Paul Gregg

Jack of all Tech.

Menshn and another security issue

Written By: pgregg - Jul• 04•2012

On June 19, menshn.com launched giving me a couple of days to have a look around, but not enough time to write up any serious thoughts before going on vacation.  The site launched only in the US and visitors from the UK and elsewhere were greeted with a holding page. However, like many technically aware individuals, geographic barriers are no match to those with VPNs, VPSes or just a simple web proxy.

Initially, only three “topics” were available, a (US) Election2012 topic and one each for Obama and Romney.

Menshn has taken a bit of a battering on Twitter over, I guess, pretty much every aspect of the site imaginable.

Some don’t like the owners, one UK Conservative Member of Parliament, Louise Mensch, and a former Labour advisor Luke Bozier. However, the primary focus of much of the complaints are the web site’s numerous and shocking security flaws.

I believe I was one of the first (if not the first) to highlight the Cross Site Scripting Security flaws. Though I did not actively demonstrate (exploit) it having previously burned in this area, others such as James Coglan have demonstrated the complete lack of data validation that abounds on Menshn.

The site launched without using a SSL Certificate allowing passwords to pass in plain text – a flaw I missed – but ably spotted by Suggy and Andrew White.

Also prior to going on vacation I highlighted two examples of Copyright Infringement to both Louise and Luke. The first was the alleged unauthorised use of the Obama HOPE poster which I screen captured here:

I was completely ignored.


Then Menshn created a new topic “Women” for which they used another image of a “thoughtful woman”:

Note – screen cap of Menshn is on left; the same image I found on Elite Dating Agency site (using Google image search, honest!).  I tweeted to Luke, who responded that the image was Creative Commons. However, this I doubted as I can generally spot a professional image and eventually found the real source as a Premium Stock Image that they could have paid just $9.99 to use. The image soon disappeared from Menshn without further comment from Menshn.

Edit: Just found another image on Menshn – the image for the UKPolitics topic – that does not adhere to the Copyright owner’s license:

The original image is owned by Kevin Shakespeare with the license of “Attribution, Non-Commercial, and No Derivative Works”. Another Menshn fail.

I like to think I’ve educated them a little on Copyright law.

And finally, the straw that breaks the camels back.

Back from vacation, try to login, but of course I forgot the password and so used the “forgot my password”.  Now all normal security conscious web sites will create an encrypted, time limited, one-time use token or URL that you can use to reset your password and email that to you.

No, not Menshn. Menshn will email your actual password in plain text.

The horror. Not only does this mean your password flying through the world’s email servers (making it available to all sorts of Government interception) it also means that Menshn is storing your password inside its database using at best a two-way reversible encryption, or at worst in plain text.

Either way – it is a security disaster,  A breach of the web site means all users and all passwords are exposed in plain text (with the reversal key available from the forgot password code). Luke should read http://www.phptherightway.com/#password_hashing_with_bcrypt .

An awesome coder he is not.

Post publication edit: This article has been mentioned in Business Insider -

We Speak To The British Politician Behind The Controversial 180-Character ‘Twitter-Killer’ Menshn

 

My OnLive Experience

Written By: pgregg - Mar• 27•2012

In February BT posted an offer
(no longer on the BT web site) allowing customers in Northern Ireland
to buy an OnLive Gaming Console (MicroConsole) for £9.99 (normal price
£70) plus £6 shipping. Seemed like a good deal – and so I signed up (2
Feb 2012). Remember these prices – they are important as they come up
later.

Executive Summary:
I bought a MicroConsole device from OnLive, that is faulty.
OnLive
is failing to uphold consumer’s Statutory rights in the UK. And even
goes to far as to explicitly deny those rights to consumers, itself a
criminal offense in the UK. I have been denied a refund of a defective
unit on the grounds that the unit was free and all I paid was postage
(which is incorrect).
OnLive’s website states “No refunds” – a criminal offense in the UK.
Onlive
have stated that my MicroConsole was free, and I only paid shipping
costs. And shipping costs will not be refunded. *wrong*
OnLive are
also denying Sale of Goods Act by saying that I only have 7 days to
cancel and that I agreed to this in the Terms of Service. This relates to the Distance Selling Regulations and not to faulty goods under the Sale of Goods Act.

I am of the
opinion that I acted reasonably and gave OnLive sufficient time to
rectify the problem. I also believe, given the time lines showing that
the hardware never worked, that I can not, in law, be deemed to have
accepted the goods, and so have a lawful right to fully reject them, and
obtain a full refund for all monies paid.

I don’t want to criticise OnLive Technical Support, just their Customer Service policies.

Timeline: I will update the timeline below as things develop.

I
received the MicroConsole the week of February 18 (not sure exactly
what date) and attempted to use it, however it was nothing like the
experience received when playing on the PC.  The PC was reasonably quick
and responsive and I would estimate ran at maybe 15fps which was
reasonable for streaming videogame over the internet.  The MicroConsole
on the otherhand was laggy, and I achieved maybe 3 to 4 fps. In short,
the game (Dirt 3) was unplayable.

I opened a Support ticket February 18. And so the saga begins.

My original support request:

02/18/2012 05:18 PM (timestamps from OnLive support portal)

I have attempted to set up my MicroConsole and am able to connect to the service.
However any time I attempt to play/start HomeFront game, the MC crashes and reboots.
Attempting to play Dirt3 results in a game running at approx 4 frames per second.
Playing Homefront on my PC is fine.

The
MC constantly pops a message in the top right complaining of network
problems – but the fact my PC works fine, shows the network is fine.
http://www.speedtest.net/result/1782184455.png
My home is wired for Gbit ethernet, and the MC is plugged into that. I’ve tried an alternative ethernet cable – no difference.

Even the intro screen/animation on the MC is blocky and just looks wrong.

I’m beginning to think I got a bad MC as I have never been able to play a game on it.

Thanks,
PG.

Within an 80 minutes I had a reply, excellent. Except it is a standardised get-more-info affair. Fair enough I suppose:

02/18/2012 06:40 PM

Greetings PG,

Thank you for contacting OnLive. To help our team troubleshoot the issue, please provide the following information:

- In what country are you located?
- What is the name of your Internet Service Provider?
- Is an error message displayed when you connect? If so, what is the message?
- What are the results of the broadband quality test from http://www.pingtest.net? *
- What are the results of the Internet connection test from http://www.speedtest.net? *
- What is the brand and model of the cable or DSL modem used in your home network?
- What (if any) is the brand and model of the router used in your home network?
- Are you behind a firewall and/or are any antivirus applications running?
- Are you using a Wireless (Wi-Fi) or Wired router?
If Wi-Fi, please check for interference:
-
Are you the only person currently on network (using the Internet), or
are other members of your household sharing the connection?
- If you have a smartphone, is it configured to share your Wi-Fi network?

* For best results, choose the server closest to your location:
US
– East Coast –> Washington D.C.
– West Coast –> San Francisco, CA
– Midwest –> Dallas, TX
UK
– London

Best regards,

Realiana
Customer Service Representative
http://support.onlive.com/

So I respond to each of the questions: 02/19/2012 06:13 AM

In what country are you located?

UK

- What is the name of your Internet Service Provider?

BT

- Is an error message displayed when you connect? If so, what is the message?

No error message.

- What are the results of the broadband quality test from http://www.pingtest.net? *

http://www.pingtest.net/result/57209759.png

- What are the results of the Internet connection test from http://www.speedtest.net? *

http://www.speedtest.net/result/1782184455.png

- What is the brand and model of the cable or DSL modem used in your home network?

BT Supplied HomeHub3 (I believe) – supplied with the BT Infinity service.

- What (if any) is the brand and model of the router used in your home network?

Same device as the BT HomeHub3

- Are you behind a firewall and/or are any antivirus applications running?

No – just the BT HomeHub.

- Are you using a Wireless (Wi-Fi) or Wired router?

BT HomeHub does Wifi – but I am not using Wifi. I have Gbit Cat5e wired ethernet connections to all devices, including the MC.

If Wi-Fi, please check for interference:

No
interference. The BT HomeHub3 is supposed to scan and pick the best
channel with no interferences. However, the issue is moot – my nearest
neighbour is 100m away and using my phone’s (android app) Wifi Analyser,
I am the only wifi network it can see.

- Are you the only person
currently on network (using the Internet), or are other members of your
household sharing the connection?

At the times of testing, I am the only one using the network.

- If you have a smartphone, is it configured to share your Wi-Fi network?

No.

Thanks,
PG

The following Wednesday I get a holding email:

02/22/2012 12:09 PM


Hello,

Thank you for the information. I will forward your inquiry
to our Technical Team for further assistance, They will contact you via
email as soon as they are able.

Thank you for your patience. Have a lovely day!

Best regards,

Realiana
Customer Service Representative
http://support.onlive.com/

And so I wait another 2 days to receive: 02/24/2012 02:23 PM


Hello,

Your issues may have to do with a couple of things. I saw
that you had run a speed test, but we would like it if you could run the
test to London.

Can you please run a test for me at
www.speedtest.net and find the white dot that represents London. Click
on that dot and start the test. When the test finishes, please click on
Share This Result, then click Copy and paste the results here.

Best regards,

Berret
OnLive Technical Support
http://support.onlive.com

2 days later, I reply:

02/26/2012 04:41 PM


Hi,

Here are some results from London based speedtests that I ran just now.

http://www.speedtest.net/result/1798764992.png

http://www.speedtest.net/result/1798810091.png

http://www.speedtest.net/result/1798812080.png

http://www.speedtest.net/result/1798812973.png

Thanks,
PG



02/28/2012 04:22 PM:


Hello,

Thank you very much for providing those links for me. Is
this issue only on your MicroConsole, or do you notice issues on you
computer as well?

Best regards,

Berret
OnLive Technical Support
http://support.onlive.com



02/28/2012 06:26 PM


Hi,

No. PC play seems to be working well.

Thanks,
PG

Sent from my Android phone with K-9 Mail. Please excuse my brevity.



03/01/2012 10:26 AM


Hey PG,

I am trying to do some research into why you are having
this experience on your MicroConsole only. Can you try and run a few
more sessions on the device, so we can get some details? When I look up
your previous sessions, they are understandably computer ones for the
most part.

I appreciate the help in figuring out your issue.

Best regards,

Berret
OnLive Technical Support
http://support.onlive.com

Now,
somehow I did not get this email :( but on Monday 5th I got a
notification that the ticket was closed because I did not reply.

"Times New Roman"”> OnLive Support [mailto:support@onlive.com]
Sent: 05 March 2012 08:22
Subject: MC blocky and crashes. [Incident: 120218-000143]
 This ticket has been closed because we have not heard
back from you in 3 days. This is an automated message, but you can re-open the
ticket at any time by replying to this email.

  So I open another
ticket.
 


03/20/2012 05:33 PM


Unfortunately you did not solve 120218-000143.

I did not receive the message just before you closed the ticket and so was surprised when the ticket was closed.

In your message about closing it you state:
“This
ticket has been closed because we have not heard back from you in 3
days. This is an automated message, but you can re-open the ticket at
any time by replying to this email.”

Unfortunately this is not
true because I did reply to this email with further information but this
did not reopen the ticket. Now when I look at the ticket online, it
says I can not reopen the ticket.

So with that complaint out of the way…

I wish to request a refund for this MC because it simply does not perform the function to which it is supposed to do.
Please advise as to the correct process to follow to achieve this.

Thank you
Paul Gregg

It was then I spotted on their web site the message “No refunds” and so sent a followup:

03/20/2012 06:14 PM


Oh – I just saw this:

What if I change my mind, and want to return the OnLive Game System or an accessory?

All purchases are final. No refunds.
Find comprehensive support information at: OnLive Game System.

FYI – Not only is this term unlawful – OnLive is *committing* a criminal offense in the UK.

Under
the Consumer Protection from Unfair Trading Regulations 2008 it is also
a criminal offence to mislead a consumer about his/her legal rights.
Examples might include stating ‘no refunds’ or ‘sold as seen’.

The picked it up again:

03/21/2012 04:02 PM


Hello,

Thank you for contacting us again, I apologize you had not
seen my previous message. I would happy to continue to troubleshoot
your issue with you if you are still having a bad experience. If you
would like to pursue a refund, you are correct that our policy is that
all sales are final, but we can escalate you to our billing department
to review your request.

Please let us know how you would like to proceed.

Best regards,

Berret
OnLive Technical Support
http://support.onlive.com

 

03/21/2012 05:26 PM


Hi Berret,

Thank you for your reply.
I am at the point where I believe the MC is faulty because it crashes and reboots when I start a game.

I
understand that you state all sales are final – however this is
contrary to UK law as I noted – and by even displaying this notice you
are committing a criminal offense in UK law. I trust you will rectify
this. Further, under the Sale of Goods Act, goods must be of
merchantable quality and fit for purpose. You’ve had over a month to try
and make the MC
I bought work, without success, and I am within my legal right to demand a full refund. This is what I am invoking now.

1. You will provide a full refund for the faulty MC.
2. You will provide return postage, or collection service to return the faulty MC to you.

Thank you,
Paul Gregg

03/24/2012 06:58 PM


Hello,

I will escalate your request to the billing department,
and they will explain the next steps to you. They will be in on Monday
and will address your issue as quickly as they can.

Best regards,

Berret
OnLive Technical Support
http://support.onlive.com



03/26/2012 11:13 AM


Greetings,

Thank you for contacting OnLive.

We understand that you are requesting a refund for your OnLive Game System purchase..
In order to credit your account, please return the OnLive Gaming System to following address:

ATTN: OnLive Department
LGI Logistics Group International UK LTD
4 Clarendon Drive
Wymbush
Milton Keynes
MK8 8DA

After
we receive the OnLive Game System, we will apply a refund to your
account. If we do not receive the device within 10 days from this email
date, you will not receive the refund.

If you have any other questions please feel free to ask.

Joseph
Warranty Department
http://support.onlive.com/



03/27/2012 08:32 AM


Hi Joseph,

Thank you for your message. However, I would request
that you pick the returned item up from me as is my right under Sale of
Goods Act for faulty goods.

To be clear – I am requesting a full refund (again under law) and NOT a “credit to my account”.

The device is faulty and has never performed as advertised. As is evidenced by support tickets you can see in my account.

Quote:
http://www.oft.gov.uk/business-advice/treating-customers-fairly/sogahome/sogaexplained/
“In
the case of faulty goods being returned because they are not fit for
purpose do not match their description or are not of a satisfactory
quality , the customer is entitled to claim the cost of postage from you
or to request that you arrange collection of the item.”

I will have the goods packaged in the original box available from my shipping address from Wednesday 28th March.

Thank you.

Paul Gregg



03/27/2012 11:31 AM


Greetings,

As mentioned in the terms of service that you agreed
upon when you created your account it states that “All hardware sales
subject to a 7-day right to cancel.”

You are past the 7-day right to cancel.

The
OnLive Game System you ordered was free and only the shipping cost was
charged to your account. That cost was to pay to have the unit sent to
you which it was. Shipping costs will not be refunded.

If the
unit is defective, we have no problem exchanging the unit for you at no
cost to you. Would you like for me to process an exchange for a brand
new unit for you? I can even provide you with a free 5-day PlayPass to
use on a game of your choice to try out the new system.

If you have any other questions please feel free to ask.

Joseph
Warranty Department
http://support.onlive.com/



03/27/2012 03:40 PM


Hi Joseph,

Thank you for your reply.

I would like to address each of your points in turn.

1. 7 day right to cancel:
“Notwithstanding the above, the purchase of an OGS or any other
hardware will constitute the supply of goods, and you will have seven
days (beginning the day after you receive the goods) in which you may
choose to cancel the contract.”

This quote relates to the
Distance Selling Regulations within which I would have a legal right to
return the goods, without reason, for a full refund.

This is NOT a
DSR issue. I am attempting to return the Goods under the Sale of Goods
Act as faulty. Not as described, not fit for purpose and not of
satisfactory quality. Given the dates of my support tickets, it should
be obvious that the MicroConsole was faulty when delivered. I also filed
my first ticket with the 7 days of delivery which, again, signals to
you that I have not “accepted” the Good in law.

2. “You are past the 7-day right to cancel.”

Irrelevant for reasons stated in 1.

3.
“The OnLive Game System you ordered was free and only the shipping cost
was charged to your account. That cost was to pay to have the unit sent
to you which it was. Shipping costs will not be refunded.”

Incorrect. The offer was a discounted MicroConsole @ £9.99 and £ 6.00 shipping.

4. “If the unit is defective, we have no problem exchanging the unit for you at no cost to you”

Thank
you for your offer. However, since the original contract in in breech
under Sale of Goods Act – I am legally entitled to reject the good and
request a full refund, including postage. In essence, I should not be
out of pocket since the contract is void.

Further, since you appear to be relying on DSR “7 day” notice period –
Your
attention is drawn to the Consumer Protection (Distance Selling)
Regulations 2000, specifically to regulation 14 which states that you
may not make any charge in relation to the supply of goods under a
contract whereby the cancellation of the contract is due to the breach
of implied terms of the contract (specifically implied terms in relation
to section 14 of the Sale of Goods Act).

I therefore request that you reimburse both goods and postage fees in accordance with these regulations.

Regards,
PG

 

OnLive UK Terms of Service and Terms of Use, copy

Written By: pgregg - Mar• 27•2012

Copy taken from http://www.onlive.co.uk/legal/termsofservice and http://www.onlive.co.uk/legal/index on March 27, 2012.

TERMS OF SERVICE

OnLive EMEA S.à r.l
TERMS OF SERVICE

Last Updated 7 December 2011
Welcome to the OnLive® Game Service (the
“Service” or “SERVICE”), a service of OnLive EMEA s.à r.l (collectively,
“OnLive” or “ONLIVE” or “we” or “us”). The OnLive Terms of Service (the
“Terms”) govern our relationship with anyone who accesses the Service
by any method or means, including but not limited to access of the
Service through the OnLive Game System (“OGS”), which includes the
MicroConsole™ TV adapter (the “MicroConsole TV adapter”) and the Gamepad
Controller (“Controller”).

Please read the Terms, the Privacy Policy
and the OnLive Community Guidelines carefully. By clicking “I Agree,”
you agree to be bound by the Terms, the OnLive Privacy Policy, and the
OnLive Community Guidelines.

Your use of the Service is only for purposes
that are permitted by these Terms. Any use or access of the Service by
any means other than those authorised by these Terms is prohibited
unless specifically agreed with OnLive.

On an ongoing basis, OnLive makes changes
and additions to the Service including but not limited to: new games,
features, and functionality. OnLive will provide reasonable notice of
all material changes and additions to the Service. Your continued use of
the Service after such notification will indicate your acceptance of
any such changes and additions and your continued acceptance of the
Terms, the OnLive Privacy Policy, and the OnLive Community Guidelines.

You may not use the Service if you do not
agree to be, or are unable to be, bound by the Terms, the OnLive Privacy
Policy, and the OnLive Community Guidelines.

1. Privacy

The OnLive Privacy Policy tells you about
the way we handle and protect your Personal Information (as defined in
the OnLive Privacy Policy) when you use the Service. We ask that you
review and agree to the OnLive Privacy Policy before sharing Personal
Information on the Service.

2. Community Guidelines

In order to provide a safe and welcoming
environment for all of our users, we have established certain ground
rules regarding your behavior on the Service that are specified in the
OnLive Community Guidelines. The OnLive Community Guidelines apply to
your use of the Service and any and all User Generated Content (as
defined in Section 9 below) that you contribute to the Service. OnLive
reserves the right to terminate or suspend your OnLive Service Account
(“Account”) if you breach the OnLive Community Guidelines.

3. Eligibility

In order to register for an Account on the
Service, you must be at least 18 years of age, be an emancipated minor
or have reached the age of majority in your country of residence, and be
a current resident of the United Kingdom (“Account Holder”). As an
Account Holder, you represent and warrant to OnLive that you meet the
eligibility criteria in the preceding sentence.

4. Accepting and Changing the Terms

You become bound by the Terms by (a)
clicking to agree to the Terms; (b) downloading to a desktop, laptop,
mobile device or obtaining through any other means on any other device
or medium, the OnLive Application Software without the authorization of
OnLive; (c) installing the OnLive Application Software without the
authorization of OnLive; or (d) otherwise accessing the Service without
the authorization of OnLive.

We may change the Terms at any time in our
sole discretion. We will provide you with reasonable notice of any
changes to the Terms. Continued use of the Service after the notice
period will constitute acceptance of the Terms.

5. Third Party Terms

Buying or accessing certain third party
content on the Service may require you to review, and accept or decline
certain third party disclosures, policies, and agreements including but
not limited to third party end user license agreements, privacy
policies, and terms of service (“Third Party Terms”).

You may be presented with Third Party Terms
prior to your purchase or use of third party content, or wherever
OnLive, in its sole discretion, deems presentation of Third Party Terms
is reasonably necessary or legally required to provide proper notice to
you. You can accept Third Party Terms by (a) entering your password to
purchase access to or to use the third party content on the Service or
(b) accessing the purchased or selected third party content through the
Service having been given reasonable notice of the Third Party Terms.
If you do not accept Third Party Terms in the manner described but you
nevertheless gain unauthorized access to the Service, you will be deemed
to have accepted Third Party Terms upon such access of the third party
content. If you choose to decline any Third Party Terms, you may do so
by not purchasing the third party content referenced by the Third Party
Terms or otherwise declining the Third Party Terms as provided by OnLive
or the third party providing the Terms.

Please be advised that some Third Party
Terms may state or imply you have certain rights to a physical product,
rights to download, or install third party content to a local machine,
and/or other rights associated with physical possession or control of
third party content. Such statements within Third Party Terms may not be
applicable to use of the third party content on the Service.

In all Third Party Terms, the user agreeing
to, and/or the user presented with Third Party Terms, will in all cases
continue to be the consumer end user of the third party content. Unless
expressly agreed by OnLive, OnLive shall not be the intended or actual
licensee, user, or recipient of any Third Party Terms.

6. Accounts

You do not have the right to share your
Account with any third party, except as you provide pursuant to the
Parental Controls features. You are solely responsible for all activity
on your Account, including violations of the Terms by any third party
that accesses the Service through your Account, and for the security of
your Account. You also agree to the following:

• You agree to provide and maintain an
active email address through which you can be reached for the duration
of your Account. You agree to provide accurate and up-to-date email
address, contact and billing information to OnLive.
• You agree to use the Service only for
purposes that are permitted by (a) the Terms and (b) any applicable law,
regulation, or generally accepted practices or guidelines in the
relevant jurisdictions.
• You agree to notify OnLive of any
unauthorized use of your Account, any impending or threatened event that
may negatively impact the Service, security of the Service, or any
other violation of the Terms known to you, including by third parties
that have accessed the Service through your Account.
• You agree to not make any attempt to
access the Service via any means or interface other than those which
have been provided to you by OnLive, unless you have been granted
explicit written permission by an authorized representative of OnLive to
do otherwise.
• You agree to not engage in any activity
that interferes with or disrupts, degrades, harms or threatens to harm
the Service, security of the Service, our servers, or the use of the
Service by any of our users.
• You agree to not represent to any third
party that you are an OnLive employee or authorized representative of
OnLive.
• You agree to not register a Player Tag
(i.e. OnLive user name) that is vulgar, offensive, libelous, slanderous,
discriminatory or obscene or that violates any law, or otherwise
breaches the Terms or Community Guidelines.
• You agree to not transfer or share your
Account with any other party except as permitted by the Parental
Controls features as explained below.
• You agree not to transfer or share your
OnLive Service login information with any other party.
• You agree to not tamper with in any
manner, disassemble, reverse engineer, or otherwise modify any hardware
or software of the Service made available to you.
• The Service includes parental controls
features (“Parental Controls”) which restrict access to certain content
and features which may be deemed inappropriate for Minors (youth between
13 and up to 18). The Parental Controls can only be accessed with a
parental control passcode, and you agree not to share this parental
control passcode with any third parties (including the Minor for whom
the Parental Controls are activated).

You may provide access to your Account to
any member of your household (each an “Authorised User”), provided the
following conditions are met:

• You do not allow access to your Account to
any person under the age of 13 years old;
• You do not provide the details of your
parental control passcode to any third party, including any Authorised
User;
• You expressly bring the OnLive Privacy
Policy to the attention of each Authorised User; and expressly inform
each Authorised User that their personal data, which may be disclosed
through OnLive Friends and Voice Chat features, may be collected by
OnLive and disclosed to other users while on the Service.

You, as the Account Holder, assume
responsibility for all activity on the Account from Authorised Users,
including Authorised User activity when Parental Controls are enabled.
Account Holders who set up Parental Controls and allow Minors to use an
Account are liable for all activities of such Minor and all public
disclosures of information made by such Minor.

OnLive reserves the right to terminate or
suspend your Account for breach of the account guidelines set out in
this Section 6.

7. OnLive Application Software

The OnLive Application Software and other
related materials (collectively, the “Materials”) made accessible to you
in connection with the Service will be licensed under, and subject to,
the terms and conditions of the OnLive End User License Agreement
(“OnLive EULA”).

8. Our Content

With the exception of User Generated Content
(as defined in Section 9 below), as between you and OnLive or its
affiliates, subsidiaries, licensors, or suppliers retain title to and
ownership of everything on or used in connection with the Service,
including, but not limited to, text; images; graphics; logos; audio and
video content; visual, auditory, tactile, and motion user interfaces,
and any OnLive hardware, software, or computer code (collectively,
“Content”). This also includes, without limitation, the structure,
design, animation, video, effects, overall “look and feel” and
arrangement of Content on the Service. With regard to any gaming
statistics like scores, rankings, log in/log out times, length of
gameplay, and your presence on the Service, OnLive owns that content
exclusively and/or shares ownership of that content with third party
content providers and may grant any of our affiliates, subsidiaries,
licensors, partners, or suppliers permission to use such content,
including the use and display of such content publicly for the purposes
of leaderboards, enhancing multiplayer gameplay, tournaments, and
marketing and promotion efforts. Subject to license restrictions and
these Terms, certain Content on the Service may not be available to
users accessing the Service through specific client devices (e.g.
Macintosh, Windows PC, MicroConsole™ TV adapter, cell phones, tablet
computers, Internet TVs, and set-top boxes). Such limitations will be
specified in the Content descriptions provided prior to your purchase of
any such Content, during the purchase process and/or in the EULA for
any particular piece of Content which has such restrictions.

OnLive owns patents, copyrights, trademarks,
service marks, trade names, trade secrets, domain names and other
intellectual property, and proprietary rights throughout the world in,
or to, or associated with the Content and/or the Service (the “IP
Rights”), and the Content and the Service are protected by the IP Rights
and all other applicable intellectual property rights and laws. Subject
to your compliance with the Terms, the OnLive Privacy Policy and the
OnLive Community Guidelines, OnLive grants you a limited, personal,
non-exclusive, non-transferable, non-sublicensable, revocable license
under the IP Rights to use the Service in accordance with the Terms, for
the duration of your membership and/or access to the Service, solely
for your personal and non-commercial use.

You may not modify, reproduce, distribute,
create derivative works or adaptations of, publish, perform, display,
transmit or in any way exploit any of the Content in whole or in part
except as expressly authorized by OnLive. You may not, in whole or in
part, reverse engineer, derive (or attempt to derive) any source code,
modify, disassemble, decompile, or remove any proprietary notices or
labels from the Service or any hardware or software associated or used
in connection with the Service. Except as expressly and unambiguously
provided herein, OnLive does not grant you any express or implied rights
in or to the Service, any Content or any software associated or used in
connection with the Service. Except as expressly provided herein (or in
the Privacy Policy) you may not transfer, publish, display, disclose or
make available any reproductions of the Service or the Content to any
other parties in any way, including, without limitation, by uploading
videos or images to file sharing sites, sharing or making available
screen captures of the Service or any Content, or sharing or making
available any source code or executable code of any software associated
or used in connection with the Service. You may not rent, lease, license
or sublicense the Service to others, or use the Service in any manner
for the benefit of any third party.

9. User Generated Content

Any time you post a message or communication
on an OnLive sponsored forum, or create, post, upload, submit, share or
distribute any content through the use of the Service, including the
OnLive User Community Forums, or play a game on the Service, including
any user name, tag, handle, motto, avatar video or still, and including
contributions via video, voice and text chat, text messaging, forums,
message boards, whether within or outside a game (any such message,
communication, content or play, collectively, “User Generated Content”
or “UGC”), you grant OnLive a non-exclusive, worldwide, perpetual,
irrevocable, unrestricted, royalty-free, fully paid-up license (with the
right to sublicense) to use, reproduce, distribute, display, perform,
transmit, modify, edit, create derivative works from, and otherwise
exploit such UGC, in any form, format, or medium now known or later
developed. You represent and warrant that you have the right to grant
these rights to OnLive and that you will not post any content or links,
user-generated or otherwise, that infringe, misappropriate or violate
any privacy, intellectual property, or any other rights of any party, or
which violates our Community Guidelines, or that is vulgar, offensive,
libelous, slanderous, discriminatory or obscene or that violates any
law. You hereby waive all “moral rights” with respect to all UGC and all
copyrights therein to the extent such moral rights can be waived under
the existing law of any jurisdiction, and, to the extent such moral
rights cannot be waived, you warrant that you will not seek to enforce
such moral rights against OnLive.

UGC specifically excludes any gaming and
Service usage statistics like scores, rankings, log in/log out times,
length of gameplay, and your presence on the Service. OnLive owns gaming
and Service usage statistics exclusively and/or shares ownership of
that content with third party content providers and may grant any of our
affiliates, subsidiaries, licensors, partners, or supplier’s permission
to use such content, including the use and display of such content
publicly for the purposes of leaderboards, enhancing multiplayer
gameplay, tournaments, and marketing and promotion efforts.

OnLive reserves the right to pre-screen,
monitor, moderate, and delete any UGC that you or other OnLive users
submit to the Service, including, but not limited to, posts made to
public forums. However, we have no obligation to do so, and you may be
exposed to content you find vulgar, offensive, libelous, slanderous,
discriminatory, obscene or is in violation of a law.

You acknowledge that OnLive is not an
author, publisher or editor of any UGC posted on the Service or of any
information provided by another content provider on the Service.

10. Voice Chat

Voice chat communications within the Service
should not be considered private. Voice chat communications may be
heard by others as part of gameplay or in other contexts, for example,
as part of Spectating. OnLive is under no obligation to monitor user
communications but reserves the right to act on reports of misconduct or
abuse of such privileges at OnLive’s sole discretion. Because voice
chat and other communications may be viewed and/or heard, users should
avoid revealing any personally identifiable information.

11. OnLive Purchases and Billing

Offers are only valid within the United
Kingdom. Offers cannot be combined unless expressly stated. Some game
purchases may not be available for all platforms and different prices
may be charged for different platforms (e.g., PC, Mac, and MicroConsole
TV adapter). Promotion codes and coupons have no cash value.

Subject to any OnLive promotional offers you
may accept, OnLive may require payment of fees for the Service
membership offer you select (the “Membership Plan”), third party
content, and any additional items and services that may be available
through the Service. You may have to register for an Account and sign up
for a Membership Plan in order to access the various features of the
Service and pay for any third party content. All purchases are charged
in GBP.

By registering for an Account on the
Service, you represent that you are at least 18 years of age and have
reached the age of majority in your country of residence. A credit card
is not required to sign up for the Service. However, if you select a
Membership Plan that requires a credit card, you represent that you are
authorized to use that credit card. You must also be authorized to use
any subsequent credit card in the event you change or update the credit
card you used to register. By signing up for a Membership Plan, you
expressly authorize OnLive to charge you for services and products
purchased under your Account including but not limited to required or
optional fees associated with maintaining an active Membership Plan in
good standing (the “Membership Fees”), third party content, and any
additional items and services that may be available through the Service.
Membership Plans may require one-time or recurring Membership Fees. If
so, OnLive will bill you in accordance with the terms of your
Membership Plan.

You acknowledge that the Service (including
the sale of a right to play games through it) is a supply of services to
you by OnLive, which commences once you register for the Service and
pay the Membership Fees or once you purchase the right to play a
particular game. OnLive will have commenced the supply of services to
you by granting you access to the Service or the relevant game, and you
will lose your right to cancel the purchase under Directive 97/7/EC as
implemented in your country of residence. Notwithstanding the above, the
purchase of an OGS or any other hardware will constitute the supply of
goods, and you will have seven days (beginning the day after you receive
the goods) in which you may choose to cancel the contract. If you
provide notice of such cancellation to OnLive, and return the
merchandise and we will provide you with a full refund for the purchase.

Prices for any third party content are
subject to change at any time without notice. OnLive reserves the right
to change the pricing, billing, Membership Plans and Membership Fees for
the Service at any time. In the event OnLive makes any such changes to
the Service, we will provide you with at least thirty (30) calendar days
notice via the email address you have provided in your Account. If you
do not consent to these changes, you must stop using the Service and may
close your Account.

In the event your Account is closed or
suspended for any reason, including because you do not consent to the
changes to the changes to the pricing, billing, Membership Plans and
Membership Fees for the Service, OnLive reserves the right to charge you
for any costs, surcharges, or debts still pending on your Account. You
may not register a new OnLive Account until all costs, surcharges, and
debts are settled for any prior OnLive Account that you have used, or
have been used with the same credit card or email address.

12. OnLive Game System: MicroConsole TV
Adapter and OnLive Gamepad Controller

The Terms also apply to use of the OnLive
Game System, which includes the MicroConsole TV adapter and OnLive
Gamepad Controller (“Controller”) to access the Service. Use of the
MicroConsole TV adapter or Controller confirms your agreement to:

• Accept any software updates and upgrades
sent to the MicroConsole TV adapter and/or Controller.
• Accept any different or additional terms
applicable to the third party components included with the MicroConsole
TV adapter and/or Controller.
• Not tamper with in any manner,
disassemble, reverse engineer, or otherwise modify the MicroConsole TV
adapter and/or Controller.
• Save as permitted by law, not derive (or
attempt to derive), modify, decompile, or remove any software code from
the MicroConsole TV adapter and/or Controller.
• Not remove any proprietary notices or
labels from the MicroConsole TV adapter and/or Controller.
• Save as permitted by law, use any software
in the MicroConsole TV adapter only in executable form and solely in
conjunction with the MicroConsole TV adapter.

Basic information relating to setup,
installation and support is shipped with the MicroConsole TV adapter and
Controller, and further details are found in the Support section of the
OnLive website.

13. Suspending Your Account

You may suspend (i.e. temporarily
deactivate) your Account at any time, for any or no reason, for up to
twelve (12) months by contacting OnLive CS from the Support section of
the OnLive website. Also, OnLive may suspend an Account, or resume a
suspended Account, under certain conditions specified in the Terms,
including, for example, the expiration or renewal of your Service
membership term. OnLive may suspend your Account if it is inactive (i.e.
you have not successfully logged in to the Service using your Account,
or you have not made any transactions associated with your Account) for
twelve (12) months. You or OnLive may resume (i.e. reactivate) a
suspended Account, if the Account is in good standing and any
outstanding concerns have been addressed, at any time during the
suspension.

Suspending your Account will temporarily
disable your access to the Service using the suspended Account, and
temporarily disable your access to all content or services on the
Service that the Account would otherwise have access to, if any, whether
purchased or not. Resuming your Account will restore your access to the
suspended Account, and restore your access to content and services that
are still available to you after the time that has elapsed during the
suspension period or provide access to content and services that became
available to you during the suspension. During this time, OnLive will
retain all of your information, including your Personal Information,
just as if the Account is in active use so as to enable OnLive to (a)
keep track of any content or service expirations or activations during
the suspension period, and (b) reactivate your Account if it is resumed
during that twelve (12) month period. During the suspension period you,
or OnLive under certain conditions specified in the Terms of Service,
may close your Account per the terms described below in Closing Your
Account. OnLive will close your Account if it not resumed within twelve
(12) months of the last suspension. If you decide to suspend your
Account, please contact OnLive CS from the Support section of the OnLive
website.

The Terms will continue to apply to you in
full from the time you accept the Terms, as set forth in the “Accepting
and Changing the Terms” section herein, throughout your Account
suspension and until your Account is closed by either you or OnLive.

14. Closing Your Account

CLOSING YOUR ACCOUNT WILL RESULT IN
PERMANENT LOSS OF ACCESS, CONTENT, SERVICES AND VALUE ON THE ONLIVE
SERVICE. ONLIVE URGES YOU TO CONSIDER SUSPENDING YOUR ACCOUNT, PER THE
“SUSPENDING YOUR ACCOUNT” SECTION ABOVE. RATHER THAN CLOSING YOUR
ACCOUNT, PLEASE READ THIS “CLOSING YOUR ACCOUNT” SECTION CAREFULLY
BEFORE PROCEEDING WITH CLOSURE.

You may close your Account at any time,
however, OnLive may close an Account if the Account is suspended and not
resumed within the twelve (12) month maximum suspension period, as
detailed in the “Suspending Your Account” section, above, or under
certain conditions specified in the Terms of Service. Closing your
Account will immediately and permanently terminate your access to the
Service using the closed Account; immediately and permanently terminate
your access to all content, messages, services on the Service that the
closed Account would otherwise have access to or could derive value
from; and result in your immediate and permanent forfeiture of any
coupons, access passes, credits, or anything that may be of value
directly or indirectly associated with the Account, if any, whether
purchased or not. Any remaining payments due on the Account will remain
due and collectable after the Account is closed until they are paid. If
you decide to close your Account, please contact OnLive CS from the
Support section of the OnLive website. Within six (6) months after
closing your Account or after any payments due on the Account are paid,
whichever is later, we will either delete or securely encrypt your
Personal Information except your email address, which we will keep in
order to determine whether to send further marketing-related emails. We
will also keep all financial and transactional records that are required
for accounting, revenue-reporting and tax-reporting purposes. Your
non-Personal Information, such as your Player Tag and password, will not
be deleted. We will also keep information about your use of the
Services or Websites including, but not limited to, data about your
gameplay, session times and durations, and use of the Service, though we
will disassociate such information from your Personal Information.
Please note that even after you remove information from your Account or
delete your Account entirely, information that was shared with other
users may continue to exist on the Service.

If you engage in any repeated or
objectionable misconduct, to be determined in accordance with these
Terms and the OnLive Community Guidelines, OnLive reserves the right to
either suspend or close your Account, in OnLive’s sole discretion,
immediately and without notice as set forth in the “Suspending Your
Account” and “Closing Your Account” sections herein. Please refer to the
OnLive Community Guidelines for examples of objectionable conduct.

The Terms will continue to apply to you in
full from the time you accept the Terms, as set forth in the “Accepting
and Changing the Terms” section herein, until your Account is closed by
either you or OnLive.

15. Survival

Sections 8, 9, 10, 11, 12, 13, 14, 15, 16,
17, 18, 19, 20, 21, 22, 23, and 24 of the Terms shall survive any
expiration or termination of the Terms, or your Account. Expiration or
termination of the Terms or your Account will not affect any accrued
rights or liabilities under these Terms. The Privacy Policy will survive
termination of the Terms, or your Account in accordance with its terms.

16. Copyright Policy

OnLive respects the intellectual property of
others and we expect our users to do the same. If you are a copyright
owner or authorized to act on behalf of a copyright owner and believe
that any content or material provided through or in connection with the
Service infringes any copyright you own or for which you are authorized
to act on behalf of the copyright owner, please provide OnLive’s Agent
for Notice with written or electronic notice containing the following:

Notice of Alleged Infringement
(“Notice”)

1. A description of the copyrighted work(s)
you claim has been infringed.
2. A description of the allegedly infringing
content or material, including the location on the Service of the
allegedly infringing content or material with sufficient detail to
enable us to locate it on the Service.
3. Your address, telephone number, and email
address.
4. Both of the following statements outlined
in the Notice:
a. “I hereby state that I have a good faith
belief that the disputed use of the copyrighted material is not
authorized by the copyright owner, its agent, or the law.”
b. “I hereby state that the information in
this Notice is accurate and that I am the owner of, or authorized to act
on behalf of the owner of, an exclusive right that is allegedly
infringed.”
5. Your full legal name and your electronic
or physical signature.

Please send all of the above to:

Copyright Agent
c/o OnLive, Inc.
181 Lytton Ave.
Palo Alto, CA 94301
Main: (650) 543-5500
Fax: (650) 543-5595

Or by email to:

copyrightenforcement@onlive.com

Any Personal Information provided to OnLive
pursuant to this section 16 shall be held and processed by OnLive in
accordance with the OnLive Privacy Policy.

17. Disputes and Governing Law and
Jurisdiction

You agree to handle any disputes between you
and OnLive in accordance with the policy outlined below, the OnLive
Privacy Policy or as otherwise agreed in writing between you and OnLive.
As an alternative to litigation, we will consider reasonable requests
to resolve any dispute through dispute resolution procedures such as
arbitration or mediation.

The construction, validity and performance
of these Terms and all non-contractual obligations arising from or
connected with these Terms, the OnLive Privacy Policy, the OnLive
Community Guidelines or the Service shall be governed by English law.
Any action or proceeding brought to adjudicate any dispute related to
the Terms, OnLive Privacy Policy, OnLive Community Guidelines, or the
Service shall be subject to the non-exclusive jurisdiction of the
English courts, except as otherwise agreed by the parties in writing.

18. Injunctive Relief

If you breach or indicate your intention to
breach the Terms (including, without limitation, in a manner that
infringes, misappropriates or violates any intellectual property or
privacy rights or may cause irreparable or continuing harm), OnLive may
seek injunctive relief against you, or any other remedy available under
applicable law.

19. Representations and Warranties

You represent and warrant that (i) you have
the full power and authority to enter and perform under the Terms, (ii)
the execution and performance of your obligations under the Terms does
not constitute a breach of or conflict with any other agreement or
arrangement by which you are bound, and (iii) the Terms are a legal,
valid, and binding obligation of you, enforceable in accordance with its
terms and conditions.

20. Indemnification

You agree to defend, indemnify and hold
OnLive, its directors, officers, employees, contractors, affiliates,
suppliers, and licensors (collectively “OnLive Indemnified Parties”)
harmless from any liability, damage, settlement, loss, or expense
(including, without limitation, attorneys’ fees and costs) incurred in
connection with any third-party claim, demand or action (“Claim”)
brought or made against any of the OnLive Indemnified Parties arising
out of or relating to any actions by you that infringes any copyright,
trademark, trade secret, patent or other intellectual property right of
any person or defames any person or violates their rights of publicity
or privacy. If you have to indemnify any of the OnLive Indemnified
Parties under this Section, OnLive and/or the relevant OnLive
Indemnified Parties will have the right to control the defense,
settlement, and resolution of any Claim at your sole expense. You may
not settle or otherwise resolve any Claim without OnLive’s prior express
written permission.

21. INFORMATION NOTICE

OnLive provides the Service on an “as is”
and “as available” basis, though OnLive will provide the Service to you
with reasonable skill and due care.

OnLive does not represent or warrant that
the Service or its use (i) will be uninterrupted; or (ii) will be free
of inaccuracies or errors. OnLive utilizes the internet, which by its
very nature can be unreliable and unpredictable. Internet connection and
reliability problems may reduce service quality and in some cases make
the service unavailable. In addition to an internet connection, the
service also requires suitable, capable, reliable, and fully operational
devices and software, which are all outside of OnLive’s control.

OnLive is not responsible for any internet,
telephone, wireless, or other fees associated with your use or access of
any service, product, or content through the OnLive Service, including
your use or access of any free service, product, or content through the
OnLive Service.

22. LIMITATION OF LIABILITY

TO THE EXTENT NOT PROHIBITED BY LAW, IN NO
EVENT SHALL ONLIVE (OR ANY OF ITS AFFILIATES OR LICENSORS) NOR ANY OF
THE OFFICERS, DIRECTORS, EMPLOYEES, SHAREHOLDERS, LICENSORS, CUSTOMERS,
AGENTS OR REPRESENTATIVES OF ONLIVE HAVE ANY LIABILITY OF ANY KIND OR
NATURE TO YOU OR ANY THIRD PARTY FOR ANY INDIRECT, INCIDENTAL,
CONSEQUENTIAL, SPECIAL, OR PUNITIVE DAMAGES WHATSOEVER (INCLUDING, BUT
NOT LIMITED TO, DAMAGES FOR ANY LOSS OF PROFITS OR LOSS OF ANY
CONFIDENTIAL OR OTHER INFORMATION OR FOR BUSINESS INTERRUPTION) ARISING
OUT OF OR IN ANY WAY RELATING TO YOUR USE OF OR INABILITY TO USE THE
MATERIALS OR THE SERVICE OR OTHERWISE WITH RESPECT TO THIS AGREEMENT,
WHETHER ARISING IN TORT (INCLUDING NEGLIGENCE), CONTRACT, STRICT
LIABILITY OR OTHERWISE, WHETHER OR NOT YOU HAVE ADVISED OF THE
POSSIBILITY OF ANY SUCH LOSS OR DAMAGE.

OnLive will not be liable for any liability
associated with provision of the service or failure to provide the
Service associated with infrastructure (including, without limitation,
the internet), devices and software outside of OnLive’s control such as
computers, displays, televisions, input devices, switches, routers,
firewalls, operating systems, and browsers.

Nothing in these Terms will exclude or limit
either party’s liability for (i) fraud or fraudulent misrepresentation;
(ii) death or personal injury caused by its negligence (iii) under the
indemnity in section 19; or (iv) any other liability which cannot be
excluded by law.

23. Severability

If any provision of the Terms is held
invalid or unenforceable, in whole or in part, such provision shall be
modified to the minimum extent necessary to make it valid and
enforceable. This shall, in no way, affect the validity and
enforceability of all other provisions in the Terms.

24. Miscellaneous

You and OnLive are independent parties, and
nothing in the Terms constitutes a partnership or joint venture between
you and OnLive or makes either party the agent of the other. Unless
otherwise specified herein, the Terms, the OnLive Privacy Policy, and
the OnLive Community Guidelines constitute the entire agreement between
you and OnLive with respect to the subject matter hereof and supersede
all prior or contemporaneous communications, negotiations and proposals
with respect to such subject matter. You may not assign or transfer the
Terms or any of your rights or obligations under the Terms (whether by
operation of law or otherwise) without the prior written consent of
OnLive.

25. Beta Program

OnLive may from time-to-time establish a
Beta program (“Beta”) to give certain users an opportunity to test and
experience additional new features of the Service, pay for and use third
party content, and gather feedback on the new features and content on
the Service. Any and all information made available to you by virtue of
your participation in a Beta, whether furnished to you directly by
OnLive or learned by you through your access to a Beta, is confidential
to OnLive. For example, you may not do any Tweets, Facebook posts, or
other online posting of details, and you may not post or otherwise
communicate screenshots, or videos, or any other content whatsoever
about your participation in a Beta. You may disclose that you are a
participant in a Beta, but you may not discuss with or disclose to any
third party any information you learn through a Beta including your
opinions regarding a Beta. If you are chosen to participate in a Beta,
you will:

• Carry out the testing in connection with a
Beta personally. You will not display or provide access to the Service
to any other person.
• Use your best efforts to secure your
system and the Beta against unauthorized access or disclosure.
• Never disclose any information about a
Beta, including, without limitation, any information about the Service
provided or made available by OnLive or any hardware, software,
screenshots, video, or other code or scripts to any third party.
• Never discuss gameplay, quality of
service, or bugs encountered while using a Beta anywhere outside of
OnLive’s provided in-site forums and customer support.
• Delete and destroy all information related
to a Beta in your possession or control immediately upon the request of
OnLive, and confirm deletion and destruction of such information if
requested to do so by OnLive.

OnLive notes that any breach by you of this
confidentiality provision will cause irreparable harm to OnLive, and
OnLive may seek injunctive relief to prevent the breach or threatened
breach of your obligations.

As a Beta user, you agree to:

• Test and evaluate a Beta and/or devices to
be used with the Beta, including, but not limited to, audiovisual
content, features, functionality, capabilities, operation, Service
performance and device performance.
• Inform OnLive of any bugs or other defects
you encounter in connection with the Service.
• Receive all software updates and upgrades,
if any that OnLive sends to the MicroConsole TV adapter, to your
computer, or to any hardware or software associated or used in
connection with the Service, including the OnLive Gamepad Controller.
• Comply with reasonable requests and
instructions from OnLive in connection with Beta, which may be provided
from time to time during a Beta, including, but not limited to, requests
and instructions to test or evaluate specific aspects of the Service.
• Provide OnLive with your comments,
feedback, evaluations, analyses, suggestions and recommendations
regarding a Beta (“Feedback”), all as voluntarily provided by you or as
may otherwise be requested by OnLive.

Your participation in a Beta is strictly
voluntary and for your enjoyment. While your participation in a Beta is
helpful, you understand that it is not a vital part of the development
of the Service so as to give you any right to compensation or payment.
Participation in one phase of a Beta does not entitle you to
participation in any other phase of a Beta, if any, or to any
compensation or payment with respect to the Service. You acknowledge and
agree that your participation in a Beta (or any phase of a Beta) does
not give you any claim of ownership to any part of the Service.

All Feedback that you provide or make
available to OnLive during a Beta, however communicated by you and
whether at OnLive’s request or not, shall be the sole and exclusive
property of OnLive, and you hereby irrevocably assign to OnLive all of
your right, title and interest in and to such Feedback, including,
without limitation, any and all intellectual property rights in or to
any such Feedback. Without limiting the generality of the preceding
sentence, you agree that OnLive and its successors, assigns and
licensees shall have the perpetual and irrevocable right to reproduce,
modify and otherwise use and exploit all of the Feedback (and any and
all portions and derivatives thereof) in any manner now known or
hereafter devised for any purposes, including, but not limited to, in
connection with the development and exploitation of the Service or any
other product or service, without any compensation or the provision of
any credit to you. You hereby waive all moral rights with respect to all
Feedback and all copyrights therein to and, the extent such moral
rights cannot be waived, you warrant that you will not enforce such
moral rights against OnLive.

All other terms in the OnLive Terms of
Service continue to apply to your participation in a Beta.

TERMS OF USE

ONLIVE, INC. TERMS OF USE AGREEMENT

As of September 22, 2011

Acceptance of Terms

This Terms of Use Agreement (the “Agreement“) applies to certain websites of OnLive EMEA S.à r.l and its group of companies (collectively, “OnLive“, “we”, “our”, or “us” or the “OnLive Websites“).
By visiting, accessing, or using the OnLive Websites or any portion
thereof , you agree that you have read, understood, and agree to be
bound by this Agreement, whether or not you are a registered user of any
of the OnLive Websites or any portion thereof.

We reserve the right to amend this
Agreement at any time and without notice. If we do this, we will post
the amended Agreement on this page and indicate at the top of the page
the date the Agreement was last revised. Your continued use of the
OnLive Websites after any such changes constitutes your acceptance of
the new Terms of Use. If you do not agree to any of these terms or any
future Terms of Use, do not visit, use or access (or continue to access)
the OnLive Websites. This Agreement applies to all visitors, users, and
others who access the OnLive Websites (“Users“). The Agreement incorporates by reference our Privacy Statement,
or any supplemental terms, schedules, exhibits and related materials
that are attached or referenced herein. It is your responsibility to
review this Agreement from time to time for any changes as it creates a
binding legal agreement between you and us. You do not have to register
in order to visit the OnLive Websites. In the future, though, we may
allow you to register with the OnLive Websites and create a “User”
account.

Permission to Use the Site

Subject to all of the terms and
conditions of this Agreement, you are hereby granted a non-exclusive,
limited, personal licence to access the OnLive Websites and view our
Content (as defined below). We reserve all rights not expressly granted
herein in the OnLive Websites and the Content (as defined below). We may
terminate this licence for convenience at any time at our sole
discretion.

You agree not to engage in any of
the following prohibited activities: (i) copying, distributing, or
disclosing any part of the OnLive Websites in any medium, including
without limitation by any automated or non-automated “scraping”; (ii)
using any automated system, including without limitation “robots”,
“spiders”, or “offline readers”, to access the OnLive Websites in a
manner that sends more request messages to our servers than a human can
reasonably produce in the same period of time by using a conventional
on-line web browser; (iii) transmitting spam, chain letters, or other
unsolicited email; (iv) using any “bot”, spider, site search/retrieval
tool or utility, or any other manual or automated technique, to collect,
extract, index, mine, or otherwise seek to obtain any data or
information from OnLive, OnLive Websites, or any User, or in any manner
compromise, degrade or circumvent the navigational structure or the
presentation of the OnLive Websites, or the display or performance of
the Content (as defined below) of the OnLive Websites; (v) attempting to
interfere with, compromise the system integrity or security or decipher
any transmissions to or from the servers running the OnLive Websites;
(vi) taking any action that imposes, or may impose an unreasonable or
disproportionately large load on our infrastructure (as determined at
our sole discretion); (vii) uploading invalid data, viruses, worms, or
other software agents through the OnLive Websites; (viii) collecting or
harvesting any personally identifiable information from the OnLive
Websites; (ix) using the OnLive Websites for any commercial solicitation
purposes; (x) using the OnLive Websites or any Content or products
obtained through the OnLive Websites for any resale or commercial use;
(xi) collecting or using any product listings, descriptions, or prices
on the OnLive Websites; (xii) impersonating another person or otherwise
misrepresenting your affiliation with a person or entity, conducting
fraud, hiding or attempting to hide your identity; (xiii) interfering
with the proper working of the OnLive Websites; (xiv) bypassing the
measures we may use to prevent or restrict access to the OnLive
Websites; or (xv) disseminating any abusive, harmful, offensive or
illegal content. We may permanently or temporarily terminate, suspend,
or otherwise refuse to permit your access to the OnLive Websites without
notice and liability for any reason, including if in our sole
determination you violate any provision of this Agreement, or for no
reason. You further understand and agree that OnLive has the right, but
not the obligation, to remove in whole or in part any Content related to
the OnLive Websites, including without limitation all data and Content
residing on our servers, at any time at our sole discretion, with or
without notice and with no liability to us of any kind.

The OnLive Websites or portions
thereof are subject to scheduled and unscheduled site interruptions. All
aspects of the OnLive Websites are subject to change or elimination at
our sole discretion. We reserve the right to interrupt the OnLive
Websites with or without prior notice for any reason or no reason. You
agree that OnLive is not liable to you for any interruption of the
OnLive Websites or any portion thereof, or any delay or failure to
provide the OnLive Websites or any portion thereof.

Our Proprietary Rights

The OnLive Websites and all
materials therein or transferred thereby, including, without limitation,
software, images, text, graphics, illustrations, logos, trademarks,
trade names, photographs, audio, videos, and music (the “Content“), and all Intellectual Property Rights related thereto, are the exclusive property of OnLive and our licensors.

Except as explicitly provided
herein, nothing in this Agreement shall be deemed to create a licence in
or under any such Intellectual Property Rights, and you agree not to
sell, licence, rent, modify, distribute, copy, reproduce, transmit,
publicly display, publicly perform, publish, adapt, edit or create
derivative works from any materials or Content accessible on the OnLive
Websites. Use of the Content or materials on the OnLive Websites for any
purpose not expressly permitted by this Agreement is strictly
prohibited.

For the purposes of this Agreement, “Intellectual Property Rights
means all patent rights, copyright rights, mask work rights, moral
rights, rights of publicity, trademark, trade dress and trade name
rights, service mark rights, goodwill, trade secret rights and other
intellectual property rights as may now exist or hereafter come into
existence, and all applications therefore and registrations, renewals
and extensions thereof, under the laws of any state, country, territory
or other jurisdiction worldwide.

Eligibility/Representations and Warranties

You shall be solely responsible for
your use of the OnLive Websites and all activity undertaken by you
while visiting the OnLive Websites.

This OnLive Websites are intended
solely for Users who are thirteen (13) years of age or older, and any
use or access to the OnLive Websites by anyone under thirteen (13) is
unauthorized, unlicensed, and in violation of this Agreement. In
connection with your use of the OnLive Websites, you affirm, represent
and warrant, in addition to the other representations and warranties in
this Agreement, the following: You are at least thirteen (13) years of
age.

You must be at least eighteen (18)
years of age to register for an account on the OnLive Service. In
connection with registering for an OnLive account, you affirm, represent
and warrant, in addition to the other representations and warranties in
this Agreement, the following: You are at least eighteen (18) years of
age, or if you are under 18 years of age you are an emancipated minor
and are fully able and competent to enter into the terms, conditions,
obligations, affirmations, representations, and warranties set forth in
this Agreement, and to abide by and comply with this Agreement.

Privacy

We care about the privacy of our Users. Click here
to view our Privacy Statement, which is incorporated by reference in
this Agreement as if it is fully set forth herein. By using the OnLive
Websites, you are consenting to have your personal data transferred to
and processed in the United States.

Your use of the Site may be subject
to use by us of “cookies”, which are text files placed on your computer
to temporarily store information. Our use of cookies is subject to the
Privacy Statement.

Third-Party Websites, Advertisers
or Sites: As set forth in our Privacy Statement, the OnLive Websites may
contain links to third-party websites, advertisers, or sites that are
not owned or controlled by us. We have no control over, and assume no
responsibility for, the content, privacy policies, or practices of any
third party websites. If you access a third party website from the
OnLive Websites, you do so at your own risk, and you understand that
this Agreement and our Privacy Statement do not apply to your use of
such sites. To the fullest extent permissible by law, you expressly
relieve us from any and all liability arising from your use of any
third-party website or third party owned content. Additionally, your
dealings with or participation in promotions of advertisers that may be
found on the OnLive Websites, including payment and delivery of goods,
and any other terms (such as warranties) are solely between you and such
advertisers. You agree that we are not responsible for any loss or
damage of any sort relating to your dealings with such advertisers.

We encourage you to be aware of
when you leave the OnLive Websites, and to read the terms and conditions
and privacy policy of any third-party website that you visit.

Indemnity

You agree to defend, indemnify and
hold harmless OnLive, and its subsidiaries, agents, managers, partners,
suppliers, advertisers, product and OnLive Website providers, and other
affiliated companies, and their employees, contractors, agents, officers
and directors, from and against any and all claims, damages,
obligations, losses, liabilities, costs or debt, and expenses (including
but not limited to attorneys’ and experts’ fees) arising from: (i) any
infringement of OnLive’s Intellectual Property Rights by you; (ii) your
violation of any third-party right, including without limitation any
right of privacy, publicity rights or Intellectual Property Rights; and
(iii) your violation of any law, rule or regulation of the UK or any
other country.

No Warranty

The OnLive Websites are provided on
an “as is” and “as available” basis. Use of the OnLive Websites is at
your own risk. To the extent permitted by law, OnLive Websites are
provided without warranties of any kind, whether express or implied.
Without limiting the foregoing, OnLive, its subsidiaries, and its
licensors do not warrant that the operation of the OnLive Websites or
the information, content, materials, or products included on the OnLive
Websites is accurate, reliable or correct; that the OnLive Websites will
meet your requirements; that the OnLive Websites will be available at
any particular time or location, uninterrupted or secure; that any
defects or errors will be corrected; or that the OnLive Websites are
free of viruses or other harmful components. Any information, content,
materials, or products downloaded or otherwise obtained through the use
of the OnLive Websites is obtained at your own risk and you will be
solely responsible for any damages or losses, including damage to your
computer system or loss of data, that result from such procurement.

OnLive does not warrant, endorse,
guarantee, or assume responsibility for any product or websites
advertised or offered by a third party through the Onlive Websites or
any hyperlinked website or site, or featured in any banner or other
advertising, and OnLive will not be a party to or in any way monitor any
transaction between you and third-party providers of products or sites.

Limitation of Liability

OnLive will not be responsible for
any damage, loss or expense resulting from hacking, tampering or other
unauthorized access or use of the Onlive Websites or your account or the
information contained therein.

To the extent permitted by law, in
no event shall Onlive (or any of its affiliates or licensors) nor any of
the officers, directors, employees, shareholders, licensors, customers,
agents or representatives of Onlive have any liability of any kind or
nature to you or any third party for any indirect, incidental,
consequential, special, or punitive damages whatsoever (including, but
not limited to, damages for any loss of profits or loss of any
confidential or other information or for business interruption) arising
out of or in any way relating to your use of the OnLive Websites
(including an inability to access or use the OnLive Websites) or
otherwise with respect to this Agreement, whether arising in tort
(including negligence), contract, strict liability or otherwise, whether
or not you have advised of the possibility of any such loss or damage.

OnLive will not be liable for any
liability associated with infrastructure (including, without limitation,
the internet), devices and software outside of OnLive’s control such as
computers, displays, televisions, input devices, switches, routers,
firewalls, operating systems, and browsers.

Nothing in this Agreement will
exclude or limit either party’s liability for (i) fraud or fraudulent
misrepresentation; (ii) death or personal injury caused by its
negligence (iii) under the indemnity in clause 6 above; or (iv) any
other liability which cannot be excluded by law.

Export Control

You may not use, export or
re-export any Content or any copy or adaptation of such Content, or any
product or service offered on the OnLive Websites, in violation of any
applicable laws or regulations, including, without limitation, UK export
laws and regulations. The OnLive Websites are controlled and operated
from facilities in the UK. We make no representations that the OnLive
Websites or any portions thereof are appropriate or available for use in
other locations. Those who access or use the OnLive Websites from other
jurisdictions do so of their own volition and are entirely responsible
for compliance with all applicable UK and local laws and regulations,
including but not limited to export and import regulations. You may not
use the OnLive Websites if you are a resident of a country embargoed by
the UK, or are a foreign person or entity blocked or denied by the UK
government.

Assignment

This Agreement, and any rights and
licenses granted hereunder, may not be transferred or assigned by you,
but may be assigned by us without restriction.

General
  • Governing Law and Legal Actions.
    You agree to handle any disputes between you and OnLive in accordance
    with the policy outlined below, the OnLive Privacy Policy or as
    otherwise agreed in writing between you and OnLive. As an alternative to
    litigation, OnLive will consider reasonable requests to resolve any
    dispute through dispute resolution procedures such as arbitration or
    mediation.

    The construction, validity and
    performance of this Agreement and all non-contractual obligations
    arising from or connected with this Agreement, the OnLive Privacy
    Statement, the OnLive Community Guidelines or the service shall be
    governed by English law. Any action or proceeding brought to adjudicate
    any dispute related to this Agreement, the OnLive Privacy Statement,
    OnLive Community Guidelines, or the service shall be subject to the
    non-exclusive jurisdiction of the English courts, except as otherwise
    agreed by the parties in writing.

    If you breach or indicate your
    intention to breach this Agreement (including, without limitation, in a
    manner that infringes, misappropriates or violates any Intellectual
    Property Rights or privacy rights or may cause irreparable or continuing
    harm), OnLive may seek injunctive relief against you, or any other
    remedy available under applicable law

  • Notification Procedures. We may
    provide notifications, whether such notifications are required by law or
    are for marketing or other business related purposes, to you via email
    notice, written or hard copy notice, or through conspicuous posting of
    such notice on our website, as determined by us in our sole discretion.
    We reserve the right to determine the form and means of providing
    notifications to our Users.

  • Entire Agreement/Severability.
    This Agreement, together with our Privacy Statement and any other legal
    notices and agreements published by us via the OnLive Websites, shall
    constitute the entire agreement between you and OnLive concerning the
    OnLive Websites. If any provision of this Agreement is deemed invalid by
    a court of competent jurisdiction, the invalidity of such provision
    shall not affect the validity of the remaining provisions of this
    Agreement, which shall remain in full force and effect.

  • No Waiver. No waiver of any term
    of this Agreement shall be deemed a further or continuing waiver of such
    term or any other term, and OnLive’s failure to assert any right or
    provision under this Agreement shall not constitute a waiver of such
    right or provision.

Amusing, True Near Death Experience.

Written By: pgregg - Aug• 25•2011

Those who know me will know that there have been two important events occurring in my life this week. 1) Tiling my kitchen, and 2) Trying to buy a HP TouchPad.

As part of tiling the kitchen, significant other wanted to replace all the standard white wall sockets with Stainless Steel ones to match the rest of the kitchen colour scheme. I was safely over half way through this task, having disconnected the socket mains supply, when a van pulled up bearing HP TouchPad goodness. Thus the next 30 minutes of my life was accounted for.

Upon returning to the kitchen tasks I came to the Cooker 40A switch. I disconnected the ring main from the switch and proceeded to move the wires so that I kept the supply and load pairs apart when BUZZZZZZ and 240 Volts of high energy goodness shot through my hand and up my arm.

Yes folks, TouchPad caused me to forget to flip the cooker ring circuit in the fuse box.

Cue me jumping back, dropping tools and collapsing to the floor in a bout of Arrrrgh.

Wife said “Stop it, you’ll scare the kids.”.

Kids run in asking what happened and wife explains that Daddy electrocuted himself.

Six year old Lauren asked “Could you see his bones?”.

What 16TB raw space looks like at home

Written By: pgregg - Apr• 11•2011

I’ve been looking for some home backup solutions over the past couple of months. This has led me down both the do-it-yourself route and buying a ready-made solution.

One of my requirements was that I wanted the solution to be more than just storage – otherwise I would have purchased a straight NAS box from the likes of Qnap, Netgear or if feeling rich Drobo. Most of these dedicated NAS boxes can be “rooted” to allow ssh access , however their CPUs are generally underpowered for general purpose use.

Other requirements were that I wanted a reasonably small form factor and to be able to use at least 4 SATA hard drives, preferably with hot swap ability. Hardware raid was not a requirement because I intended on using a Linux distribution with mdadm software raid.

In the end, I ended up building two boxes.
The first, a home build, based on the CFI A7879 chassis CFI_A7879_1with a Gigabyte GA-D525TUD Dual Core Atom Mini-ITX Board.

GA-D525TUD

The second was a off-the-shelf HP ProLiant Microserver which, to be brutally honest, was because HP were offering £100 cashback deal on it. This made the server much cheaper than you could possibly build yourself from components.

HP_Microserver
I added 4GB ram to each box (total 5GB in the HP box because it comes with 1GB).The CFI boot drive is a 8GB (30MB/sec) CompactFlash card mounted as an
IDE drive. The HP boot drive is a 16GB Sandisk Cruzer USB stick.

Finally added 4 x 2TB Samsung F4EG HD204UI drives to each box.

The CFI box has 8TB in RAID5 providing 5.4TB usable. The HP has 8TB in RAID6 providing 3.6TB usable space.

If there is more interest, I’ll write up the build process is more detail with pictures.

For now – here are some shots of my utility shelf.

IMG_20110411_173250

IMG_20110411_173740

 

 

 

Experts Exchange, Google, AllFAQ.org and misappropriation of copyright.

Written By: pgregg - Jan• 19•2011

Opinion Piece

I was googling (as a verb) and came across a rather peculiar message at the bottom of Google’s search results:

In response to a complaint we received under the US Digital Millennium Copyright Act, we have removed 1 result(s) from this page. If you wish, you may read the DMCA complaint that caused the removal(s) at ChillingEffects.org.


Interesting – never saw that before!

Following the link to Chilling Effects shows a copy of the complaint which has some interesting text in it.

Experts-Exchange makes a detailed itemisation of their registered Copyrights, none of which I find objectionable, however, the complaint then goes on to list several issues against the Defendant, the first and most egregious of which is:

a direct “copy and paste job” lifting the content of Plaintiff’s question and answer forums and inserting them onto AllFAQ’s website. AllFAQ’s question and “Solutions” are verbatim to Experts-Exchange’s questions and “Accepted Solutions;”

From this Experts Exchange is accusing allfaq.org of Copyright infringement against Experts Exchange owned Copyright.

At first glance, this might seem fully justified – but look at what they are claiming copyright on.  Experts Exchange are assuming copyright ownership of content that you, and I, and all their users create by asking and answering questions on their web site.

I looked at Experts Exchange’s Terms of Use and could not find any agreement that users were assigning their rights and copyrights to Experts Exchange. The relevant paragraph is:

“5. Content License

EXPERTS EXCHANGE enables Members to post problems or questions,
proposed solutions or answers, information, comments and other content
(“Your Content”) to its Site. When you post Your Content to the Site,
you understand and agree that Your Content can be viewed and used by
other Members who visit the Site with or without attribution.

You represent and warrant that you own or otherwise control all of the
rights to Your Content and that use of Your Content by EXPERTS
EXCHANGE and its affiliates will not infringe upon or violate the
rights of any third party. Before you use EXPERTS EXCHANGE Services to
post any information or content that is protected by intellectual
property laws, you shall have acquired the legal right to do so from
the owner or authorized licensee of such information or content.

By registering with EXPERTS EXCHANGE and posting Your Content on the
Site, you hereby: (i) grant EXPERTS EXCHANGE a non-exclusive,
perpetual, irrevocable, unrestricted, transferable, fully
sub-licensable, worldwide, royalty-free license to use, distribute,
display, reproduce, perform, modify, adapt, publish, translate and
create derivative works from Your Content in any form, media or
technology, whether now-known or hereafter developed; (ii) grant
EXPERTS EXCHANGE and its affiliates and sub-licensees the right to use
the Member Name that you submit with Your Content for purposes of
attribution; (iii) authorize EXPERTS EXCHANGE to assert and prosecute
claims against any third-party making any unauthorized use of Your
Content, including any use that violates this User Agreement
(“Third-Party Claims”); and (iv) appoint EXPERTS EXCHANGE as your
attorney-in-fact for the purpose of asserting and prosecuting
Third-Party Claims. If you do not wish to have Your Content attributed
to you, then you must notify EXPERTS EXCHANGE at

customer_service@experts-exchange.com
.

Experts Exchange acknowledges that the copyright belongs to the author as “Your Content” and that by posting you are granting them extensive licenses to use that content. You are not assigning your copyright to Experts Exchange.

Now I am glad that their ToU does not attempt to wrest copyright ownership from its rightful owner, that is right and proper.

allfaq.org is demonstrably guilty of screen-scraping the Experts
Exchange web site and I do not condone those actions at all. However, looking at what
they copied – it was the Title, Question and Accepted Solution text -
the copyright of 100% of that is with the original authors, and not
Experts Exchange.

Thus, in my opinion, this complaint against allfaq.org is without merit and should be dismissed.

It would also appear that Experts Exchange has also abused the provisions of the DMCA in forcing Google to remove the content. Google should restore the links.

And finally, Experts Exchange should implement some technical measures to prevent automated scraping. Find better ways to improve your search ranking, and if your competition beats you don’t ask your own members how to do better SEO; be told by them that you have no Copyright Claims on the content; and then proceed to file DMCA take down notices when you know you have no (copy)right.

Stage 2: http:BL with Apache2 mod_perl

Written By: pgregg - Dec• 02•2010

After my earlier post Referrer and Comment spammers are a PITA I came up with two mod_perl plugins to Apache and an “apache level” firewall.

The reason for the apache-level firewall is two-fold.  There is no direct way for the Apache user to manipulate an iptables chain (as it doesn’t run as root), and second; I was not happy with suid root access or other forms of message passing to a daemon which would manipulate the firewall for me.

Architecture is thus, in httpd.conf place the following two lines:

PerlPreConnectionHandler PGREGG::httpBLBlock
PerlLogHandler PGREGG::httpBLLog

The first tells apache to run the handler in my httpBLBlock.pm module when a connection is received (before the request has been sent by the client).  In this handler, I am simply looking for a filename matching that IP in a directory that is writable by the apache user.  The contents of the file are a SCORE:httpBL_answer:[LIST].  Based on this, the module checks the mtime of the filename is in the last SCORE days, then the firewall is in effect. If so, we simply tell apache to drop the connection.  If the file has expired, we delete the file.

The second line is more interesting, and what creates the firewall filenames. In order to not impede the general speed of request handling, processing is performed in the Logging section of the Apache process. Our module is called by apache after the response has been sent, but before the access_log entry has been written.  In our module we perform the http:BL API call and compute the above SCORE based upon the Threat* level and Age* of the API response. (* both Threat and Age are octets in the DNS lookup).  We merely discount the Threat down to zero based on the Age (0-255) where an entry 255 days old reduces the SCORE to zero.
If the SCORE is larger than our trigger level (3) then we create the firewall filename, log the entry in our own httpbl.log and return Apache2::Const::FORBIDDEN.  This causes Apache to not log the entry in the normal access_log.  Otherwise, if all is ok, we return Apache2::Const::OK and Apache logs the hit as normal.

I have a bit of code tidy up, restructure the config/firewall directory and pull some common code out to a shared module before I can release to the world.

An interesting side effect to publishing the last story out through Planet PHP and other news sources along with the Project Honey Pot image is that when browsers viewed those sources, they all asked for the image off my server. In several cases, these were known spammer, Comment spammer, and other abusers. My server then created the firewall entry blocking them before they were able to follow the links back to my server.
 
I have been reading up more on Apache Bucket Brigades in an attempt to allow the firewall filter to be placed immediately after the request has been received and allow a custom response to the browser. This may help an otherwise unsuspecting user if their machine had been trojaned. I don’t mind admitting I’m thoroughly confused right now :)

Referrer and Comment spammers are a PITA.

Written By: pgregg - Nov• 28•2010

This shouldn’t be news to anyone – but Referrer and Comment spammers are a real pain in the a*se.  Polluting my web logs and making any meaningful log analysis problematic.

So, I now have an itch to scratch and I’m going to do something about it. I would encourage you, the reader, to do something about it too.

Firstly, get yourself over to Project Honey Pot and read up on the project.  If you can, set up a Honey Pot or two yourself. Also be sure to read about the http:BL – this works along similar lines to the DNS blacklists used for Email spammers.

Next, I’m going to write a general Apache mod_perl module which will provide integration (lookup) to the http:BL and allow the user to “action”* the abusers.  Minimally, it will prevent the normal apache log files from being polluted by diverting the log entries to a httpbl logfile.

* “action” – To provide flexibility, I’m thinking of running an external script with the IP of the abuser.  The script can then perform any action you wish. The one I’m going for is an iptables firewall block.

Comments and suggestions welcome.

Project Honey Pot has implementations for several languages, including PHP and Perl (the languages that mean most to me).  There may be an implementation for your Web application so you might not be interested in what I’m doing at all :)

14-projhoneypot_banner.jpg

Vodafone UK + HTC Desire + Android 2.2 FroYo = Fail.

Written By: pgregg - Aug• 04•2010

Well, it looks like Vodafone UK royally messed up the timing of the HTC Desire OTA Update yesterday.  While most owners were eagerly expecting the announced Android 2.2 (FroYo) update that HTC have been pushing out, Vodafone decided to push out a 2.1-update1 which only provides Vodafone branding, apps, a few bugs, and even a couple of “adult” related bookmarks to everyone – and leaving them on Android 2.1 (Eclair).

Needless to say – Users are not happy at all. *Vodafone appears to have moved the thread here. [2010/08/06] Moved again to here (is Vodafone trying to hide the complaints?).

In work, we (coworkers and I) now have a total of 8 HTC Desires (out of 16 people) – even two iPhone users have converted! A few have been espousing the wonders of FroYo on their phone (some had rooted, and did it themselves, others had bought unbranded phones and got the stock HTC FroYo upgrade). I was jealous(ish) and wanted it myself.

Given Vodafone’s actions yesterday, it was likely that the FroYo update from Vodafone was minimum several weeks away, if not 3 months (as was intimated on the Vodafone forum – end of October) – it was also noted that the Vodafone FroYo update would include the Vodafone 360 branding and software.

Thus, last night it was time to embark on the adventure of flashing my HTC Desire to a stock image direct from HTC. I reasoned that my goal should be to flash HTC’s Android 2.1 (Eclair) image to the phone, and once there, the normal software update process should take me to 2.2.

And so it began…

I knew that I needed to create a gold card because the Vodafone image doesn’t let you install non-Vodafone images. This I discovered as I tried to simply apply a stock 2.2 download and using boot recovery update.zip – all attempts met with a complaint of a “Fingerprint error”.

I ended up at this page:
  [TUT]Complete upgrading guide(root, unroot, flashing ROM & updates)

and followed Post #3 which details a) How to make a Gold Card* . Ignore the rest of #3
and then Post #4 – the “unrooting” guide.

You then need to find a download of the correct stock HTC Bravo WWE image ROM – I chose the second WWE ROM from this link (140MB download):
  [ROM] Official HTC Desire RUU ROMS and OTA Update URLs
  RUU_Bravo_HTC_WWE_1.21.405.2_Radio_32.36.00.28U_4.06.00.02_2_release_126984_signed.exe

Proceed through the rest of Post #4 “How to Flash ROM” with the Goldcard inside your Desire, and plugged into your PC.

The phone will take 5-10 minutes to complete upgrading (or downgrading) to HTC Stock 2.1 image. When it reboots you will have to go through all the original setup sequences you did when you first unboxed your phone.

You can then perform a Software Update Check and you should find you have a Android 2.2 FroYo update (90Mb) waiting for you.  Proceed and let it do its thing.

Once done, welcome to FroYo.

All future updates will come direct from HTC – not from Vodafone, and you won’t ever have the Vodafone 360 branding rubbish foisted upon you.

* My GoldCard creation had a bit of a hiccup, in that it turns out that the 4GB Samsung card which came with my Desire does not work as a Goldcard despite formatting and following the instructions to the letter.  Trying an old 1GB Sandisk I had resulted in a good goldcard.

Aside from the goldcard hiccup – this all went surprisingly smoothly and painlessly.

Good luck.

Disclaimer: If you try any of the above – it is all your responsibility. I take no responsibility should you brick or damage your phone.

The O2 Joggler – A first hack.

Written By: pgregg - Apr• 14•2010
12-devicev2-thumb-308x149-11.jpg

If you were not aware – O2 last week reduced the price of the O2 Joggler from £149.99 to £99.99 to £49.99.  Nothing remarkable in price reductions, however what is remarkable is what you actually get for your money.

The O2 Joggler is a silent 7″ touchscreen device with Intel Atom Z520 running at 1.3Ghz, 512Mb ram, 1GB internal flash storage with additional storage available via an external USB port. What makes the device really exciting is that it also has a 1GB ethernet (Realtec 8168) and Wifi.

Looking at that – I know you’re all thinking “linux box” – but conveniently, the default operating system on it is based on Ubuntu 8.04 and busybox, The frontend is a custom flash driven UI developed by OpenPeak (makers of the Jogger which is rebadged by O2).

There are plenty of clever individuals over at http://hackthejoggler.freeforums.org/and in the #mer channel on freenode who are working to allow the Joggler to run other Operating Systems such as Android, Ubuntu Netbook Edition, MID, even Windows and OSX.

However, the standard OS supplied is also pretty powerful and allows significant customisation.  You can enable telnet just by turning it on with a custom USB stick plugged in. To do some of the things I’ll be describing here you will need to have started with that.

Once you can telnet in, the world opens up and you can do lots of things that you would expect* to be able to do in a linux system. (* except run a web browser…. at this time – we don’t have web access
with the stock OS due to the custom flash GUI interface.
)

Lets install some useful utilities, how about perl, terminfo, irc clients, bit torrent, rsync, ssh/scp ?   Yes, I know what you’re thinking – overnight silent downloads – no need to leave PC on… nice…

I’ve built several of these utilities with installation instructions and uploaded them over here: 
  http://pgregg.com/projects/joggler/

Feel free to download, examine, install etc.  Read the README on the download page – it explains how to do it. Most of the packs include an install.sh script that will provide an installation safety net – it won’t overwrite existing files or libraries.

Usual disclaimers apply – you try these applications at your own risk. I accept no responsibility if you manage to brick, fry or otherwise trash your joggler.

Comments, suggestions for other applications are always welcome.

Update: Thanks to NP – seems I was a little too brutal with the library stripping to keep the download sizes small and I missed some required libraries (that I mistakenly thought were in the standard Joggler distro).   I have rebuilt the following packages as they were missing some libs: rtorrent, rsync, sudo,ssh
The screen package has been rebuilt too to add one final tweak (to the installer script) so it can be used by non-root users – the only difference you need to do is run the command: chmod 666 /dev/ptmp /dev/tty