There's been people patching and customising Windows for many years, but most of the time that was done in the form of gaining an official ISO, patching it with a program on your computer and then using that to install. With that model the user is the one violating the license, not the distributor, though often these configurations used the official Windows API for OEMs so it was legally grey enough that I've never heard of any lawsuits.
If these people just provided an exe and some patch files to turn an official ISO into the same thing as they offered on their website, they'd likely be in the clear.
I'm not entirely sure what the point of the project is though, loads of pentesting tools only run well on Linux and there's plenty of Linux pentesting kits already. Why not just run Kali in a fullscreen virtualbox and be done with it? Or load Kali into WSL2, assuming Microsoft has fixed the hardware access limitations in WSL1?
A common copyright claim of someone sharing copies of proprietary files would not make news. Using the DRM circumvention provision in DMCA is a bit more rare.
My guess is that the technical restrictions being alluded to is the advertisement and telemetry that is baked in.
There are comments here that speculate about the issue being the creation of a derivative work. If the claim had said so it too would be interesting as the line between operative system and user space is always a bit blurry and people been arguing what is what for decades.
> BSA has determined that GitHub.com (specifically, content made available on GitHub through the link listed below) is providing access to copyrighted, nonpublic, proprietary information of our member Microsoft. The link leads to copyrighted material pertaining to Microsoft. Specifically, the copyrighted material in question can be found at the following link:
The second claim, concerning technical restrictions, is advanced as an EULA violation:
> Moreover[2], the link provides a work around technical restrictions of the software, which violates Microsoft’s Software License Terms. Please see lines 22 to 30 from the following link: https://github.com/ninjutsu-project/ninjutsu-project.github....
I'm sure MS and the BSA would love to have any EULA violation classified as a DMCA violation, but I don't know if this second claim would hold up. I'm not an IP (or any sort of) lawyer, and my ability to parse legalese is limited, but I think MS/BSA have a much weaker case for this if the complaint did not have claim 1. That is, distributing the tools may "not make microsoft happy", but their legal foundation to take those down is much shakier.
[1] https://github.com/github/dmca/commit/e6911fbf79c67c6f9e834c...
[2] Use of this interjection is what leads me to separate the two quoted sections into two claims.
Edit: "did not have claim 1", not "did not have claim 2"
That's their legal argument. Doesn't mean that's their actual grievance.
DRM is supposed to prevent redistribution of copyrighted works. That's the unethical part. If the user is not redistributing copyrighted works, why should the law care about the preservation of DRM?
If I buy a locked safe at an auction and it contains a bunch of copyrighted paintings, nobody would get mad at me for breaking the lock so I could get to them. What else am I going to do? Hang the safe on my wall? The problem only arises if I start copying the paintings and distributing them.
Which Windows 7 now refuses to load, because they aren't blessed by Microsoft, who've officially discontinued support.
Microsoft can go to hell in that regard. I didn't ask for them to backport their driver nanny onto my machine at the behest of the media industry. They broke my machine, not the other way around.
I expect to be able to compute. Not be patted on the head and fed platitudes that "Oh, we can't let you do that. We have agreements to abide by which you were never considered to be a party to, yet nevertheless, will be subject to."
If I have to learn to handcode UEFI assembly to un-f my machine, so be it. I could probably load Linux on it, or uninstall that update in particular, but to be frank, at this point, my quest to lobotomize Windows has become a project continued out of spite. I will not accept this kind of velvet gloved, law by corporate compact. Users deserve better. If other companies are so on their last leg they need to excise huge chunks of user agency to remain viable as businesses, that is not my concern. My machine, at a fundamental level, is mine. Not the OS vendors.
We used to do what seemed like a beeter job at respecting that. Alas, those days are seemingly long gone or on the way out.
I'm pretty sure the complaint is about anti-piracy features. In that situation it's a picture perfect application of DMCA. Also it would make way more sense.
Unless you had an MSDN subscription it was a little more difficult to grab an ISO back in the day.
Of course, it’s still illegal to modify and upload the modified version...but you’d think the patcher would be an even more obvious route than normal these days if it’s so easy to download an ISO.
I’m not a Windows person, could somebody explain this a little bit better for me?
Microsoft does allow you to download the ISO for free, which is why I don't understand why they didn't include a patcher either.
Looking at the official twitter account for the project, it seems like the project maintainers (and likely their users) reside somewhere in the Middle East, given that they seem to speak Arabic. Perhaps the average Internet near the project's target audience are low enough to warrant uploading a customised, minimised ISO? I don't know, a patcher seems like a better choice to me. Maybe they'll switch models now because of the takedown?
The issue is that ninjutsu essentially provided a hacked up image to download, a derivative product, which they didn't have a license to distribute and thus copyright bit them in the arse.
https://www.microsoft.com/en-us/software-download/windows10I...
The thing is, software licenses are still largely uncharted territory. If I am not allowed to modify the system as my hardware executes it, will Microsoft take liability for any damage, material or immaterieal that could be caused by it? Think of an upgrade bricking your device (happened to a kindle of mine once) or a security hole that gets exploited.
On the other hand, there is this whole discussion about the legality of ad blocking. Often, publishers claim that it is a copyright infringement to disable ads on their site. I think the cases are pretty much the same: A party offering software to you under the condition that you execute it exactly as they want. I wonder what the closest thing in non-software law would be to such a stipulation.
You are right, they were distributing a modified version of Windows without permission. And there's nothing notable or interesting about that. It's a pretty clear-cut case of "don't do that".
But ALSO.. the language in the MS/BSA complaint states that tools that help the user disable Windows 10 OS features - some that arguably benefit MS more than the user - run afoul of the DMCA's anti-circumvention clauses, and that's a much broader statement that has nothing to do with an uploaded ISO.
If this stands, does it mean that I am not allowed to use similar tools to disable features on my legit copy of Windows 10? That's what the language in their complaint implies.
So it got hit like any other site providing "cracked" windows.
Is still a modified version being distributed but license activation was not circumvented.
How do I know that deleting or modifying a particular dll is a violation? It doesnt look any different than any other file.
Furthermore, if Windows craps out, which isn't rare, i might have to go into system files and commit dmca violation. As an alterbative, will a Microsoft send a technician to my house, or compwnsate me for the system being down?
For example, the DMCA protects you if the modification is for educational purposes.
If they want to go down the route of arguing a contract violation, then the question about whether or not the contract is fair comes into play. You can't write a contract that takes everything and gives nothing in return. So these license agreements which basically say "You can't don't own anything about this software, we have every right to sue the pants off you if you upset us, and we accept no liability if our software does anything bad" may very well be unenforceable (Doesn't come up that often because people are relatively sane).
The other interesting thing here is that these licenses may be doubly unenforceable as companies have been adding the "you accept all terms and conditions if you push this button". They are right in the same line as the "Warranty void if you remove this sticker" notices.
Few days ago there was an update on Windows10 and my computer was restarted forcefully, upon booting back up I was greeted by a massive "in your face" type of advert for their Edge browser, couldn't quit it and had to see a big advert from MS about their stupid Edge browser. After I managed to close it, it decided to pin the browser to my task bar without asking me if it should.
It's NVIDIA that is completely Linux/OSS hostile, and still follows the broken proprietary driver approach they have been doing for years. On top of that they actively ignore the agreed community standards and build proprietary/inferior APIs because it's less work for them (like EGL).
I'm completely baffled by NVIDIA's approach to be honest. Especially with scientific workloads on Linux. It seems like investing in a small team to build high quality mainlined Linux drivers would be a net win for them for little cost.
This is very true. It's a shame, but the only way to help this change is to create the market for video games that support other platforms, for example Linux, as well. Help make it profitable to develop games for Linux
There are already quite a lot of games on Steam that support Linux, especially if you add Wine/Proton [1] to the mix, where 78% of the top 100 games have a score of "Gold" (runs perfectly after tweaks), "Platinum" (runs perfectly out of the box), or is running natively on Linux. This means that you are no longer missing out on the huge library of games you were missing out on just a few years ago.
Normal apps are usually easy to port. Native video games, not so much, since they tenf to be quite low-level.
Problem is with the 20.04 edition of Windows, there's no user friendly way to do turn that feature off.
Putting all of the privacy settings to the most restrictive values doesn't disable it, nor does turning off internet search in search in the policy editor. You have to dig around and create manually named registry keys. IMO that's unreasonable behavior.
But that makes you think there's likely dozens if not 100+ other things like that. I hope Windows tool makers don't stop uncovering these things.
I wonder if anyone will call out MS for having an option in the policy editor to disable internet search when using Windows search, while it doesn't actually disable it. What would the legal action be there? Maybe a GDPR violation since now the personal things I type into my computer are sent to Bing without my consent.
FTA "Force Windows 10 and Cortana to use Firefox and your favorite search engine instead of Bing! This is the official port of Chrometana Pro for Firefox."
It's a combination of a purposeful lack of information and a sketchy UI decision because the option in the policy editor is there to interact with on the Pro edition of Windows. It should be at least greyed out like other Windows settings are when you can't use it for your edition of Windows.
You shouldn't have to pay $84+ / year (Enterprise edition) to disable having everything you type into the Windows search menu get searched on Bing. It used to be something you could turn off on all editions of Windows in earlier versions of Windows 10.
If MS were more open about user privacy, users wouldn't need to develop third party programs to discover and disable all of the traps MS lays in their OS to spy on folks.
If you are on Home, and don't have gpedit.msc, make a new DWORD in "Computer\HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\Explorer", call it "DisableSearchBoxSuggestions", and set it to 1. Upon reboot Bing will no longer appear in your start menu.
Is there that much of an anti-Microsoft sentiment that people upvote something like this uncritically?
This means it was just a easy way to run a modified windows which still required a working license key.
Or at least that is the point the article is making.
HN is the new newspaper, but still a newspaper.
I used to like what they were doing with WSL, but now on the contrary it starts to worry me, because it can become an avenue of evil behavior against users/devs/open-source/...
But then it looked how Apple and Google did the same thing, successfully, and sailed away in terms of market share and now it wants to replicate the success.
The thing is, I don't think it is going to succeed. The likely thing that is already happening is that power users are leaving Windows and once power users leave the platform will die.
I would consider myself a power user, but the only reason I stick with Windows still is because I can't find a good reliable video editor on Linux -- and also some games.
Kdenlive makes doing super common things a lot more difficult and time consuming than what's available on Windows video editors and DaVinci Resolve has potential but it's the most crash prone piece of software I've run into on any platform, and also has severe audio quality issues when exporting mp4s (on my hardware at least -- I couldn't use it to create videos due to that).
But I would think at this point, power users are only a drop in the bucket compared to the gaming crowd in terms of audience size. Right now on Linux, gaming comes down to hoping 3rd party tools allow you to run most games you want, or you dual boot (really annoying) or you run KVM with a GPU pass-through to run Windows in a VM with native performance (approaching 1 level above power user level just to set this up and 2 video cards).
My point being: I've been a very stubborn desktop Linux user for a long time and have migrated to Windows. The traffic, I suspect, is going the opposite way to what you seem to expect, at least for now.
I don't see a power-user exodus from Windows, really.
Yes, they were distributing a modified ISO and it probably should/could have been taken down on straight copyright grounds. But the article is about the fact that rather than concentrating on this clear violation, the DMCA complaint specifically calls out the modifications as infringing because "the link provides a work around technical restrictions of the software". This distinction is directly addressed in the paragraph that starts "At first view, some may conclude that Ninjutsu OS amounts to a heavily modified yet pirated version of Windows 10."
Seems like you can download Windows nowadays, and you need to buy the license key separately. I am wrong? (I ask naively, because I am not a Microsoft user)
This is actually what I'd least like to see Github become i.e. takedowns based on an internal bigcorp emails, with a pristine PR message sent out only if people complain.
It's much nicer that it's out in the open as it is.
> Business Software Association acting on behalf of Microsoft.
Oh wait a sec... Another BS third party Github DMCA complaint? This sounds very similar to the "REACT" Github DMCA complaint last month also covered by TF [0]. Where someone was (not) using Casio's software on an ARM SBC inside a plastic Casio case.
"REACT" [1], "BSA" [2]... they are both non-profit, why are they both so comfortable using blatant DMCA abuse as a means to silence content their members disapprove of?
[0] https://torrentfreak.com/hacker-mods-old-calculator-to-acces...
[1] https://en.wikipedia.org/wiki/BSA_(The_Software_Alliance)
The tools that are used to implement that customization (Win10-Initial-Setup-Script and O&O ShutUp10) were always available. So why not just publish the recipe? Do people still download OS and antivirus software from random sources, like a Yandex drive?
If I wanted to attract Microsoft's lawyers, this is exactly what I'd do.
Agree!
However, apparently some things can't be changed after installation?
– Protect your privacy by tweak and customize Windows 10.
– Disable many of the annoying features built into Windows.
– Unwanted Windows components removal.
– Remove/Disable many Windows programs and services.
The pot with the frogs is boiling quite fiercely these days. Too bad they don't notice.
Of COURSE they got a takedown notice.
Article TL;DR:
"the complaint goes on to highlight several features of Ninjutsu OS that are claimed to be infringing. As advertised and specifically highlighted by BSA/Microsoft they are:
– Customize Windows 10 with powerful tweak and optimize.
– Protect your privacy by tweak and customize Windows 10.
– Disable many of the annoying features built into Windows.
– Unwanted Windows components removal.
– Remove/Disable many Windows programs and services."
That is literally opposite of how it works. As Windows EULA does not give you rights to distribute derivative works, sharing practically any kind of modified Windows image is illegal, ever if you only change default desktop background image. But circumventing activation for yourself can actualy be legal in some specific scenarios.
A couple that come to mind are Malwarebytes "Adwcleaner" and FireEye's "commando-vm" (found on Github).
But I do see a problem with Ninjutsu OS offering an preconfigured Windows ISO as others have mentioned.
I think Ninjutsu OS will be allowed to continue if they just offer some tools and scripts to modify a "normal" Windows10 iso instead like FireEye does.
Also, I hads never heard of Ninjutsu OS until now. I will be looking forward to playing with it. (Streisand Effect)
It is piracy that Microsoft has a problem with, not disabling features.
Not really sure how much of this is still true. Since cloud services and locked devices took over most of the software that people use, it doesn't come up much anymore.
> since it's not copyright infringement for you to apply a patch, it's also not copyright infringement for someone to give you a patch.
> For example, Galoob's Game Genie, which patches the software in Nintendo cartridges, does not infringe Nintendo's copyrights. ``Having paid Nintendo a fair return, the consumer may experiment with the product and create new variations of play, for personal enjoyment, without creating a derivative work.''
For the EU, merely this is said:
> The European Software Directive (adopted by the UK in 1992) gives users the freedom to copy, run, modify, and reverse-engineer lawfully acquired programs.
Given the reasoning "if it's not copyright infringement to patch, it's also not infringement to give you a patch", which I honestly don't quite follow, this ought to mean that the law works the same way in the EU. (The reason I don't follow that logic is that copyright doesn't dictate what I can do with information I already have: it's about distribution as far as I know. So of course it's okay for me to apply a patch when not considering any law other than copyright (at least from my not-a-lawyer and European perspective), but that doesn't mean I can make what might perhaps be argued to be a derivative work and spread that around.)
The distribution was a fully fledged ISO install of Windows 10 with the activation feature disabled.
I don’t think the authors here have a leg to stand on.
It tells a lot about what DMCA and Windows are. It tells even more about whose side they are on: the common people or the enterprise.
I can only hope the answer is easy enough to figure out, but I'll leave a tip just in case: not on the side of people.
The transformative factor seems rather clear. People want the many altered things and consider it different enough to go out of their way to find it (despite it not reducing their out-of-pocket cost).
The nature of the work is that it is a tool rather than a work of fiction which is also in favor of fair use.
The amount taken is substantial, but it has already been ruled that even 100% taken can still be fair use. It also contributes a great many man-hours of work though which means it wasn't just a blind copy/paste either.
The effect on the potential market is the big thing here. MS would claim they lose money by not being able to spy on users or show them ads. However, their licensing scheme remains untouched which seems to indicate that theft is not a motivating factor. Considering the use of the new work, it could be argued that ads and telemetry would be blocked by a DNS filter anyway and no actual profit would be lost. Further, those people would have moved on to the free alternative Linux which is already the defacto standard for a lot of pen testing and event the license profit would be lost. Then there's the question about if collecting that data is even legal (I don't believe it has ever been tried in court) and how that would interact with the DMCA.
It really doesn't seem like a case MS would really want to go to court over.
Glad to see a great alternative, SourceHut, is moving forward as evidenced by the HN submission made earlier today. https://news.ycombinator.com/item?id=23485290
DEVELOPERSDEVELOPERS!!!
#whelovelinux ;)
I love this infringing feature they mentioned:
"– Protect your privacy by tweak and customize Windows 10."
So basically they openly admit you have to give up your privacy in order to use their product. Neat.
As the article shows, yes.
> What about all the other non github repository hosts, not forgetting self-hosted, torrents etc.
They are harder to find and can be closed without difficulty, unlike a github repo
