their penalties (they threaten that they will turn a violator over to the antivirus companies and explain how to shut down the effects of the malware).

The best part of this is the statement from Symantec:  “Despite the clear licensing agreement and the associated warnings, this package still ended up being traded freely in underground forums shortly after it was released. It just goes to show you just can’t trust anyone in the underground these days. ;)”

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s