[AlexandrB]

From a copyright law perspective, this seems wild. Microsoft is downloading and running binaries from entities that may have never given Microsoft license to do so, including Microsoft's competitors. All based on a permission setting configured by an unrelated third party (the user).

[gnode]

> never given Microsoft license to do so

It's possible that they don't need it. There are fair use exemptions for reverse engineering and automated analysis. These may be the legal basis on which anti-malware research can be conducted.

[em-bee]

i believe fair use only applies to software that you legally acquired.

if microsoft copies an application from my computer without asking, then it did not legally acquire it.

malware is a different case. malware entered my computer with the permission of the malware creator. i didn't steal it from them, but it came to me willingly. hence i am allowed to analyze it, and i am allowed to delegate that task to someone else.

[cududa]

Yes but who’s to say it came to your machine under such circumstances

[icebraining]

Microsoft is the one that has to prove it has a valid license, not the other way around.

[crest]

Let Microsoft deal with VirtualBox license claims from Oracle.

[Analemma_]

Indeed, there have to be exceptions like this. Otherwise malware authors could sue AV companies for infringement, which don’t seem to fit the intention of IP law.

[zeveb]

> Otherwise malware authors could sue AV companies for infringement, which don’t seem to fit the intention of IP law.

'You may sue the AV company for $1 million; users who suffered from your malware will civilly sue for $100 billion, and the government will charge you with crimes and put you away for a decade. Your move.'

[wtracy]

A tangent:

There's this fascinating (to me, anyway) line between "viruses" (including worms, Trojans, and similar malware) that antivirus programs will tackle, and adware/spyware that they usually don't.

The difference between the two is whether it not there's a corporation publicly taking credit for the program and suing antivirus companies for defamation over calling it a "virus".

Adware/spyware is limited in distribution methods and payload types by the letter of the law, but otherwise the two classes are functionally identical.

[appleflaxen]

but until there is a court case with specific facts, that is very much a hope and a prayer by microsoft. it is, indeed, a risk they are taking.

[jumpingmice]

Indeed the ENTIRE basis of the EULA is that the user copies the software by executing it, whereupon a copy exists both on-disk and in-memory. This is long settled jurisprudence. I’m sure that if Microsoft downloads and runs an AGPL-licensed work they expose themselves to pretty severe problems.

[jhanschoo]

I'm pretty sure that for most home users who are also administrators of their computers, a setting pops up asking if you consent for telemetry to be collected.

I'm not sure if an appropriate warning or option is given for third-party users of a computer, or if it is required for administrators to warn third-party users as such.

[paxys]

> that may have never given Microsoft license to do so

I'm willing to bet it is in the license agreement for Windows and Windows Defender, so you have likely allowed Microsoft to do this

[ZiiS]

Just because I have a license to run a program does not mean I have a license to sub-license it to Microsoft.

[moron4hire]

There is also the issue that MS would have been given the copy by someone who did not have rights to distribute it, so the infringement is with the user.

[Someone1234]

You didn't explain what this has to do with copyright? CFAA[0] (or even [1]) seems like a better avenue to explore, but still likely a dead-end. Copyright seems like a misnomer.

[0] https://en.wikipedia.org/wiki/Computer_Fraud_and_Abuse_Act

[1] https://en.wikipedia.org/wiki/Economic_Espionage_Act_of_1996

[TeMPOraL]

Software is covered by copyright; if I write some program and compile it, and they copy it off my machine behind my back to run somewhere, it is copyright violation, is it not?

[Someone1234]

Copyright infringement. It is unlikely to apply. Particularly as the infringement has no "effect [...] upon the potential market for or value of the copyrighted work." Meaning Microsoft hasn't hurt anyone else's bottom line.

There's several fair usage arguments you can make. At least three strong arguments. But to be honest this would need to be tested in the courts one way or the other.

I don't really think copyright conceptually is a very fruitful argument here. CFAA is likely stronger.

[kps]

> Meaning Microsoft hasn't hurt anyone else's bottom line.

How so? Microsoft spent money implementing this copying, so the copy is clearly of value to them. Why shouldn't they pay for it?

[TeMPOraL]

Fair. I wonder how a combo of CFAA, HIPAA and GDPR could fare here. I couldn't find whether Windows Defender automatically uploads all executables it sees, but apparently[0] non-executables deemed "suspicious" can be uploaded too.

--

[0] - https://www.reddit.com/r/Windows10/comments/8dmqdy/windows_d...

[pbhjpbhj]

Worth noting Fair Use in Copyright is a USA thing.

In UK there have been some changes to Fair Dealing in the last couple of years that I'm not up to date on, but I don't know of anything that would make this allowed except having an explicit license from the copyright holder.

[winkeltripel]

HIPAA would end up falling on your neck, not theirs. The users of windows are required to turn that setting off if you're in HIPAA land, among probably a hundred other things.

[winkeltripel]

The License you agreed to by using Windows probably covers this explicitly, even if they didn't get covered under the explicit exception for reverse-engineering and automated analysis.

[scarejunba]

Even if I were to, hypothetically, cross-compile from Linux to Windows and deny my user the right to give away software written by me?

[GhettoMaestro]

Pretty sure by you having this malware submission feature enabled you have given a limited license for them to execute the binary. You're barking up the wrong tree.

[0xffff2]

You (the user) may not have the right to grant such a license.

[moomin]

Assume for a second this is correct. What's to stop virus writers from embedding a ToS preventing Microsoft from running the code?

I'm not saying you're wrong, I'm saying it's really hard to work out how this is meant to work.

[0xffff2]

I don't think a virus is relevant here. I'm not a lawyer, but the idea of a "terms of service" for an unwanted and maliciously installed executable seems nonsensical. Virus authors can include whatever TOS they want, but the "user" hasn't agreed to the TOS practically by definition.

[GhettoMaestro]

Good point. What about anti-virus or cloud-detonation services ? Sounds like there would be a similar type of challenges with those re licenses?

[TeMPOraL]

Perhaps. It seems that this option is enabled by default, though. I imagine something about this is buried in the pile of agreements you have to click through when installing Windows. What's the status of current legal understanding of the reality that EULAs are bullshit and nobody ever reads them? Maybe I could win something from Europe via GDPR complaint if I compiled an executable containing my PII only for it to be exfilled by Microsoft?