Slashdot Mirror
Bruce Schneier Weighs in on IT Lock-in Strategies
dhavleak writes "Wired has an article from Bruce Schneier on the intersection of security technologies and vendor lock-ins in IT. 'With enough lock-in, a company can protect its market share even as it reduces customer service, raises prices, refuses to innovate and otherwise abuses its customer base. It should be no surprise that this sounds like pretty much every experience you've had with IT companies: Once the industry discovered lock-in, everyone started figuring out how to get as much of it as they can.'"
Right down to the processor level, even. If they're going to try to lock me into their hardware and software, I want none of it.
Does anyone have a link to some resources on how one might build one's own processor? How much does it cost to do that sort of thing?
In Xanadu did Kubla Khan
A stately pleasure dome decree
Nope.
Lock-in is anything that creates barriers to moving to a competitor. For example, file formats. Or email address non-portability between different ISPs (or freemail providers, for that matter). Or (in the case of telecoms) number non-portability.The subscription model is one of the ways to milk extra bucks from lock-in, but it isn't itself a "lock-in."
Kevin Smith on Prince
http://www.opencores.org/
As far as the cost of getting one of those built, I'd like to know that myself... Reminds me when I was part of the crew dismantling the old fabs responsible for the Z80... Shoulda paid one of the drivers to deliver one of those Canon machines to my garage...
I'm sick of following my dreams. I'm just going to ask where they're goin' and hook up with 'em later.
Prohibitively expensive and time consuming (unless you want to make a 4 bit processor, some one did that recently by hand).
Is the freaking worst. We finally switched when their AV client, sitting idle on a PC that was just booted, was using 50MB of RAM. (Some of our systems only had 256 at the time). Over 4 years, our renewal costs (we're a school), went from $5/machine to $18/machine. We still use ghost, and have not seem one damn improvement in the last 4 years, even though it has gone through all sorts of different versions. (now using Ghost solution suite 2.0) I don't see any difference in the software. dear god, you would think they would use WinPE by now, and stop breaking up Ghost images into 2GB chunks. I guess 2 years ago they fixed some multicast issues. Thats it. We just moved from Backup Exec 9.1 to Backup Exec 11d (We had starting using when it was Veritas), mainly for tape encryption capabilities. Of course, it is working fairly well, unless I do something crazy Like try to encrypt our backups to tape. I sat on hold for 45 minutes yesterday, and gave up.. They just bought Altiris, which is who we were looking at to switch to from Ghost. GRRR.. They just buy companies, and then raise prices..
What are we going to do tonight Brain?
Don't stop at the processor level. The fundamental laws of physics already contain signs of corporate lock-in. The No-cloning feature of quantum mechanics clearly is a sign of DRM built into the fundamental laws of the universe. And the inner workings of about everything we use is tied to the exact laws of the universe we are in. Therefore you have to start at the very beginning: First build your own universe!
The Tao of math: The numbers you can count are not the real numbers.
Or having to buy a bank of hours for your outsourcing partner, as we do :/ d'oh!
which is totally what she said
That's completely wrong! A lock-in is when the consumer is "stuck" with a particular vendor. This may be due to any number of things, but subscription is not one of them. A subscription-based service only locks you in if it makes unsubscribing difficult (which may translate to costly), which has nothing to do with being a subscription-based service in the first place.
A company that runs on a subscription-based business model would *benefit* from lock-in (to keep subscriptions going), but it doesn't have to do it. Magazines don't lock you in, neither do websites with subscription-based access (e.g. IGN, or newspapers), etc. You're always free to cancel and subcribe to something else if you wish.
I like basketball!!1!
Hmm? I highly doubt that any computer maker will lock you into hardware/software it just is bad business. Think of Dell, Vista failed, people started to not buy computers so they switched to letting people use XP, enough people wrote in and now they offer Linux, the hardware companies just want to sell hardware, if they can get that by offering Vista they will, if enough people request Linux they will offer that. Most hardware manufacturers want their product to be used as much as possible, if that means using standards they will (and mostly have) use it to get people to buy it. We are far away from computers (laptop and desktops not PDAs and Cell Phones and such) that have hardware/software lockin and the only one to have done it was Apple however now they let even Windows boot on Macs. The fact is, hardware manufacturers don't care about locking you into software, they just want money, if they can get that by offering MS, Linux, or whatever they will so lockin is a bad choice for them.
There is no "disagree" moderation, and troll, flamebait and overrated are not valid substitutes
Hell, my management fears vendor lock-in more than they fear Death itself (which probably explains why we're a very heavy Linux shop)...
I realize that a lot of PHB's couldn't care less (and an alarming # of CIO's and IT management don't either), but we're far enough along now that it's starting to bite a lot of accountants and IT critters square in the ass.
IMHO, it does matter, and it explains why a lot of shops are moving away from proprietary solutions, going to Linux/BSD and such.
Now if only we can definitively tackle the two biggest examples of attempted vendor lock-in alive (Exchange and MS Office), we'd be set.
Quo usque tandem abutere, Nimbus, patientia nostra?
This isn't always true. For many users, the pain of proprietary file formats is not understood until well after the purchase.
I really don't think you should be talking about Bruce Schneier like that when you clearly know nothing about the man. For example, did you know that Bruce Schneier once decrypted a box of Alpha Bits? Or that he knows the state of Schroedinger's cat? It's true!
Just some things that are more onerous than others. This has been going on since the beginning of the industry, and it won't change. You can complain about it all you want, but it's going to continue to happen.
Everyone wants a revenue stream not a revenue pond.
That doesn't justify boorish behavior, but it explains how companies want to stay in existence, and few other models exist that allow them to do this. Once again, Bruce thinks we were born yesterday.
---- Teach Peace. It's Cheaper Than War.
Per the article, sure, you can switch to a Pepsi in a second if you don't like the Coke, but both Pepsi and Coke spend *enormous* amounts of money to suggest that switching to the competitor's product will make you less desirable to women, less success at your job, etc. That's what advertising is all about, trying to get you to lock *yourself* in, willingly, to a single product.
But I digress...
Everybody dreams of being Ma Bell, where even putting a plastic cone on a headset could "damage the network". A lot of companies have had their turn too. We all think of Microsoft as being the king of lock-in, but for my money, it would still be IBM, where their mainframes and mid-range machines were so locked down that you had to get approval to install *anything*. At least with a PC or even a Mac, you can install another OS and you're free and clear. With IBM equipment, they could shut you down remotely if you missed a single "usage" payment (which was calculated *by* *the* *processor* *cycle*!!).
I cannot think of a single company that wouldn't want total lock-in of its users, regardless of industry. Some are just more capable of doing it than others.
I got locked into Ballmer's secret office after he found Linux on my laptop while sitting in the park.
I did manage to escape the MS compound dodging flying chairs!
I built my own universe once, but the startup Bang really hosed up my wife's microwave.
Scruting the inscrutable for over 50 years.
This being an unintentional form a lock-in, of course. You wouldn't actually expect an email address to be portable, would you?
-matthew
"THERE IS NO JUSTICE, THERE IS ONLY ME." -Death
Ceci n'est pas une sig.
You haven't provided enough information to determine whether that's a case of lock-in or not. If the CRM system provides the necessary tools to make it easy for the customer to export all of their data into a format which can then be imported by other CRM systems should the customer choose to change vendors, then there is no lock-in.
Now, granted, that's unlikely to be the case. However, it is the inability to move your data to a competing system which creates the lock-in. The subscription aspect has nothing to do with it one way or the other.
That's why it's called a lock-in -- you know the customers won't like what you're about to do, so you lock them in. And lock-in isn't a bool, it's a float: all companies lock customers in, but some do it intentionally and to much greater extents than others.
I do agree with what you said when it comes to smaller companies/non-monopolies -- they don't have much reason to lock-in customers, because they don't have very many customers to lock in, and because it's much more beneficial to look like the consumer-friendly guys. And even though Dell makes a lot of computers, they're not the only PC manufacturer, and any edge over their competition helps.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Tell it to street-level drug pushers. They mastered lock-in decades ago. It's only recently that tech marketing has risen to the level of "The first taste is free, baby!"
Welcome to the Panopticon. Used to be a prison, now it's your home.
"Windows, like a newspaper, only has value in context and for a limited time. Your old copy of MSDOS is worthless today as are most of every copy of software you have released before 2001. It only had value in context and the sooner you lose that context the better off you are."
It still does whatever you had to do in times past. For example, SimCity 4 runs fine on Windows 98. A lot of places refuse to dump their Win2k setups, or they have software that still requires DOS.
Heck, I know one place that runs their financials on a Win 3.1 program. Its been doing everything they need for 15 years, and they're not going to change. It works, it runs fine under xp, and why fix what ain't broke?
Kevin Smith on Prince
Probably meant as a joke, but this is very profoundly insightful from a spiritual point of view. This is in essence what spiritual adepts in many spiritual paths will do. The "physical" lock-in is happening in your own mind at a very deep level. It is non-trivial to overcome it.
Then they're very lucky indeed. I've seen a lot of accounting/financial software that I can only conclude is intentionally busted in places, and where these bugs are addressed with "Don't worry AccountingMegaWonderPro 2008 will fix this problem", which it does, of course, but opens up new ones, which are then going to be fixed with "AccountingMegaWonderPro 2009". This kind of software is awful in many ways, because the file formats are frequently proprietary, or at the very least some sort of locked MS-Access database that even when you crack it, you find an almost uninterpretable array of tables, dictionaries, queries and fields. The export formats to CSV or XML are usually insufficiently detailed, and it still means a lot of data entry to move from one accounting package to another. I've seen business stick for years to shitty accounting systems simply because the thought of moving to a new platform is so horrifying.
The world's burning. Moped Jesus spotted on I50. Details at 11.
"I don't understand why most people don't get together with friends and family and each pitch in a few bucks each year and have their own domain, with their own email address."
Comfort zones and insecurity. Speaking as the "computer guy" for about 15-20 friends and family members, the idea of registering a domain name and then paying a very small monthly fee (less than $5, sometimes $0) to permanently own your own domain name and e-mail is uncomfortable when they can just keep their free 5-10 year old AOL/LocalISP address. Only my Mom owns her own domain name (which she really likes).
Chuck
Not everyone who wants a free market is doing it for the evil reasons you paint, and not everyone who doesn't want the programs you mention is a greedy bastard who wants to be better than poor people.
"16MB (fuck off, MiB fascists)" - The Mighty Buzzard
This has nothing to do with IT. Business is all about lock-in. If this comes as a surprise, you don't know the basics of business. You can do it "cleanly" and morally and ethically through things such as superior customer service, superior product functionality, and superior value for the price. Or, you can be "dirty" and use things such as technology and software barriers, vendor pressure tactics, bias contracts and user agreements, biological mechanisms such as addiction, and lobbying and manipulating the law. The stock market, our way of evaluating and rewarding corporate perforance, unfortunately does not make any distiction between these clean and dirty lock-in tactics. The system's only real requirement is that we obide by the law and don't get caught cheating. Given this requirement, companies gain enormous advantages by being dirty. In this free capitalist market, those with advantages ultimately win and they get heavily rewarded for it. The result? Hello Microsoft, hello Nike, hello Exxon Mobil, hello Time Warner AOL Cable. And just when you thought Apple was gaining marketshare, what a surprise, we talk about how they are just getting better at being dirty.
Eventhough the government talks about being all for fair competition in an open market, their behavior and the law which they help create says otherwise. Intellectual property law, anti-trust law, and much of the consitution is comprised of lock-in catalysts. Mergers and aquisitions heavily support lock-ins as well.
Whether you are selling iPhones at Apple Stores or hotdogs at an intersection in Manhattan, you are still trying to lock-in your customers. And the better you do it, the more the United States of America will reward you.
...is that it works. I don't know how many times I've heard the argument about going with all Microsoft or all SAP or all this and that because it's so hard to make it work with everything else. You don't throw out the incompatible software, you buy more of it until you use it for things it's not suited for and has a hundred interfaces to other applications. And once you make yourself a little "mini-monopoly" with no real alternatives, they sure know how to gauge you. While there's plenty work left ahead, I think compatibility and multiple vendors will become the major advantages of open source.
Live today, because you never know what tomorrow brings
Where did you get this information? Quantum mechanics tells us that Bruce Schneier cannot be observed directly.....
The key published in tuaw's erica sadun's blog post is NOT the iphone's application signing key (as wrongly infered by Scheneier).
The key is actually an AES key for the DMG ram disk image file that is part of the iphone firmware update process. Nothing to do with application signing. The key doesn't even have enough size to be mistaken for an usable RSA key (I wonder if Scheier has noticed that).
Anyone can check that out on the various iPhone hacking blogs (and also on the very same one that posted this key in the first place).
People should get their facts straight before spreading misinformation.
You need to read up on how the internet naming works before you make such ridiculous assertions.
"You can't fight in here, this is the war room!"
Another contradiction of capitalism that is an observation in Marxist theory is the desire of an individual firm to pay its employees as little as possible, but that depends on well-paid consumers having enough money to buy their products.
All that is is negative feedback. If you want to create a system capable of optimizing itself to changing conditions without a very complicated model and detailed control system (with attendant long, involved tuning process), be it an economy or a simple industrial process, you'll probably find it best to put multiple forces in place that oppose each other in such a way that they balance at an equilibrium point that's near the optimum. There is nothing "contradictory" about market forces being in opposition. One can argue about how well it works (imho, it clearly does a near-perfect job in some cases and an awful job in others), but as part of a design of an economic framework it's not at all clear it's a bad route to take.
Seriously, try creating a *good* control scheme for a simple system that doesn't involve a negative feedback loop. Then consider how amazingly not simple an economy is.
Telephone number portability only became possible when the telcos added an additional level of abstraction into the call-routing systems. This wasn't trivial -- the telephone switching system as it exists today looks almost nothing like the system that was around when the telephone numbering system was conceived and evolved. (Mechanical rotary switches that turned in response to the dial on your phone producing pulses; these switches cascaded, one after another, for each digit, routing the call.)
You could probably get 'portable email addresses' with some sort of extension to DNS; basically allow DNS records for individual email addresses instead of just domains. It would be a weird use for DNS, thinking of it as we think of it now, and in fact it might overwhelm the current infrastructure, but it's not impossible. Just probably more trouble than it's worth.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
Yeah, sure. What you are suggesting is that I should be able to move house from one country/city/town/suburb but still be able to receive the mail sent to my old home address*. It's an utterly retarded idea.
When you use an @domain symbol your dns server directs the query to the server that is responsible for that domain. ie, the server operated by (or on behalf of) the owner of the domain.
If you want email portability then you can register your own domain . It's really quite simple.
If you don't want to do that then guess what, you can get an email address on somebody elses domain. If you choose to move from their domain you don't retain any rights to continue using a domain name that you don't own
How is that difficult to understand?
Honestly, sometimes I think we need a better class of geeks on slashdot. Is Digg down at the moment?
* Yes, I realise that you can do a temporary mail redirect but this costs money and is very resource intensive. If *everyone* tried to do this in perpetuity then the system would be completely unworkable, both logistically as well as inuitively.
"You can't fight in here, this is the war room!"
Over time, telephone call routing got more flexible. I'm not familiar with exactly how it works today, but there is obviously another layer, probably many layers, beneath the "phone number" you use and remember. That has been abstracted away from the actual 'hardware' and can be assigned arbitrarily.
Email addresses are currently hierarchical, in the same way that phone numbers used to be (under exchanges). If you want to send it to bob@company.com, you first send it to the mailserver for "company.com" and then it sends it on to Bob. But that's sort of an arbitrary design consideration. If you wanted to have a different MX record for "bob@company.com" than "joe@company.com", there's no fundamental reason why you couldn't, provided you were willing to completely trash and rewrite the DNS servers and MTAs.
More usefully, rather than screwing around with DNS, the best way to accomplish email portability would be to build another layer of abstraction on top of email as it currently exists. Instead of remembering people's emails, remember their real names or handles, and then have your email program consult some sort of global distributed database in order to find their email address (which would change whenever they moved ISPs or networks). Then you could change emails whenever you wanted and the people sending you mail would never know; it would all be hidden below the user level. And in fact there are some electronic-mail systems (e.g. Lotus Notes) that don't operate using user and domain names, and have their own systems allowing for more flexibility.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
I realise this, but there was one MAJOR difference. All phone numbers were owned by only a few telco companies and as such it was politically possible for them to be forced into providing cross provider portability or run the risk of losing their common carrier status ie licence.
The domain system is much different. There are hundreds of thousands of domains owned by almost as many individuals and companies. It is not politically or technically feasible to force some sort of email portability across domains without changing the fundamental nature of how dns currently works.
Why should I (as an email admin) be forced to allow people to use the domain name that I legally own for free? Am I required to maintain some sort of forwarding list on my mail server of all the people for which I am required to forward mail to? Do I do this for free? If my server crashes and the list is lost am I held legally liable? Who is responsible for tracking where email for my domain should go? Me? The government? Which government?
Should the entire planets email-address-to-ip-address-cross-reference-table be stored in some central servers somewhere? Where? Who pays?
It's a ridiculous idea.
"You can't fight in here, this is the war room!"
Lock-in is anything that creates barriers to moving to a competitor.
Often lock-in is the driving force to open standards and the proprietary vendors have to change or die. The most recent example of this that I can point to is the theatrical lighting industry. Martin, Strand, MSI, and other inteligent lighting manufactures all had their own standard for running lighting. Touring companies found it difficult to interface with all the lighting systems. A committie was formed to produce a standard that wasn't any of the already established standards to avoid any patent and royalty bias toward any one manufacture.
The birth of the DMX-512 standard came out. Now it is almost impossible to sell any lighting system that doesn't support the standard.
http://www.usitt.org/standards/DMX512.html
"This standard is intended to provide for interoperability at both communication and mechanical levels with controllers made by different manufacturers."
Almost everything now uses the new standard from Drama, Dance, and Club Nightlife. If you buy an intelligeht moving light, It's almost guaranteed to use the DMX-512 signal, even if the connector isn't the standard 5 pin XLR. An exception to the DMX standard is the one for architectural using multiple wall stations for building lights. Even these control systems often output DMX-512 signals to use standard dimmers.
In some specialty fields some still try with something other than the standard. As an example the animated Christmas lights often use the Lights-o-Rama system which is incompatible with everything else.
http://www.lightorama.com/
It is a cheaper alternative with a lower cost per dimmer, but it is limited to dimmers only. It won't run all the disco and concert moving color changing lights. And of course you can only use their software and interface to run the dimmers.
The truth shall set you free!
Product unreliability ordinarily doesn't benefit manufacturers, because most consumers are smart enough not to buy the same make next time; but the situation is inverted when the manufacturer of the unreliable products holds a monopoly. And sometimes it doesn't even need to be a full monopoly: you can have several players ostensibly competing in a free market. But that freedom is often just an illusion.
Think about it: If John Thomas's Panasonic stereo breaks, and he already has lots of CDs, he might buy a Philips next time -- after all, it will plug into the same mains socket and play all the same discs. If John Thomas's Glow-worm boiler packs up in the middle of winter, he might replace it with a Worcester or Baxi boiler -- which will use the same gas and electricity, and plumb in just fine to his existing radiators and hot water system. If John Thomas's Ford Focus breaks down one time too many, he might trade it in for a Vauxhall Astra -- it will use the same fuel and can be driven on the same roads.
But if John Thomas's Wii breaks, and he already owns several Wii games, he has precious little choice but to buy another one from Nintendo. The games may well have cost more than the console -- it would be a waste not to have anything on which to play them.
Despite outward appearances, Nintendo, Sony and Microsoft aren't really competing in a free market; because their products are not interchangeable in practice -- unlike CD players, gas boilers or cars. Once you have invested in a game on one platform, it can only be used on that platform -- you can't replace your Wii with a PS3 and take your games across. And if you ask the vendors to replace your Wii games with PS3 equivalents, they'll laugh at you. (A store will probably exchange a few unopened games bought in ignorance as a gift for someone who has a different console than you thought; but even then it's technically ex gratia, not a statutory right.)
And if John Thomas's copy of Microsoft Word pisses him off one time too many, and he has many documents already in .doc format that he needs to be able to access, he can't replace it with anything else and still be sure that his documents will render correctly. Even worse, if his sister Fanny buys a brand new computer that comes with a brand new version of Word, John's copy now most probably won't be able to read documents saved by Fanny in future (unless she saves them as an older version, which is deliberately made awkward and throws up dire warnings) -- so he is all but forced to buy his own new copy of Microsoft Word.
Je fume. Tu fumes. Nous fûmes!