Windows Secrets

Subscribers: Sign in

Enter your e-mail address to get a free subscription.
We guarantee your privacy
Skip to content
  • Home
  • Newsletter Archives
    • Current
    • LangaList Plus
    • Patch Watch
    • Wacky Web Week
    • Security Baseline
  • WinDeals
  • E-Books
  • Lounge
  • Polls
  • About us
    • Refunds
    • Privacy Policy
    • Advertise
  • Contact
  • Your Account
    • Upgrade
    • Preferences
    • Bonus Download
    • Unsubscribe
Home>The EULA you click may not be the one in effect

Windows Secrets Newsletter • Issue 230 • 2010-02-04 • Circulation: over 400,000

Table of contents 
  • Top Story: The EULA you click may not be the one in effect
  • Known Issues: Even well-guarded PCs may get infected
  • Wacky Web Week: Make music on the cheap with soda bottles
  • LangaList Plus: MS Security Essentials: right-sized protection?
  • Best Software: Two free photo editors anyone can use
 
Top Story

The EULA you click may not be the one in effect

Woody Leonhard 1 The EULA you click may not be the one in effect By Woody Leonhard

When you accept Microsoft’s end-user license agreement as part of Windows’ installation, that click is considered by many people to be as enforceable as a wet-ink signature — at least in the U.S.

But I’ve found that the terms in the EULA you agree to during an installation may vary from the license that’s posted at Microsoft’s Web site.

In my Dec. 3 Top Story, I tore into the entire Windows 7 licensing debacle. In particular, the Win7 EULA makes certain kinds of Win7 upgrades a violation — even when you follow the instructions in Microsoft’s own installation programs.

Adding to the confusion are conflicting legal decisions about whether “click wrap” licenses constitute fair, legally binding agreements.

E-SIGN, the Electronic Signatures in Global and National Commerce Act of 2000 (as shown in a PDF from the U.S. Government Printing Office), makes clear that clicking Accept is as binding as a signature. But in some cases the terms of the license may change — and your obligations remain open to debate.

After an exhaustive search of case law, I could find no example of a Microsoft EULA prevailing in a dispute with a regular, everyday PC user. Sure, Microsoft and other companies have pursued counterfeiters and others who make money by violating a EULA. Stealing is stealing, and software companies have every right to prosecute people who use their products without paying.

However, even though you may pay for Windows fair and square and use the program as it was designed to be used, you could still violate the EULA.

No agreement on what you’re actually agreeing to

When you click a EULA’s “I Accept” button, what exactly are you accepting? That’s the source of considerable debate among people who get paid to fret over such legal questions.

Microsoft’s current EULAs run to more than a dozen pages. Unless you print one, you’re unlikely to see a hard copy of a EULA. Certainly, you didn’t see the complete text of the Windows EULA prior to buying Windows in a shrink-wrapped box or before buying a new PC with Windows preinstalled.

So when you click “I Accept,” you’re agreeing to a license you didn’t have a chance to review before you bought the product. You can scroll through the agreement while you’re in the process of installing the program and call your attorney to get an instant opinion on reams of dense legalese. That much almost everyone agrees on.

Most lawyers also concur that the Windows EULA amounts to a “contract of adhesion” — a boilerplate contract over which a consumer has no sway. Take it or leave it.

There’s nothing illegal or immoral about boilerplate contracts. However, courts in most countries don’t consider such agreements to be as binding as contracts in which both sides are on an equal footing.

Here’s where things get sticky. I’m not a lawyer — and have no intention of becoming one — but to my layman’s eyes, EULA enforceability is a wide-open question with more wrinkles than a prize Shar-Pei.

In legal decisions, U.S. courts sometimes have sided with consumers and other times with vendors. Most famously — some would say “notoriously” — in the 1996 case ProCD, Inc. v. Zeidenberg, the U.S. 7th Circuit Court overturned a lower court’s decision, finding that a ProCD product’s shrink-wrap license was an enforceable contract. Details of the case are available on the FindLaw site.

Contrariwise, a lower-court case — Klocek v. Gateway, Inc. — found against the enforceability of EULAs. Find more about this case in a Lawnix brief.

Unfortunately, these and similar cases — such as the more-recent Feldman v. Google, Bragg v. Linden Research Inc., Specht v. Netscape Communications Corp., and many others — don’t involve click-to-accept EULAs for purchased software.

Last November, the U.S. courts had an opportunity to clarify the EULA question but chose instead to dodge the matter. As a Yale Law & Technology article explains, the federal case Apple v. Psystar could’ve unmuddled the situation. However, the judge granted Apple a summary judgment without looking into the EULA aspects of the case.

The situation outside the U.S. is just as cloudy. Until there’s specific legislation or clear guidance from the courts, the status of software EULAs remains unresolved.

If Microsoft truly considers the Windows EULA enforceable, you’d think the company would’ve taken at least one of the tens of millions of licensees to court. No doubt Microsoft has many reasons why it has avoided putting its putative contract to the test, but one in particular occurs to me.

Imagine the consequences if a U.S. court found — for whatever reason — that the Windows EULA isn’t enforceable against an individual Microsoft customer.

In a future column, I’ll delve deeper into how Microsoft benefits from the legal limbo on the matter of enforceability.

More than one EULA in your copy of Windows

Want to know what your Windows EULA looks like? Windows XP’s EULA is stored in a file located here:

C:WindowsSystem32eula.txt

XP also has a help file associated with the EULA. The help file is located at:

C:WindowsHelplicense.chm

In Vista and Windows 7, one version of the EULA is stored in the following location:

C:WindowsSystem32license.rtf

But Vista and Win7 also store other EULAs on the system. For example, Win7′s license library for the US-English version of the software is at this location:

C:WindowsSystem32en-USLicenses

In fact, my test PC has 54 separate Win7 EULAs in that folder!

The date stamp on the EULA file in the machine’s System32 folder shows the file was updated the day you installed Windows. Most likely, the Windows installer grabbed the appropriate EULA, displayed that version on the “I agree” screen, and then saved that specific EULA in your PC’s System32 folder.

That may prove to Microsoft that you saw and agreed to the EULA. But what if the file has been changed?

Microsoft’s site is a grand repository of EULAs. But those versions of the licenses vary significantly from the EULAs stored on the hard disks of the PCs I tested.

To test this for yourself, hop over to Microsoft’s End User License Terms download page, choose your product, and compare the EULA stored on your PC with the latest corresponding version online.

Microsoft’s EULA-download site, however, doesn’t actually offer all Windows EULAs. For example, the original Windows XP Retail EULA isn’t there. To find it, you must visit a different page on Microsoft’s site.

Sound confusing? It is. Years ago, I installed a copy of Windows XP Professional Service Pack 1 on a laptop that was subsequently upgraded to SP2 and then SP3. The EULA stored on the machine has the following line at the bottom of the document:

EULAID:XPSP1_RM.1_PRO_RTL_EN

Presumably, this translates to XP SP1 Revision 1 Professional Retail English. But when I go to the EULA download site, there’s no XP SP1 Professional Retail option. I can get the EULA for XP SP1 Professional OEM version or the original XP Professional Retail version, but those EULAs are significantly different from the license stored on my laptop.

Is Microsoft trying to hide something? That’s hard to say, but the company certainly hasn’t made it easy to find and compare the various Windows EULAs. Which EULA did you agree to? Who really knows?

I asked Microsoft for clarification on EULA prohibitions and enforceability, but a spokesman responded that the company had declined to comment.

Yes, I do expect a phone call from Microsoft’s lawyers in the morning!

Have more info on this subject? Post your tip in the WS Columns forum.

Woody Leonhard‘s latest books — Windows 7 All-In-One For Dummies and Green Home Computing For Dummies — deliver the straight story — hold the sugar coating — in a way that won’t put you to sleep.

 
Known Issues

Even well-guarded PCs may get infected

Dennis OReilly 1 Even well guarded PCs may get infected By Dennis O’Reilly

There’s a window of vulnerability between the appearance of new malware and the updating of anti-malware tools against the new threat; you may fall victim in that interim.

That’s what happened to one Windows Secrets Lounge member, whose well-protected system appears to have been subjected to a questionable download in his browser.

Malware can enter a machine through the recently discovered IE hole that Yardena Arar described in her Jan. 21 Top Story. Windows Secrets Lounge member Cris Wadlooper experienced a different kind of threat, which he explained in the comment thread for Yardena’s story:
  • “I noticed that I had a PDF download pending in my Firefox queue, which I dismissed instinctively. (Why is there a file in my download queue? I asked myself.)

    “Disclaimer: I have IE6 on a Win XP2 box, Firefox is my default browser, IE is only for banks and other dinosaurs, etc.

    “I then browsed around a bit as usual, using Firefox, and the same download appeared! — interestingly, just after I refreshed Boston.com for some local news. (I block Boston.com from opening pop-ups via my Firefox preferences, yet the site still manages to do so!)

    “Somewhat stupidly (before finishing my coffee!), I accepted the download request out of coffee-deprived curiosity. I (again, stupidly/curiously) opened the PDF, and it was blank!

    “The silver lining to this story is that I opened the file using an open-source PDF reader, Sumatra, which I use because Adobe Reader is so bloated. After seeing this blank PDF, I immediately Shift-deleted it, and so I now don’t remember even the file name.

    “However, I also instinctively (even in my coffee-deprived stupor) ran a deep scan immediately. Nothing was found — likely because I sent the file to never-never land instead of the Recycle Bin.

    “So, maybe this tale is nothing but a blip in the universe of the brave new world. But did anyone else get pushed a PDF from some seemingly random site over the past few days?”

It’s impossible to know all the threats circulating in the wild. But it’s a good idea to use more than one tool for finding and eliminating Trojans, viruses, and any other bad actors that may have laid claim to your system.

One of the best tools for clearing a PC of malware is the free Malwarebytes Anti-Malware (more info). Note that only the paid version of the program provides real-time scanning for malware.

Most of the major antivirus vendors also offer free online scans you can employ without having to purchase the full product. For example, Symantec offers Security Check, Kapersky provides Free Virus Scan, Trend Micro has House Call, McAfee offers FreeScan, and so on. Running several of these may uncover infections that any one tool might miss by itself.

And of course, you also need to patch whatever hole let the malware in. For sure, replace IE 6 (even if you never surf using IE 6) with IE 7 or 8, both of which provide security features that IE 6 will never have. In the case of the IE Aurora vulnerability, apply the new Cumulative Security Update for Internet Explorer explained in Susan Bradley’s Jan. 28 Patch Watch column (paid content) and in MS security bulletin MS10-002.

Senders may unwittingly spread infection

One of the precautions mentioned in Yardena’s story is to contact the sender of a suspicious e-mail to verify its authenticity. WS Lounger Hans Bool expands on this point:
  • “[M]ost users wouldn’t know how to open attachments in the inbox safely. As you suggest — contacting the sender — may not be a secure solution at all! He or she may have unknowingly attached an infected file!

    “My routine strategy is to save any unopened attachment to my desktop or other location and scan the file with my virus program — in my case, MSE [Microsoft Security Essentials] — before opening the file.”
As we’ve seen time after time, no combination of software settings can replace a little innate skepticism and a lot of common sense.

Have more info on this subject? Post your tip in the WS Columns forum.

Loungers Cris and Hans will each receive a gift certificate for a book, CD, or DVD of their choice for posting comments we printed. Send us tips via the Windows Secrets contact page.

The Lounge Life column brings you posts from the WS Lounge threads for our recent articles. Dennis O’Reilly is technical editor of WindowsSecrets.com.
 
Wacky Web Week

Make music on the cheap with soda bottles

Make music on the cheap with soda bottles By Stephanie Small

Remember when you were a kid and would make “music” by blowing across the top of your soda bottle? (Maybe you still do it.) Most of us would be satisfied with playing a one-note symphony.

But this guy has taken soda-bottle music to a much-higher level. Watch as he performs a rendition of a Mozart composition using nothing but partially filled bottles and the air in his lungs. It might make you want to strike up a melody the next time you quench your thirst! Play the video
 
LangaList Plus

MS Security Essentials: right-sized protection?

Fred Langa 1 MS Security Essentials: right sized protection? By Fred Langa

Are you tired of bloated, multi-megabyte security suites that slow your system down and are packed with features you don’t use or require?

Maybe Microsoft’s small, sharply focused security tool is all you really need — and you can get it without having to spend a nickel.

Wanted: small, uncomplicated security software

Reader Joe Watson is hearing the siren song of simpler software:
  • “In Fred’s Jan. 14 article, ‘Explorer.exe startup failure means no desktop,’ he states, ‘Smaller, simpler software that does just the essential tasks — no bells, no whistles, no marching bands — is often your best bet.’

    “What are his suggestions for firewall, antivirus, and antispyware protection on Win XP Pro and Windows 7?”

Aha! An “iceberg” question — one that looks simple on the surface but hides huge complexity underneath. I’ll try not to give you a, hmm, Titanic answer!

The problem is, there’s no “one size fits all” when it comes to PC security. For example, a system used in serious online commerce — say, for running a thriving home business — needs different protection than a system running mostly Farmville and Scrabble does.

Similarly, a large, complex security tool that works flawlessly on a high-end, multicore PC might make a less-powerful system grind to a halt. User preference matters, too: some prefer “friendly” software requiring minimal user involvement, while others want to customize their apps to the last byte.

This article is part of our paid content. Subscribe.

Already a paid subscriber? Click here to login.

 
Best Software

Two free photo editors anyone can use

Ian Gizmo Richards 1 Two free photo editors anyone can use By Ian “Gizmo” Richards

High-end digital image editors such as Adobe Photoshop and the free GNU Image Manipulation Program (GIMP) are overkill for someone who simply wants to enhance digital snapshots.

Two less-complex photo editors, targeted at average snapshooters, are much easier to use and produce outstanding results — for free!

Looking for a simple, free image editor

The digital-image editors rated highest by computer magazines and review sites are usually the programs with the most features. That’s fine for imaging professionals but quite inappropriate for average users with very little need for most of the advanced features found in these complex photo-editing applications.

Using top-of-the-line image editors can be quite overwhelming. I’ve worked with Adobe Photoshop since 1995 and will candidly admit that I don’t know how to use the vast majority of features added to the program in the past ten years. Even the features I do know how to use leave me scratching my head as I attempt to recall the best way to apply them.

Some years back, Adobe brought out Photoshop Elements, a cut-down version of Photoshop that was somewhat simpler and much less expensive. However, combining power with simplicity proved to be a challenge for Adobe, a company not noted for user-interface design. Early versions of Photoshop Elements did not succeed in providing a simple image editor, but the latest version 8 does come close to achieving that goal.

Still, with a list price of $100, Photoshop Elements costs more than the average digital snapshooter probably wants to pay.

This article is part of our paid content. Subscribe.

Already a paid subscriber? Click here to login.

YOUR SUBSCRIPTION

The Windows Secrets Newsletter is published weekly on the 1st through 4th Thursdays of each month, plus occasional news updates. We skip an issue on the 5th Thursday of any month, the week of Thanksgiving, and the last two weeks of August and December. Windows Secrets is a continuation of four merged publications: Brian's Buzz on Windows and Woody's Windows Watch in 2004, the LangaList in 2006, and the Support Alert Newsletter in 2008.

Publisher: WindowsSecrets.com, 1218 Third Ave., Suite 1515, Seattle, WA 98101 USA. Vendors, please send no unsolicited packages to this address (readers' letters are fine).

Editor in chief: Tracey Capen. Senior editors: Fred Langa, Woody Leonhard. Copyeditor: Roberta Scholz. Program director: Tony Johnston. Contributing editors: Yardena Arar, Susan Bradley, Scott Dunn, Michael Lasky, Scott Mace, Ryan Russell, Lincoln Spector, Robert Vamosi, Becky Waring. Product manager: Andy Boyd. Advertising director: Eric Gilley.

Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter, WindowsSecrets.com, Support Alert, LangaList, LangaList Plus, WinFind, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of WindowsSecrets.com. All other marks are the trademarks or service marks of their respective owners.

 HOW TO SUBSCRIBE: Anyone may subscribe to this newsletter by visiting our free signup page.

WE GUARANTEE YOUR PRIVACY:

1. We will never sell, rent, or give away your address to any outside party, ever.
2. We will never send you any unrequested e-mail, besides newsletter updates.
3. All unsubscribe requests are honored immediately, period.  Privacy policy

HOW TO UNSUBSCRIBE: To unsubscribe from the Windows Secrets Newsletter,
  • Visit our Unsubscribe page.
Copyright © 2012 by WindowsSecrets.com. All rights reserved.

Table of contents

Top-scoring articles in the past 12 months
  • Leaving long cookie trails throughout the Web 5.00
  • Windows-like security for Android devices 5.00
  • Win7′s no-reformat, nondestructive reinstall 4.56
  • LizaMoon infection: a blow-by-blow account 4.46
  • RPV: Win7′s least-known data-protection system 4.35
  • Recovery: the last step in total data security 4.31
  • The sorry tale of the (un)Secure Sockets Layer 4.30
  • Time for a .NET update we can’t ignore 4.30
  • Getting the most from Windows Search — Part 1 4.25
  • Revising printing habits saves money and trees 4.25
  • Upgrades end in erratic, partial hangs 4.25
  • Get wired performance from your Wi-Fi network 4.24
  • Caution: Bumps in the road to IPv6 4.23
  • Patch Watch adds problem-patch update chart 4.23
  • ZeuS Trojan reinvents itself as bots rock on 4.22
  • Pros and cons of a ‘keyfile’ password 4.21
  • April brings showers of browser patches 4.20
  • Readers comment on the LizaMoon infection story 4.20
  • Office 2007 gets its final service pack 4.19
  • Putting Registry-/system-cleanup apps to the test 4.19
  • The advanced system-recover toolkit 4.18
  • One year and 99 security bulletins later 4.18
  • Don’t pay for software you don’t need — Part 3 4.17
  • What to do when Windows refuses to boot 4.17
  • Make the most of Windows 7′s Libraries 4.16
  • Keeping you up to date: say no to .NET — again 4.16
  • Internet Explorer gets another round of patches 4.15
  • Vacation’s over; it’s a big round of patches 4.15
  • Big-time Wi-Fi security for the small office 4.14
  • Office File Validation patch leads to problems 4.14
Connect with us Follow us on Twitter Connect with us on Facebook View our RSS Feeds
  • Home|
  • Newsletter|
  • About Windows Secrets|
  • Advertise with us|
  • Unsubscribe|
  • Sitemap|
  • Affiliates|
Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter, WindowsSecrets.com, WinFind, Windows Gizmos, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of iNET Interactive. All other marks are the trademarks or service marks of their respective owners.
iNET Interactive Copyright © 2011 iNET Interactive.
All rights reserved.
Terms of Use  |  Privacy Policy
Internet Services
  • Web Hosting Talk
  • HostingCon
  • Hosting Catalog
  • Host Voice
Web Development
  • Hot Scripts
  • DB Forums
Digital Marketing
  • ABestWeb
  • Search Marketing Standard
  • PayPerClickUniverse
  • SEMCompare
Consumer Tech
  • Windows Secrets
  • Overclockers
  • Mac Forums

Learn more about
advertising opportunities across the iNET Interactive Network.

LiquidWeb