Slashdot Mirror
Shakedown: How the Business Software Alliance Operates
An anonymous source writes: "I'm a faculty member at a public university which the
Business Software Alliance contacted in a bulk mailing last Fall. Stupidly, our IT department invited them in to 'explain' licensing to us, and now we are trying to fend off an audit on our computers (public and private). Two questions: what kind of leverage does the BSA actually have against us? And does anyone have war stories, successful or otherwise, of their encounters with the BSA?" Although Slashdot is running this story as from an anonymous reader, we have contacted the source and believe the story is factual and the appeal for help is real. Consider this Slashdot's contribution to National Copyright Awareness Week.
The source continues: "The report that the BSA gave to our administration was filled with scary stories about other schools who tried to resist, so unless there's some hard evidence to the contrary I suspect our university will just roll over. We were told that:
- auditing software *will* be installed on every campus machine;
- the license for every program, on every machine, must be produced upon demand;
- failure to produce licenses for all commercial or shareware software will constitute prima facie evidence of illegal possession, with penalties that could range from the confiscation of the machine to the firing of the user;
- and this includes computers *personally* owned by faculty."
First post! Oh yeah, sorry.
I would think that you could tell them to stuff it up their ass. Unless the EULA of each individual piece of software specifically requires this upon BSA request (as opposed to the manufacturer's specific request) I would think you're in the clear.
IANAL, however...
While I'm of course not a lawyer, but what right does this organization have to come in and put anything on the computers that are privately owned? I think they are trying to make you THINK that they have right and you'll give them the go ahead because they've convinced you they do... while in reality you could tell them to go to hell and they couldn't do a thing about it.
If you want others to respect the license of your software, please at least respect other's software licenses...
Perhaps I'm not 100% informed in what the BSA does, but how can they just march in and start installing software and demanding licensing documentation? They are not a government organization, right? It looks like they operate Internationally, so where do they get their jurisdiction to start making demands?
Some big organization needs to do this in response to a BSA audit request.
Once the BSA has its sights set on an organization, then that organization had better have either the licenses or the money to pony up FAST to buy them. I have seen cases where the BSA isn't satisfied with responses and comes back with Federal agents (yes, guys armed with subpoenas and guns.)
If you are reasonably sure that your licensing is OK, then you could probably stave them off. It would be a unique Uni that licenses all of the software being used though, based on my experiences.
Basically, you are screwed if you a) don't comply with them and b) don't have your licensing in order.
Why should an organization be peanalized for personally owned computers? Yes, IT can set rules and what not but how many users actually follow IT rules?
Note to self, don't bring laptop to work if company is being audited by gestapo...err, BSA.
I would suggest that you 'lawyer up'.
You absolutely need your legal counsel involved in this. An IT department is generally unsuited to handle these type of business/legal affairs.
By sucking in the legal folks you turn it from an IT problem to a 'university as a whole' problem.
Do not let them strong arm you into anything. Play hardball. Tell them you are doing an internal review that could take months.
Remember, they will be very reluctant to force the issue into a courtroom. It is very bad PR for them to take an impoverished college to court. A jury would be filled with people who all have 'unlicensed' software on their home PCs.
But in the end, you will have to make a reasonable effort to be in compliance and generally pay for the software you use. That, my friend, will be unavoidable. Unless, you switch IT platforms to a free or close-to-free software environment.
Good luck.
nuclear iraq bioweapon encryption cocaine korea terrorist
If you have a company who is grossly out of whack with licenses, they will grant you a "grace period". Kind of nice to know that not everybody is out to screw you.
Just my $.02
The BSA isn't all bad. First, haggles over license increase the total cost of ownership for commercial software, which makes free (as in speech) software more attractive.
:)
Second, I used them to shut down a competing software retail store once. The place was selling Microsoft OEM software off the shelf. A call each to the BSA and to Microsofts Piracy line and the place was out of business in 4 months.
On this:
>with penalties that could range from the
>confiscation of the machine to the firing of
>the user;
Exactly how is the BSA supposed to fire in-house employees? Freaky.
The BSA is a completely unrelated third-party attempting to enforce a contract they have no interest in? Is that about it? The license is granted by the manufacturer to the user (organization). Why does the BSA have any role here at all. If M$ doesn't feel the need to enforce their contracts through normal channels (i.e. suing you), then I'd tell the BSA to shove it. Of course, IANAL.
Ask them for the Search Warrant. They should at least have to have a reasonable belief that you have software on your computer that is not licensed. Arbitrary demands to search your computer are unreasonable, they cost you both time and money, no court should uphold a part of a license that subjects anyone or any institution to unreasonable searches or demands, no matter what the licensing. Notice in all EULAs they put that little clause in there that says, "If any part of this license should be found unenforceable, then the rest of the license shall remain in full effect..." That's because the EULAs have not been thoroughly tested in a court of law, and they know they are going to lose on some parts. Without some kind of evidence they're going to have a pretty weak case.
Tell them the problem, including asking if the BSA has the RIGHT to DEMAND that you run their programs on your computers.
If the legal geeks say that they do, get together with them and jointly request the IT department to move away from those companies.
That does two things -- first, you will show the BSA (not boy scouts) that you are willing to fight back, and second, it presents a case to the school the problems of private software in a public setting. (That's an obvious Free Software comment. karma++ )
//TODO: Think of witty sig statement
...and that word is "outrageous." If your administration does not step in and put a halt to this egregious evasion, then you can tell them I told you they are a bunch of pussies.
Seriously: Where's the search warrant? How enforceable is a EULA with such broad contractual provisions that it forces a licensee to waive all rights to due process and freedom from illegal searches? (Before you naysayers tell me the Constitution has no bearing in this, check the facts: In many cases, BSA shows up at the doorstep with their very own law enforcement escort.)
There is a legal concept known as "blue-lining" in which a judge has the legal authority to water down, modify, or even eliminate certain portions of a previously-agreed-upon contract. I learned about this after I found myself the unwitting signatory to a capricious and completely illegal legal document. The state recognized the document as legally binding; however, the state also found the terms of the agreement were overly-reaching, capricious, and without legal standing, effectively nullifying the contract.
The reason why companies continue to write obviously unenforceable contracts is that they know the number of people willing to fight in court is very low. Most will simply roll over, expose their underbellies, and submit to being raped rather than fight.
Step 1, bury all burned CDs
Step 2, download distro of choice.
Step 3, burn that onto CD.
Step 4, format HD and install it.
Step 5, laugh when you show them the freeware license.
Alternatively,
Step 1, transfer to another school.
Step 2, feel bad for your friends.
IMarvinTPA
Trusting software vendors is no smarter than trus
who pays for that auditing software?
what if it requires an upgrade to run?
we're trying to audit our own systems, but are resorting to payware
I would think that personal machines are off limits... (unless they are onsite)
failure to provide 'license' would be a problem...
what if you could provide invoices? paid bills for
bundled purchases of said software?
I doubt the range goes exclusively from confiscation to firing.... there are many options
that dont really fit INBETWEEN those.
Surely your univerity has legal council on staff?
They generally know when you tell folks like the BSA to pounch sand.
It seems to me that there's no way they can force the university to fire people over licensing issues. *Especially* professors. Most of those people have tenure, you know. Professors with tenure at my university have gotten away with embezzling grant money and sleeping with undergraduate students. Depending on the tenure contract at your school, it is probably *illegal* for the university to fire professors over this issue. BSA can't possibly wield a big enough stick for this to hold any water.
As such, it seems to me like they're protesting too much. The scenario they paint is patently ridiculous.
Read Bujold. Free (as in
and this includes computers *personally* owned by faculty.
I assume you mean owned by faculty - but onsite at work? If so - why wouldn't they be treated like any other computer onsite.
BlackNova Traders
BSA or cops, they are both a pain in the ass. Don't invite them over.
"It's not a war on drugs, it's a war on personal freedom. Keep that in mind at all times." Bill Hicks
Also, my 2c on this: There are a few angles. Clearly, a private institution is innocent until proven guilty under US law. So, the scare tactics the BSA is using on your University take a couple of prongs:
- For the legally not so savvy, it says "We'll sue if there's even a hint that you might not own some software! Put our software on your computers to keep us from suing."
- For the legally more savvy, it says "We can make your life sufficiently annoying that it will be cheaper to just let us put this software on your system." Then we'll go away.
To address this for both audiences at your university, you'd like to be able to prove:- Your university is not, in fact, legally liable to the BSA, and that it in general isn't responsible for what people do with their personal computers.
- It will be significantly more expensive to install the software they require, than it will be to get legal counsel to tell them to go away.
My guess is both those things are true: A nicely backed up presentation proving both those points would probably quelly our nightmares. Good luck! Post back and tell us what happened.If the Gestappo comes by asking if you've seen any Jews, do you ask them to explain what Naziism is all about?
Until this IP law is overturned, cower and hide if you're not williong to put your ass on the line to do something about it. In this case, your guy put his ass on the line, it's only natural that he takes what's coming to him. Consider it a form of back-assward martyrdom.
One, is to say FUCK YOU to the BSA and make free software the standard for the university, unless there is a clear need for something that is not available through free software. Now, that might be fucking hard, because many professors have their own labs, and they will either already have entrenched themselves into non-free software. The other option is to bend over and let them fuck you in the ass. If you're a public university, you might organize some kind of fucking propaganda campaign, directed at the voters of your fair state, showing them how the fucking BSA is costing the taxpayers a lot of fucking money.
Fascism trolls keeping me up every night. When I starts a preachin', he HITS ME WITH HIS REICH!
Personal machines are the biggest risk, since your organization really has no control over them. The solution? Pass a new rule forbidding personal machines on campus. Yes it'll suck, but having such a rule in place (with appropriate disclaimers of liability) will allow your organization to get people to take those things home before the audit occurs. This can always be changed back after the audit. It runs the risk of the administrators just saying no personal machines, period, but you take your chances.
Organization-owned machines should be a lot easier to audit, since Joe Blow usually cannot waltz in and install stuff on them.
I would be careful of Linux or other free-software based machines, M$ and most likely their BSA lackeys won't take kindly to them.
I tried every decent and legal way I could think of to resolve the issue w/the business before I rented the chicken suit
At this point, the only leverage that they really have is fear - they're trying to intimidate you. This is what they've done to hundreds of other companies. They come in, use your "acceptance" of a software product's EULA as a hammer, and either force an audit (which, with the criminal penalties they throw at you, gets to be scarily expensive) or force you to pay upfront and forget about the audit.
:)
Yeah, some people call it legalized extortion. IANAL.
For something like this, they should really go through your university's legal department. If the legal department hasn't gotten involved yet, then get them involved now! Get some counsel. They are the folks that were hired to protect you from this sort of thing (among many others).
This sounds just like pure intimidation to me. Especially once you mentioned that the audit includes personally owned computers. If they want to audit my personal laptop, which I bring into the office sometime, they would not send the notice to my employer. They would send it to me. Like I said before, talk to a lawyer. A lawyer, not the Slashdot crowd, can give you the best advice.
--
Welcome to the land of the easily amused...
In talking to a judge friend of mine you have several choices: 1. Tell the BSA to go to hell and hope they don't have probable cause to get a search warrant. If they get one they will come back with the police and then you will have a criminal problem - this is not a likely scenario for a public institution. 2. Let the BSA in and try to deal with them as best possible - however I would have my attorney do the talking to them - most attorneys don't scare too easily. 3.Tell the BSA that you are busy and to come back in a couple of weeks. In that couple of weeks clean up your act and let them in. Personally I would tell them to go to hell and make them come back with the cops. Why? So they have to fight to get into every business. If they have to do this it will eventually stop them as it will become financially impossible for them to continue. As a public institution you have a different problem than private businesses. You have a public relations problem. I'm sure that this is what the powers that be in the university are thinking about. My problem is that the BSA thinks that they are a peace agency (police agency) and they aren't. As far as I am concerned the best solution is to not deal with the software companies that support the BSA!
I'll hit the second one first. If the personally-owned computers are on the network, they're close, maybe, to being able to audit those. Maybe. But that's really grey. I know I, for one, wouldn't let them on, and if they came into my office and said "let me look on that machine," I'd simply disconnect it and say "no."
For the first one, though, I have a much bigger problem. Can anyone cite any other [industry / realm / product space] where one is required to retain all receipts in order to prove ownership? I don't need a receipt to show that I own the shirt I'm wearing. If someone wants to accuse me of stealing it, show some evidence. I don't need a receipt to verify that I own the couch in my living room -- if someone thinks I stole it from my neighbor, fine, prove it. So, why on earth do I need a receipt for software?
I can understand the technical complications that are entailed here -- like when you've got 1 CD for 100 machines. But the legal issues are what I'm more curious about. In no other situation am I, essentially, guilty until proven innocent.
Does anyone know if anyone's fought the software industry on those terms? You can't prove I stole it, so go away. Seems like it should work, but then again, maybe I'm being idealistic.
(Okay, I thought of two examples -- cars and real estate. But those are tracked for me by the government, and if I lose a copy of my title they can send me a new one, for a modest fee.)
As Dr. Teague put it. R dr d-theta. ;-)
have you purchased most of your software from one vendor? if so, note that to the BSA...
Do your users install applications themselves (do they have the ability to?) if not, note that as well
As i understand it, the BSA is primarilly concerned with mass piracy either A. a company using multiple copies of say win2k server or windows 2000 professional... and/or B. people installing lots of applications themselves.
just my 2 cents haveing delt with a forced audit from M$ in the past...
if you are sure you are not using lots of pirated software, ie. you buy windows with every computer and you don't let users install software (policies help alot here, in fending of responsibility) then you'll be fine... just give them the info you have...
I do not believe you have to comply with software based auditing software, specifically state that you manage licensing on the purchasing, policy, and physical software installation prevention end NOT at the client... you can probably find millions of documented analysists that would show that such software would prohibitavly increase TCO out of sight...
Personally, I enclosed a RedHat sticker in their mailing and told them where to stick it....
there are no stupid questions, but there are a lot of inquisitive idiots
I don't mind if they take GPL'd code.
I don't even mind if they RESELL GPL'd.
I MIND when they stop me from redistributing GPL based code however I damn well please.
The report that the BSA gave to our administration was filled with scary stories about other schools who tried to resist...
:p
Seriously, why hasn't someone taken up these bozos on racketeering charges or something? And if your answer is that the bozos bought the government and it's too late, don't bother posting... Every story I hear about the BSA, including their own commercials sounds like something out of a gangster movie.
Bleh. More IP doom stories. What a waste of time.
--- this comment is presented in WIDE SCREEN STEREO!!!
to replace *all* possible software with Linux, BSD, ect. Leave only a few office computers and any that need special programs that can't be replaced with "free" software. Since you are a university get some CS grad students to work on installation and training. Call RedHat pay them a chunk of money to come out and help you set things up. In the long run it will be a hell of a lot cheaper that paying the BSA their fines and all of the extra licensing you don't really need. I got one of the BSAs' fishing letters the other day. They would be disappointed to see that everything here runs linux execpt an old 486 running dos 5.0 and a point of sale program. BTW the POS program will run on Linux/DosEmu/DRDos, but the computer can't handle the extra load. When the 486 gets replaced it will run linux/DosEmu.
"Software piracy is a crime - it is no different from any other form of stealing." What a joke...or just a lie.
That said, my only experience with software audits is with Microsoft. It was quite a galling experience because the company I worked had spent a lot of money and time insuring that only licensed software was running on the machines. After that good faith expense, the BSA comes in and demands an audit. They basically hi jack our hardware people for a week, cause no end of interruptions to the development of our product, install gods knows what on all out machines, and wreak general mayhem. If course we could have avoided the entire thing by paying the "protection" fee. They treat the customers like addicts. It like you get the drug free know, and when you are hooked, we will exact the price.
"She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
How do you know it's Microsoft?
---- It puts the lotion on its skin or else it gets the hose again. It does this whenever it's told.
the monopoly barriers would fall to increased free software usage.
can you think of a less awkward slogan for this concept? -->
"friends don't help friends bootleg shackles"
If you need text styles to communicate then you don't have a message.
It's in the EULA, unfortunately... They can audit you anytime they wish. To not let them do so breaches your licenses.
For God's sake, READ THOSE EULAs! If more schools, businesses, orgs, paid attention to what they were signing themselves up to, one of two things would happen:
1. They'd opt for more "Free" as in freedom software that does not have such draconian strings
2. There would be FAR more pressure to change or limit what can be put in EULA's..
But, the bottom line, the EULA is a contract that your org agreed to soon as you clicked "I agree". Submission to the BSA is one of those things they agreed to.
Sure, much of it MAY be illegal and unenforceable, including the BSA audits, BUT, because you all "signed" the contract, it's up to your org to go to court and PROVE it...
=== The price of freedom is eternal vigilance
Let's be reasonable here. This is an industry group. They are not a company or corporation, or even a government body. That is, they don't have shareholders, and they don't get to take home bonuses if they have a "good year." In fact, the people at the BSA would consider the best year to be one in which they have no work at all.
Why? Because the BSA exists for no other purpose than to protect the investments of software companies. Whose products benefit us all (yes, even we Linux customers...for surely the software in use by banks, at the DMV, at "the club," etc. are not all free!).
So step back a bit, and calm down. If you do have illegal software, well, what is your defense? To be frank, that is illegal and immoral, and definitely does not make your university a role model for students, IMHO.
Remembering that IANAL, IIRC, if you don'thave any illegal or pirated software, what have you to hide? Basically, the fact that you are so worried about it indicates that you do have something to hide, and I have to say I feel sorry for you.
But not that sorry. After all, information regarding fines for pirating software was freely available to all who wanted to find it. If you then chose to ignore this, well, you took a risk. If you blew it, well, it sounds harsh, and IANAL, but I believe you are in trouble.
Good luck, and everyone, please remember. If you can't use free software (which does not fall under the BSA jurisdiction, IIRC), please keep it legal. The software industry benefits us all, especially at the university and business levels.
Karma: Good (despite my invention of the Karma: sig)
I am sure that somewhere in the university there is a disgruntled, or ignorant employee that is more than willing to have private discussions with the BSA regarding the software that they and everyone else uses. Once armed with the conversations with "Insiders" then the BSA has a leg to stand on to get in with the law enforcement types and really force you to do things.
Oh, and so far as them requiring audit software on your computer... NO WAY can they do this! They would have to take you to court, sue you and win with some of the terms being software licensing monitoring.
They tried to force the company my mom worked at to do this. She called me, and we went ahead and just removed MS office from every machine and installed StarOffice.
Followed by a nice letter to the BSA and MS saying that they are going to go open source now b/c of the BS of the BSA
The BSA often operates off tips from disgruntled former employees. A sufficiently credible employee, with a bad enough story, might be able to convince the feds to issue a warrant, but that is not likely. More likely is the threat to file a lawsuit.
No system will be perfect. If you implement systems to *try* to operate with properly licensed software, disgruntled former employee stories are less likely to stick, and once they see that a system is in place, the BSA will be able to see that litigation is not likely to be profitable on the occasional bad copy.
You'd rather be the angelic university that tried hard than the greedy pirating corporation that stole everything in sight.
Their right is CIVIL.
It stems from an EULA which is probably illegal.
They have to show in court that the EULA is legal and that they can invade.
The stories are just marketting to scare you.
Tell them to go fuck themselves and when they try the legal process you go after the EULA they use and have it invalidated. That will piss them off no end, but it will teach them.
As far as whether or not they can do this, if anyone (person or organization) who wants to audit you like this is not an official department of a Government Law Enforcement Agency, whether it's federal, state, or city, then tell them to fuck off. Otherwise, you are guaranteed due process and they will need to obtain a search warrant.
Privately owned PC's would be a separate search warrant - as they are not owned by the University they the University is not liable for it's contents.
Too bad the powers that be at the University won't do this. But what they should do is just install the Open Source, Free OS of their choice and tell the BSA jackals to burn in hell.
And to any member of the BSA who might be reading this: I run Red Hat Linux 7.1 at home. Go away. Kapisch?
BSA: We need to see licenses for all your software.
Me: This is an open source shop, but if you tell me which open source license you would like to see...
BSA: We at least need you to run this auditing software.
Me: Hmmm, seems kinda pointless, but what the hell. Do you have a Linux version?
BSA: No. You will have to remove your Linux OS and install an MS based OS that we do support.
Me: You want me to do what?!? Get the !&@$#%*@$%^& outta my sight!
[the obligitory IANAL here]
we did some research here at our company. my CEO and i were discussing it (i'm the CTO), and he told me he had done some leg work on the subject when the BSA first started their "scare tactic" TV/radio campaign.
the BSA is a software reseller. they have NO LEGAL AUTHORITY. they are not the "Software Police". they can't come to you and demand anything. you have to (stupidly, actually) ask them to come and perform an audit. then, when they find non-compliance, they offer to sell the company the licenses at a "special price".
they're vampiric...if you don't invite them in, they have no power.
of course, now that the ball has started rolling, they can probably bring some legal action. i'm not sure what legal recourse the SPA has (for example). subpoenas/warrants/etc, possibly. i imagine that there is a goverment agency to which they can appeal for such. and the BSA only has to pick up the batphone to them to start the ball rolling.
i know that doesn't help now, since they've already gotten a foot in the door. but it may help others.
Quidquid latine dictum sit, altum sonatur.
The rights enumerated therein should have been explicitly protected from intrusion by private parties in addition to intrusion by the government.
At the time, I think they felt that government was by far the biggest threat, and multinational and other powerful corporations didn't exist to any significant degree.
But now it's starting to seem like we need an amendment extending our protections to include such organizations.
Anyone have any thoughts on an appropriate wording?
I'm thinking something like "The rights enumerated in the Constitution are inalienable and shall not be infringed by any state or private party."
The "inalienable" part is intended prevent EULAs from making us "voluntarily" give up our rights.
Linux
Then of course ARM your IT department with shotguns
and call the BSA(called extortionists in some circles) and in your best Duke Nuke'm voice say
"Come Get Some"
Live Action Role Playing is way more fun then lame ass Counter Strike.
Also ask the BSA to show you all of their licenses!
I send you this load of .45 calibre round in order to say get the fsck off of my property!
You know, I wish I owned a company, just so I could fsck with the BSA. Arrogant bastards, as if corporations weren't usually evil enough, we've got a parasite attacking them as well.
In response to Microsoft's Strong-Arm Tactics against NW Schools, as discussed on Slashdot here, the Portland Linux Unix Group has been discussing how to go about effectively working with the local school districts and regions.
Can anyone show us examples of Linux or other computer user groups working together well with educational districts or institutions? Also useful would be examples of schools which have successfully made the switch to mostly GNU or Open-Source software.
This is my personal encounter - YMMV !
I attended a "seminar" hosted by Autodesk and M$ several years ago. At the entrance, the pretty girls were asking us to fill in info sheets, you know, like names, address, company you work for, et cetera, et cetera.
Since Autodesk and M$ were so kind to provide us with Orange Juice (Morn time, you know), I filled in the blanks.
Never would I thought that what I filled in ended up in BSA's file, and from then onwards - 6 years already - I and the company I work for, received THREATENING LETTERS, telling us that WE BETTER COUGH UP MONEY TO BUY GENUINE SOFTWARES or they will haul our butts in slammer.
Funny thing is, the Autodesk and M$ software we used (yes, USED, PAST TENSE !) were OFFICIALLY GENUINE, NON-PIRATED COPIES !
I got into troubles with my boss, since I was the one who filled in the blanks.
No matter how we tried to tell BSA that ALL OUR SOFTWARES ARE GENUINE, the threatening letters keep coming.
It got so bad that my boss decided to scrap M$ and all Autodesk softwares, and now we run Unix and NON-Autodesk softwares.
Yes, it actually cost us MORE to change our system, but at least, BSA, with Autodesk and M$, have NO MORE CLAIM ON US.
And the threatening letters still keep coming...
Talk about insanity.
And what happened above happened OUTSIDE of the good ol' U. S. of A.
Don't think you guys in the States suffer alone.
Muchas Gracias, Señor Edward Snowden !
This doesn't work for all universities though; some departments (engineering for example) need specialised software which only runs on windows. OSS just isn't always feasable.
SEUL/edu and SchoolForge help support Open Source in education. Their mailing list is filled with educators and sys admins for educational institutions who have installed Open Source systems. They can help you shift many systems away from proprietary software.
Hide all of your servers and workstations.
If they can't find it they can't audit it!
Fat people are harder to kidnap.
Tortuous interference with prospective economic advantage is a crime. They have no real basis for assuming anyone has committed a criminal act and no intrinsic authority to prosecute. Contact your local prosecutor immediately and explain the situation - that your institute is in good faith compliance with copyright law, that these people are attempting to extort from you significant financial gain and that while it is your institute's expectation and intent to comply with copyright law, these people have no right to subject you to the cost burden, nor any right to access to your systems. Get the law on your side now, because if you refuse they will attempt to get a warrant with the federal marshals. Refusing access to a borderline RICO organization is not a crime. Also get some sympathetic local press coverage immediately.
7 3257 &mode=thread&tid=10.5
Information at
http://slashdot.org/article.pl?sid=02/01/15/0
Be proactive. Fight back. A good tactic might be to develop an open source policy predicated on the cost of compliance with commercial software licenses being too high since even the companies don't understand their EULAs it's just impossible to do so and therefore the university will outlaw commercial software on their network.
The BSA is funded by MS, adobe, etc. If the BSA generates net positive income, they will continue storm trooping around. If it becomes a liability to have one's names associated with the organization, the underwriters will pull their support. This is a political as well as legal battle and if you don't fight, you'll be screwed, as will the next organization.
If this is a state school, they should forward the matter to the State Attorney General's office. They should explain that this 3rd party organization, which they have had no business dealings with, is violating the RICO act by trying to extort money out of them.
There's a name for this and it's called extortion. Here's how it works. I am the extorter and you are the extortee. I come up to you and say, "A little birdie told me that you are/have performed xxx criminal act. If you don't pay me off, I'll tattle on you." Note: Even if even you do pay me, you still have committed a criminal offense. Paying the extorter cannot change that. If they have legitimate knowledge that you are committing a criminal offense, taking hush money is a crime.
The BSA uses the same tactics. They allege that if you don't comply, you'll be busted. However, they're not acting on behalf of the government. In fact, with only the evidence of "I got an anonymous tip," they shouldn't be able to get a Judge to sign off on a search warrant. After all, for them to get a search warrent, the cops need to have probable cause. I don't see how a third party, who has an anonymous tip from some other third party is probable (it's heresay). Without a search warrant, there's no phyiscal evidence of criminal conduct.
In short, consult your legal professional. Don't forget that you can sue them, too.
By saying:
You fire Bob or we will bankrupt you and send lots of people to jail.
Best. Comment. Ever. Enjoy!
The Register's article BSA deploys imaginary pirate software detector vans explains everything.
- Toby Inkster
Despite the radio and television commercials suggesting that he'd get fined up the ying yang, nothing happened. I have since concluded that the BSA is all bark and no bite. Here is my story.
I'm pink therefore I'm Spam
I've always signed our company up for anti-piracy this or that, I signed us up for the MS Freedom to Innovate Network mailing list, I forward blatant "Windows 2000 for only $10!" e-mail to MS piracy police etc. etc. I've even shut down a fairly large pirate serial codes web site a while back because they were providing codes for our software. I don't read the FIN Flash e-mails I get nor do I care about the various other anti-piracy updates I get but I keep asking for them.
Our office is in San Francisco, the city most effected by the BSA's tacticts. Lots of people I know got those letters. We did not. I attribute that to the above. Just a little plain old Sun-Tzu deception goes a long way.
As others have mentioned most of it is all in the EULA. While I don't necessesarily agree with their practices, if your school/company/home decides to use proprietary software, you have an ethical obligation to meet the licensing requirements imposed by those companies.
The other route to go is to use open/free software without such restrictions. Yet still as a corporation/school, it would be foolish to abandon auditing/inventorying your machines. It makes good business sense. If you can show that you have x computers that were orginally purchased for x dollars and are now worth x dollars, this is valuable information to the accountants who can see this as a company asset. If you chose proprietary software, a good audit will show the amount of money that can reported as total computer assets. If you choose free software, you still see the computers as an asset, however, you can show the cost savings of using free software over proprietary software.
Again whatever software you use, you should respect the licensing that comes with it, whether it be Microsoft's or the GPL.
Fight fire with fire. Its just as trivial for the BSA to accuse you of copyright violations as it is for you to accuse the BSA of employing felons. Get as much information as you can on the employees of the BSA and pass them on to your local law enforcement agency. It should be job #1 for your administration to protect the health and welfare of their students. Having non-investigated members of a third party organization on campus seems irresponsible. Even if they are not felons, they may hold memberships in violent hate groups or organizations that discriminate against others based on their sexuality, race, gender or disability. Your school could lose federal funding by having a business relationship with a company that promotes discrimination through the practice of hiring bigots. But you will never know unless you audit the auditors.
Sorry, I posted this under anon. Just don't feel like F-in' with the BSA this month. I have real work to do. Bless you open source.
There is only one word to respond to your inquiry.
LAWYERS.
Stop directly communicating with the BSA in any capacity direct all communications through your schools existing lawyers. Then go find yourself a firm that specializes in intellectual property. Bring this up with your school's Board of Trustees and see what they think and what they might able to do about it. Most private schools have reasonably influencal people on their board and they might be able to save your butt here or know someone who would. I know that on the board at my small Quaker school that has less than 2000 students, we have quite a few people who might have corporate influence in this sort of situation. If your board gets worried about this and someone on the board knows someone high up at MS or some other major BSA member you might be able to slide out of this. Use your contacts to your advantage.
They are trying to get us all to move to getting our software via subscription. They come out and say it on the BSA site
From the BSA website: Find out about the benefits of using ASP's. The application service provider model is the latest evolution of the way software is designed, delivered and supported. By completely removing the application from the user premises and maintaining and hosting the applications on their end, ASP's facilitate the whole licensing process.
Want to see every step I took to start my company? http://www.rowdylabs.com/blogs/pitchtothegods
Hey! You in luck this time! Best Buy is having a sale on all the software it carries. Every item only $19.95!
Send your wonderful IT Staff down to Best Buy to purchase everything you need!
It seems to me these guys should be upholding open source agreements as well. When was the last time the BSA busted into Microsoft to ensure that they are not using any open sourced code in M$ products? Think about this for a minute....
If they dont have a Search Warrant signed by a Judge call the cops on the for tresspassing.
Get a lawyer... (preferrably a TEAM of lawyers on it ans Start the sanitation process now.. (Even if you think you are in compliance... they will not leave without a fine.. also be sure NOTHING has a share active and running.
Do not look at laser with remaining good eye.
Just nuke your machines across the board, backing up the important data, and reinstall everything after they leave. Tell them you use MSDOS Edit to write your papers in LATEX by hand. This process, while a huge hassle, is probably less hassle than the BSA will give you, and when you're done, you'll have cleared out hundreds of gigs of useless crap, reinitialized your Windows registries and effective defragmented everything in one fell swoop. Also a good time to do some software upgrades.
I know this idea is unfeasible, but I'd love to see the look on their faces when a dual processor 1.5 ghz machine boots to a dos prompt.
Sounds a lot like Oracle and their sales practises.
1. Any time you want to prove warranty coverage.
:P You need to hang onto those, too. "Gee, honey, I lost our marriage certificate. I guess that means I can go boink the cute new sales rep."
2. Anything you carry through Customs (and believe me, you'd better have GOOD receipts).
3. Anything required for various kinds of tax returns and filings.
Would you consider a Birth Certificate, Death Certificate, or Marriage License a kind of receipt?
-- We all have enough strength to endure the misfortunes of other people. La Rochefoucauld
To those that side with the BSA/or bring up the point of double standards as per the GPL...
The problem that we are discussing is terribly written licensing agreements (and, in particular, the "end user" variety, or EULA) that force the user of the software to do all sorts of stupid things. Greedy companies overcharge for their software, taking advantage of their ability to enforce the license after you buy the software, and counting on the fact that stores don't let you return opened packages to get you to agree.
Furthermore, companies would really love it if you bought 2 $400 copies of MS office/photoshop/etc for your two computers at home, no matter how ridiculous that may sound.
And the BSA enforces all this. Legally. And they are real jerks about it too. Rather than nicely try to help with licensing issues (ala here, let us help you find the most legal and cost-effective solution for you), they attempt to fuX0r your business/institution by abusing the legal system.
Our governement did not inyend the legal system to be used as a club. The purpose of the courts was not originally to threaten costly lawsuits. I'll bet if the founding fathers discovered that the legal system they envisioned as helping freedom and protecting free speech was being used to cut off people's internet, remove content from google, and close down things like napster, they would be appalled.
So the BSA, and what it does, is wrong. "Well," you ask, "how is this different from the GPL?" Well here it is:
The GPL was designed specifically to keep companies from using free code (the "solution" to the problem outlined above) from being used in products that abuse the system (i.e. are "commericial"). Not all commercial software abuses the system, but a whole bunch does. The idea behind Open Source software was to kill the companies that perpetuate these evils by underpricing them with software that fundamentally cannot ever be used to screw over the consumer. The GPL ensure that these companies will not be able to profit by incorporating this "free code" into their commercial products. Otherwise, Microsoft would just use all the open source'd code to further their screwing over of the consumer.
Basically the issue is this: There is a problem with licensing. The GPL is a license which is meant to help fix the problem with licensing. If licenses such as the GPL (and every single EULA ever made) are banned, then the GPL will have served its purpose. Until such a time, the GPL must be enforced.
(mods, please don't mark this "offtopic" or "redundant" I think this post clearly shows some crucial points in the issue at hand)
Someone was contending that if you don't want to let the BSA in, you've obviously got something to hide. This, in fact, is hardly the case. Some organizations, my private school being one of them, simply don't want to have to jump through these hoops to prove to the BSA that our software is properly licensed, which it is. And even if it was a quick and painless process, I would still resist it as fervorently as possible. Who wants to the bloody thought police on campus? This whole snafuu reminds me of an old rhetorical question. If everyone sent their mail in post cards, and one man sent a letter in an envelope, would he be hiding something? Really, now, who wants to have their privacy breeched? As far as enforcibility of EULA's go, I'm skeptical about this issue, as well. I don't know what the likelihood is that a court is going to agree to let a business come in and tear apart my operation and install their own software on my boxes, my coworkers' boxes, and possible student boxes as well. Worst two cases I can imagine would be the school administration rolling over, or a court letting them in to look around after we gave them an invitation.
Jon Green Cheyenne
Power of Attorney.
This mirror of the Copyright^H^H^H^H^H^H^Hleft Society is an interesting read.
...after all they say that the BSA is calling a Truce. You have one month to get legal.
Internet Explorer was unable to link to the Web page you requested. The page might use standard HTML or CSS.
When I worked as a SysAdmin for our local University, we received a letter from Microsoft that basically amounted to the same thing. "We're coming, we're auditing, be ready"
Now, we were mostly in compliance as far as we knew due to our large per-seat volume licensing through dynamic pooling, but we were pretty sure that we'd come up short in the end. Given that we weren't running any auditing software on the PCs it was difficult to impossible to know what was on every machine. So we called Microsoft and told them we needed time. They agreed to grant us two months, but then went on to specify exactly what software we were to use to perform the audting. We replied that we were going to choose our own that was less expensive, but were told that we must use this particular software, because they knew it to be honest and compatible with Access. (Like that should make a shit bit of difference) In the end we just bent over and took it rather than deal with the auditors showing up, and purchased this lame auditing software. It had to be deployed manually from machine to machine. Almost 2000 computers later, we had our audit. We wound up ponying up some pretty serious bucks for our machines. It slaughtered our entire budget for the next three quarters.
Point is: Microsoft probably didn't have the right to just announce that they were coming, but we knew that, as a public institution, we couldn't afford the battle to fight.
No one ever totaled up how much money we lost on that piece-of-shit software and in man-hours for manual deployment, but if you add it to the big fat check we wrote in the end to keep Microsoft off our campus, it was a hell of a lot of wasted grant money intended for student use.
You can pontificate for days on replacing Windows with *nix, or killing Office for StarOffice. God knows I went to the shared governance committee more than once trying to get them to see the light. In the end, however, everyone winds up signing a fat-check.
Cynical perhaps, but a truism all the same
..cage goes into salsa. Shark's in the salsa. Our shark.
That is a good idea. The people who work in the AG's office could use a good chuckle.
People here keep saying "hope they don't have probably cause to get a search warrant.."
THEY CAN'T GET ONE, THEY AREN'T LAW ENFORCEMENT!
Stop treating these loser like they have power, they have no more power than you or I...
Caveat: IANAL.
As far as I know, they have no grounds to force you to do ANYTHING unless you have signed a bulk-license or site-license agreement. Those agreements generally give you access to the software for a lot less money, but in return you give up all protection against 'unreasonable search' -- part of the agreement you sign allows them to inspect your systems to make sure you are in compliance.
If you bought your software through normal distribution channels, chances are very good you can tell them to pike off. As far as I know, a click-wrap license DOES NOT allow a search, because they can't know whether you agreed to the license without searching you first. It's only when you signed another agreement, which they have on file, that they have you over a barrel.
I will add my voice to the many others here telling you to get the lawyers involved. The BSA plays serious hardball. These people survive and can continue to exist only by extracting large sums of cash from your organization, and will use any tactic required.
They are not your friends. They are active enemies and you should treat them as such.
If worse comes to worst, perhaps moving the personally owned computers off campus for a bit would be your best move. I doubt that the *Business* Software Alliance would have an easy time justifying a need to invade a private home.
Otherwise, if they keep pushing the issue, check as quick as possible how many programs you can definitely prove are licensed, delete everything else, and replace it with a program from someone who won't attempt to harass and/or intimidate you.
How can they fire a violater?
Since everyone else who voiced thier disaproval of your business tactics got modded down, I'm joing the underdogs here. Wtf were you thinking you hypocritical snake. You used a semilegal agency to audit your competition with the intent of harming them, and to the point of them getting shutdown. And on top of that you have the gall to brag that it was benifical to the free software community!
>
That you *really did* buy the software, and you *really did* lose the original CD and license paperwork (presumably an authentic CD would be accepted as having purchased the product, even if the license paperwork were missing). Assuming you are bound by contract to submit to the audit itself (wich other posters have rightly questioned), what are your choices?
1. Fight them in court, in which case you might actually win -- the judge might agree that you are innocent until proven guilty.
2. Pay again for the software.
In most cases, which is cheaper for you in the long run? I think this is the problem, and what the BSA is depending on most of the time -- the simple fact that in many cases it probably costs less to pay for the missing licenses than to fight for your rights, even if the software was completely legal.
I worked for a university as a sys admin for awhile. Since most computers are basically the same in certain areas... I would use ghost. Even if you have to create a ghost image of every pc or generic pc image (example student lab pc). Then once that is done, I would zap all machines for length of audit except for ones that absolutely have to be accessable (finance mainframe, etc) or you can prove are absolutely compliant. If all machines are zapped, audit shouldn't last long :) Then after audit. Re-Image the PC back. Bet that would be a cheaper solution than legal recourse or installing their crapware. Presuming a legal copy of Ghost of course. :)
First off, lawyer up. Let the lawyers talk.
Second, smack the IT moron who thought it'd be neat to call the BSA and invite them in.
Third, smack moron again...
Fourth, Direct the mailroom to filter out all junk mail...
I got one of these "truce letters" from the BSA about 4 months back - FOR A COMPANY THAT I SHUT DOWN 5 YEARS AGO! I still get mail with that company's name on it, so I knew this thing was total crap... Didn't even open it... Wrote "Refused... Return to Sender. Addressee Unknown" and tossed it right back into the box...
Fuck the BSA...
A company or organisation that cannot show any proof of such policy beforehand is more likely to get the goons in.
A search warrant of some sort is always required and the authority issuing it will be far more prudent when you have such a policy in place and are able to show you enact it.
"The likes of Facebook and WhatsApp are free to those whose privacy is of zero value."
the EULA is a contract
No it isn't. Courts have not ruled this way so far.
I pledge allegiance to the flag...
of the Corporate States of America...
Vampires can only come in if they're invited?
"BSA members represent the fastest growing industries in the world. Worldwide members include
Adobe, Apple, Autodesk, Bentley Systems, Borland, CNC Software/Mastercam, Macromedia,
Microsoft, Symantec, and Unigraphic Solutions. Additional members of BSA's Policy Council
include Compaq, Dell, Entrust, IBM, Intel, Intuit, Network Associates, Novell, and Sybase"
Score: -1 (Naive)
Every one who has a personal computer at work. take them home. I don't know if this will actually work or not. But hey how does the BSA get into your house to check out your personal computers without involving the police. And going to everyones personal house could be a huge pain in the bum.
Rambling.....
If I were only smart enough to accomplish the things I dream about.. Or maybe too dumb to care.
I'm pretty new here, so I'm fairly ignorant about the ins and outs of the subject... but this kind of quasi-leagal intimidation makes me want to punch something. Is there some organization foghting against this shit? DO they accept donations?
As shocking as it sounds, that a company (or "Aliance" of companies") would sue their customers.
And even more shocking that they would persue an institution that, legal copies or not, is cranking out new customers adicted to their products every year.
This will become the norm.
Just like people got used to their computers crashing 4 or 5 times a day, just like people are getting used to having their privacey invaded by not only the goverment but private corporations a well; people will also get used to being audited for software licenses.
That is of course if we let this sleeping dog lie.
Right now companies, goverments, and universities are outraged at being audited. Now is the time to strike, while the iron is hot (wow I'm nocking out cliche's today!)!
First we can get into these places (if they don't through us out first) and evangilize OS.
But more importantly I think allot of our technical know how should go into drafting changeover guidlines and senarios. Set up documentation specificaly targeting different size universities, goverment agencies, and corporations of various sizes. Plans that are detailed and specific to a type of situation. Covering details like hardware repurchases (for non compatible hw), architechture options, software compatibility options, network layouts and RETRAINING plans!! (that includes retraining IT Staff from the ground up)
The only reason an organization would not bail on Microsoft after being attacked like this by MICROSOFT (AKA the BSA), is because they feel like they have no other practicle option. But there is and they NEED to know that. The information needs to be available.
Our house is ready for guests, now we just need to open the door and invite them in.
I would rather be ashes than dust!
We got a similar letter. MS knew about us because of our purchase of O2K and Win2KSRV through an Open License Agreement. The letter wanted us to audit EVERYTHING, but after reading the EULA from most of our products, we only saw the "audit on demand" clause for stuff bought through the Open License. I talked with our rep and asked if we only had to report on the products that had the "audit on demand" clause, or if we had to audit on everything on their supplied audit sheet. I explained that a full audit in 30 days uses a lot (try all) of our IT resources, and while we audit every year, a full audit when they ask is quite an expense. I said that we would be more than happy to give them the results of our yearly audits for all software, but that from my reading of the EULAs that we had, only certain products fell under the "audit whenever you want to make us scamble for 30 days" clause. After many attempts to get an answer back from them, I just sent them a copy of all my communications with the rep, a letter explaining my view, and the audit sheet with only two of the many products filled out. We have not heard back regarding the audit, although the rep has continued to call and remind me of product launches and other promotions.
ANd the only 2 states to have passed legislation stating that they -ARE- contracts are MD and VA.
:)
Provided the anonymous professor isn't in either state, the EULA has absolutely -0- legal standing.
Period
"A lawyer with a briefcase can steal more money than a hundred men with guns." --The Godfather
I find it increasingly frustrating that law suits are being used to bully citizens into conforming with corporate expectations.
"You wrote a bad review of my product online? Have a law suit."
Problem is that defending yourself is often costly, making people much more willing to settle and/or comply.
The BSA is a wonderful example. A single case of unlicensed software is not equal to a widespread conspiracy to pirate software. It would be interesting if someone took the BSA to court for their tactics, especially if they tried to use the RICO laws, which seem the most applicable. Comply or we make your life miserable, threaten you financially, all of which can be avoided by paying this one small fee... A legal precedent simplfying the ability to document software and licenses would be nice.
For example. At work we run everything on Windows 2000, because it's what the boss wants. However we have several different sources of licenses, from machines that came with Windows 2000 pre-installed, to machines that originally had DOS/95/98/NT, and purchased software, and direct licenses. We could probably fend off the audit, mostly because we're a small company. It would be nice if we could run their audit tool, so that they know we have all the various software on the machines accounted for, and compare it to a list of licensed software, and software purchases. Sadly I have heard that they often will not accept any particular license for a computer, but want the one that was specifically sold with it, which is both an administrative nightmare and bullshit.
The other one that gets me is the seizure of property. Where do they have the legal right to do that? They don't... They can get me for copyright violation, but the machine isn't their property, and unless they're going to compensate me for it, and all the other software on it that's legal.
The whole thing burns me because it seems like the principle of "innocent until proven guilty" has been turned on it's head. Now the defenders are often at a significant disadvantage in our legal system and it can even be used to put them out of business even if they win (see Creative and Aureal).
god forbid you actually have to pay for software you use
like everyone else. of course we all know university people
are a 'special class' that deserve to ignore the
rules of society.
The problem is that BSA and M$ demand an audit trail of the paperwork behind your licenses. Many organizations don't have very good paper saving procedures for material like this.
I once worked at a company that bought PC's and a complete set of software for each PC. They were in the old boxes that used to come with PC software, where the manuals fit into the box. Their intent was to be able to show a set of original disks and an original boxed manual for each installation of software.
They were hit with a request to audit themselves. It turned out that the manuals and disks had a way of disappearing, and that everyone (including the accounting department) had a habit of throwing out or losing old records, including receipts, in periodic housecleanings (often associated with office moves).
If you have all the receipts, BSA doesn't have a case. But BSA depends on the fact that most people aren't fastidious about keeping the kind of records that prove the audit trail of their licenses. And their "guilty until proven innocent" policy is very intimidating.
So I would recommend saving every piece of paper that has anything to do with software licenses or computer-related purchasing, plus the original disks or CD's, in some kind of permanent organizational storage. That way you are guaranteed to have it when BSA comes calling.
Or better yet, save one copy of the GPL to show them and tell them to not let the door hit them in the ass on the way out.
I want to go to a school that will teach me AutoCAD. Surely what you say would make it impossible for me. No matter what you people say about how wonderful open-source software is, I havn't found anything that lights a candle to the specialized apps that Autodesk produces. Well worth the $7,000 per seat that my company pays.
I'm sure there are a lot of other closed-source software packages out there that are hands down superior to open source options. Probably for the reason that they require far more manpower and organization to produce than any open source network has yet to accomplish.
Most public universities have immense legal departments to deal with situations like this. My home, the University of Colorado, certainly does. Contact your legal department before going any further, they will be able to better serve your needs.
"All your base are belong to this file I send in order to have your advice."
You fire Bob or we will bankrupt you and send lots of people to jail.
Fire Bob? I wish! Bob is a tenured professor. He slept with my wife but I still can't fire him.
I'd like to use some of their audit tools at http://www.caast.org/audit_tools/ to test my compliance, but they're all trial. Does anyone have a warez copy of GASP, or a crack? I can't find a crack for the newest version (5) on any of the search engines.
Thanks.
Of course, in reality this is about privacy, but most people don't realize that.
Amazing magic tricks
This is a great opportunity to call their bluff.
Just tell them to blow off.
I'm quite interested to see what they do.
-b-
It strikes me that many organisations in the USA are wussies when it comes to dealing with the BSA. The BSA is an organisation that is basically a front for Microsoft and a few other big companies.
You should be playing hardball with them. It's happening in the UK. All the biggest organisations in the UK are getting together and collectively saying no to the Microsoft "if you're going to do this kind of stuff, we're going to look for alternatives to your software. And if you don't give us more reasonable licencing terms, we're going elsewhere too." It seems to be working. I don't know why it isn't happening in the USA.
- You don't need the warrenty to keep the product.
/their/ records to see if you had bought it?
- Birth Certificate, Death Certificate, or Marriage License are all kept on file and can be re-issued.
- you only need customs stuff just for the immediate moment of traveling / taxes.
This whole software thing is to prove that you actually own it way after you bought it. That should not be required... do they even look in
-- these are only opinions and they might not be mine.
without you even knowing whats going on.
Do not believe? With a new US law that just passed, it is very easy to archive.
The state Legislature has given police power to search your home without telling you why.
What, you did not know that such a law is there? What kind of state it will be...
ok, ok, I am gonna shut up right there, I still remember how bad it could be...
Looks like the BSA is taking lessons from Scientologists.
failure to produce licenses for all commercial or shareware software will constitute prima facie evidence of illegal possession, with penalties that could range from the confiscation of the machine to the firing of the user
Now the BSA has the power to fire people? Or did they mean "shoot"?
It's seems to me that, if confronted with this situation, that you would be best off threatening one of the BSA backers. Most Universities have big investments in software, in terms of the number of licenses that they do buy. Call up MS, talk to someone that can do something and tell them that if they don't get the BSA off your back that you will consider taking your business elsewhere.
Michigan just overhauled its search laws. You no longer get to see the warrant when the nice officer pounds on your door. The original application to the judge is sealed, you don't get to see that, either. If no charges are filed, there exists no provision to ever see the writ.
Even if charges are filed and it goes to trial, you probably will never know who ratted you out, because even then you probably won't be allowed to see the filing.
Confront your accusers? Ha! FOIA? Foooey on that!
I am an IT manager. For a few years now, I have been advocating a migration to open source products wherever it makes sense. First it was e-mail servers, then file/print servers, then web servers. Aside from an MSSQL database that is hard to get rid of, we have M$ on the run (at least in the server area).
Now that Linux is becoming competitive on the desktop, my staff is actively trying to roll out a non-M$ PC configuration, to be deployed wherever our people can get the job done with nothing but open source. For those cases we can't go totally open-source, we are evaluating Crossover Office project, which allows us to simply pull the plug on Win2K and keep the apps we need.
We use auditing software on our PCs and try to do a good job of license management. I say "try" because it is nearly impossible to make it work in a decentralized/mobile environment.
If BSA wants to do an audit, I would say something like: "Come on in, do the audit. However, be advised that we will phasing-out of all BSA products. At the end of the audit, we'll ask you how few licenses we need going forward, since it will be far less than what we now have. We would like to invite CNN to film us as we put the extra licenses into the dumpster. Please send someone who will be able to talk to the local media about the dire consequences of license non-compliance."
While there are certainly many cases where a proprietary closed-source piece of software may be necessary, there are also big steps that can be still be taken.
In many cases, the very expensive, specialized pieces of software are more likely to be properly licensed anyway, since they usually use a more complex and restrictive licensing means which ties the license to your hardware in some form or another.
But on the less specialized side, just eliminating MS Office and using, say, OpenOffice6, would probably eliminate nearly half of the headaches with the BSA, as well as saving perhaps hundreds of thousands of dollars in a large campus. Eliminating Windows itself where possible (agreed, it's not always possible) would elimnate another huge chunk of the problem. The reason is because these pieces of software are both very common and very easily pirated, since they don't employ complex license managers.
Yes, there will still be the need for specialized commercial packages, but the problem and cost could probably be reduced many times by replacing the simpler stuff that tends to get pirated the most with free/open solutions.
Ask who requested the Audit. A basic tenet is the right to face your accuser. You must get your legal department involved in the asking. Be polite.
Then, ask them for formal proof that the program they will require to be installed is correct. Ask them for a complete description of the program and its interactions with the system. Ask for source. Require that you will install the program, but, will be sueing the BSA if any statistical increase in instability of the systems it is installed on occurs. Bill them for CPU usage and machine usage to run their program. Ask them for funding for the downtime for your internal audit and increased personnel needs.
In other words, comply but ask questions and make them accept responsibility. BSA has some deep pockets too and may tread more carefully if they are actually accountable.
If you go out and boy retail licenses for your few Win boxes you don't need a site license. Good reason to keep the number of win box down.
I go to great pains to make sure all the software on all of my companies computer is legal, and paid for. And, if a law enforcement agency had somehow gotten a suspicious that we were breaking the law, I would have no problem cooporating with them.
But the BSA is not law enforcement. It bugs the heck out of me that they can do what they do. If they sent us a letter, the first thing I'd do is write up a proposal with an estimate of hours billing rate for them to sign before we would do business with them, another private business.
Granted, we are not a big company, they would probably ignore my proposal, and we don't have the money or the resources to fight them in court, so chances are I'd end up having to comply. But it really chaps my hide that a private orginization, with no real authority, can go around enforcing the law.
What somebody really should do is start an orginzation called 'Citizens for a drug free workplace', contact the BSA, and say that there is quite a bit of suspicion that BSA executives are in possession of, and regular uses of crack. You have one month to get off the crack, because then we're going into your offices, disrupting your business, and piss testing every one of your employees. While we have no legal right to do this, we're going to do it anyways or you're going down.
The Internet is generally stupid
One thing just poped in my mind.
If they do the audit, and find nothing wrong, they say they will pay for the audit. Fair and square. But what about all the time and effort your organization put on it ? What about lost of profit becouse of the downtime ? Would it be possible to sue BSA for it ? It would make them think twice before doing this kind of audit.
morcego
They sent us a letter demanding to come in and search our computers because a disgruntled ex-employee here had called them and said we had all sorts of pirated software. Anyways, the company I work for has all legal software, and we didn't want to deal with them so our lawyer sent them a nasty letter telling them to get a search warrant. That was over a year ago and we haven't heard back from them since.
Does anyone else wish that the Boy Scouts of America would sue the Business Software Alliance for using "BSA"?
1) A offers something for sale (like the right to use some software) at a price
....
2) B pays the price
3) A is then obligated to provide the service
silly little stickers don't apply, shrink wrapped agreements don't apply either (because the transaction occurs when B pays the money, not when they open the box)
Besides remember your contract is with the retailer who sold you the box/computer/whatever, not with M$ who had in turn contracted with them
The only way of seeing or agreeing to the terms of use in an EULA is after you have already paid for the software. Since you can not return software after breaking the shrink wrap (a precondition to seeing the EULA), what can you do if you find the terms of the agreement unacceptable?
What if everyone purchases software and then returns it to the retailer or manufacturer if they don't agree? It may accomplish terms cleary stated on the outside of the box, or software companies would make their EULA more realistic so they don't have to deal with alot of returns.
The way to deal with bullies is to go on the offensive. Sue back. Perhaps the most promising avenue in that direction would be to sue the BSA consituents for distributing software they know is insecure, yet laid claims to it being secure. There's a hundred years of rulings on health claims for food and other consumables that show that you're not allowed to claim something is healthful, even if you later state in fine print that it isn't. Those should make some good precedents. Be sure to quote the security specialist from Microsoft who quit recently and publicly sounded off that he couldn't understand why Microsoft still has buffer-overflow vulnerabilities. You might be able to use the precedent from some of the automotive cases in which manufacturers were proved to have released faulty products. If it can be shown that Microsoft knowingly releases a faulty product, you could turn the tables. Another point to bring up could be that Windows allows pretty much anybody with a floppy disk to install software. To me, that's faulty. Drum it into the head of everyone who will listen that insecure software opened you to unauthorized software installations.
Next, claim that the insecure software violates the DMCA by assisting in the distribution of copyrighted material... I'm sure you can find one installation of Back Orifice on your campus to back up your claim. Sound ridiculous? It's not as ridiculous as having to submit to warrantless search.
Be sure not to go on the offensive against law enforcement... on the contrary, get law enforcement angry at the BSA for wasting their time hurting the sweet little local colleges. Make sure everyone is clear that the agents could have been out fighting drug dealers. That sort of tactic worked for the tobacco lobby who convinced the California legislature that it was a waste of taxpayer money to run anti-smoking ads when the money could be put towards birth-defect research. There's always something more worthy out there.
Lobby your congresspeople. If applicable, mention that the people who would profit from the search are from out of state. Remember, pork runs congress, and it's not pork if it gets diverted out of your congressperson's district. You may win this through lobbying.
They're not being nice to you, don't be nice to them.
Miko O'Sullivan
Collect all of your licenses and hide them - make every computer without exception in "violation" and make them accuse you of running nothing but illegal software. Make them show up with guns and cops, force them to haul away every machine and shut down the entire campus. Make them go to the homes of professors and confiscate their machines. Make them openly claim that you somehow bought name-brand computers without Windows even though that's impossible. Make sure the press is there to watch it happen.
Then produce the licenses to the press.
It will not "become financially impossible for them to continue" because if they find a single instance of a single product that you can't produce a license for they make you pay their legal fees or pony up the $$ (at a severe markup) for the license. This isn't even about having an illegal copy, even. This is about being able to produce the physical piece of shiny holographic paper with the word 'license' on it. Failure to do so will result in you funding their next attack.
This space intentionally left blank
(1) Tell the BSA to fuck off. You're a university, and likely have professors of law teaching there. Thus, no need to pay expensive legal fees, just ask your professors. They might not be able to win the case, but they sure can stall and drag it on at minimal cost to you while you take other measures.
(2) Archive all raw data.
(3) Wipe all of your machines -- that is, write over all data with zero's. To be safe, wipe the hard-drives a few times.
(4) Install GNU/Linux or *BSD on all of your systems, using all Office/spreadsheet/etc equivalents.
social sciences can never use experience to verify their statemen
Fire whoever in your IT dept invite these shitheels onto your campus. And fire the head of the Dept too, in case they are not one and the same.
You need to set an example.
Like someone suggested in a post a couple days ago, why don't we get involved and respond to all these sorts of affronts by volunteering to help folks like this university migrate their platforms to Open Source?
That way, we all get to accomplish many things at once: undermine the BSA/RIAA/MPAA/SSSCA/DMCA/Win2Borg, help our fellow man discover the joy of Open Source, gain great press for our cause, help cause a sea-change in IT, find another excuse to play with Linux/FreeBSD/what-have-you on new and different system configurations, and feel much more satisfied from making a difference in the world than we will ever be from bitching on Slashdot.
How about it, Editors of Slashdot? You have links to LUGs in the Supporters section, but how about raising their profile a bit by putting them into a section together and highlighting their activities once in a while?
If it were completely groundless, then yes it would be illegal. The problem here is that in these situations, there's no way for the university to 100% license everything they use. Even if they make a concerted best try effort to license everything a few licenses will slip through the cracks. The university knows this, the BSA knows this, and that is why the BSA, to the best of my knowledge, has never been challenged when these audits come up.
Let's say on your entire campus, one license is not valid. If the BSA comes knocking at your door, you face a relatively minor penalty for that license, but then you have to pay for your legal counsel, their legal counsel, damages, the auditors, etc. The BSA knows this, and they use it to their advantage.
Now, keep in mind here that they are suggesting a product is not legally licensed if you don't have the paperwork to proove it. Therefor, if you aren't totally pristine in keeping track of the licenses for all your software that is, in fact, 100% legitimate, you can still get screwed by the BSA. Although I do wonder how well that would stand up in court, that is, unless the BSA can proove those copies are pirated, is simply not being able to proove them legitimate enough to get you into hotwater. I'm sure their license provisions make certain statements about this, but I don't know if they would stand up in court.
What it boils down to is that the BSA takes advatange of our legal system to extort businesses and it's about time that something was done to put an end to this. For example, I would propose that any organization that licenses software for more than say 50 computers, they should have certain protections from this sort of action. I would suggest the following protections:
1) Provide protection for good faith effort. If your company makes a good faith effort to license your software (at least say 80% of the value of the software is legitimately licensed), then all you can be held accountable for is the cost of licenses at retail price. No damages, no attorneys fees, no auditing fees. It would still cost you the attorneys fees to fend it off, but at least the expense would be clear and reasonable. If you have more than 90% compliance, then your legal fees would be covered by the suing party (though you'd still have to pay for the licenses). Thus, there's a strong disincentive to go after an organization that's not blatantly violating the law.
2) Receipts or other proof of software purchase should be considered valid proof of legal license. If you buy a thousand copies of a piece of software, you shouldn't have to keep track of a thousand pieces of paper. It would be impossible to proove that a piece of software is pirated, so it makes sense for the purchaser to be required to demonstrate ownership in court, but the burden of what needs to be proven should be much more reasonable.
This sig has been temporarily disconnected or is no longer in service
I have a friend who is the IT manager for a ski hill and Microsoft demanded a license audit.
The lawyers came back and said no, companies have no Common Law Right to enter property and demand inspection. They could however, request the number of computers in use with Microsoft software and examnine the licenses for these computers.
The important difference was that Microsoft cannot enter private property and inspect the computers and software of that company. This is apparently a very specific legal right in Canada, party from our Common Law and partly from court decisions regarding our Charter of Rights.
The company that I work for got hit with a BSA audit last year, it cost us more than $1 million in fines and legalizing our licensing, plus the auditing software we were required to install on all machines company wide.
Most of the software they found "illegal" was legal, but had been purchased by local offices and the licenses had been lost. (Who keeps around Win95 licenses? or Office 95 licenses?)
The BSA has a media blitz going on here in SLC right now as well, as I guess everyone has a grace period until May 31, and then the BSA is gonna go crazy auditing everyone here... Evil.
This is truly not meant as a troll, but:
Why not just make sure that you're in compliance with the licensing restrictions of the software that you're using?
Everytime Slashdot posts a story about the BSA, I read countless posts about how to get around their Gestapo/Stormtrooper/Mafia tactics, but the one thing I NEVER see is this:
Just make sure you're licensed!
Weather this means paying out the wazoo for MS-Windows, or using GPL'd software, just make sure you're legal.
Yes, the BSA uses underhanded tactics to get what they want, but their 'single point of failure' is that they rely on you being 'not legal' in order to get what they want.
Has anyone ever been audited by the BSA or it's cousins and had to pay, even though they were fully licensed for all software? I doubt it, but I could be wrong. If that has ever happened to you, post the story here.
My point is this:
By using unlicensed software, you're giving the BSA an excuse to extort money from you. Don't wanna pay them? Then license all of your software, and tell them to go to hell.
Of course this doesn't factor the manpower needed to supervise the BSA auditing your systems.
"A terrorist is someone who has a bomb but doesn't have an air force." -William Blum
I'm a computer professional. I'm required to use certain pieces of software. My choice is to either agree to ANY EULA a software company throws at me, or learn to flip burgers. Does a guy with an MCSE have the option to refuse any of Microsoft's EULA's? Does a draftsman have the choice to refuse any of Autodesk's EULA's? In theory, the answer is yes, but in practicality, no.
In so many industries, there's way more of a monopoly than anyone would think. A client I consult for tried to get into the funeral home business, only to find out that the industry is controlled by one big firm, and they control legislation enough to make it impossible for him to operate an independent funeral home.
The more I work, the more I'm amazed at how much protectionism exists in the world today.
Egads.
(* This is who the BSA *really* is: [big software companies] *)
Try this: Tell them you will go on a mad OSS campaign if they don't go away. Show them a proposal to spend X amount of money on OSS advertising and promotion around the campus and elsewhere.
Show them a draft of an article about BSA thuggery and why it is now time for OSS that you plan to publish.
When they send in a representative, have a bunch of Penguins, OSS posters, and Red Hat boxes around your office. Give them a free Penguin T-shirt on their way out.
Table-ized A.I.
AFAIK there is no Linux CAD.
I heard rumours of a port or two of some package, but never actually saw any.
A good 3D CAD program would be cool.
integrate some simple FEA and I'd be really happy.
This is how I would handle it: do a light internal audit by pooling all of your licenses in a common place. Tag computers (red dot maybe) that are completely compliant. The easiest way would be to create a database containing the number of licenses owned of each piece of software and then go to each computer, see what is installed, and associate a license from the pool to that computer. Then tag it visably. When you are done you will then have a list of completely compliant machines, and then a list of partially compliant machines. You can then either uninstall the software without the license on those machines or mark them with a black dot. If you have one or two non-crucial programs you might uninstall... if the programs are crucial for that department then you may decide to black dot them. All Black Doted computers will be wiped and replaced with free, open source software. I would also try and get a department policy encouraging the use of the GPL for all software created at the university. The GPL has two distict advantages for college students. The first is that they are completely free to continue on and improve upon existing work with licensing fears. The 2nd being that they are given immediate credit for their work, and if they code well, they could be establishing a name for themselves while still in school. That is a tremendous advantage when shopping for positions after college. The taxpayers (who are the ones who provide for education) also benefit since their investment is returned to them in free, usable software. One other advantage to this approach is that the university computer department can work with the other departments whose computers have been black doted to customize, and improve upon the free software they will use in those departments. During the transition stage, the computer department will get plenty of experience debugging while the departments with black doted computers will be getting software customized for their needs. In the long run, it will save the university quite a bundle (in time, money and hassle) as the customized black doted computer software becomes more mature, they will be able to retire more of the expensive, proprietary software instead of the expensive upgrade cycles. I would not waste too much time and resources on the audit... I would instead: - just pool all of the licenses in a central location - create a database of them - red dot all completely compliant computers - black dot non-compliant ones - wipe the black doted compuers and reinstall with free software - involve the computer department in projects needed for the university and GPL the software created (this has the added benefit of allowing other universities and programmers in assisting with your projects) This should help resolve the short term (audit) and long term (financial) software issues for your university.
The significant problems we face cannot be solved by the same level of thinking that created them. -Albert Einstein
It's in the EULA, unfortunately
EULAs are a post-facto contract and it is usually not possible to return software after refusing the EULA. How is this a valid and signed contract?
"We returned the General to El Salvador, or maybe Guatemala, it's difficult to tell from 10,000 feet"
Their audit software is called GASP and it's not available for Non-Windows or Non-Mac users. Darn!
c .phtml
http://www.bsa.org/usa/freetools/gasp/
Check it out, they have an EULA for GASP... I guess they'll want to see the EULA for each machine they install it on too.
http://www.bsa.org/usa/freetools/gasp/gasp_
As far as I am concerned the best solution is to not deal with the software companies that support the BSA!
Open-source software should be advertised as "BSA-Free". Really, IBM should put this in their commericals about their Linux/Apache-based products. Open with a Gestapo raid and end with a "still psyched?".
> I would do exactly what pitcrew suggested -- tell them to go to hell.
A safer strategy is to pretend you didn't hear them in the first place.
Ever send a registered letter with return receipt, and never get the return receipt? It happens, and it's because the recipient doesn't want to acknowledge the communications.
IANAL, but it seems to me, to haul you into court requires a subpoena or a summons. Those documents require a response. Others could be ignored, as long as you don't intend to do business with the source of the noise.
Can you legally run BSA software on your system without a BSA license?? I wouldn't allow any BSA auditing software on my system id I wasn't a licensed user. I would also make sure that my legal department had ample opportunity to review any such license even if it took up several months of their time.
When passed, UCITA should make such concerns/discussions moot,eh? That's "when" not "if" -- unless things change.
And it seems like some members of the community are not playing nice, so why not kick them out of your yard? The BSA's IP range is: 204.180.189.0/24 (props to arin.net whois), if enough of us routed that to the bit bucket it would make it more difficult for them to do their jobs, hopefully reducing their profit and their supporter's interest in them. Ev1l Gr1n %^>
In Birmingham, Al, they're pushing their 'services' really hard right now. If you listen to their radio ads, they're using a combination of FUD and 'keep up with the Jones' attitude', (everyone else is doing this). The scary thing is how everyone keeps coming up to me saying, 'you need to talk to these guys, they'll check all of your stuff for you, and tell you what you need to do.' Problem is, I'm a Linux coder, there's no M$oft software in my shop 'cept for my Ipaq. They seem to have taken a 'someone needs to fill this void, we'll be the self appointed police.' kind of attitude.
Don't park drunk, accidents cause people.
Darned BSA! Always camping and hiking and...trying to enforce manopolistic, cartel-like business practices! Shame!
(* If I [work] for an orginization...I am NOT going to allow some orginization to TOUCH my PERSONAL computer!!! *)
Do you mean your *home* computer? The BSA has NEVER gone after home users that I know of. (except maybe for mass factory-style pirating).
Does anybody here know of a single case of a regular home user being targeted by them?
If you mean your work computer, then your company probably owns it, not you, and thus they take the fall for dumb things you may do with it.
Table-ized A.I.
You are all WebsiteWhoring person, with no bite.
BSA worldwide members include Adobe, Apple, Autodesk, Bentley Systems, CNC Software/Mastercam, Macromedia, Microsoft, Symantec and UGS.
If you're calling for a boycott then at least you know who you should call it against. Unsurprisingly on BSA's website, most newsitems are related to illegal copies of Microsoft's products.
A man knocks on your front door and you like a
fool actually answer the door. He says he's with
the LFA.
WTF is the LFA!!
The Livingroom Furniture Alliance silly. I have
an anonymous tip that you have some furniture
that may or may not be yours. Here's the warrant.
WTF!!!!
Sir can you show me the receipt for this sofa?
WTF!!!
Officers you can take this man into custody. He
doesn't have his reciepts. Thats a crime you know.
Didn't you read that little tag on that sofa. It
says that for the life of the sofa the receipt has
to remain with the sofa under penalty of death.
WTF!!!
Curse all you want sir. You are busted.
The BSA won't be satisfied if you remove
licensed/unlicensed software from a computer
when you're threatened with an audit.
They'll treat this as a violation.
I know I had to prove that a version
of Office had been removed 7 months
prior to the audit notice and wasn't
an attempt to foil the audit.
We STILL GOT PENALIZED!!!!
Being as I currently work for a law firm that is an advocate for businesses that are trying to fend off the BSA and we also offer audits (but not using any M$ product...), I felt compelled to write a quick note about this.
Software audits are becoming more and more common. The BSA announces targeted cities and conducts audits of businesses of differing sizes and industries. One of the ways to avoid a BSA investigation (audit) is to take a pro-active approach to software management practices.
Auditing all of your software and reviewing all of your licenses is the only way to ensure compliance with BSA standards.
The unfortunate truth of this is that it requires a very attentive IS department and/or an outside audit. This is what it sounds like the university in question is in need of (both, not either/or).
To date $68 million has been collected from companies (mostly through settlement) that failed to comply with BSA standards. As the problem of software piracy continues to grow the BSA will increasingly take a zero tolerance approach to this issue.
We know of no other firm that offers complete software management services on a cost-effective basis as well as the protection of Attorney-Client priveledge.
For a private entity, that wouldn't be much help, but as a quasi-governmental agency (since it was specified they are a public university), it is entirely reasonable and appropriate for your legal counsel to poll all relevant authorities and establish up front whether they believe there is any cause to investigate. Or invite them to investigate in cooperation with *your* tech people. And then when the BSA shows up, they can get bent, because without a cats-paw to front the warrants for them, they are a paper tiger.
The key is that it's the government law enforcement agencies that have the authority to pursue these violations, and the BSA can only work through them by coming in as "The pros from Dover" that seem to know what to do. Make the mistake of "cooperating" with the BSA, and they own your ass. Having attracted their attention, your only means of escape is to educate the *real* cops before the BSA propagandizes them and turns you into a perp.
How about writing an 'Entry Agreement' and posting it on the door for the BSA and their hired guns? "By entering this building you agree... "
[Standard IDKFA header]
The End User Purchasing Agreement says that I have a non exclusive license to do whatever I want with the software I purchase.
Any first year law student, or third-year business student should be able to tell you that contracts law, which covers EULAs, do NOT protect people from bad or unfair contracts. Only a contract which attempts to enforce illegal terms can be voided (for example, selling oneself into slavery, or attempting to enforce a contract with a minor). Otherwise, as long as there is a valid contract (goods or services exchanged for consideration) both parties are bound by the contract. If the EULA says the user submits to an audit, then you're stuck. You might get a lawyer to dig around in the definition of an "audit" under your specific EULA, but considering how much time, effort and money M$ and others put into writing and enforcing their EULAs, they'll probably be able to hold out a lot longer than most users.
Has anyone ever thought to try and get a Grand Jury investigation against the BSA under the RICO statute?
Wanted: One witty yet thought provoking
If they were anything more than a thief team with lawyers, they'd give away their software auditing tools for free.
No sirree bob, they get you coming and going.
What we call folk wisdom is often no more than a kind of expedient stupidity.-Edward Abbey
"I'm a faculty member at a public university which the Business Software Alliance contacted in a bulk mailing last Fall. Stupidly, our IT department invited them in to 'explain' licensing to us, and now we are trying to fend off an audit on our computers (public and private)."
Tell them the guy who invited them in wasn't authorized to do so. They'll just have to resubmit their request. "Please send it in triplicate and don't forget to include return postage. Also, please include a detailed description of what this so-called 'explanation' involves, and while you're at it, a description of previously achieved benefits of this kind of 'explanation' would be appreciated. We can't waste our time watching another silly dog and pony show."
Briefly, you need to take back control of your gameboard and, for god's sake, man, stop acting like a kid who has been caught with his hand in the cookie jar. They're trying to sucker you. They seem to think that you're a bunch of ivory tower intellectuals (possibly true) who don't have enough real world experience to realize it. From what I can tell from the incomplete description of the original mailing, it was deceptive at least and a bold-faced lie at most. These characters know this. They are banking on what all school-yard bullies bank on--you don't have the balls to call them. Beyond this, do not talk to them. They do not have your interests nor the interests of any other educational institution at heart. They are a bunch of greedy bastards with the morals of a mafia don. Treat them as such.
If they want to make jackasses of themselves, let them sue a public educational institution. These are the same guys who give away free computers to school kids to make themselves look good. Maybe they *are* that stupid. I doubt it.
Hic iacet Arthurus, rex quondam rexque futurus.
You are a dipshit and have obviously never worked in a large scale IT department.
Every one of you who replied to me are absolutely 100% right. You're right that the BS-A has no legal ground, that they have no right to come in and audit your shit and that they have no evidence that you've done anything to violate your license or any copyright.
HOWEVER
Having headed down the road of closed min^H^H^Hsource software and having clicked I agree (WHILE IT MAY NOT BE LEGALLY BINDING) you have invited them to come and make your life hell. You may be able to tell the to go get bent. You may be able to beat them in court and who knows, maybe even bill them for your lost time and productivity, but you still invited them into your universe and therefore they will use every means at their disposal to waste your time, waste your money, and make bad PR for you until you pay them to go away or pay shit-tons of money in legal fees and spend shit-tons of time to beat them in court. My point was not that they are right, just, justified, or in anyway anything other than extortionist thugs the likes of which can be found on any elementary schoolyard threatening to beat up kids if they don't give up their lunch money. My point which you misunderstood was that YOU (the "you" who clicked "I Agree") INVITED THIS TROUBLE! I wish people would look at the EULA and realise what trouble they're inviting by even entertaining the notion of entering such a "contract." _THAT_ would be the big win for OSS.
Once you've got this trouble on your hands, the one thing you really want to do is get rid of it with the least possible expense, time, and other resources wasted. That probably means coming to some sort of deal where you dig out every physical license you can find and coming to some settlement about the rest. Neither the real cost of an overnight switch to OSS nor the cost of the extra hassle you will endure from the BS-A if you do so will be less than the cost of doing so at your leisure without these thugs breathing down your neck. My advice would, of course, be to get out from under these license agreements before the BS-A ever gets ahold of you. All chest-thumping, politics, ideals, and other BS aside, the bottom line for the kinds of entities the BS-A is approaching (businesses, not private parties) is avoiding dumping huge barrels of cash into the toilet over this nonsense. The reality of it is that it will probably be cleaner/faster/easier to come to a settlement than to taunt the BS-A. That's a business decision, not one based on justness of their claims, legality of their actions, or anyones ideals about software licensing.
This space intentionally left blank
The BSA does not have the RIGHT to terrorize ppl, and/or business. I agree with you that consistency needs to occur and when a company/person has been shown to be stealing something THEN, and only then, should they be prosecuted. Imagine if a Stallman walked into your (or any arbitrary) company/house and demanded to see you source code to find out if you have stolen any. We don't allow our state police that right, why should we grant it to a bunch of idiots. OTH, if a company/person is shown to be guilty then they should be fully prosecuted to the full extent of the law. After all, it is plain theft.
And yes, I do believe that even a company like MS should have their rights respected and preserved, just like mine.
You may have given them the right to make inspections or audits when you signed a contract. My local cable company has a clause for this in their service agreement. A software license may also include language that permits audits.
Mea navis aericumbens anguillis abundat
I would show up at their offices with a token mouthpiece and a couple of large bodies with ominous looking bulges under their jackets and explain that you don't believe in lawyers. Better yet, if you're a public university, maybe you could get some state troopers or something.
I'm serious. These goons have been extorting people for years and getting away with it. You're gonna have to put the fear of $DIETY in them. Either that or have a big check ready for them when they tell you to pay.
Maybe a horse's head or something?
--rgb
And that's ONLY if you are of the stance that click-through's are legally binding. Not to mention. Prove I saw the click through. What if I got a piece of software, edited the binary prior to running it, never saw the click through. What then, I can duplicate the process, I've never read, any licensing or installation text, I am not bound.
I'm the big fish in the big pond bitch.
According to a 4/12/02 article in the Austin American-Statesman (archived; fee required), "Microsoft Corp. has told the Texas Department of Criminal Justice that the agency owes $1.5 million for having 2,082 'licensing shortfalls'." Apparently this information came to light after an audit ... sound familiar?
In response to copyright awareness week, consider taking part in Copyleft Awareness Week. After all, how can you trust an organization that refers to it's "friends" in quotes?
--Ben
I don't know how it is in other companies, but I do know that the terms of my employment state implicitly that I am not authorized to enter into any agreements that are/may be legally binding for my company. Now, I wonder how this would translate to "accepting" the BSA's terms of extortion by clicking "I agree" on an EULA?
"...[treat] every man after his desert, and who should 'scape whipping?"
If only you had a large collection of trivial patents then you could demand to audit their software.
"Oh wait, you say your whole business is based on this software?"
"Well... maybe if you were nicer to us before..."
Get Linux
and get longer uptimes, better reliability, better security, slower hardware upgrade cycles, more knowledgeable administrators, happier users, happier bosses, better karma.
Let's be realistic, this is an alliance working in the interest of huge corporations with loads of money to throw at policy makers. They can do whatever they want. (It's the American Way(tm))
I see alot of talk about switching to free software, which in most cases is unrealistic. But what I don't ever hear is the idea that you should switch as many workstations as possible to a free OS, and keep only those systems specifically identified as _required_ on a closed platform. If you can reduce the number of systems that you would be required to audit, the task becomes somewhat more manageable, and the incentive for the BSA to pursue legal action lessens. At least that's my way of seeing it.
Don't think that it's an all or nothing deal, open systems are getting better and better at working with their closed counterparts, so consider that as an option to reduce liability and TCO.
Funny that I never saw that link between the BSA and TCO, I'll have to remember that next time I'm putting together quotes! "Joe, what's this line item: 'Dickweed Insurance'?"
This is nothing more than an attempt by an organization created by corperations to enforce US copyright laws. I cant see how they can do this considering they are not a law enforcement agency. The only thing the BSA should be able to do is send the DA after you to press criminal charges of copyright infringement, then it would be the burden of the DA to prove that you violated the law. As far as a civil suit goes, what can they sue for? Breach of contract? and if they did those damn EULA's have so much crap in them a judge would probably nullify half of it. It will take time and money, but, how many people sitting on the jury will have unlicensed software and be sympathetic? anyway .. my $0.02
There are countries in which piracy is far greater than in the US. Any accounts on how the BSA works in these countries?
BSA = BullShit Alliance
If you pirated the software, you didn't agree to the EULA, so you are not bound by the requirement to let the BSA audit your system.
Since they are accusing you of piracy, they are immediately taking the position that you are not bound by their rules.
If you don't want to go the Godfather route, you still need to wave Men With Guns at them. Let them come to you (you obviously have no illegal software on your computers, anyway, even if it's irrelevant to what they're asking and none of their goddam business) Have video running. Get them on tape threatening you with legal action if you don't let them snoop around on your computers.
They have no legal grounds. This is extortion. It is a criminal offense in every jurisdiction, mainly because people *would* get shot for it otherwise, (and we all eschew violence, right?), and since you're a public university, I guarantee you your State Attorney General and probably the local Federal prosecuter will welcome charges being filed. You be the one to be sending in marshalls.
--rgb
As a Management/IT Consultant I have performed Software audits at companies. The BSA is group of 13 software companies (Micro$oft being the biggest) that are trying to use their collective muscle to increase revenues. They use the BSA as a front to scare people into compliance. If you want to ensure compliance, which is not necessarily a bad thing, check out Attest Systems. They have the most reasonably priced software audit tools available. As a Linux Newbie, the better alternative is to go OSS.
--Eric
An awful lot of people are either complaining about how the BSA ignored their past employers for violations, or how the BSA went after them for "lots of money." Bah. Wait until you hear my story.
I work as a Sr. UNIX Administrator for a very large (Fortune 100) company that shall remain nameless for all the obvious reasons. I plan to leave soon, just as quickly as I settle upon a new opportunity in this less-than optimal job market.
Microsoft is currently auditing us. Granted, that is not what Microsoft or we are calling it; rather, Microsoft is "helping us to determine our licensing needs" but that is just a sugary title for what is really going on.
What is really going on is this: this company has long made an unofficial policy of pirating software. Factual, verified (by me) examples include:
* A single MSDN subscription CD of Office 2000 being installed on virtually every PC in a particular department (over one hundred machines)
* Remote sites throughout the United States being sent CD-R copies of software such as Microsoft Project and being told that it is OK to deploy it on all their PCs
* Numerous Windows Terminal Servers being setup for use by Sun workstation clients, each running Office, Project, and Visio - with at best only a handful (read: less than five) of licenses apiece, with no CALs at all - and definitely not enough licenses to cover the 300+ workstations that use them
* Mass upgrades of PCs from Windows 9x to Windows 2000, with nary a license in sight
* Another department, supposedly responsible for license compliance documentation, cannot now seem to lay their hands on any more than a third of the licenses that supposedly exist - thus leading to a deficit of more than 2,000 unlicensed copies of Office, Project, Visio, and Acrobat.
In my department alone, which is one of the smaller ones at this company, I estimated that we are looking at an easy $400,000 to "true up." Nevertheless, the departments are busy engaged in a finger-pointing battle, each blaming responsibility for license compliance on someone else. Upper management has completely ignored the issue, and as the deadline of July 31 draws ever closer, it is becoming rapidly apparent that this debacle may prove of truly colossal proportions.
I use to work in a Hospital In Ft. Collins, CO as an EMT. I picked up ppl on different occasions, who had been beaten severe enough to be in intensive care for 3-5 days. Apparently, the city attorney thought it was funny when the ER doc decribed the mans condition. When telling it to the state attorney, they said that they would look in on it. Nothing happened. Erny Telliz still walks the street a free man. BTW, the prisoner had was simply being transported from city jail to county. He only had this one item of car theft. Nothing else. So don't state that he probably deserved it.
In my (slashdot allocated, that is.. not mine) journal.
Does anyone have a link to the story about a BSA audit of a small chemical detections company? If I remember right the BSA idiot killed their UNIX server by trying to install the BSA auditing(windows) software on it. The company only had like 2 windows boxes and those were for the secretaries. I remember that the sheriff locked them out of their building for most of a week while the audit took place and the idiot BSA people called the fire department about a bomb because they had small samples of explosives to test their products.
There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
A few people have said that the EULA in some programs forces the user to agree with audits. My question is, how does the BSA know what software an organization is running? How do they even know they have computers? In this case, of course, the IT department invited the BSA over, but as for most companies/schools, the BSA has no basis for asking to inspect software in the first place.
This is a special excite
This
Shouldn't BSA.org belong to the Boy Scouts of America or a least a genuine non-profit organization?
If I am a business owner, why am I obligated to submit to such nonsense?
--
"I'm don't know exactly what an AS/400 is, but I'm pretty certain I wouldn't want one up my ass" --Lou
The following applies to ANY firm which uses threats to gain audit access:
Allowing these sort of guys access to your facility to do an audit is problematic, at best, financial suicide, at worst. It's merely a shakedown linked to future information gathering. If they get into your site and install all sundry software on your machines, the time between installation and lawsuit will likely be only as long as it takes for them to find a freindly judge.
If I went to your house and insisted on putting a camera in your bedroom, I think you would have some very choice words for me. Use those same words with these folks and all will be well...
Fast machines, powerfull AI, impulsive invention,... All I lack is a good espresso machine!
Did you note the part in the indivudial article where the writer said they were also auditing personally owned computers?
Use their annonymous tip line. Report that your local courthouse is using illegal software. But just give the address and claim the violations are in the hundreds. Esp if you call from right outside the courthouse. Somehow I think it'd be amusing. "Your honor that computer you're using is illegal." Wham. "Contempt. Go to jail." Sorry daydreaming now.
You are auniversity, right? You MUST have some IP of your own, right? Well, go the the exact same judge that the BSA goes to and present the exact same legal work tha they do and "audit" the BSA offices for illigal copies of your code.
"Your superior intellect is no match for our puny weapons!"
I do NOT think that they should have the ability to inspect anyones PERSONAL PC. The very idea is insulting.
I am not an attorney though so I suspect you should definitely consult an attorney. At my company, we had to put auditing software on our systems and it caused a lot of problems. Even to the point that it caused many of the PC's to be unbootable. Of course, we were not re-imbursed for these problems.
I'm kind of wondering what you do for software that did not come with a printed EULA, and just had a click-wrap license? You can't produce it then... or are you going to have to produce the CD/disks (if it's really old software)? I think it'd be easier and more worthwhile to keep the media organized...
If you're not doing anything illegal, what's the problem? Software makers have a right to licensing fees for software you are using.
with US Marshals you can say FUCK YOU BSA YOU FUCKING CORPORATE WHORES! and there is NOTHING they can do about nit. until they have a search warrent and fedral marshals/invesigators they cannot even enter your property, I know thats what my company did.They showed up read to tear apart *all* our pc's and our ARMED securtiy said "fuck off you are not coming in here". they did after a time get in but only with the help of the US marshals and a search warrent...to bad for them they didn't find anything as we use OSS, so we sued them and settled out of court(no I do not know how much we got).
fuck the BSA
if you want "No More Hiroshimas" then I say "You First. No More Pearl Harbors."
IMHO there's not really a lot of options at this point. You can't stay inconspicuous, you can't fight them and you can't agree with them... unless they're waiting for you to renew a few thousand MS licenses (wouldn't surprise me one roasted rat's kidney.)
/. reading lawyers who will help you out with more than a post or two.
Or is there?
If the BSA is the problem, there's a few things you might consider:
- Full zeroing of all harddisks (and I mean zeroes, not quickformat) and installing Linuxes, Unixes and similar with the help of a few professionals. A bitch of a job, with fargoing consequences and even furthergoing implications but probably the safest for you in the long run. This whole fiasco is just another example of wannabe bullies who were too small to succeed with fighting at school trying to prove themselves by maintaining the empire they've set up; Microsoft, senator Disney, BSA, spyware - it's all different faces of the same frustrated insecure alpha-male mindset... but they can't touch the GPL.
- Get together with other companies who are being conned by the BSA and fight it out legally. Pool your resources and take 'em by the horns; if enough people jump on even a 1550lb bull can be wrestled down. There might even be a few
- Unite with all other schooling systems, parents, teachers, kids, supporting companies and similar and appeal to the government to step in and call the BSA to heel. The number of schools in the U.S. alone are staggering; worldwide the scope is gigantic. You are probably hardly the first to suffer invasion, either. Get that snowball rolling! Threaten with a complete GPL conversion if you have to (that doesn't mean you actually ahve to DO it, mind... but the word GPL makes software corporations shit bricks.)
- Do all of the above and more. The larger picture of all this political/corporate byplay is starting to become rather disturbing, I guess that's the reason why my little company also runs no corporate software whatsoever.
El Jynx
"Evil can only spread as long as good men sit and do nothing."
Much as I despise the BSA, I have to say that in my experience, universities, colleges, and even K-12 public schools are the worst when it comes to pirating software. There's something about them that leads the folks working there to think that ordinary rules of business just don't apply. I once worked for a company that sold computers to schools, and we fully supported the machines. Once school found a cheaper source, so they wanted to buy from there, but have us keep supporting the machines for free. One of many experiences that leads to the headline I put on this comment.
That said, I hope your school tells them to stick it. The BSA's tactics are too storm-trooperish for my taste.
and without piracy where would Microsoft be ?
National anti piracy week indeed. Don't target the kids, target your paying customers, the corporations. If they do this two more times I'm going to think up something reeeealy evil and they're going to regret it!
The BSA like bad publicity about as much as vampires, bats, and cockroaches like sunlight. Especially when it comes to poor public agencies. Unless you are at a well-funded private school, like
Yale, you can probably put them off for awhile, while you find you licences, and get as many people as you can on free software.
"Check it out, they have an EULA for GASP... I guess they'll want to see the EULA for each machine they install it on too.l "
http://www.bsa.org/usa/freetools/gasp/gasp_c.phtm
*snicker*
... so I wonder what they do if you don't agree to the EULA.
Why the hell do people keep praising a successful troll and assuming the one who got trolled was suckered? More often than not, a successful troll doesn't prove a damn thing about the gullibility of the one who got trolled, because there really are people rude and stupid enough to say something exceptionally brain-dead and really mean it. So no matter how hard a troll tries to fake it, he can't hold a candle to the real thing. So of course people end up assuming the troll is genuine. To do otherwise will end up making you err in the opposite direction by assuming that people with genuinely offensive positions are just trolling.
Don't label something "offtopic" unless you know the topic well enough to tell what's on topic.
I'll assume the computer is running Windows (doing something similar under Linux should be easier). Use Scramdisk or other disk encrypting software and create an encrypted disk where all the (illegal) software will be installed. When the audit comes, unmount the encrypted disk and don't give them the key (after all, the disk is encrypted precisely because it contains your confidential documents). Then they won't be able to prove you have unlicensed software.
But they can still see your Registry, System folder and Start menu for traces of installed software, can't they? There are two solutions:
- Tell them you installed the software, but later removed them. Since uninstalling it through Add/Remove programs is too time-consuming, you simply deleted the folders where you had installed them, so the traces in the Windows dir were not removed. It might not be very convincing, though.
- Copy everything each software installs in the Windows folder to some place in the encrypted disk, and export the corresponding Registry keys to a file on this disk as well. Create a batch program which copies these files to the appropriate places, and another one that removes everything (you can create a Regedit file to erase the appropriate entries). Before using the program, run the first batch, and afterwards (or when the audit comes) run the second one. You should wipe the free disk space after removing the files.
The second method is not very straightforward, but it should provide good security. Once one person analyses each software and creates the appropriate reg and batch files, everyone can use them.Using this method, when the BSA comes, there will be no signs of illegal software in the computer. And if they try to break the encryption on the disk, simply sue them under the DMCA...
Back up your Windows box using raw sector by sector backup. This can be done with a Unix machine having the drive attached to it, or a Unix OS booted from CD on the host machine, using the dd command. You can transfer the mass of sectors to other storage media or over the network wherever you like. Now encrypt the backup. Then wipe the machine off so that every sector is written with binary zero. Finally, install Linux on the machine (Red Hat will be fine, for example) for the duration. Now's your chance to really diddle around with the system and see what happens when you do things like resetting it over and over without a clean shutdown, now that you have a sacrificial OS install. When the software police come around to check your machine, let them have a piece of that. Later, when the coast is clean, you can decrypt and restore your backed up copy by reversing the techniques previously used.
If you don't have the time to do this, or are just not sure you'd be able to get it back, then buy a new hard drive and swap it for the one in there now, and take the old hard drive home and hide it. You can still do the Linux install trick on the new hard drive during the investigation period, or just do a nice clean install of Windows from the legal copy you have the CD, book, license key, and that fancy shmancy authentication certificate for.
now we need to go OSS in diesel cars
Although I agree with many posters that these EULA may be unenforceable as a whole or in part under sone unconscionability or contract of adhesion theory, this is not a completely untested area of law. A case involving a customer suing Gateway under fraud (RICO based) gave the United States Court of Appeals a chance to review a consumer contract. See Hill v. Gateway 2000, 105 F.3d 1147 (7th Cir. 1997). This contract was mailed with the computer at the time of shipment. The terms were not discussed on the phone at the time of purchase. Even though this contract had some of the characteristics of EULA, such as adhesion qualities, the court found the agreement enforceable. I have listed some other cases below that may be on point, but I don't ahve time to review them right now.
SOFTMAN PRODUCTS COMPANY, LLC, Plaintiff, v. ADOBE SYSTEMS INC, 171 F. Supp. 2d 1075
MICROSOFT CORPORATION, Plaintiff, vs. SOFTWARE WHOLESALE CLUB, INC. and GLENN YOUNG, 129 F. Supp. 2d 995
Record it all. The legal notices, phone calls, etc. If they send lawyers over, videotape it. Police? Videotape it. Webcams are preferred since even if they smash your cameras the footage you've already captured has been streamed onto the net. Cameras make oppressive forces nervous. Viewers won't see people defending their copyrights from pirates, they'll see a BSA lead gestapo terrorizing a university.
Oh, also. Try the angle of EULAs not being legally binding. You're batting about 50/50 based on previous court cases whether or not EULAs are legally binding contracts. EULAs are those things you click past that say the copyright holder or any assignee (BSA) have a right to audit your systems, not to mention also say you own a license to use the software and not in fact your own private copy.
Obviously you should have lawyers working hard on this.
Perhaps to minimize your liability in the event of an audit, on non-critical machines (such as machines that are sitting idle, or just used for web browsing, or whatever) you could install a Linux distro on them. If you were planning to migrate your servers from NT, now might be a good time to expedite it.
Like the subject says. That's what the letters BSA really means.
now we need to go OSS in diesel cars
I think a lot of people are failing to understand how the BSA operates.
I see post after post complaining that the BSA does not have the "right" to search people's computers. Well, no, of course they can walk in off the street and start searching hard drives. They don't have that right.
What they have is a giant gawddamn bankroll from the big software companies (and previous victims), and a pack of lawyers. They have a lot of power.
They do not claim to have the right to take any action other than suing the shit out of you. This is the sort of lawsuit, which could cost a big university millions of dollars to win. And you wouldn't win. You would loose. Any office with more than three (proprietary OS) computers has a piece of BSA software for which they haven't submitted the registration. I guarantee it.
Did you catch that? OWNING a copy of the software is not sufficient? No, showing them the box won't cover it, since you could have bought it when you learned on their intention to audit. You need to have every piece of software *registered* with the publisher, prior to the BSA contacting you. Otherwise, you will pay purchase price plus punitive damages.
They have no right to search your computers. They seem to have every right to threaten you with NASTY litigation, until you give in and allow them to search your computers.
- H
Oh, I got this new whiz bang computer, but it only came with Works. I guess I'll just take it into work, install Office 2000 and be on my way.
Actually, pussy is the shortened form of pusillanimous, a word meaning someone of weak spirit or will, lacking in courage and strength.
It comes from the French I believe.
--- It is not the things we do which we regret the most, but the things which we don't do.
This post is a last resort.... To Lisa, whom I met at the Brooks Café in Seattle last Saturday. Lisa, I lost your phone number and I'm trying to figure out how to reach you! Oh, that magical night we had. I never believed in love at first sight until I met you. I remember talking with you at length about the Bisuness Software Alliance, so I thought maybe, maybe you will read this Slashdot forum. Oh, I hope I will get modded up to something where you will see it!!! I love you so much and I don't know what I would do without you! Love, Gerard P.S. if you do get this, meet me at the same spot this Saturday at 10!!!
It occurs to me that the blanket search machines and install software might come into conflict with all sorts of industry and governmental agreements - computers used in research funded by private organizations including companies not in the BSA but who BSA members might like to have information on the current research efforts of. In the case of governmental grants, some are likely to be constrained by national security, depending on the university and research. In both cases, the university can probably deny access to large numbers of computers simply based on cross-agreements or grant conditions. I can imagine looking at the BSA as they stand at the door with law enforcement officials and saying something like "sorry, you can't look at those computers until you get permission from the Department of Defense".
See the thing is, the lawsuits aren't actually groundless or frivolous (though I agree that such a system helps in other ways). These companies and universities do have at least some illegal software and in a court of law, even the one or two copies that might be illegal are enough justification to rule the case as not being frivolous.
This sig has been temporarily disconnected or is no longer in service
I called the BSA...
They told me if they have suspisions about you they will come by with a Marshal! Whatever. Here is how our conversation ended:
me: So you guys must have dug up Stalin to run your company, huh?
BSA: Uh, these is no one here by that name, sorry...
I am a huge proponent of OSS and will use Open SOurce software over commercial. (Our company runs on Linux and NetBSD). At other jobs I've had, if people chose to use proprietary software, I enforced the licenses like the Gestapo. If you chose to use commercial software, you must play by the rules. Companies that use Open Source have no worries.That's the freedom. We are one company that will NEVER be visited by the BSA.
If you're not a Liberal in your 20's, then you have no heart.If you're still a Liberal in your 30's you have no brain.
When a company I worked for elected to comply with the audit, they learned that proof of ownership (license) consisted of Invoices. Retail box didn't count, holographic anti-piracy certificate of ownership didn't count. Field staff purchased software put on expense account didn't count -- couldn't prove it was not actually his personal copy.
Get a good lawyer.
BTW -- we settled with a US$25,000. fine and a promise to certify each year for the next 3 years that we were still "clean."
Denise
Will manage Novell network for money.
freetools/gasp/gasp_c.phtml
phtml? That's PHP!
They're using freeware! The BSA is smart enough not to bother licensing MS ASP. Isn't that a hoot!
A typical (say) MS license can be summarized as follows: - We assert our ownership of this software under copyright law, which places restrictions on what you can do with it. - In addition to the restrictions this places on you, you may not do ..., ... or ...
- If you do not accept this license, you may not use this software. [Er... excuse me? what gives you the right to say that?]
So, if you accept the license, you lose rights. (Assuming it's even enforceable; I've been told they're not, at least here in the UK, but IANAL). OTOH, if the whole license is void, the terms you can use the software under suddenly get less restrictive (i.e. they become sensible).
The GPL is more like this:
- We assert our ownership of this software under copyright law, which places restrictions on what you can do with it.
- If you accept the GPL, we'll waive some of those restrictions, so you can distribute copies of the software and derivative works; in exchange, you agree not to do ..., ... or ....
- On the other hand, if you reject the GPL, it's as though we never placed it under the GPL, so the restrictions placed on you by copyright still hold. You can still *use* it if you want, we're not stopping you, but copying it is now illegal. Have a nice day.
So if the GPL is somehow void, the terms you can use the software under suddenly become *more* restrictive. As a result, I suspect the FSF and others producing GPLed software have considerably more of a legal leg to stand on.
Oops, forgot to turn HTML off; please ignore my other post.
..., ... or ...
..., ... or ....
A typical (say) MS license can be summarized as follows:
- We assert our ownership of this software under copyright law, which places restrictions on what you can do with it.
- In addition to the restrictions this places on you, you may not do
- If you do not accept this license, you may not use this software. [Er... excuse me? what gives you the right to say that?]
So, if you accept the license, you lose rights. (Assuming it's even enforceable; I've been told they're not, at least here in the UK, but IANAL). OTOH, if the whole license is void, the terms you can use the software under suddenly get less restrictive (i.e. they become sensible).
The GPL is more like this:
- We assert our ownership of this software under copyright law, which places restrictions on what you can do with it.
- If you accept the GPL, we'll waive some of those restrictions, so you can distribute copies of the software and derivative works; in exchange, you agree not to do
- On the other hand, if you reject the GPL, it's as though we never placed it under the GPL, so the restrictions placed on you by copyright still hold. You can still *use* it if you want, we're not stopping you, but copying it is now illegal. Have a nice day.
So if the GPL is somehow void, the terms you can use the software under suddenly become *more* restrictive. As a result, I suspect the FSF and others producing GPLed software have considerably more of a legal leg to stand on.
I wonder how many of the BSA members license software from other companies. I'd bet all of them do. I wonder how many of them could produce "the license for every program, on every machine, ... upon demand."
Would it be possible for the Adaware program to learn how to cripple, corrupt, or uninstall the audit software on the machine, or just take a flying jump to one of the many available GPFs or BSoDs available if it detects the auditware running?
now we need to go OSS in diesel cars
Maybe BSA only investigates a certain percentage of anonymous tips, and they pick targets randomly, like every 3rd or 4th tip. I'll send an anonymous tip on Platypuscreations every few days for a couple of months and you can see what happens...
So the BSA will be installing this on all of the computers yes?
I'd demand to see the licenses for every install of that software, and a different serial number for each install.
After all... Quid Pro Quo
-Goran
Carpe Scrotum - The only way to deal with your competition.
Also... in about two months' time, Microsoft's new license terms will kick in - and in spite of their claims, it appears that these new licenses will be much more expensive than the old ones for many.
So, let's combine steep new licensing fees with a quasi-police force that has the power to both presume guilt unless proven innocence (when certain programs are in use) and levy heavy fines. Suddenly you have offered people a powerful incentive to move away from the software products of the BSA's sponsors. Remember when it was dangerous to use free software? Stuff like "who do I sue?" The answer is now clear: if you use proprietary software, the vendors get to sue you . Now it's more dangerous to use proprietary software - if you lose a few licenses, you might have to pay millions.
Simultaneously with the increased risks of using proprietary software, an alternative has become available! Free software is finally becoming mature enough to use seriously at the desktop. Yes, it would have been better if it was ready earlier. But KDE3 is out, GNOME2 is almost out, Open Office is usable and its few burrs will be off soon, Abiword 1.0 is out (without tables, but that shouldn't take that long to add), KOffice is out (with weak MS Office interoperability, but that will be improved quickly I'm sure), Mozilla 1.0 RC1 is out (with 1.0 soon to come out). Evolution is quite impressive (or use Mozilla's email reader). The programs can be used now, they'll have more polish before the end of 2002, and they'll be quite nice by mid-2003. I particularly like the cross-platform applications, because they make it easier for organizations to "phase in" the replacements. Someone using Mozilla and Open Office on Windows will find it much easier to switch to GNU/Linux or FreeBSD.
No, this is NOT enough to replace proprietary systems everywhere; there are many specialized applications that will require Windows, etc. But it will be much easier to show compliance when there are fewer of those machines.
Of course, this could all be a last gasp. Perhaps Microsoft expects everyone to switch from their products soon, and wants to try to extract as much money as possible while their competitors complete their maturing. Perhaps they expect that in mid-2003 organizations will begin switching quickly, and they want to sell (or re-sell) as much as they can before the alternatives are ready. I doubt they expect to really lose the market, but they certainly want to saturate the market to make it harder for anyone else to enter it.
I would say that "site-wide" licenses for Microsoft's products by companies (as they're usually written), and similar licenses effectively preventing Linux pre-installs by PC manufacturers, should be summarily ruled as illegal. These licenses fundamentally discriminate against competitors, because Microsoft gets money even when a customer chooses to use a competitor in a particular circumstance. IBM originally only leased their computers, instead of selling them, as a way of preventing customers from practically switching to a competitor, and that was ruled illegal. The same should be true for any contract that, when widely applied, prevents competition. Without these competition-preventing contracts, Free Software would probably spread much faster. But if customers continue to be treated as the enemy, they may consider alternatives far more seriously.
- David A. Wheeler (see my Secure Programming HOWTO)
If nothing else, bringing these organizations into the fray, even if only by name, puts the intimidation shoe on the other foot. How much does the BSA want a big, public court battle against a university backed by organizations full of lawyers dying to sink their teeth into multiple Bill of Rights issues?
And I hope North Carolina doesn't follow suit. However, please note that this law applies to police--not to the thugs at the Business Software Alliance. They can still sue your butt in court if they think you've pirated software, but my reading is that they can't use these laws to waltz into your home/office/cave/bunker without your knowledge or permission.
Of course, the whole point of the "audit" is that it is a fishing expedition designed to see just how much they can extort out of you for any violations, real or imagined. The whole IANAL thing applies here, but I don't see what they can do if they ask for an audit and you tell them to go away. Sure they can keep pestering you, but I don't see that they would have any right to do so. Indeed, I would be surprised if you couldn't get a restraining order against them and be done with it.
Wiser people with deeper insights are welcome to enlighten me on the subject.
What is your Slash Rating?
If your school has any contracts with Microsoft or Apple, call up your sales rep. Tell them you are not going to renew your contracts, that the BSA surcharges are too much, and that you are going Open-Source / Linux / GNU.
Play your cards right, and Microsofts sales team will call off the BSA for you... (This technique has been successfully used in the past, but only at Fortune 100 companies...)
I must say this has to be one of the funniest pairings of nickname and headline I've seen in a while.
Denise
Will manage Novell network for money.
I don't really know much about the way these sorts of things work, but while the legal dispute rages, couldn't you take advantage of the delay and destroy the evidence?
Utilities for wiping the contents of PCs matching and exceeding requirements for security in the Department of Defense are freely availible, so I'm thinking, why not just delete your habeas corpus such that no investigators will ever be the wiser?
Of course, destroying evidence might also be a crime, but you could always destroy whatever evidence might have proved that you destroyed evidence.
And so infiniditum...
Too busy staying alive... ~ R.A.
It is time to put billg out of business.
they are a cancer on the body economic.
Yeah, one of these days I ought to get an account here....
Do you need a licence for the licence checking software... would hate to get my computer taken 'cause I couldn't produce the licence for the licence checking software that the BSA told me to put on my computer...
IANAL! But I have a Jewish Sister-in-law that is a ;) I have spoken with her about it many times
lawyer.
and YES you can and do sign away your rights from time to
time. (As stated above!) Also note that although slavery is
not legal there are grounds for Indentured servitude contracts
to be binding.
But if you're a small to mid-sized company, take a long hard look. You can do a quick roll-out, but not to stick it to the SBA. Do it for the RIGHT reasons.
A transition isn't quite as traumatic as it might seem on the face. When we needed to add an additional workstation (KVM switched) to each CSR's desk the rollout was done for about $250 apiece - most of which was for the KVM switch and cables. Each box was only $100, an old refurb. The experiment was nice, but I expected a slew of support calls. Lo and behold, there are a lot fewer!
Oh, there were issues. A little bugginess in KDE 2.2.2, a printer problem here and there. When inquiring about stability (reboot frequency), people bitch about Windows. I asked about Linux and smiled at the replies:
"Oh, I like it. It doesn't crash."
"I've never rebooted it. Am I supposed to?" (3 months+ uptime)
"Huh? Go away, I hate you."
Now I have people asking for Linux. Is this or that available, yadda yadda. It's growing here, and I'll happily replace a 1GHz Pentium III w/256MB RAM running Windows with an old 233MHz Pentium MMX w/64MB RAM running Linux. The 1GHz box becomes a Linux server, the license goes into a filing cabinet, and everyone's happy.
Do a complete IT assessment, soup to nuts. Take a long, hard look at your licensing and TCC (total cost of compliance). Are there tenable replacements for the software you're currently using? Can you improve performance AND save money with a migration to Linux (or BSD or whatever)? If so, where? Servers or workstations or both? Timetable.
I believe that I can get rid of every single Windows box in my company. I've got 2/3 of mission-critical applications running on Linux. One more and it's on like Donkey Kong.
Would the BSA looking at the files on every computer on a University campus be a violation of FERPA? Many University sysadmins feel that FERPA covers providing access to student's files/programs/emails as well as grade reports and other personal information since they can be held to be a form of student record; the FERPA act is deliberately vague on this. Some security experts even advise not providing copies of files to police without a warrant or subpoena. So the BSA prowling around on student-accessed computers would violate the privacy of every student on campus, no? Or are they 'acting in the interests of the University'?
This situation reminds me of a friend of mine who was just starting out as a general contractor.
After less than a year in business, he got a 'invitation' from the state employment development agency advising him that they could come to his office and give him a personal 'seminar' on correct compliance with the employment development laws.
Stupidly, he agreed.
Come to find out, the 'seminar' was actually an 'audit' of his books, in which they found (of course), some mistakes, which they immediately levied fines for.
I had a hard time keeping a strait face when he told me this tale, as he was writing a check for several thousand dollars to said state agency.
Where can I get a copy of the Linux version, please?
I'm sorry to inform you that, while you have some rights in theory, in practice none of them will do you any good, and for all intents and purposes, you are, and have been from the moment you first installed commercial software, the BSA's ass toy.
All the frightened whining and speculation aside, it comes down to this; if you don't do what they demand, they'll sue you, and you can't afford the kind of sueing they can dish out. Not by a long shot. Don't be too comforted by any supposed "relucance" on the part of the BSA to test their authority in court. That authority has already been tested quite adequately by others. Not that your college administrators (one of the more notoriously spineless subspecies of human beings) would even consider standing up to them.
No, my friend, what you have here is an example of the real cost of commercial software. It's part of why Richard Stallman is so incoherenly pissed off all the time. When you chose to use Windows instead of Linux, and Word instead of Emacs, you chose wrong. And this is just one of the many, many very good reasons why.
-David
We're on the road to Tycho.
Like that Japanese student, who was dressed as Elvis for some costume ball, and got shot when asking for directions... Guess how that went..
> If this is a state school, they should forward the matter to the State Attorney General's office. They should explain that this 3rd party organization, which they have had no business dealings with, is violating the RICO act by trying to extort money out of them.
That 3rd party organization is empowered by the bulk license signed by the state school. Good try, but not good enough.
See the CAW logo license and then my homepage.
Hmmm ... what about the idea of creating a "virus" that will by itself download and install proprietary software (also automatically clicking the EULA okay button)? By deliberately installing such a "virus", the BSA will never be able to prove whether we personally installed the software, and they will not be able to make a case against us ... (or it will be a lot harder!)
Yeah, this is somewhat unrealistic however it would be enormously funny. Let them waste money looking at Linux machines.
"Can't sleep. Clowns will eat me"
How about this: Encrypt your disk with PGPDisk. Then when they come to audit, let them sit at your keyboard and look at your hard disk as much as they want. "Oh, I'm sorry you can't make sense of my hard disk, Mr. BSA auditor, but I seem to have temporarily forgotten the passphrase. Maybe it will come to me later."
Very simple: stablish corporation or university policies like the following...
;-)
1) Excluding BSA member corporations from the list of authorised providers, i.e. don't do business with them;
2) Prohibiting any employee, worker, teacher, student etc. from installing any software from these corporations. Next time someone says "Well, nobody was ever fired for buying BSA-member Corp." fire him, as to set an example. Ok, this cannot be done, but it's a nice idea.
3) Use a mainframe and x-terminals so as to maintain more rigid control about what software gets installed. There are some free software to do this (at least in the Linux world).
4) Create an corporate buyers association to enforce these policies across several organisations.
If enough organisations follow these lines, well, I guess BSA will lose some members, which will then become accepted solution providers again.
In others words, do not buy "protection".
No BSA story is complete without linking to this unverified horror story of a BSA raid.
Bleh!
"Does anyone know if this works?"
Yes - but the cable company does not drive around the neighborhood with some kind of scanner. They use an instrument called a Time-Domain Reflectrometer to do a thing called, not suprisingly, Time-Domain Reflectrometry.
How it works is somewhat like this - the TDR instrument must be connected to the cable line feed end. The instrument launches an electrical pulse over the cable then listens for 'echoes' - kind of like a radar. If it hits a tap in the line, hits a load, or hits an open (unconnected) cable, an echo is produced which is detected by the unit. They can measure the echos and see how many feet down the line is the tap.
"Do they actually do this?" Yes again, but it is not as easy as they would like you to believe.
Theoretically, this instrument can detect almost anything that is attached to the cable. In practice, it is a lot harder to catch tappers since the technician doing TDR on the line must distinguish between what is supposed to be on the lines and what is not. He almost has to 'map' the reflections and then come back later and see if the TDR 'profile' has changed to detect a tapper.
TDR is blocked by the line amplifiers they use to boost the signal on the cable lines. It has been almost 20 years since I did any work on cable systems, but at that time it was a real pain to shimmy up a pole, undo the cable from the amplifier and then run the TDR. This disrupted the service for the customers on the branch we were testing, and most of the 'tappers' we caught were in reality people whose cables became disconnected from the set-top boxes or got cut while digging in the garden. They all did not know why their reception suddenly became so poor!!
In the end we limited TDR to analyzing lines that had signal problems, and we generally depended on disgruntled neighbors to find people stealing signal. The TDR could help us find taps, but in a couple cases the tappers were real smart and used a high impedance amplifier piggybacked on our line, which would not show up on TDR. This approach does not produce a nice clean signal one would get from a properly split and terminated cable, but it got the job done.
There was talk of some super TDR system that could be run on the whole system from the head end, but I have not seen or heard of one in use. Remember I am describing the state of the art circa 1982, and much has surely changed, so that doesn't mean it doesn't exist.
As for vans driving around picking up signals - the last I heard of such a thing was from the late '70s when HBO was broadcast over microwave, and various small cable companies and hotels would pick up the signal and distribute it over their systems. One could get downconverter kits and plans to make a box that would let you pick up HBO without a subscription. The box you could mount on your antenna mast had a local oscillator that produced a signal that would downconvert the HBO microwave signal to channel 2 VHF.
The trucks had radio direction finders that homed in on the local oscillator frequency from the downconverter boxes. I had a friend who had one set up and he actually got caught, and received a summons in the mail to appear in court.
He actually showed up in court without an attorney. He was asked to verify where he lived and evidence was produced against him that a certain frequency was radiating from his property, one which could be used to illegaly downconvert HBO. My friend got his turn to testify and much to the suprise of the prosecuting attorney, he produced an Extra class ham radio license. He then submitted a page from the ARRL Handbook showing the RF spectrum priveleges given to different classes of Amateur licenses. The frequency in question was in the broadcast privileges for his class of license! He then said that in this case the evidence against him was circumstantial. He admitted that he was "performing experiments in those range of frequencies" and went on to add that he was soon going to broadcast regularly at that frequency.
Case dismissed.
I wrote about this in a licensing matter here a month or two ago as well, but it seems to apply here too.
Shorter version of story: BSA scares people, they don't want people to buy software, they want people to pay fines. M$ and other software companies talk with people, they want people to buy their software. BSA wants people scared, M$ and co. want people happy. It's been seen over here (.fi) enough many times - talk with BSA and everybody's a sinner. Talk with M$ etc. and their polite - they're not stupid, they want business.
So my suggestion is, stomp over BSA's head. Talk directly with the software vendors whos software your using. Get them to visit you - and they will - and talk about your licenses now and maybe the future. It'll probably be a smooth conversation and if you've put some money in their software, the discussion should leave both sides happy. Then, it's pretty easy to slap it into BSA's face that you've already discussed the matter with the involved parties directly and they're happy.
In any case, you're a customer, software vendors are sales people who want happy and paying customers who will buy again. BSA is a wild card that really doesn't have anything to gain unless it finds pirated software. When BSA comes over and sees that everything's fine, they've failed. They'll do pretty nasty reading-that-fine-print-a-bit-too-much kinda stuff just to prevent that. It's been seen.
Sue for damages, wast of organizations' time, ...multiple times of course. Like Scientology does....
etc., etc.
Or just get a few hundred individual businesses
together and each individually sue the BSA
Suppose I download some shareware, I like it and I send money to the software company to email a key to unlock the nag screen / time limitation and then loose the email they sent me? -- Or, better yet, even if I had saved the email, does that count as a valid licence. An email like this could be easily forged.
Just wondering if anyone knows how this is handled.
IANAL, but think its high time that all the small business and other corps. that have suffered real losses due to BSA's gestapo style raids when there was no actual piracy going on.
In this city, we have some conpany placing ads on toilets and bathrooms of pubs, restaurants, and bars, right in front of people peeing... You know who just has gotten most of that space obviously? BSA! I've seen it... Been there... They are telling us that we've got 30 days left, or.... Or what? :)
Anyway, they accidentally seemed to choose the right place, IMHO
OK, we'll fire Bob. Tomorrow we hire him back without telling you. Or maybe we bring him back as a consultant.
As a shortterm solution: bring in the lawyers.
As for the private machines i wonder, why the owner of those shouldn't have a say in this. I know very well, that i wouldn't admit them to my computer on that net, and i would step up the stakes quickly (knowing that i don't have anything remotely illegal on that box, being able to pay a lawyer, and that i would carry the story to the press to cause maximum damage in negative PR). Also i doubt that their auditing tool runs under Linux.
The longterm solution of course is: avoid software licenses, that allow the BSA into your house. If a softwaremaker doesn't give out other licenses don't use that software and tell your students that they have to use alternatives (there are alternatives out there) since you don't want to risk having your university turned upside down again. Also make everyone on the net sign statements that they wont install any software without consulting your IT-Department, and that they'll have to pay up for any costs resulting from breaking that rule.
I can't understand how any organisation can give that kind of power over them (namely to shut them down with a barricade of audits and legal bullying) to the BSA.
"By the way if anyone here is in advertising or marketing... kill yourself." -- Bill Hicks
(* Did you note the part in the indivudial article where the writer said they were also auditing personally owned computers? *)
Nope! I guess I missed that one. (I did read it.)
However, that is not the same as going into people's homes.
Table-ized A.I.
A number of years ago as a student I worked for a University's IT
department. The school had just built a school wide network and
decided to upgrade all of the professor's Macs. The school bought
all new Macs which came bundeled with MacOS and Microsoft Office.
I was on the 'installation team' and we installed the machines in
each of the offices over the summer. The license for the sofware
was inside each computer box, and when we were done setting up the
computers we left the licenses and manuals in each professor's office.
Maybe things were different then and no IT department would even
consider leaving the licenses with each computer now, but what would
have happen if, say, a year later the university was audited by the
BSA for Microsoft Office licenses. I could say with absolute
certainty that every computer in every office on campus was
properly licensed for the base software (obviously no one could
comment on software that might have been added by any individual
professor), but could the University have actually proven that
they actually had a legal license for the software on the machines?
Is a purchase slip for X hundred computers good enough to cover your
software license for each of those machines? If not, how many
man-hours would it take to get the license for each office (assuming
that each person had bothered to keep the license and didn't throw
it in the trash or lose it).
What about the machines where an end-user decided that they needed
to have Microsoft Access (or something like that) installed? How
do you even police that? I'm not aware of a good/unobtrusive
software license monitoring package that is widely used (we used
one in the computer lab itself, but didn't even comtemplate a
school wide software package).
Unless you have a site license for every common piece of software
that you run is it even possible to be 100% sure you are licensed
for every software package running on your machines?
I used to work for a support hotline company and they also ran a BSA (rat on someone today) hotline. I remember very well talking to someone from that side of the office telling me that M$ was paying the bills for this hotline...
...say I buy a car. That night as I'm going through my owner's manual, I discover that I am not allowed to let somebody else borrow my car while it sits in the parking lot waiting for me, because that would invalidate the warrenty which only applies to the purchaser.
By the same token, you buy software, get it home, THEN get the EULA and find the draconian legaleese. What are ya gonna do? You open it and install it, just like everybody else does.
They are assuming you to be guilty until you can prove yourself innocent.
This is actually almost correct... the 'burden of proof' as they say, is not that the plaintif must show beyond "Reasonable Doubt" as we often see in capital cases.
Actually they still have a type of 'burden of proof', they must prove a "Proponderence of the Evidence" is against the defendant.
This means that even if they can't prove that they have done it in the case, the plaintiff can show that it is plausible that the defendant did it. But, the instructions the jury recieves are based on motions filed with the judge by presiding counsel.
Vital Idea
There's a lot of discussion on this thread questioning whether this is a civil case or criminal case. Actually... software theft is both! Just like O.J. Simpson was tried in Criminal case and won, and a Civil case and lost. So, software theft is copyright infringement and illegal and you may be criminally prosecuted. Also, since it is a contract violation, and one side made consideration, whereas the other side was supposed to and did not, it is also a civil matter.
Note that the criminal case has different rules and standards than the civil one.
of course this is in the USA, each country has their own rules.
Vital Idea
reminds me of a (true) story from my past, a distant relative of mine was the local NZ equivalent of the FCC inspector who chases down illegal transmitters (both he and I were hams which was how I heard him tell this story).
.... there was nothing special about this pole untill he looked behind it and noticed a camoflauged wire that went down the pole and disapeared into the ground - someone was onbviously stealing power. Following the wire (it was buried) he went into a nearby barn where he found a still with a noisey thermostat .... he went and grabbed the farmer and explained the problem, then helped the farmer put some caps on the thermostat to stop the emissions ... he claimed the international radio regs protected the 'confidentiality of radio transmissions' and he couldn't turn the guy in ... however I suspect a flagon or two of the local hooch may have been involved :-)
He was chasing some annoying sparky interference out in the country near where he lived, it was being radiated from a power line and he tracked it down to a particular pole
Comment removed based on user account deletion
I have a software solution. Create a login screen that explains what the user is agreeing to by logging on. Make sure that "installing unauthorized software incurs a $100,000 fine" and "This machine is to be used for educational purposes only."
Alternatively, you could print up an agreement, and tape it to the table, near the machine. Then write "Click here to accept", and draw an arrow to the power button.
Free unix account: freeshell.org
Comment removed based on user account deletion
Your rights depend greatly on your state. Colorado has a "make my day" law and lethal force is considered justified against any intruder, armed or unarmerd, if you felt threatened. Since "feeling threatened" is highly subjective, and is very different from knowing you were threatened because the intruder displayed a weapon and intent, it effectively covers everything but inviting your neighbor in for coffee then blowing him away as he crosses the threshold.
That was clearly the legislative intent - the law was only passed after several high profile cases where DAs prosecuted homeowners who were "too quick" to use lethal force against malicious intruders. The state legislature said that, in a private residence, the benefit of the doubt always goes to the occupant.
But in other states, you can't use lethal force even when threatened. You have an obligation to retreat until you are literally backed into a corner before you use force to defend yourself.
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
How are these audits done? Does someone from the BSA physically use the machine and look for licences on the machine? What if you refuse to give out the passwords to log in to the said machine?
Business idea for Linux company:
... say ... Switch.
Let's call the company
Go to a school, business, or other municipality who is threatened with an audit and make an offer to switch their system to Linux.
For example, the school in Oregon says it will probably have to pay $500,000 to be in full license compliance.
Switch would come and offer to change all internal systems for the school over for $400,000 to a complete Linux system. The school saves $100,000 and gets a license free system in the process.
That might indeed be the key -- for the BSA to unwittingly attempt its extortion on a university that just happens to be chock full of lawyers, or worse yet, law students in need of a term project ;)
~REZ~ #43301. Who'd fake being me anyway?
Kinda curious.
If all the systems in your company have proprietary software written in house and every employee who touches those systems is required to sign a non-disclosure agreement, then couldn't the BSA auditor also be forced to sign in accordance to company policy.
What if a minor performs the install? A person under the age of majority does not have the capacity to enter into a legal contract. Wouldn't an EULA be unenforceable in a case like this?
icksnay on hacking my boxsnay.
Okay, flashback a few years. To be specific, almost five years; Adobe Photoshop 4.0, Doom II. US Robotics before the 3Com merger. Windows 95, or the patched "96" if you were "l33t" enough. I'm there. Are you? Good.
I remember pirating online with my lowly 14.4 modem that was a real screamer back then, or nearly so; it went hand-in-hand with my 75MHz machine. I was running Microsoft Organic Art as my screensaver; the desktop maxed at 1024x768, and my video card had an amazing meg of RAM. My whole system beat the pack with 40MB. Remember well?
At this point, I was using a local ISP -- tfs.net -- which later merged with Birch Telecom. I'd made some pretty good friends with the SysOps, and they (they meaning Joel) would routinely help me out when I was stealing a particularly large file; to save me the hassle of trying repeatedly to snag a huge file (Quake the first, anyone?), they'd grab it using their T1 and set up a dedicated server from which I could download so I didn't have to content with web traffic. TFSnet had a six-hour time-on session limit, meaning that if I went to 6:00:01, I was disconnected, regardless of idle status. I acquired quite a bit of software in this manner, which was stored on my 100MB Zip disks.
I was a wee lad back then, living with parents and all. I had my own webpage, of course; filled with ostentatious graphics and the horrendous blink tag, my site could choke an ISDN. Of course I had the requisite pages an early teen would -- one of them included a "links" page to various warez sites I frequented around the internet. A favorite was Simon's Hideout -- http://sibervision.com/sh/ back then. Since then, Simon's Hideout (yeah, I remember you, Si) has changed to Mitosis and become ugly and member-based.
I remember the W3B, or the original World Wide Warez Board. I created the name; I created the initial graphics for the W3B, a trading board and online warez community. Through the W3B I met a fellow pirate posting under the name of Radiaki; Radiaki (Brandon was his first name -- it's always something mundane like Brandon, isn't it?) had a pretty decent warez page that offered direct downloads. Radiaki's Warez. I visited this site often to check for updates. One such day, I visited to find that Radiaki had run into a plight -- he needed webspace, as his free web provider wasn't too keen on his illicit dissemination of software.
I volunteered. I used about 500K of my few-meg limit, so I offered the rest to Radiaki; I gave him the login and password and ftp address, and off it was. I made sure everything worked correctly -- and then Christmas came.
Christmas that year, I was given a new modem, a 33.6 USR Winmodem. Curse that pile of crap. I installed it that afternoon -- and didn't get it to work until literally months later, after repeated calls to tech support and various visits from friends more tech-savvy than myself. I'd sold my 14.4 the day before Christmas, so reinstallation was out of the question. It was such a frustration, watching the bird-esque beings flit by on the Organic Art screen. . . but not having an internet connection for which I was paying $20 a month!
Finally, it worked. Hallelujah. Online I was, at last! I signed on, checked my Hotmail and TFS.net mail, and signed off to do something else, something possibly productive. A few hours later, the phone rang.
His name was John Wolfe and he didn't believe anything I said. John Wolfe (or was it Woolf?) from the Business Software Alliance, the BSA. They'd caught wind of my page and the site I was hosting, Radiaki's Warez, and just happened to notice that both were in violation of Chapter 17 of the United States code (which deals with copyrighted materials). Shit.
Needless to say, the websites went down fast. The BSA took them down and put a big "BUSTED" logo on my index.htm site. I learned that the BSA was in the process of serving a subpoena to TFS.net to get the user logs.
Of course, my parents were simultaneously terrified and furious. They had no knowledge of this. They had no idea I was pirating software. They had no idea that the copy of Windows on their machine was stolen. . .
Again, I crept away offline for another lengthy hiatus. I continued working after school each day, fretting about the possible ramifications of what had transpired; I was being threatened with jail and a $25,000 fine! I was working at an outdoor garden/nursery making $4.75 an hour!
Life was hell for a while, and it was exacerbated by the fact that I'd never even had internet access to check Radiaki's page or my own.
So, finally, one day I grew tired of everything levied against me. I logged on TFSnet one last time and went directly to Simon's W3B to post a detailed summary of my tribulations. Lengthy it was and detailed it was. I logged off and didn't log back on. I called TFSnet to talk to Joel -- he'd already taken precautionary measures of deleting my radius logs, bless him. Great guy, he was. Six-foot-something, bike-driving, leather-wearing, long-haired SysOp.
A week later, I used a friend's computer to check my e-mail, and in my Inbox was a strange letter from a Russel A. Shorto. He'd seen my post on the W3B and was interested in my story.
Mr. Shorto was a reporter for a major magazine and wanted to do an article on me and the warez underground.
Russel Shorto and I kept in touch via e-mail and eventually telephone; he interviewed me extensively, I provided all sorts of facts and opinions and the ilk.
"And so, behind the cyber-moniker Twisted Ivory, there exists a 15-year-old who works at a nursery after school every day to raise money for his computer habit." and "Are these the criminals that government-subsidized corporations are chasing?"
A spot on page 49 of the November 1997 issue of Swing! Magazine (a magazine about life in your twenties!) landed me some serious publicity. Sympathy flooded in from all over the nation. From what I heard -- by snail-mail, e-mail, etc. -- there was a huge cry against the unfair and unethical movements of the BSA. Letters were sent, phone calls were made.
My case was dropped. I never heard from Radiaki or John Wolfe again.
The BSA has left me alone since, but I'll sure as hell never forget the time I spent when their focus was squarely on me.
I wasn't pirating en masse; I had an installed copy of Photoshop and a couple MP3s (hey, they were very rare back then and WinAmp didn't exist, and when it did, it shadowed WinPlay3). There was no selling involved. I hosted no actual software. I had a webpage and hosted another with links and links alone. I was just a "regular home user" -- and the BSA targeted me. I got away, but was lucky.
That's my story.
--TI
4.25.2
If you want your company to be able to avoid any BSA audit, there are a few things you can do.
The first thing is never buy any piece of software that's represented by the BSA, or at any rate don't buy it directly. Buy it through an intermediary.
Second, never register software with the manufacturer. It's hard to demand that you give someone a copy of a contract (the EULA?) if they never know you have one.
Third, set up secure areas in your company. If you have a machine running BSA-audited software in an unsecure area, then have all the licenses available right there. If they want to go further, tell them they need a search warrant, and you'll see them in court.
Fourth, if they decide to do an audit, be sure to have the senior person sign an NDA or something else like that. Be sure that your NDA contains high penalties and that you have the right to search their premises whenever to verify. Be sure to bring up that NDA in court.
Finally, if they did get that audit, and you did get the NDA, be sure to audit the BSA at least once a month. They'll be such happy campers. They know stuff about your company by checking your machines. I'm sure those criminals are selling it.
The power of accurate observation is commonly called cynicism by those who have not got it. - G.B. Shaw
If the BSA wants to play hard ball then I say we should have an independent audit company audit the BSA. I'm sure they're not squeaky clean and one of their employees is bound to have some "non compliant" software installed. They sent me a letter some time ago and all I did was laugh and throw into the circular file. Let them come and look at my computers, all they're going to see is that "gear where the start button should be" operating system.
rm -r bsa
"I bow to no man" - Riddick
Comment removed based on user account deletion
say the BSA is coming around. "It's time to make sure those licenses are in order." And the aggressive sales rep will go on to say just how the BSA has come down on this or that company because of illegal licenses. This happened to me, and my (government) organization, last year. I blew him off (I won't say the company but it has the words PC and Mall in their name), but someone at the center panicked. What ensued was a month of auditing software licenses, and I believe we were essentially compliant (I know my group was). I later found out he and his company were encouraged to use such scare tactics. Needless to say, I will never purchase anything from that company again and I was spending 5-10K a year with them.
What university was this again?
I live in Greece. We have a state authority responsible for hunting down Financial Crime.
They just come in and do financial audits to companies suspect for tax evasion, etc.
Starting from somewhere in 2001, when they do an audit, they also have a BSA representative with them, who does all their usual software auditing process.
I always wondered if they actually have the rights to do that. It's essentially the government assisting a private body auditing you.
As many legal matters are radically different in the US and Europe, I wonder if they do this in other EU countries too, and whether it is considered legal under EU legislation.
Given the fact that we can safely say the BSA has no legal authority to come in and rake through your machines then I would suggest the following course of action:
1) Show up at their head-quarters and demand they produce licenses for EVERY BIT of their software and that you be allowed to install your OWN auditing software on their machines. When they refuse send them a letter explaining that you take this to imply they have incorrectly licensed software and threaten legal action.
2) If this doesn't work and they still insist then threaten them with a suit for attempting to violate your constitutional rights.
3) If all that goes to hell then you can alway sue the software companies who supplied the software - I assume your books will show receipts for the purchases so demand NEW license documentation from the software companies and if they refuse threaten them with a suit. If you can prove purchase then surely the license belongs to you and should be replaced if 'misplaced'.
4) Threaten the vendor stating that if they seek to enforce it then they should have came out and done a complementary check on your licenses on purchase to ensure initial compliance, else why should you accept responsibility.
Okay some of it is a bit weak - but you gotta love being millitant.
"It's the early bird that get's the worm, but the second mouse that get's the cheese!"
You'll probably win against MS funded BSA?
The United States Federal Government couldn't win against MS in it's own country! Here is a real reading of your scenario:
Your lawyer: You have an airtight legal case, lets go win!
MS legal: hmmmm. Their case is airtight, lets go to plan B. Depose them to death.
Your lawyer: bad news, they're deposing everybody in the university. We have to have a lawyer present. Let's see... three hours per student, twenty thousand students, $200/hr legal counsel. It's gonna cost 800 mill, because you have to have a lawyer present at the depositions too.
MS can afford it for one high profile case, can you?
Let's say you bought the proper legal insurance (you didn't, but let's just pretend you did buy one with an $800,000,000 dollar cap). That's still only round one.
Let's say that you didn't have to spend any more than that. Let's also say that you didn't have anything at all. They'd just hire a student, or plant one. Then they don't have to pay your legal bills, because you have to pay theirs -- because they found their own planted illegal software.
Remember, this hasn't even gone to trial, and you're out nearly one billion. Actually, you are out a billion, because you cover more than legal fees.
So you go to court, and the judge says, "No fine, just buy that one software license. Case closed."
That's the very best you can hope for, and you're bankrupt. This is the big stick that they're wielding. I've seen it used before, and it'll be used again.
You simply cannon win in civil court against someone with unlimited funds. Period. Remember, MS FALSIFIED EVIDENCE IN FEDERAL COURT AND PERJURED THEMSELVES and got away with it.
What kind of chance do you have?
********* sig: If you don't like the law, get filthy stinking rich, and buy a better one.
That should be legislative, judicial, and executive.
And congress writes (actually, enacts) laws; it doesn't "right" laws. In fact, given some recent legislation (DMCA, etc.), it could be argued that congress "wrongs" laws.
Those who sacrifice security to condemn liberty deserve to repeat history or something. - Benjamin Santayana
Perhaps EULAs should not be so much found automatically invalid as invalidated only if they violate consitutional rights, or some template of what is considered reasonable?
Consider this: Do the BSA's actions, as an agent of Microsoft, constitute a form "harm to consumers?"
Microsoft has been declared a monopoly in a federal court, and the pervue of their monopoly is in the storage and security of a (well, nearly every) person's, corporation's, and organization's "letters and effects." The BSA is an agent of this (currenly) government sanctioned monopoly, and this agent is using threats, intimidations, legal action, police escort, court imposed fines and other punishments and threats of punishments in order to search citizen's and organization's storage systems containing their "letters and effects". The investigation performed by the BSA is a thorough, broad based search which makes use of "auditing software" whose function is to search the entire machine, and every machine, for "any commercial or shareware software" whether or not the BSA has a prior agreement with these particular vendors (or even knows of their existance). Contact with any previously known or unknown vendors may or may not be performed by the BSA only after evidence is uncovered during the search. Searches are initiated by threat, and targets are chosen by such precision methods as mass mailing and radio commercials. No evidence or valid suspicion other than a statistical possibility of being a general member of a type of group that has in theory a higher than average rate of licence violations than the general public (remember Driving While Black?) is obtained or required to be obtained before the threats, intimidations, legal actions, and broad based search of letters and effects begins. Lets call this reasonable suspicion theory the "Having a computer while being a business, organization, or school" theory.
So we have the agent of a government sanctioned monopoly using threats and police action to force random and thorough searches of the citizenry's letters and effects for licences by companies that the agent has a relationship with and also companies that the agent has no prior relationship with, performed with the stated intent to prosecute not only if licence violations are found but also if any record keeping is not in order even though the record keeping of licences is not strictly required by the licence agreements themselves. If violations are found, the "letters and effects" contained within, as well as the computer itself, will be seized. Furthermore, all this occurs at the target's expense.
The legal question, it seems to me, is whether the government can violate the citizen's consitutional rights to freedom from unreasonable search and seizure by using the agent of a second party to perform the work. By a) sanctioning a monopoly such as microsoft to provide the practically universal method for the storage and security of the "letters and effects" of the people and organizations under the government's jurisdiction, and b)directly enforcing by police and court actions the agents of that monopoly to perform broad and random searches without documented, authorized, and specific suspicion of wrongdoing not to mention any search warrant issued by a court of law; c) the government must find itself in a clear state of collusion in the ongoing process of unreasonable search and seizure perpetrated on its citizens.
Can the government sanction a monopoly to hire an agent to violate its citizen's constitutional rights? If the search were narrow, the question might be more difficult, but the search is very broad. If the suspicion of a legal violation were specific to the party involved, the question might be somewhat constrained, but the suspicions are often based on statistical stereotypes without specific evidence, or even on such flimsy excuses as responding to a radio commercial or a mass mailing.
The search is broad, the suspicion is based only on the target being a member of a statistical class, the intent is prosecution for whatever is found or blackmail to avoid prosecution, and the approach is through threats and intimidation. The licences do not require or explain the record keeping necessary to avoid their loss or disorganization being used as the basis for these systematic, intended, and damaging attacks. These are harms. Harms to the consumers of Microsoft products. Harms aided by a government which is required by its own constitution and its antitrust laws not to sanction agents or organizations under its jurisdition, as monopolies and their agents in fact are, to remove from the people their inalienable rights to freedom in their letters and effects.
I can top that. The first person to be pulled over at a radar speed trap in Western Australia was the then Postmaster General. He promptly took the operator of the radar gun to court for operating an unlicenced transmitter, and won, which made any evidence gained by this illegal act (to wit, said PMG's alleged velocity) inadmissable in court.
In theory, applying a radar gun to your person (through the windscreen of your car) could be named assault with your choice of `harmful radiation' or `electric rays' under our Criminal Code. I don't think anyone's paid a QC to ram this one through yet.
Got time? Spend some of it coding or testing
I got a few letters from M$ accusing me of selling computers without the proper licenses. They looked like form letters so I just threw them out. I never heard from them again. I Think everyone should handle M$ and the B$A the same way.
http://Lenny.com
Why sue? Just walk up to the next 9-plus-rated cutie you see and confiscate their pants because they weren't carrying a receipt for them.
If they contest your ownership of their pants, reply that they're evidence anyway, regardless of how it's settled. It would help to own a clothing store, but sheer effrontery would probably get you over a lot of hurdles... or maybe slapped about like you've never been slapped about before... (-;
Got time? Spend some of it coding or testing
Does the BSA use the same tactics toward Macs as it does toward Linux machines? Would they demand some sort of auditing software installed? Would it run under OS X? :-)
What, me worry?
Yes, there is. Buy only MIPS-based server and workstation hardware. Nothing that Microsoft sells runs on MIPS except PDAs. (-:
If a group as large as a uni did that, it would rapidly make things like StarOffice more portable.
Oh, and they'd slice a significant amount off their electricity bills. (-:
Got time? Spend some of it coding or testing
Would we be talking technical here, or practical? If practical, whatever goes into the Federal Register effectively becomes law. And that's <ghasp> pages a day of fine print.
Got time? Spend some of it coding or testing
I want to see someone successfully argue that since the RIAA taxes every CD-writer that's sold (at least in the USA), that tax comprises permission to copy any RIAA-owned works you please (with that CD-writer).
Greedy scumbags need a reality check. (-:
Got time? Spend some of it coding or testing
Yes, that would be hilarious, wouldn't it? `Damn, the CD didn't auto-run. Where's the registry editor...? Oh, well, I'll just have to open a DOS box and do it there. Umm... are we still in Kansas?'
Got time? Spend some of it coding or testing
Of course since you didn't post anonymously and have a link to your resume, everyone can see that you work for Cypress Semiconductor.
Now bugger off.
Got time? Spend some of it coding or testing
There is something out there called "FreeCAD", and then there are others.
Can't recall their names outright, but if you want it, I can try to search for them.
Muchas Gracias, Señor Edward Snowden !
Please don't be so nitpicky! I assert that in the absence of the GPL, those of us who wanted to share code would resort to public domain releases. I was responding to someone who seemed to be equating the GPL with "redistribution ... however [he] damn well please[s]". The GPL is there to offer users the freedom to share (like public domain, we want to promote code sharing), but with restrictions (as we've both stated now).
I do not have a signature
It's that the 1GHz box is waaaay waaay waaay overpowered for what the users need.
They run 2 applications on the Linux box: a small java applet and a database client. They don't run anything else on the Linux box other than a bit of light web surfing, checking email.
These boxes would be pokey doing other stuff - running KOffice or whatever. I'm going to bump up the RAM on the Linux boxes to when I can scare up some more SIMMs, but these boxes are doing their job and the users are happy.
For my setup, this mix of hardware works splendiferously. As to whether it works for other shops - depends on your needs.
For me, 64MB of RAM and a 233MMX would not be adequate. But for our CSR's, it's fine. If their needs change - well, 400MHz boxes with 128MB of RAM are pretty cheap too.
Why get a top-of-the-line box for a user running two small applications?
I like the concept -- it needs a little work, but I see the potential. The #1 weakness is that it relies on BSA business practices remaining as-is. I think the increasing threat of OSS on the desktop is going to rain on the BSA parade, with or without an army of Linux consulting commandos.
To really make it work, you would need to custom build a Linux distro for the explicit purpose of replacing a Windoze/Office PC, being sure to include the basic capabilities that everyone needs. To assist in rapid deployment, it would have to allow the installer to auto-discover the printers & file servers. Then look for directories that are likely to have documents. Keep those and nuke everything else, while converting the file system to ext3. The whole process would have to involve minimal interaction, and probably a combination of USB gizmos to facilitate scratch space or quickie Ethernet cards (nobody is going to have the time to take apart cases and fumble with PCI "plug-and-pray").
Maybe the install process takes whatever files are kept and encrypts them with GPG. At the end of all this, the BSA folks would be faced with a bunch of locked-down PCs, not a single BSA program to be found, no way to log in, and nothing to be learned from the users' old files. It might take a little while to train all the users on the replacement software, but given the outrageous cost of BSA fun & games, this extreme concept is probably better than dealing with the BSA, even for companies that are not actively trying to steal anything.
I would choose a slightly more adversarial name, like "DefCon 1", "The L Team", "Delta Force", "OSS Ninjas", or something like that.
I even have the TV commercial worked out: It starts with the good guys receiving a phone call from an IT manager who has just received a BSA nastygram. The alarm sounds, the geeks start grabbing laptops as they run towards the hangar, where a jet is starting up. As the plane takes off, the commentator says "Are you under attack from the BSA? Don't just sit there, call in an air strike!"
Comment removed based on user account deletion
From an admin standpoint, thin clients seem the way to go. A centralized server for x and other apps. Any suggestions on what you've found useful?
Posting at 1 in such a long thread, this will probably not be seen by 99% of the viewers but just for the hell of it...
Most commenters here take care to add "IANAL" somewhere in their post.
Well, if YANAL, then your pseudo-legal advice is not worth the time it takes to read it.
It is fine and dandy to suggest that others fight, countersue, challenge the legaily of [...], assert their Nth amenment rights, etc., all from the comfort of your ergonomic chair.
The question is: has anyone done it? Is there any precedent?
Has anyone successfuly challenged a EULA?
Has anyone successfuly fought a court battle with the BSA? Without losing an ungodly amount of money in the process?
Well? Didn't think so...
The fact is, we're all sheep and there is nothing we can do to stop the wolves from thinning the herd.
When they can extort license fees for software that isn't even installed, then they are all bad.
...fine the organisation for not having docco for the copy of Windows that they just installed over the top of an actual useful OS.
Got time? Spend some of it coding or testing
Try and remember that indentured servitude is NOT slavery. At the end of the servant's working enough to pay off the person they were in servitude to, they are free. Now, the difference is that there is no set amount of wrok/dollar value/etc. that says when a slave becomes free. If there is, they aren't a slave, they are an indentured servant.
Two things are infinite: the universe and human stupidity, though I'm not yet sure about the universe. - A Einstein