When you buy software can the mfr access and alter it without your knowing?

You buy and install it.

You then have a flow of emails back and forth with the software mfr., during which you mention that the software does something it perhaps shouldn’t, but is great for you.

Can that company somehow get into your computer, go to program in question and eliminate that feature?

It depends on the software and on your system configuration, but it’s possible.

If you have a firewall installed that asks for your confirmation when an installed program tries to do network stuff, then you should at least be aware that the application is doing it, but if it happened the first time it was run and you clicked ‘OK, don’t tell me again’, then you wouldn’t be constantly aware, but here are some possible scenarios:

-The program is set up to download and install updates automatically - Mozilla Firefox is like this, although it usually prompts you to gain your approval, but there’s no particular reason why such a thing couldn’t be done silently.

-The program relies on components that are always downloaded fresh every time, or aren’t even running on your computer, but are in fact served up online and you’re just viewing the output.

Read the fine print!
If the manufacturer is going to do this, they will have it spelled out in the EULA (End User License Agreement) that you were supposed to read before you installed the software.

Probably not. Software can have self-updating features which can be used to update the software, adding features, removing features, beefing up security, etc. but they are usually very easy to disable.

If you bought it and still have the install CD, you’re going to have access to the original version no matter what. Same goes for if you downloaded it and still have the original install file (assuming it’s not shareware/demo).

All this varies from product to product, really. It’s possible, just not probable. The general custom is for updates to be optional. This kind of feature might grate on a user with dial-up internet, for example.

It sounds more like the question is about software that can run in the thousands and they give you a code that tells features to be on or not. Is this the case? They couldn’t alter the programs behavor, unless you ran an attachment, you typed in a new code, or your program updates and they fixed a bad interpretor of the access code routine. I’ve seen it happen with programs that integrate data collection and statistics, where a feature shouldn’t be there but the access code routine is bad, and only the next version corrected the problem. They said we know when I called them.

I am currently writing embedded software that can have features turned on / off without ANY intervention on the user’s part, and without their knowledge! It can be completely disabled remotely. Not that we would do that, of course…

We’ve been able to do this for years.

Microsoft does this pretty regularly, especially if you have Windows set to get and install updates automatically.

I thought as much. The only protection is to have a computer off line, right?

Yes. Which is pretty hard to do these days.
You can also install software that monitors TCP/IP traffic and requests permission before allowing certain packets in/out (Little Snitch for OS X, I’m sure similar things exist on Windows), but if you’re really worried, and the machine doesn’t need to be online, then keep it away from the Internet.
As I mentioned before, read the EULA…

Zone Alarm firewall does this. It’s available in a free version.

Thanks. It’s something to consider. But I have a laptop that is online as is my desktop. Maybe I’ll take the former off.
Could I have installed the software to a DVD and then slipped in the DVD only when I wanted to use it?

It depends. Some software won’t run from a read-only device.

Just install Zone alarm, you need a firewall anyways. you cant be too paranoid because you will get nothing done

Okay. I already have the Windows Fire Wall, but I suppose Zone Alarm will tell me how to get its thing installed.

So, will do. Thank you Q.E.D. and ChrisBooth12.

Some years back, software vendors were trying to get the UCITA passed, which would allow vendors to disable software if there were license disputes. Here’s a column about it from the time it was under discussion. I think protest finally killed it, but sometimes paranoia is not that bad a response.

OK, since we’re on to bigger and better things, this: http://www.wired.com/cars/coolwheels/news/2006/08/71554 must be mentioned!

Embedded software HAS been doing this for years. If I didn’t notice the version changes in the menu of my cable box I never would’ve thought it downloaded updates all the time. PC software generally doesn’t do this, especially not big manufacturers – it opens them up to all sorts of liability issues as well as potential for negative publicity. Nobody will ever forget the Intuit fiasco (or at least I hope not) , so big software manufacturers, unless secured by a monopoly (Adobe, MS, Apple) would generally avoid messing with your computer in unexpected ways. The only exception to this rule is Symantec and McAffee, which I suspect of being a cartel, because a computer is really never the same after Symantec or McAffee product is installed on it. :slight_smile:

Maybe, but that might not help. Most software installers puts data in a number of places on your system for configuration and licensing purposes. If the software is built to allow remote enabling/disabling of features, then all the modification has to be is a minor modification to one of those other files, not to the main program directory on the DVD.

I would assume cellphones do also. My very first phone stopped working in various areas, and I found it was because I hadn’t gone to the Sprint store to allow them to upgrade my firmware. I haven’t done that for a while, so I assume things are updated automatically now.

Back in the good old days you had to write code that worked, not code just good enough to let the consumer get patches when he installed it. grumble grumble

I seriously doubt cell phones install significant updates over the air. The only one I’ve heard of ever doing that was the Daylight Savings Time patch for Blackberries, and that one required user action. Updating the entire firmware is a dangerous process for something like a cell phone – you can’t really build a recovery procedure into the ROM in case of failure. I assume the Comcast box has a failsafe mode that boots from the cable network somehow. That’s just too complex to do for a cellular network with many different phones.