Microsoft Piracy Plan Means Concerns for IT

coondoggie writes to mention an article on Information Week about possible unintended consequences of the Microsoft Software Protection Plan (SPP) discussed on Slashdot on Wednesday. The new initiative is intended to protect consumers from pirated software, but may cause major headaches for IT shops. From the article: "Microsoft will support SPP in current and future reporting and asset management tools such as System Center Operations Manager. 'On paper it might sound pretty good, but we have to see how it works,' says Jeff Allred, manager of network services for the Duke University Cancer Center. One of his concerns is that a reduced functionality mode kicks in three days after changing out a motherboard in a server if the software is not revalidated. 'That really jumped out at me. We change out motherboards in our servers all the time,' he says. The provision only covers a swap with a non-OEM motherboard, which Allred admits doesn't happen often."

Hey Ed's...

[shoolz]

Do you guys do that crazy thing where you, you know, verify the links in a story before clicking the Post button?

HUH??

[abscissa]

Protect consumers from pirated software??? What if I don't want to be protected???

Re:HUH??

[SecurityGuy]

I so wish companies would stop the useless, transparent lies.

"This $FOO is for your protection." No it's not. It's for THEIR protection, and most of the time that's fine. What's wrong with "We're videotaping you because we want to deter robbers."

Re:HUH??

[pete6677]

That's marketroid speak for "protecting our revenue stream from you". Many companies use this. Notice the wording of the annual letters from your cable company announcing the latest rate increase. They never say "we're raising rates because we can". They say "we're introducing these exciting new cable packages" and leave it up to you to figure out that if you want to keep getting what you've been getting you'll be paying $5 more a month.

"Alleged"

[Speare]

You can't underestimate the lowest rank of society, but I think a large portion of the general population would understand the issue a lot more if the mainstream press were to rephrase all those headlines by one word:

• Microsoft Vista Will Lock Out Pirates
• Microsoft Vista Will Lock Out Alleged Pirates

Re:So...

[morgan_greywolf]

Activate it.

Doesn't seem particularly troublesome to me...did I miss something?

Yes. You've obviously never worked in corporate IT. When a server is down, the last thing you're worried about is contacting the frickin' vendor to get the OS activated. Servers in the corporate datacenter aren't likely to have Internet access. So to getting it activated is going to likely require a phone call. Every minute that server is down, it's costing the company $$$ in lost productivity. And what if someone forgets to do it? Ouch.

"...designed to protect consumers..

[wwiiol_toofless]

...from pirated software"

Yes, Microsoft designed and built that to protect us hmmhmmm.

Re:So...

[everphilski]

If it takes you three days to get your servers up and running you probably have bigger problems ...

Re:So...

Not to mention the staggering numbers of false positives the current Windows Genuine Advantage program for Windows XP has picked up.

Don't need research

[nine-times]

Well, the article is Slashdotted, but I don't need any expert opinion or research to tell me what it means for IT. I'm the head of an IT department, and it means that I'll be avoiding updates to any Microsoft technology with any "Piracy Prevention", and when I do need an upgrade, I'll be looking for Microsoft alternatives. I have friends who head IT departments, and I'm getting the same sentiment from them.

Not because we pirate. We're too afraid of the BSA sniffing around to do that. The problem is, these things cause problems, artificially created by Microsoft, for no reason. To stop piracy? If I pirated software, then I'd know where to find cracks for these things. Microsoft's "protection" wouldn't stop me.

But I've made a general policy in my department that we've stopped purchasing or installing software that requires "activation" or any other kind of phoning-home. I've run into too many problems where an otherwise working computer breaks itself by the developers own purposeful code because I've done a normal, legal repair job. In a large organization, an instance of the IT dept. replacing some hardware or imaging a disk shouldn't trigger a flag as "suspicious activity".

In my organization, I think we're likely to have more Macintosh purchases. Users like them, they're easy to fix, disk imaging is INCREDIBLY easy, they're reliable, and they work great with our Windows and Linux servers. And we'll see more Linux servers. If Microsoft wants my business back, they can stop trying to limit their OS to do less for me, and start working on how they can improve it to do more for me.

Re:Don't need research

[inKubus]

It will be crackable. Everything is. M$FT just needs enough time to get around a big upgrade cycle for businesses. They want to DELAY piracy, not stop it. Granted, the main point is that it's going to cause annoyance to users who actually paid. But a lot of those organizations use a license manager server so it's not really that big of a deal. Or use the enterprise versions of the product that allow imaging and the other stuff you mentioned. And how hard is it to reactivate the product after you swap hardware (which is rare)? The people who are going to be affected are the smaller businesses who can't afford a full-time IT staff. As an IT manager myself, I'm not too worried about the changes in this product. The benefits of IP6 alone are worth any time fixing piracy false alarms...

Re:Don't need research

[Skreems]

The difference is, if an app or OS tries to phone home only to check for updates, it won't stop functioning if it can't get through. With phone-home activation schemes like Vista, a failure will cripple the system.

Re:Don't need research

[nine-times]

I'll tolerate Firefox's checking for updates because I have no reason to believe that anything nefarious is going on, I can disable it, and in no foreseeable case will Firefox's developers purposefully sabotage Firefox in the update because they're trying to extort money from me.

That said, I still disable the automatic updates. I like having a button that says, "Check for updates". It makes it easy to update the software when I choose to do so. I hate automatic updates, however. Even assuming I trust them, they always seem to drain system/network resources at inopportune times.

And a printer driver looking for updates? I wouldn't tolerate that. If my printer is working, I don't need an update, unless it's a security issue. And if the printer is capable of causing a security issue, you need to change your OS.

Re:So...

[stfvon007]

At the college I went to, we have a security lab that is tightly locked down. (No outside machines allowed to connect, and no internet access whatsoever.) This means any activation has to happen over the phone, waiting on hold for a microsoft represenative.

Re:You don't need Vista

[TrekCycling]

The problem is Microsoft operating systems are full of security holes. So if you don't upgrade then eventually you end up on their "naughty" list and they stop providing you upgrades to the broken operating system they sold you. The solution is to switch to something else if you can.

hurts paying customers

[fermion]

One big reason that I left MS Office was that once the data was in MS Office it was hidden from me. Also, if I did not upgrade regularly, other persons who had upgraded might have trouble reading my files, as well older versions. In other words, there was a significant loss of functionality if I did not continue to pay for the software.

This was effectively punishing paying customers if they did not continue to pay as often as MS wished. This is a common practice, most products go out of data in a few years, but the MS disregard for paying customers tends to be a bit more extreme. This new proposal is the ultimate indication of that. Your software, that you paid for, has a time bomb that could jeopardize your business, and there is no way to guarantee that it will not affect you.

MS would say, just give us a call and we will fix it. But if I need something ready 10 minutes from now, I need to know that I will not have to call MS because they won't treat me as a paying customer.

Re:This is the correct link to the story

[edmudama]

If the average motherboard lasts 3 years (we've probably seen less, due to bad/leaking capacitors on certain makes/models of motherboard) and you admin 150 servers in some datacenter, that'll average 1 motherboard/week.

Re:So...

[Jester998]

I agree that if it takes you 3 days to get a server up and running, then your disaster plans suck.

However, consider the following:

- Server crashes due to hardware failure
- Techs follow the existing standard procedure to restore (i.e. replace motherboard)
- Service is restored on time according to SLAs.
- The server continues to happily serve out data and requests.
- Three days pass and suddenly the server is offline *AGAIN* because it wasn't activated and is now refusing requests.
- Spend more time on the phone with Microsoft than it took to replace the motherboard.

Suddenly, that hardware failure had a MUCH larger impact than it had to.

Death of the custom Windows PC.

[XNine]

So, eseentially, once you have everything registered to Microsoft, and then you say "you know, I think the mobo in this system sucks. I want to upgrade it for Doom 54" all of the software that you had will have to be re-purchased as the new mobo is not registered to the software. That sounds like a GREAT idea! Just like when the Xbox's were kicking people off of XBL when people had replaced their HD's, and the mobo and HD marriage number didn't match what MS's databse said it should... What a fucking disaster this will become. Bravo Microsoft. Bra-Vo.

Huh??

[sm62704]

The new initiative is intended to protect consumers from pirated software

Protect the customers from pirated software?

The customers? WTF???

Zonk, can I have some of what you're smoking? Microsoft is protecting themselves from pirated software, not you or me.

Sheesh.

On a slightly related note, it appears that my XP installation is on its last legs; every Windows update makes it slower and slower. As I type this, it keeps momentarily hanging, and there's nothing running but firewall, AV, Firefox, and Winamp.

Damn I am not looking forward to reinstalling it at all. I won't be "upgrading" again; I wish my vid card would get along with Linux. Maybe I'll try Ubantu this time. Anybody know how to get ANY flavor of Linux working with an ATI with an S-video out and a really old 14 inch HP monitor?

Can't we all just get along?

[nsayer]

I guess we never learned anything from the mid 80s.

Software copy protection and DRM don't work. You annoy legitimate users who have a corner case (usually enough for them to buy a competitor's product) and the h4x0rz work around it. The few pennies you save are more than made up for with bad publicity.

Story time!

[khasim]

I've had to call Microsoft about WinXP activation a few times ... and we lease all our machines from HP. The activation code is on a sticker on the machine. There should not be ANY problems with our activation. Particularly with me because we have two other people who do desktop support. And we have just over 100 desktops.

But between key generators and lazy co-workers who use the wrong codes on the wrong machines, I've had to call Microsoft to straighten this out a few times.

And I'm in a small company.

Microsoft's stated plan depends too much (entirely) upon the honesty/skill of my co-workers and the failure of key generators.

No fucking way, dude. Why should I waste MY time (emphasis on the fact that it is MY fucking time) because Microsoft is too lazy/stupid to figure out a better way of doing this?

Novell, way back when, used to link their licenses to specific companies and you could call them and they would tell you every license you had registered with them. If you lost a license disk, they would replace it.

Microsoft refuses to do the same. Even with the improved technology that we have today. They would rather put the burden on ME to:
a. Make sure that nothing does go wrong.
and
b. Call them when something does go wrong.

Blocking by IP address

[supersat]

Looking through the WGA trounleshooting forums, it appears that MS is already blocking VLKs (Volume License Keys) based on their IP address. The most common way to block VLKs by IP address seems to be by region. For example, there's little chance that an OSU license would be legitimately used in Chna, so it'd block that VLK from Chinese IP addresses. If there is a legitimate need to use a volume-licensed copy there, either a VPN would work, or MS could easily issue a seperate key (and they have big incentive to do so).

Re:Blocking by IP address

For example, there's little chance that an OSU license would be legitimately used in Chna, so it'd block that VLK from Chinese IP addresses.

Bad idea. Professors & students travel a lot and go on sabaticals/exchanges. Not to mention foreign students who come to the school - will their laptops stop working when they go home for the holidays?

Activation

[Ajehals]

Just wondering as I have not seen anything official on this, but what happens when a product that requires activation is EOL'd by Microsoft? I understand that support and patches will stop, but that is often less of an issue for large businesses with internal tech suport and decent security in place, but what happens if you need to reactivate a product? Will the activation system still be available or is this yet another method of forcing corporate and home customers to carry out periodic upgrades?

Anyway,
Thanks

Corporate IT needs a "consumers' association"

The software vendors have their "BSA". It's about time all corporate IT customers need to form a new consumer trade association that looks out for protecting their interests above the interests of the software and systems vendors who've been shafting us for far too long now. Part of this new trade association would require that all members boycott purchasing all software products from any vendor who is unwilling to fix nasty problems in their products or who imposes cumbersome copy protection measures upon their software. Every software purchase needs to become a contract with terms agreed upon by both the vendors and the purchasers or no purchase shall take place. We need to turn the tables back around to where the customer is more important than the vendor. Back in the good old days, there used to be a saying: "The customer is always right". Nowadays, software vendors in general, treat their customers like enemies to be conquered and abused. That's wrong and needs to be fixed. The only way to fix it is for us to gang up against the vendors because we have allowed them to get too big and powerful.

poor editorializing

[6]

I would like to draw attention to the phrase, "The new initiative is intended to protect consumers from pirated software".

HUH?

protect consumers from pirated software? Protect? Are unathroized copies of Windows raping and pillaging towns along the Atlantic coast?

To my knowledge there has never been any harm to, "consumers".

The measure is intended to protect Microsoft from losses from authorized copying.

Re:So...

Microsoft has already set up a huge problem with keys. Single copy OEM editions of Windows require that the OEM tag is affixed to the outside of the computer.

Yeah, isn't that the most fucking annoying thing EVER?! We build high end workstations and servers for small/medium sized business and industry customers. When we first started getting OEM boxes of Win2K years ago, and I saw the massive red warning signs in the OEM box stating we had to attache the CD Key sticker to the case, I laughed my ass off. Yeah, right, we are going to do that. NOT! No, instead we simply attach the sitcker to the back of the Win2K OEM booklet, right over the damn warning that says the sticker needs to go on the case.

What sucks is when we have to work on other peoples cheap crap boxes, like Dell or IBM, and we have to re-install the OS. Most people like to cram their workstations between the desk and the wall, or in some corner. So you have to practicaly disconnect and pull the damn thing out just to get at the CD Key! THAT IS ABSURD! Our customers simply grab their Win2K CD booklet and hand us the CD Key for re-install.

And who the fuck does MS think they are to try and force us to put sticers on a customers computer? What if every software company did this? Business computers would be covered in all kinds of ugly stickers! No, this whole sticker on the case issue is absolutely unacceptable...

Don't Panic

[vtcodger]

OK folks, now don't panic, but it is time to execute your preplanned exit strategy from Microsoft. Walk. Do not Run. Walk to your previously planned exit and calmly depart Windows. There is nothing to worry about here. The ship really is sinking, but it'll take quite a while. Heck, even the rats haven't left yet.

Eh? What's that? You don't have an exit strategy? My God man, have you been paying no attention at all for the last four years? You've slept through all the warnings? You didn't think through XP Registration and where it was headed? You slept right through WGA? Maybe you should panic. Best get cracking on a plan. The rest of you slow down, take your time BUT GET THE HELL OFF THIS SHIP BECAUSE YOU DON'T WANT TO STILL BE HERE IN FIVE YEARS

My two cents...

[zcat_NZ]

1) This is the best thing ever for Linux.

2) There will be a crack out soon. My guess perhaps a month. Six months tops. If it takes more than a year I will be very surprised, and exceptionally happy. Why happy? See point 1.

Re:So...

[Duhavid]

I think you didnt read the post.

The scenario is that they replaced the motherboard.
No OS install required.