What Will Happen to Rented Software When Its Publisher Sinks?

MightyE asks: "With the advent of subscription software with renew-required keys, I have a question. What happens when a software company from which you lease goes under? Who will provide you your software keys in the future? Should a law be required that if such a company goes under, they must either sell the rights to rent keys to another company, or provide non-terminating keys to the current subscribers?" With many large software corporations looking to put these systems into effect, I think it's better to discuss this question now, rather than later.

"Currently if you purchase software, and the software company goes under, all you lose is support, you still have a working product. Consider a large corporation making a major rollout of "rented" (rented meaning any software with a time-limited key) software. If the software company closes its doors, the corporation has now invested thousands, hundreds of thousands, or even millions of dollars into rolling something out that may only work for the rest of the quarter.

On the other hand, consider that you are a company that rents software. If you are required to enable non-terminating keys for the event of corporate liquidation, this would only have to be broken once and one single non-terminating key could get out on the net, thus defeating one of the largest concepts behind "rented" software, anti-piracy (not that I don't whole-heartedly believe that any good software with a rented key won't be cracked with a key patch or something).

Certainly it seems a viable solution to require such companies to give or sell their key distribution duties to another company."

Laws are the *last* resort

[gunner800]

How about this for a solution...

If you (or your company) are comfortable with the risks of renting software, then rent software. If you're not, don't.

Nobody is going to force you to rent software. If you want to pay the (arguably) extra money, then go buy some non-terminating software. Even if every piece of software in existence is rental-based, nobody will force you to use it.

Just don't accept a license you don't want to agree to.


My mom is not a Karma whore!

Re:Laws are the *last* resort

[rgmoore]

The biggest problem is that you don't always have a real choice in the matter. There are real world cases in which there's a single vendor for a critical piece of software that you desperately need. Even worse, that's likely to become the case more often as software patents become more prevalent, as they give the companies legal monopolies in specific areas. If the company that holds a monopoly on your critical piece of software decides to offer their software only on a rental basis, you have only unappetizing options. You can break the law by writing your own software that violates their patent, rent their software with the odious terms that implies, or do without something that may be critical to your business success. This is the kind of messy decision that happens in the real world of effective monopolies that "free market" appologists choose to ignore when claiming that consumers aren't really stuck.

What do you do when all of your choices are bad? Since the government is fundamentally responsible for this kind of mess by giving away monopolies in the form of software patents shouldn't they be involved in protecting people who wind up being screwed by them?

Let's just put an end to this.

[fmaxwell]

The software "licensing" system is broken. Companies sell licenses and rent software because they are desparately trying to keep software from being considered a "product" that has been purchased. If it was a product (in the eyes of the law), then they could not get away with providing buggy crap that fails to perform and crashes constantly. It would be no different than a toaster that failed to work one out of 20 times -- it would be considered defective and the manufacturer would be required to fix it.

The black-helicopters-are-spying-on-me/lower-my-taxes/ there's-a-Waco-coverup/they-want-to-take-my-guns-a way crowd will disagree, but we need government legislation that makes software a product just like anything else that we buy in a store. Then Microsoft would quit trying to find ways to embed javascript into e-mail and, instead, make Outlook reliable and secure.

This kind of thing happened to me

[BluedemonX]

I bought a piece of software called Bodycraft, which is supposed to generate a workout and eating plan appropriate to your wants/needs (e.g. gain muscle, lose weight, stay same weight)

I bought it, and installed it on a computer, and called for the code to unlock the stupid software dongle, and everything went relatively well: although the program was buggy, I could hack it to work.

Moved to a different computer some time later - whoops! Need to re-register. The phone was disconnected when I tried to call back for a re-registration (some stupid software dongle).

Contacted the big name fitness guru who's name is all over the box - who said "I can't help you, that's the company, they screwed me too, yadda yadda yadda - but you know what, with this new company I'm working with, you can buy the same program AGAIN for $30 more!"

This has already happened, hasn't it?

[ewhac]

In the consumer space, this has already happened with DIVX (the DVD "rental" scam). DIVX's answer to its customers was, essentially, "Fsck you."

However, there are also several high-end software packages out there -- the old Diab C compiler and Perforce source repository system come to mind -- where you have to install a "license" server and periodically update the key that allows it to continue to operate. Doubtless others exist. How many of these have had their parent companies fold? What did their customers do? Was the eventuality covered in the contract?

Schwab

Re:Free Market

[sphealey]

Actually, "source code escrow" agreements used to be quite common, and are still to be found in contracts for business-critical applications such as EPR systems. The vendor agrees to put a copy of the source code in escrow with a law firm or CPA firm that handles such situations, to be release to the customer if the vendor ceases to be a going concern (or in some cases if they terminate the product line), at which point the terms automatically change from license to ownership. I imagine most of the really big guys will put similar protection in the contracts with M$.

Now, has anyone ever made actual USE of such an agreement? That I can't tell you.

sPh

This issue hits close to home to many universities

[Lostman]

My university's mathematics department relies heavily on the use of Mathematica (a "god" in the mathematical notation and symbolic problem solving front). I loved it and I bought it -- and found out that there will be a problem if the publisher (Wolfram Research) ever goes out of business...

When you run it for the first time, it notes all your hardware and creates a unique "id" that has to have a matching unique "password" to unlock the software.. sound familiar?

The gist is, when the university decides that their 180 mhz computers just "dont cut it no 'mo" and upgrade, if wolfram isn't there to give out their unique passwords then the university has lost out on QUITE a lot of funding (The student version (full w/o manual) goes for 150 but the retail version (full w/ manual) goes for about 1150).

Now, in these cases would it be "correct" or "right" to reverse engineer the software's security or at least use a keygenerator as found on the little warez kids sites... and what kind of trouble could a university find itself in if they did this?

This is not a new problem.

[gorilla]

This is not a new problem. It used to be that leasing of hardware & software was the way that IBM did business. You didn't even rent foocalc 1.2, you rented production payroll for 1200 employees, complying with all federal & state statues'. If you found you could only produce 1000, or there was a statue you weren't complying with, then IBM would fix it for you.

This is one of the reasons why IBM was investigated & the prosecution started for anti-trust.

Businesses never liked this model, they wanted control over their destiny. I see no reason to suspect that business has changed much in the intervening 40 years.

Renting is for throwaway systems only!

[dcavanaugh]

Why rent anything to satisfy a need that doesn't go away? Installing any non-trivial software system is an expensive proposition. My thought is that we buy something with the intention of keeping it long enough to justify a perpetual license. If we honestly plan on walking away from the product in less than 5 years, I have to ask the questions: (1) "Why are we doing this?" (2) "Can we find something that is not a throwaway system?" Of course, we pay for annual support, so there is always a "pay-as-you-go" element to all of this anyway. Why should we tolerate a periodic licensing hassle? In the pure throwaway scenario, you look for an ASP -- simply buy the app, server, and service concurrently.

Having the perpetual license is an important damage control mechanism. Software companies go bankrupt or they merge and put the customers on a "death march migration plan". We need to have the option of indefinite self-support, so as to keep the existing systems on "life support" long enough to consider our long-term options.

I predict we will see more and more companies (led by M$), trying to make this a "pay-per-click" world. I also predict the free market will continuously reject such initiatives. I don't want to rent an app any more than I want to rent a phone, house, car, clothing, eyeglasses, appliances, furniture, computer, or DVD (remember DIVX???) The final nail in the Rentware coffin is that software rental is an operating expense, whereas software purchase can be capitalized.

The only positive thing I can imagine is that Rentware makes it easier to walk away from a bad decision. If you buy the wrong software, you can eventually stop paying for it and buy something more appropriate next time. I have seen a few systems that were poorly chosen and eventually discarded. Renting those would have been nice. Not as nice as buying the right thing in the first place, but better than a total writeoff.

Unworkable idea.

[jms]

Should a law be required that if such a company goes under, they must either sell the rights to rent keys to another company, or provide non-terminating keys to the current subscribers?"

Let's call the failed company "FailedCo."

FailedCo "notified" their employees of the company shutdown by changing the lock on their door. (Common practice!) They immediately laid off their entire staff and cancelled their lease on their building. The entire contents of the office, including the computers containing the source code to the software as well as the license key generator -- were loaded up into a truck and piled in a non-climate controlled warehouse, pending Chapter 11 proceedings.

As the case drags through bankruptcy court, more and more customers are faced with license key expiration, which means that they are going to be forced to abandon using the software. This makes the "rights to issue new license keys" less and less valuable over time. When the last license key expires, and the last customer has to abandon their software, the "rights to issue new license keys" falls to a value of zero dollars.

Let's say, for argument's sake, that the judge orders FailedCo to "find a company to continue licensing the software to current customers."

No company in their right mind would agree to do so!

Why? Let's say, for the sake of argument, that a company, "ReceiverCo", agrees to do so.

First off, they are being asked to take on the business operations of a failed software company, and pay good money for the privilege!

Second, even though they have the rights to sell license keys and continue to maintain and develop the software, ReceiverCo is first faced with a daunting problem.

The problem is a warehouse filled with computers, huge boxes piled full of cryptically labelled or unlabelled floppy disks, 8mm tapes, and zip disks.

Before they can issue a single license key, they have to figure out:

1) Are all the computers intact? Have the hard drives crashed? Do they boot up? Do they have to be networked together in a certain way in order to work? Are some computers NFS servers? Do they have to be manually restarted when they come up? How much time and money is it going to take to figure this out?

2) Which are the important computers -- the ones with the source code and the license key generator, and which computers are unimportant -- the secretary's computer. The "important" computers are probably protected with unknown passwords. What are the passwords? Are the really important computers protected with encryption? How much money will it cost to hire "hackers" to break into all the machines, and sift through the 80 gig hard drives to find the valuable "assets" -- the source code & license key generator?

3) Was the source code left in a buildable state? Remember, all of the developers are gone, and with no warning. Their computers are probably filled with test builds, undebugged source code, obsolete source code, and probably even entire non-working, experimental build-trees. Parts of the program are in C++, parts are in undocumented assembly language, and the internal build scripts are written in an in-house written scripting language that no one outside of the company has ever seen before. What if FailedCo itself has been licensing code from another company, and that license has run out?

4) How do you run the license key generator? Odds are, it isn't a nice, well-written application. Most likely, it's an obscure command-line program, with a non-obvious, non-documented syntax. How do you even know when you've found the license key generator? Is it that binary called "lkg" in the home directory of an account called "lisa" on any one of 35 identical-looking computers? The "lkg" command just spits out "incorrect syntax" no matter what you type, so how do you know if you've even found the license key generator?

Remember, all of the people who staffed FailedCo are gone. They have new jobs. They've filled their heads with new information for their new job, and barely remember this stuff. And their getting laid off was such a bad experience that they have no interest whatsoever in helping ReceiverCo revive FailedCo's products. Or maybe one of them will do the job -- at an extortionate price.

It could literally take months to years and hundreds of thousands of dollars in manpower to conduct what would amount to an archeological dig through all those computers, and reconstruct the license-key granting program & procedure.

All this to secure an asset of unknown value, that is quickly free-falling towards worthlessness.

No company in their right mind would ever do it.

What will really happen is that FailedCo will fail to find a receiver, and the judge will order that the company's assets be liquidated. All the files and computer media -- floppys, backup tapes -- will be either sent to a landfill or bulk-erased and sold as used media, and the computers will have their hard drives either removed and destroyed, or reformatted, and the computers will be sold as "used computers, without windows", at auction.

And the source code and license key generator will cease to exist.