Recession Turning Software Auditors Into Greedy Traffic Cops

judgecorp writes "As the recession bites, software auditors are cracking down, and some are simply exploiting loopholes and technicalities to meet their targets, according to analyst Forrester. They may be within their rights, but they aren't endearing themselves to users; Steve Ballmer faced weary customers in London last year, and admitted Windows licenses have deliberate 'gotchas.'"

Easy solution.

(1) Outsource your work to a very large country which dosen't care about IP laws.
(2) Profit!

(1a) Outsource your work to domestic individuals who have the compatible software regardless of license legitimacy.
(2a) Don't shake their hands when you make a deal. Pay'em through some guy meeting them at an Italian restaurant every week. Stop showing up when they fail to deliver.
(3a) Wanna keep your house? 1a and 2a for you unemployed Americans whose baby food money is going towards military ammunition.

Re:Easy solution.

[wizardforce]

Exactly. On a somewhat related note, I think it would be interesting to see how the recession has affected the use of FOSS due to the necessity of cutting extraneous costs like software licenses.

Re:Easy solution.

4. REPORTING AND AUDIT. If Customer wishes to increase the number of Installed System, then Customer will purchase from Red Hat additional Services for each additional Installed System. During the term of this Agreement and for one (1) year thereafter, Customer expressly grants to Red Hat the right to audit Customer's facilities and records from time to time in order to verify Customer's compliance with the terms and conditions of this Agreement. Any such audit shall only take place during Customer's normal business hours and upon no less than ten (10) days prior written notice from Red Hat. Red Hat shall conduct no more than one such audit in any twelve-month period except for the express purpose of assuring compliance by Customer where non-compliance has been established in a prior audit. Red Hat shall give Customer written notice of any non-compliance, and if a payment deficiency exists, then Customer shall have fifteen (15) days from the date of such notice to make payment to Red Hat for any payment deficiency. The amount of the payment deficiency will be determined by multiplying the number of underreported Installed Systems or Services by the annual fee for such item. If Customer is found to have underreported the number of Installed Systems or amount of Services by more than five percent (5%), Customer shall, in addition to the annual fee for such item, pay a penalty equal to twenty percent (20%) of the underreported fees.

Re:Easy solution.

[LostCluster]

Yep, nobody would threaten to sue you for using Linux.

Excuse me, jcr, you've got a phone call from a SCO on line 3. I think you might want tot take it.

Re:Easy solution.

[ozmanjusri]

(1) Outsource your work to a very large country which dosen't care about IP laws.

Shame you got modded troll. This is pretty insightful, though it should say "Outsource your work to a country which has lax tax laws."

One of the most unintentionally hilarious points in TFA is Steve Ballmer's comment;

Users such as the Government of the Isle of Man are already saving up to £120 per year using the beta version of Windows 7

The Isle of Man is largely an offshore tax haven with around 1,350 desktop computers for the entire government. If all of the promised "£100 per desktop per year" savings materialise, the IoM government will have saved a grand total of £135,000 by using beta software. So why would Ballmer be so interested in such a small deployment?

Accounts for Microsoft Ireland Research, an Irish subsidiary of the global software giant, show that the company paid just €460,000 in tax, on profits of more than €1.2 billion last year.
http://www.taxresearch.org.uk/Blog/category/microsoft/

That's 0.04% tax.

Still wondering why Microsoft is heavily involved in an offshore tax haven?

Even funnier, the IoM Government was an early supporter of Windows Vista, and claimed savings switching to that OS. Though only completing their rollout in October 2009, they were just in time to save even more money changing to Windows 7. If they keep making savings upgrading like that, pretty soon Microsoft'll be paying them for installing Windows.

Re:Easy solution.

[Runaway1956]

Opinion only: Little to no effect yet. Most companies are trying to ride out the recession. (Read, management is still enjoying a nice paycheck, and most of their usual perks) When, and only when, management is looking at cuts to their own pay and/or benefits will they look at FOSS as an alternative. Then, there will be problems. All those donations to schools has ensured that most people only know the MS way of life, and it will cost to migrate to anything else.

But, if the recession isn't solved within the next 24 to 36 months, THEN we will see a mass migration. If profit margins drop to mere multiples of what a corporation is spending on software, the software will be axed, plain and simple.

As an aside - I wonder just how much a company like Bank of America spends on software each year? I'm certain that money could support my home town - maybe the entire county!!

Re:Easy solution.

[Gerzel]

Depends on the flavor. Try debian.

Re:Easy solution.

>"Software auditors" are just about unknown to users of any other platform.

Shows how little you know. Unix has had proprietary engineering software for ages and heaven help you if you've been playing fast and loose with your licenses for $10k+ a seat software.

Re:Easy solution.

[whterbt]

Who here has been audited by Red Hat? Anyone? Anyone? Bueller? Bueller?

Re:Easy solution.

I don't know about where you work, but where I am they dropped all new software purchases & maintenance for software they owned 12 months ago.

But they aren't planning on moving to open source. They purchased the software, they aren't hiring anyone, and so they don't need to do anything.

Long live Office 2000!

Re:Easy solution.

That's why we all run CentOS in the first place! ;)

Re:Easy solution.

[Minwee]

Don't run Windows. "Software auditors" are just about unknown to users of any other platform.

I think you meant "to users of any other platform where the hardware costs less than a car." Oracle, for example, has a long history of auditing its customers and only the most brain damaged among them would run it on Windows.

Re:Easy solution.

[Pinhedd]

3 CentOS

Re:Easy solution.

[bendodge]

Microsoft hates that mentality. Therefore, they are moving to a subscription model with Office 2010. But they've got a tough road converting the huge base of Office 2000, XP, 2003, 2007 people who have a license into infinity.

Re:Easy solution.

[stephanruby]

What is Red Hat thinking? Written notice? Microsoft doesn't always give notice, that's why its audits are so successful. At least during one incident reported on Slashdot, they didn't give any notice and just showed up with Federal agents and guns.

Re:Easy solution.

I'm posting AC because I do IT work for IOM gov. Your post is full of misinformation.

First of all it's disingenuous to represent the Isle of Man as a "tax haven". It's one of the few offshore jurisdictions that aren't on the US blacklist of tax havens and has tax information sharing agreements with anyone that matters. We don't have "lax tax laws". We're one of the only 3 jurisdictions whitelisted by the UK to conduct online gambling precisely because we have good regulation and anti-money laundering protection. And the overall level of tax burned on the IOM is about the same as the US.

Second. There are about 5000 desktop and laptop computers. Now you might not think such small numbers don't matter, but it's not the numbers, it's where they are. The IOM has everything you'd find in your average government, from the executive offices right down to sewage treatment, water utilities, power generation, hospitals, schools, roads, etc, etc. Only it's much smaller. So why does MS care? Because they can deploy their products across an entire and extremely varied organisation, and capture that in only 5000 machines.

As for the Vista/Windows 7 thing. The software is licenced through microsoft's rental scheme, so whether they stay on Windows XP or Windows 7 doesn't matter, they pay the same. The claimed savings were down to lower maintenance costs etc. Also after the deployment of Vista, the upgrade to Windows 7 (like all their application deployments) is through a system called SMS. It's deployed over the network, overnight and is completed with one reboot. No user settings are lost as they're all on network profiles.

I don't like MS as much as the next slashdotter, but you're talking about things you don't know. Stop.

Re:Easy solution.

Not all of that €1.2 billion is taxable in Ireland, you idiot.

Re:Easy solution.

[thetoadwarrior]

That may be true but it's well known that a lot of companies operated in the EU through Ireland because Ireland has low tax rates. Of course this is probably why the recession hurt Ireland quite a bit.

Re:Easy solution.

[supernova_hq]

Mac's support Adobe.

Re:Easy solution.

[selven]

Let's see:

-10 days notice
-at most once a year unless you get caught
-if you make a minor mistake, you pay up and you're done
-if you make a major mistake, you pay up 120% and you're done

Sounds better than anything Microsoft or Adobe have to offer.

Re:Easy solution.

[Hognoxious]

But, if the recession isn't solved within the next 24 to 36 months, THEN we will see a mass migration.

Why? They've already paid for what they've got, it works and the staff are used to it. So why not stick with it?

All I see is that organizations will delay - perhaps indefinitely - upgrading. Microsoft's biggest competitor is their existing installed base.

Re:Easy solution.

[Antique+Geekmeister]

And don't forget:

-live systems can be converted from RHEL to the free rebuild, CentOS, with a single reboot to change the kernel and unless you're using one of the few non-open-source components, such as the RHN management tools (which require registered systems). For most applications, it takes a local CentOS repository and takes each systemm about an hour to complete the switchover, but it's quite effective. And you can switch them back when you buy licenses.

Re:Easy solution.

[MasterPatricko]

you're talking about things you don't know. Stop.

This is slashdot ... fat chance

Re:Easy solution.

[kramerd]

Why is Microsoft Ireland research using pounds instead of euros?

Re:Easy solution.

[Hurricane78]

then again, you could simply do...
eix-sync && emerge world ;)

But I don’t even know what “auditors” are, and what they think they are doing, wanting to get into my building without a warrant. Because in that case they either walk away, or the cops will drag them away.

Re:Easy solution.

[Lumpy]

If you have competent IT centOS is a better choice than redhat.

Why pay for support you dont use?

Re:Easy solution.

[Runaway1956]

They've paid for what they've got - but what they've got will wear out sooner or later. Can they transfer all their existing licenses onto new hardware, and possibly add seats?

What they've got works - today. What about tomorrow, when things change? Don't ask me what's going to change - maybe the company will change it's product lineup, and existing software just won't do the job in the plant. Or, they want changes in the sales department, but there's no longer any support. Or, any number of things.

The staff are used to it? Well - I know that's a big point in some places. Other places - if you want to keep your job, you'll learn the boss's new system, or he'll hire someone who will. When times are hard, the boss isn't going to cater to office staff who refuses to keep up with the changing times.

Mind you - I'm pointing out near-worst-case scenarios. If middle and upper management are feeling the pinch, they WILL stop spending money on software, and it will be up to the staff to make things work without all that fancy proprietary software. Even if they have to hire some nerdy pimple faced college boy to do some hacking and coding for them.

Re:Easy solution.

Shows that you have poor reading comprehension. The "just about" in the parents post covers the odd piece of licensed software such as the engineering software you spoke of.

Re:Easy solution.

[DarkOx]

Gee you think maybe Red Hat Software's policy is geared towards getting customers to simply hold up their end of an agreement they made when they licensed the software while Microsoft's is geared toward giving them as much control over you and your business as possible in case they ever want to exercise it.

What M$ is doing opens the door to them extorting just about anything they want from you. What RH is doing is just saying well you agreed to pay us $X per seat you have Y seats pay us $X*Y and we can all be friends.

Re:Easy solution.

[darkmeridian]

Software audits are commonplace in the business setting. Almost all software vendors will demand the right to audit, and most businesses will agree to them. The issue has to deal with abusive audits where the payments are not tied to the level of noncompliance but rather punitive.

Re:Easy solution.

[ozmanjusri]

Not all of that €1.2 billion is taxable in Ireland, you idiot.

Read the links. It's what I put them there for.

According to the Irish Independent, in the past two years Microsoft’s Irish subsidiary has paid dividends totalling €5bn to its Seattle-based parent. That’s despite making profits less than that at €2bn pre tax a year.

Understand what's happening yet?

Re:Easy solution.

[ozmanjusri]

The US blacklist isn't the only definition of tax haven, and the IoM only avoided the blacklist by signing more tax information exchange agreements than other offshore havens.

From Wiki;

The Isle of Man does not charge corporation tax, capital gains tax, inheritance tax or wealth tax. Personal income tax is levied at 10–18% on the worldwide income of Isle of Man residents, up to a maximum tax liability of £100,000. Banking income tax is levied on the profits of Isle of Man based banks at 10% and income from the rent of Isle of Man property is levied at the same rate.

Re:Easy solution.

Well I hope you don't work for the IOMG's ISD.

ISD's extremely inflexible working practises cause a great deal of user dissatisfaction (as well as having proven Microsoft server technology doesn't scale very well - the frequency of severe slowdowns especially when the civil servants arrive and leave the office is still a problem years after the original Magic XP deployment). ISD's "one size fits all" policy is something enormously costly.

There is also a fair degree of incompetence amongst the consultants that ISD employs too, which costs all of the departments and authorities dearly (PDMS, I am looking at you). Now the IOMG is having to make 15% cuts across the board...I bet one department doesn't have to make cuts, and that's the Treasury and by extension ISD...

Re:Easy solution.

[noidentity]

Isn't this about the support contract, not use of the software itself? They are verifying the number of machines you have, to prevent you from say buying support for 10 even though you have 100, and thus getting their suppot services for one tenth their advertised rate.

I just don't even open the door

[GNUALMAFUERTE]

I don't use ANY proprietary software at my company. I own a software development company in Argentina. If I get an auditor (Auditions here are done by ARBA, the state-wide equivalent of the IRS in Buenos Aires) I just won't even open the door. Sue me if you want. I use NO privative software, and no one has any right to log in into my servers or workstations (We have ~40 machines at our offices).

Fuck them in the ass.

Re:I just don't even open the door

I don't use ANY proprietary software at my company.

This is great for anyone who can get free software to do their bidding. For everyone else, this really pushes free software into the limelight in a good way (e.g. - we'll use it until we see the value and THEN we'll pay for the "enterprise" support).

Adobe products apparently "phone home". My former employer was just approached by Adobe about some unlicensed copies on the network (the users have full admin rights, per most Windows environments). They settled out of court for $2 million (USD) but immediately dropped Adobe from the suite in favor of free software.

Kudos to Adobe for screwing themselves so bad.

Re:I just don't even open the door

[Quasar1999]

Some how, in North America, your mentality would be viewed as admission of guilt, and they'd find you guilty of pirating software that quite probably hasn't even been written yet.

We seem to have fallen into a guilty until proven innocent beyond any doubt (no matter how unreasonable) system up here... How's the weather down there? If you guys have cheap internet, I'm willing to emmigrate...

Re:I just don't even open the door

[emcron]

Eh? How do things work there down under?

Software audits don't entail some government henchman knocking on your door at random and demanding to see what's inside. Audits in the U.S. are usually for companies licensing large volumes of software for multiple users. The agreements they enter into allow the software maker (Micosoft, Adobe, etc.) to ask for and recieve an accounting of installed copies of software to make sure you're paying for what you are using or are otherwise properly licensed.

They don't just show up and kick down your door.

Kudos to you for going the free software route, but most software audits are not the jackbooted RIAA/MPAA criminal issues of pirating -- the companies licensing legit software know what they're getting into when they sign the deals, and some can expect to at some point to have the auditing clause invoked.

Re:I just don't even open the door

[maxume]

Do you have some examples?

Re:I just don't even open the door

[GNUALMAFUERTE]

I agree with that. Actually, there are many screwed up views on the US about many subjects. Argentina is far from being a paradise. We are a mess in many areas, but we are much more free. I have many friends from the states (Being a coder, you just make friends in all parts of the word), and I hear many talk about the land of the free. Freedom in the US is a scarce value. We are a lot more free down here. You can use drugs without the cops bothering you, People are not suing each other all the time, and you can actually live without a credit card, a bank account, and financial records. You can live in cash, without being chased, and just say 'fuck the government, I want my own little Anarchy". If you leave everyone alone, and don't expect anything from the government, they have no way of bothering you. That's the way I choose. I stay out of their way, and they stay out of mine. Sure, if you are into the game, they will fuck you up. But if you decide to play alone, you stand a chance.

About your questions, the weather is very nice, the place is beautiful (sort of European-looking, but with virtually unlimited natural resources, less people, lots of cheap land, and the best food in the world). About internet access, I'm paying 33 Dollars for unlimited 3G access anywhere in the country [coverage is pretty good, i have signal everywhere, even outside the cities], and 42 Dollars for a 4MB Cablemodem, that works pretty well.

Cheers.

Re:I just don't even open the door

[GNUALMAFUERTE]

I use an abacus, pencil and paper.

Re:I just don't even open the door

[bmo]

>They don't just show up and kick down your door.

Yes, they do.

http://www.google.com/search?hl=en&safe=off&client=opera&rls=en&q=bsa+raid&btnG=Search

--
BMO

Re:I just don't even open the door

[Runaway1956]

"Three strikes and you're OUT!"

This is the mentality that legislators throughout Europe and the English speaking nations are working with. Specific examples? Just google for any story about computers being confiscated so that the law and/or corporate cronies can build a case against you.

Yes, I know, I'm not addressing the GP's post specifically - just pointing out that he can't be very far wrong based on recent reading.

Re:I just don't even open the door

[emcron]

So I stopped after the first page, but none of those had anything to do with the OP or the subject at hand. The BSA "raids" were for counterfeiting operations, not companies that were under-licensed or inappropriately licensed.

Raiding a seedy shop in Thailand that's pressing tens of thousands of bootlegged install discs for Windows and Office 2007 is not the same as sending a letter to a business asking that they account for their 20-seat installation license.

I work for a mid-size business and we were audited by Adobe last year. We basically had to send them a list of all the apps we had installed, reconciled as best we could with license keys. That was it.

Now, if someone's dumbass IT department is using the same single-license retail key to install hundreds of copies of Office on the company's computers, then yeah, you're going to get some serious legal action. But nobody kicks down doors.

Re:I just don't even open the door

[RoFLKOPTr]

They settled out of court for $2 million (USD) but immediately dropped Adobe from the suite in favor of free software.

Kudos to Adobe for screwing themselves so bad.

I'd hardly call getting a $2,000,000 check "screwing themselves". Especially since, if they hadn't -- as you say -- "screwed themselves" like that, they would have gotten nothing.

Re:I just don't even open the door

[bmo]

>So I stopped after the first page, but none of those had anything to do with the OP or the subject at hand.

First link.

http://www.foxnews.com/story/0,2933,312948,00.html

You lose, Pumpkin.

--
BMO

Re:I just don't even open the door

[maxume]

http://www.google.com/search?q=any+story+about+computers+being+confiscated

A couple of the first 10 results are in other countries, and then a couple more are about warrants being served, and most of the other 6 are 'extraordinary circumstances' (i.e., government owned computers being confiscated, or stuff happening at the border (which is still probably bullshit, but it isn't exactly the BSA stomping on the innocent)).

The next 20 aren't way out of line with that.

Re:I just don't even open the door

Nothing except for the ongoing revenue from the licensed copies.

Re:I just don't even open the door

[maxume]

They didn't physically raid that guy, they sent him a letter.

I feel like I should call you some sort of baked good, but I can't think of one. Sorry, Pot Roast.

Re:I just don't even open the door

[emcron]

Right, but the difference between you and me is apparently that I actually read the articles.

The fox news story you cite is about a guy who received a *letter* from the BSA informing him that he was not properly licensing his software. He later admits he had shoddy book and record keeping.

No one showed up at his door, no one demanded to be let inside, and no one got anywhere near his property or computers.

I'm not saying the BSA's tactics with respect to settlement payments are to be applauded, but sending a legal notice to a company that has not licensed software correctly (or properly accounted for it), is far, far outside the definition of a "raid."

Re:I just don't even open the door

[Gerzel]

Getting free software to do ones bidding is really just learning how to use it and doesn't take any more time than non-free software in most cases. The thing is that there are some differences and that in schools proprietary is what is taught.

Yes it is harder for some applications but for the vast majority of office work FOSS is just as good. If you really need that little boost and can't afford to pay the time then pay the money and say hello to the auditor with a smile on your face as you agreed to the horrific contract.

If you really don't like it contact your representative in government. If your government doesn't have a representative for you that is at least elected in a reasonably fair manner well then it may be time to replace your government.

Re:I just don't even open the door

[PitaBred]

And now they'll get nothing else, when the company could have been a good customer, along with bad publicity. I won't every buy anything from Adobe now.

Re:I just don't even open the door

[Devout_IPUite]

So they lost $20,000 present day value for $2,000,000 present day. Sounds like a good deal for Adobe.

Re:I just don't even open the door

[bmo]

>Right, but the difference between you and me is apparently that I actually read the articles.

And if you read *beyond the first paragraph* you'll find that the BSA is up to its old tricks of "turn in your employer"

For years the group implored unhappy employees to report their companies for software piracy. "Nail Your Boss!" the ads said. But beginning in 2005, the BSA sweetened the deal by offering $50,000 rewards to whistleblowers in the U.S. It raised the limit to $200,000 last year, and now it is $1 million.

Unlike most stuff at Fox, this goes on into quite some depth.

After an audit, the BSA generally demands at least twice the retail price of software deemed out of compliance. It also seeks the "unbundled" price of software that is sold together.

So if a company loaded too many copies of a $300 package of Microsoft Office, the BSA might tally the retail value of every element in the package Word, PowerPoint, Excel, etc. which totals more than $1,000, and then at least double that.

Rob Scott, an attorney with Scott & Scott LLP who specializes in defending against BSA claims, argues that by charging the unbundled rate, the alliance misrepresents U.S. copyright law, which counts product compilations as single works when it comes to assessing damages. (The BSA says Scott's reading misdefines "compilation.")

The BSA accurately points out that under copyright law, it could collect up to $150,000 per infringed work if it prevailed in a lawsuit, or $30,000 if the incident was unintentional. Neil MacBride, the group's head of legal affairs, calls the law's figures "draconian" and says that by seeking less, the BSA gives violators a break.

They are just _so_ generous, not going after $150,000 for that copy of Word "missing" its receipt. Not related to the thread? I think not.

Re:I just don't even open the door

[eltaco]

not in the long run.

Re:I just don't even open the door

[emcron]

Given that it doesn't appear you've actually read my replies, I think we'll leave your foolishness to the judgment of others.

All I was debating was the issue of physical raids, which you brought up. Nothing else. I was not in any way defending overall BSA tactics.

You argued the raid point and whiffed mightily, so changing the debate to a topic about which I made no reference to in my prior comments is a waste of time.

Re:I just don't even open the door

So they lost $20,000 present day value for $2,000,000 present day. Sounds like a good deal for Adobe.

Sure, until today's 200 employee shop turns into tomorrow's Google and the CEO decides that since he isn't going to buy Adobe but still needs the equivalent of their software, they're going to develop an equivalent, open source it and put Adobe out of business.

It's never a good idea to piss off your customers.

Re:I just don't even open the door

[obarthelemy]

for $2M, I'll screw myself too.

Re:I just don't even open the door

[obarthelemy]

gitmo ?

Re:I just don't even open the door

[pclminion]

The civil justice system has NEVER been an "innocent until proven guilty" system. Unlike criminal justice, civil justice is about "preponderance of evidence." Roughly, this means that whoever's case is more impressive, wins. You don't have to prove anything, you just have to be more convincing than the other guy. And if you don't try to defend yourself? You lose by default. This isn't new. It's always been this way.

Re:I just don't even open the door

[digitalunity]

Adobe isn't going out of business any time soon. Between Illustrator, LiveCycle, Premiere, Photoshop, etc. They're in no shortage of customers, although in some segments they may be running short on paying customers(photoshop et. al.)

Re:I just don't even open the door

[digitalunity]

You can't leave innocent. In the eyes of the military, they're all guilty of *something*, if they would just confess they can go to prison(oh lol they're already there) and then get shipped to some anonymous random country.

Re:I just don't even open the door

[dangitman]

You lose, Pumpkin.

WTF??

Re:I just don't even open the door

[genner]

Some how, in North America, your mentality would be viewed as admission of guilt, and they'd find you guilty of pirating software that quite probably hasn't even been written yet.

If it hasn't been written yet then clearly you don't own that copy legally.
Also we have a patient on the time machiene you used.

Re:I just don't even open the door

[negRo_slim]

Adobe products apparently "phone home".

Which is easily circumvented with a quick edit to the HOSTS file.

Re:I just don't even open the door

Argentina, eh? That means you forgot to add one more perk in your country: some HOT ASS WOMEN!

Re:I just don't even open the door

[frank_adrian314159]

In order for this to be a bad deal for Adobe, you need to assume that this company would grow, overnight, to consume 100x the licenses. In addition, since the probablility of corporate growth is less than one, it's an even better deal for Adobe. And the longer the company might take to grow to consume 100x the licenses, the better off Adobe would be for forcing their hand now, as opposed to waiting for them to grow to get more money. I see no error in what Adobe did, unless you think that a vast uprising of other Adobe customers would ensue. Yes, pissing off "your customers" is a bad thing. Pissing off "one customer", when you have millions, and when you can get money from that one customer with little or no blowback? Seems like a winning scenario to me.

Re:I just don't even open the door

[Trahloc]

Pissing off "one customer", when you have millions, and when you can get money from that one customer with little or no blowback? Seems like a winning scenario to me.

Except its stories like this that keep me from using any adobe products and then recommending alternatives for any clients/friends/family when I can. While I alone have only cost them a few tens of thousand dollars in lost revenue I know there are thousands of others doing the same. So while it might be a winning scenario in that one instance it wont be in the long run.

Re:I just don't even open the door

[epp_b]

Which is easily circumvented with a quick edit to the HOSTS file.

...of any software firewall worth its salt.

Re:I just don't even open the door

[epp_b]

s/of/or/

Curse Slashdot and its lack of edit function!

Re:I just don't even open the door

[neokushan]

So what is Adobe supposed to actually do? Let people pirate their software in the hope that they'll someday decide to pay for it? I honestly can't blame them for what they did. After all, a customer that doesn't pay for your software isn't a customer at all.

Furthermore, your account of the events is very brief and one-sided, it implies that Adobe just up and took them to court, when no doubt they contacted your employer first, asking them to buy the licenses or remove them and your employer decided to tell them to go to hell.

Re:I just don't even open the door

[th3rmite]

"Stories like this"? Wow, so you refuse to use Adobe because they expect people who use their products to buy them? That makes sense.

Re:I just don't even open the door

[Serious+Callers+Only]

Except its stories like this that keep me from using any adobe products and then recommending alternatives for any clients/friends/family when I can.

Exactly. This doesn't come as a surprise given that the quality of their flagship products has been declining steadily over the last 10 years. I've used Photoshop since the 90s. I remember a time when Adobe came out with innovative software which was a pleasure to use. Simple but powerful. Now most days I curse them for some bug, horrible Windows inspired UI, or bullshit Acrobat plugin their astonishingly low quality installers chose to give me without asking. Just the other day I had to manually install their 'Updater' program because it got into an endless loop of download/failed install, of itself! Their software really is low quality nowadays. Feels like quark in the 90's all over again.

Hearing that they are also suing their customers doesn't surprise me, and confirms the feeling that soon I'll be looking for other software to perform image editing tasks which is not user-hostile, overpriced and upgraded regularly just to screw over customers. There is already some of it out there which looks promising for my chosen platform.

What would have been fair to the company in question would be to negotiate payment for the rogue licenses - I'm sure they'd learn their lesson and lock down the computers after that. Asking for millions is just money-grabbing and confirms my declining opinion of that company.

Re:I just don't even open the door

[supernova_hq]

You'll have to be patient if you ever want to find it.

Re:I just don't even open the door

[Hurricane78]

The real question is: Why do you buy into some asshole’s obvious bullshit?

If I state that you now have to become my gagged gimp because you used more than two 9s in your user name, would you do it.
What if I would be from a government agency? Would that suddenly make you buy into my reality?
I could add, that you ending your comment in “...” is an admission of guilt.

The thing is: Assholes come up with all kinds of shit, if you let them. Reality is what the leading one defines as reality. And for that others have to follow him in the first place. Why do you follow?

Let me make another reality for you: They are wrong. They are guilty. They are terrorizing you. Therefore they are terrorists. Therefore they need to be punished. Hard. Right now. Go. Do it! NOW! ;)

Re:I just don't even open the door

We seem to have fallen into a guilty until proven innocent beyond any doubt (no matter how unreasonable) system up here... How's the weather down there? If you guys have cheap internet, I'm willing to emmigrate...

Ironically, this seems to have begun as part of Reagan's campaign to "Get Government off the backs of the people". A couple of idiots smoked pot while driving (and wrecking) a train and suddenly you can't get a job without a drug test - you're assumed a doper until proven otherwise. Apparently they didn't expect we'd Just Say No.

A campaign to keep out illegals (didn't seem to work, in restrospect) means that you now have to present identity papers to get most jobs as well. Nevermind that the actual offenders are a very small minority who in many cases are very visibly questionable - EVERYONE is Guilty until Proven Innocent now.

THEN came 9/11 and it all went into the blender. So Welcome to America, Land of the Free, Home of the Brave. Your fingerprints will be taken Here, you must present your Papers over There. Please to remove your shoes, your pants, hats, and all prosthetic devices such as hip implants that might set off our X-Ray devices. The innocent have nothing to fear, and we will be the ones who determine who's innocent. Please be co-operative. It's been a busy day and some of us are feeling cranky.

Re:I just don't even open the door

You really might want to look into the difference between Common Law and Maritime Admiralty law!

There is a huge difference if your name is written as either john doe, John Doe or JOHN DOE.
The last name is actually a company..

Look up the video: "Choosing Freedom"

Re:I just don't even open the door

[Golddess]

Doesn't the HOSTS file (at least on Windows) just map hostnames to IP addresses? So that if the product "phoned home" to a specific IP instead of a hostname, the HOSTS file wouldn't even be taken into account? Not to mention if the product contains some sort of "if I can't phone home, stop working" contingency.

Re:I just don't even open the door

[digitalsushi]

Lets say adobe products are 750 bucks. let's say a few is "2". so you've unrecommended 27 adobe products to family members at a 100% "they would have bought it otherwise" rate. are you that influential?

Re:I just don't even open the door

[QuantumRiff]

Dealing with Adobe is why my company switched to bluebeam. You should check into it if you need PDF docs edited.. Much cheaper than acrobat, and more features..

Re:I just don't even open the door

[Lumpy]

Premiere is not used by anyone but wannabe's or kids in their basement. It is NOT a professional video editing suite even by the wildest definition. They are a distant 5th in the Video editing world with little guy Canopus firmly eating their lunch.

Photoshop is their gravy. And the Macromedia purchase is their potatoes now. Adobe would have been dead if they did not buy a company that most of the internet is built with their products.

Re:I just don't even open the door

More likely he told a couple of friends and family not to use acrobat reader. Adobe have most likely lost zero revenue.

Re:I just don't even open the door

Of course they do! Where the hell have you been?

Re:I just don't even open the door

[DavidTC]

Yeah, ironically, it seems that a lot of 'You must prove who you are and have privacy invading test done' are instituted by the Republicans, who then complain about them.

They institute those tests because they don't want 'bad people' being able to do thing, or get benefits from the government. Yet they won't actually attempt to catch said 'bad people' criminally, usually because the actual 'crimes' they're yammering about, everyone does.

Because they're not actually worried about the 'crimes', they're worried about the 'wrong sort of people'. Often the punishment is fiscal, like denying people with drug convictions help going to college (So that if you're rich and convicted, you can still go), or idiotic things like stopping people here illegally from buying health insurance.

And, as you probably know, it's trivially easy to stop people from being here illegally. How? Well, they're hired by a dozen companies in each area. Find each company (And you don't really have to 'find' them, everyone knows who they are.) show up in their HR office, and tell them you will be interviewing each employee. See how many stop showing up. Stay there a month. Do the same for construction sites. It would take maybe 1000 people to do a big city, to show up repeatedly at each people with a big INS badge and stand by the door. They don't actually need to arrest anyone..just make sure they aren't working there.

We don't have to arrest anyone, we don't have to attempt to penalize companies in court (Although I'd be fine if we did.), we just have to pick off each business, one by one, and let the word get out the INS is watching that business and if you're not legal, and you show up there, you get deported. All the jobs would dry up.

Hey, look at that, without any work, 90% of them go home. We could even run a free, no questions asked, bus for them out of major cities back to the border. The rest are working for individuals or very small companies, and, heck, I can't solve every problem.

Instead, we waste an absurd about of resources, and privacy invading tactics, collecting information about every person and every job.

Of course, the reason we don't do that is that Democrats don't really mind people being here illegally (And I don't either, really.), whereas Republicans are given large amounts of 'campaign contributions' by big businesses to keep them here.

Re:I just don't even open the door

[Trahloc]

I'll bite. It's not that a company is enforcing their IP rights that annoy me. It's the fact that the customer had a multitude of legitimate licenses and then Adobe still goes for the throat. Strong arming your customers into compliance I'm fine with, shiving them in the back is another thing though. If a client makes money off a piece of commercial software then the creator should be paid. We pay almost 20k/mo in licensing so these aren't idle words. But if you fall out of compliance, which is almost impossible NOT to do with the BS EULA's out there the company shouldn't fleece you for all they can get. They should just let you know where you went wrong and help you reach compliance since its their own verbiage in alot of cases that screwed it up to begin with. But this isn't the first story like this I've heard about from Adobe so yes I have a small campaign against them helping direct people towards FOSS alternatives or lower cost 'good enough' applications.

Heck just this morning I directed family away from paying to activate their Office trial that came with their laptop and told them to use OpenOffice instead. Adobe is just one amongst a number of overgrown companies I try not to support.

Re:I just don't even open the door

[Trahloc]

Yup, I'm just a high school student with no friends and no family. I live in a basement as well... or I could be in my 30's and been doing this for decades and come across a number of other professionals over the years. But hey, you must know me better than I know myself.

Re:I just don't even open the door

[Burz]

Getting free software to do ones bidding is really just learning how to use it and doesn't take any more time than non-free software in most cases.

I have to disagree with that as far as desktop applications go. Although I normally hold up Firefox as a shining example of what other FOSS projects could achieve, the 'eco-system' doesn't really work for end users even with this nice browser.

For instance, I recently setup some Ubuntu systems for a shop doing heavy online sales through eBay. One day soon after, someone there decides to get a better camera but can no longer select the resulting JPEG files for uploading because the new camera does filenames in UPPERCASE. This isn't a problem with Firefox on Windows or MacOS, but on Ubuntu the upload file dialog insists on showing only files with all-lowercase extensions. This 'basic incompatibility with some cameras' ruined their Ubuntu experience and they migrated back to Windows. I could have tried a different browser, but I think Opera would have been confusing for them, and other browsers I have low confidence in dealing with the full gamut and combination of eBay / UPS / USPS / PayPal pages (which even Firefox on Windows has had some problems with until recently).

There was also the problem with being stuck with the application versions that Ubuntu gives you, regardless of what the current released versions of those apps are. And I am not going to hazard full distro upgrades every 6 months to get current apps (talk about being disruptive), nor am I going to manually upgrade those apps when they are unlikely to have undergone robust testing on the older version of Ubuntu currently being used.

Additionally, OpenOffice on the latest Ubuntu has been rather unstable and the amount of data my customers and associates have lost hasn't exactly helped my relationships with them. Not only are data lost to crashes but also to those odd crash-recovery dialogs that appear and "recover" (read: erase) your document when there was no crash in the first place. On top of that I've had to work around bizzarre document rendering bugs on some relatively simple documents (a table of numbers with one simple bar graph, for instance, getting the fill patterns wrong for some of the data sets) and then there are the semi-regular complaints that Calc is missing useful features found in Excel.

So even the best FOSS apps have rough edges that are too painful for even unsophisticated users. At the moment, the only ones I'm recommending to people are Firefox and Thunderbird. The rest are either too flawed, or are tolerable only by more sophisticated users who don't see a couple changes for added steps in workflow as a big deal.

Re:I just don't even open the door

[tftp]

And now they'll get nothing else, when the company could have been a good customer, along with bad publicity.

A comment on /. does not amount to "bad publicity." Besides, IT managers are not surprised when they read that Adobe shakes pirates down when said pirates use Adobe's top notch products. Every competent IT person who installed Adobe software in the last decade knows that it contains online activation.

About getting "nothing else" - it's not that easy. Say, CS4 was pirated (or CS3, which costs the same.) Each copy is about $800. The settlement was for $2M. That's 2,500 copies!!! What size the company must be that it needs 2,500 CS4 seats? Even IBM probably doesn't have that many. And if you use cheaper products, like Acrobat, then you are easily in the range of 10,000 seats.

Those would be huge deployments, done over years, and requiring technical support. But in this case all that money was collected almost overnight, and no technical support is needed. In a few years the managers who got burned will move on, and new managers will not have any qualms about buying Adobe products again.

Besides, if the business needs to edit, encrypt and sign PDFs, what are your options? You can buy the real stuff that is guaranteed to work (Adobe Acrobat, $150-250) or you can buy a second tier product (Nitro PDF, $99) and take your chances. You pay someone's else money, but if things break your personal behind will be in danger. What manager (who is not an owner) will choose the second option here?

Re:I just don't even open the door

[tftp]

So that if the product "phoned home" to a specific IP instead of a hostname, the HOSTS file wouldn't even be taken into account?

True. There are other issues too. Some companies use activation servers that are spread around the namespace and are hard to block. There are other ways to go through your firewall too, and the software developers have far more time to invent those ways than the n00b pirate has to block them. As an old wisdom says, the software company needs only one method out of 100 to work, but the pirate needs to make sure that all 100 are blocked, all the time.

Not to mention if the product contains some sort of "if I can't phone home, stop working" contingency.

That is rare. There are many legitimate cases when software needs to be loaded on offline computers - either because there is no Internet, or because it is not connected for some reason. An Internet link on your yacht, or in your backpack, or in your car would be pretty expensive. Typically if the software can't phone home it will ask for an alternative way to get activated, often by asking *you* to phone its home and get the activation code.

Re:I just don't even open the door

[th3rmite]

Like we should all be outraged that companies want us to be in compliance with the voluntary licenses? I use FOSS as much as possible, but I guess my reasons are just different from a lot of people's. So many people say if you don't want to comply with the GPL, then just don't use GPL code, it's the same way with proprietary software. If you don't like the license, don't use the software. If you break the license, then you need to deal with the consequences. So sure, I can deal with being modded a troll, but if you read the OP above, he was outraged that Adobe enforced their license and even said they screwed themselves. If you did work for your boss and he didn't pay you, would you just "let [the boss] know where [he/she] went wrong and help [them] reach compliance"? Or would you use "Strong arming your [boss] into compliance"?

Re:I just don't even open the door

[GNUALMAFUERTE]

Best in the world, my friend ;)

Re:I just don't even open the door

[genner]

You'll have to be patient if you ever want to find it.

That wasn't a spelling error. The fictional character I was writing dialog for has a lisp.

Re:I just don't even open the door

[Moe1975]

Caballero,

Se te olvido comentar acerca de las increiblemente hermosas mujeres de tu tierra. Yo practicamente me babeo viendolas . . .

sigh

The more I read about your country, the more it looks like heaven to me . . . I am stuck living in Colombia, which is the worst hellhole on the face of the planet.

If it weren't for some legal problems that preclude me from obtaining residency in Argentina, my God, I would be there right now! I only wish.

Congrats man, your country absolutely rocks, I wish I had been born in a decent country like that.

If you know a good immigration attorney (or someone else that can help) and want to do a good deed, drop me a line . . .

Re:I just don't even open the door

[GNUALMAFUERTE]

Agreed about the ladies ;)

Let me tell you something, Argentina is far away from being heaven (Specially since Heaven doesn't existe :D ). We have a lot of problems, the same corrupt governments we've always had, and a lot of things to fix as a country. But, regardless of all that, Argentina is a beautiful land, with great potential. We just have to start doing certain things better :).

Regarding immigrating here, the constitution says "Para nosotros, nuestra posteridad, y para todos los hombres del mundo que quieran habitar el suelo Argentino"

And, from our immigration law:

DE LOS DERECHOS Y LIBERTADES DE LOS EXTRANJEROS

ARTICULO 4 - El derecho a la migración es esencial e inalienable de la persona y la República Argentina lo garantiza sobre la base de los principios de igualdad y universalidad.

You can read the whole text here:
http://www.gema.com.ar/ley25871.html

As you can see, this is no the United States. Racism is not an issue here, and everyone is welcome.

Argentina provides free health care and education of all degrees to any human being in our country, regardless of citizenship.

The only reason while you might be denied citizenship, is if you have ... "unfinished business" with the law in your country of origin.

So, if that's not the case, then welcome to Argentina ;).

Re:I just don't even open the door

[Trahloc]

I grew up with a mom who was "everything or nothing" sort just like you. The world isn't that simple.

Re:I just don't even open the door

[Gerzel]

I use Ubuntu and have noticed no such problem with filenames. Yes Linux Filenames are case-sensitive but both upper and lower case are allowed.

Again my original post did say there was more work-time involved in FOSS.

You are not forced to do full distro upgrades every six months, see the stable long-term Ubuntu distro(I forget what it is called off the top of my head).

Re:I just don't even open the door

[Moe1975]

Thanks bro!

No unfinished biz with the law, but some past biz in another country long long ago, no violence or anything that bad but . . . last year I had an immigration attorney in BA email me basically telling me that I would be granted residency when the devil ice skates to work :(

Ah, I think I will get a second opinion

Thanks again, cheers

Moe

Re:I just don't even open the door

[GNUALMAFUERTE]

Ok Bro! Let me guess, you got caught across borders with some spicy cargo. The gov gets all worked up with that shit, and it shouldn't even be a crime.

Anyway, Good luck with it. Remember you always have a choice: You can just come here, and try it out. Nobody is going to bother you. If you can legally get out of your country, you can legally get in here. Getting citizenship will be another deal, but nobody will stop you from getting into the country, or going out. Once in here, pay your taxes, and request citizenship. Once you are inside, it's easier.
Also, given the current political instability in Colombia, you might just ask for asylum. That overrides the usual procedure.

IANAL, YMMV.

Good luck, my friend.

Re:I just don't even open the door

[supernova_hq]

Did you respond to the wrong comment?

Re:I just don't even open the door

[genner]

Did you respond to the wrong comment?

Nope.

Re:I just don't even open the door

[Burz]

The filename problem exists when uploading photos to eBay using Firefox 3.5 on Ubuntu 9.10.

The Ubuntu LTS releases leave you with rather old versions of applications, as I implied above. OTOH Windows and Mac users get to upgrade their apps immediately without much fuss, even if your OS was released in 2003 like XP.

Re:I just don't even open the door

[Moe1975]

Thank you bro . . . if I make it I'll look you up and buy you a bottle of vino or two :)

Cheers,

Moe

Re:I just don't even open the door

[GNUALMAFUERTE]

Abrazo amigo, y mucha suerte.

Re:I just don't even open the door

[supernova_hq]

Ah, my bad, got it on the second reading.

Re:I just don't even open the door

[genner]

Ah, my bad, got it on the second reading.

Don't lie to me. You'll never understand the greatness of my work.

Traffic cops?

[Mashiki]

Would have been better to use blood sucking lawyers.

Easy solution.

[jcr]

Don't run Windows. "Software auditors" are just about unknown to users of any other platform.

-jcr

They are not looking for endearment

[Suki+I]

They may be within their rights, but they aren't endearing themselves to users; They are not looking for endearment, they are looking for a paycheck.

Re:They are not looking for endearment

[pete6677]

Exactly. Microsoft long ago passed the point of having to care about what people think of them.

Re:They are not looking for endearment

[jcr]

> Microsoft long ago passed the point of having to care about what people think of them.

IBM used to believe that. So did Dell.

-jcr

Re:They are not looking for endearment

[Suki+I]

And DIGITAL and Control Data and . . .

Re:They are not looking for endearment

[mysidia]

Corel, Circuit City, Enron

Re:They are not looking for endearment

[biryokumaru]

... The US Government...

Re:They are not looking for endearment

[Gerzel]

And as an advocate for FOSS and other alternatives to MS I salute them for going after that buck at the expense of their users and cheer them on to drive harder.

Re:They are not looking for endearment

[the_other_one]

The Conservative Party of Canada

Re:They are not looking for endearment

[mysidia]

The UN...

Re:They are not looking for endearment

mactard.

Re:They are not looking for endearment

[x2A]

and me :'(

What rights?

[SuperBanana]

They may be within their rights,

What right would that be, exactly? If they're not law enforcement, and they don't have a court order, they have zero "rights." Yes, even if they show up wearing fancy raid jackets to try and look like law enforcement.

I've posted this several times before. If the BSA or any of these other vultures come knocking, they have ABSOLUTELY NO RIGHT TO DO ANYTHING, SEE ANYTHING, TALK TO ANYONE, etc WITHOUT A COURT ORDER. If they have one, that means you're already in the process of being sued, and the first person you should call is your lawyer, and you should ONLY do EXACTLY what the court order requires you to.

Here's the Superbanana Super Guide To BSA Bullshit Shutdown.

• Your receptionist and anyone else that is near the front door should keep them as far out of the building as possible, at a minimum the reception area. Block their path. If they even so much as poke your check with a finger, call the police immediately. Maybe even call the police, preemptively ("Hi, 911? Some people in raid jackets showed up at our business, they're not police, but they seem to be pretending like they are. There's a lot of them, we think they might be trying to rob us or something.") At a company where I worked, we had a silent alarm button at the reception desk.
• Send someone to find the most senior person in the company, preferably an officer (CEO, CFO, President, etc.) They do all the talking. That talking should consist almost entirely of "Who are you" (where your attorney will send a very nasty letter to). "Do you have a court order?" (No.) "Get off our property, you're trespassing."
• If the "auditors" refuse to leave, get physical, or try to connect to the network or start poking around, call the police immediately.

If they don't have a court order, don't let them see anything, touch anything, install anything, connect anything. Don't answer any questions. The only information you should give them is your attorney's phone number.

Re:What rights?

Then they just come back an hour with a motion of discovery, the constable, and 3 deputies.

Re:What rights?

[Anonymous+Cowpat]

good, now everything is on some paperwork, you can get the evidence thrown out later by getting the order thrown out.

Re:What rights?

[pclminion]

A motion of discovery ON WHO'S BEHALF? Dude, I WISH it worked like that. I'm curious what the fuck my neighbor keeps doing in his garage at 3:00 in the morning. I'll just go down to the courthouse and get a court order to search his home, right?

Re:What rights?

[LostCluster]

Here's where the nonsense starts...

You consent to the audits if you have any volume licensing at all. You also gave up your right to sue and have consented to going to arbitration. In that, BSA claiming they have a report you licensed X and you are using Y copies (from the upset employee you fired a month ago) and unless you present a defense, you lose. So, you've got to let the auditors do their count of computers... You can slow them down and get into compliance in the meantime, but you can't keep them

Re:What rights?

[amiga3D]

Maybe, but then they're limited by what the court has stated they can do. If you voluntarily allow them access then the sky is the limit.

Re:What rights?

[pclminion]

Giving up your right to sue doesn't mean you can't sue. I've seen it done. Party A and Party B enter an arbitration agreement. Party A believes Party B has failed to fulfil some contractual obligation. Party B disagrees, finds fault with Party A, and sues Party A. In court, party A enters the original contract into evidence. Party B disputes it. A hearing is scheduled. A question of validity of the contract is raised. Party A then sues Party B for breach of contract. The whole thing is tied up in the courts for 17 months. The issue is resolved when everybody gets so fucking tired of it that they just walk away.

You say I gave up my right to sue? How are you going to prove it? I guess you'll have to... TAKE ME TO COURT.

Re:What rights?

[LostCluster]

They show the clickwrap contract, and then you've got to prove the Microsoft EULA is invalid. Good luck with that.

Re:What rights?

[mindbrane]

If they even so much as poke your check with a finger

I presume you intended to type cheek?

IANAL, but the law, as I was instructed in it, in British Columbia, Canada suggests that if you think someone is trespassing you should inform them they're trespassing. You can then place a hand on them to escort them off the property, if the resist, even to the point of simply slipping away from the hand you've place on them they can then be seen as having assaulted you.

Corporations and most lawyers use intimidation as a matter of course, as do government agencies. I'm of the considered opinion anyone who doesn't tell them to fuck off is a sucker and deserves to get used and abused by these assholes.

In case some of you haven't noticed the only game being played in any town, anywhere is that you press your case onward with the pedal to the metal and then let the courts sort it out. No corporation gives a flying fuck about your rights.

Re:What rights?

[tchuladdiass]

They have no evidence that you clicked on it though. Just because the software is installed means only that "someone" clicked the agreement. Or maybe not -- all software has bugs in it, maybe the installer didn't show an agreement (due to a faulty video card driver, for instance).

Re:What rights?

[pclminion]

I didn't say I'd WIN, I said that just because I have an arbitration agreement doesn't mean I have to abide by it. It's fundamentally impossible to give up your right to sue somebody. It just makes it a hell of a lot less likely that you'll win.

Re:What rights?

[Anonymous+Cowpat]

It strikes me that there can't be a lot of judges who will be very impressed with someone saying that a contractural disagreement is outside the jurisdiction of the courts generally, and must be handed over to some clearly biased* private organisation.

*You don't continue to be Large Corp Inc's preferred arbitrator by bringing in decisions against them

Re:What rights?

[speedlaw]

Thank you. I am forever amazed at those who expect a company to "play fair" or "do the right thing". May as well expect a hungry shark not to eat that cute puppy who fell off the dock. Having litigated against some big companies, the OP has the right attitude.

Re:What rights?

Whose, not who's.

Re:What rights?

[LostCluster]

Yep. You have a right to sue when you have no chance of winning. It just isn't a very profitable right to exercise.

Re:What rights?

[pclminion]

My point seems to have become lost. Suppose MS wants to audit you and you refuse. They try to take you to arbitration. You refuse. So they try to sue you. In court, you present the arbitration agreement. Now MS looks stupid, because they agreed to arbitration just as much as you agreed to it, and yet THEY are the ones initiating legal action. You look stupid too, because you refused initial arbitration. At this point the court is probably going to kick BOTH your asses. And at any rate, the issue in question is NOT software licensing, but whether you abided by the arbitration agreement. The financial impact of being found guilty of violating the arbitration agreement is quite possibly less than the financial impact of Microsoft discovering that you have 1000 pirated copies of Windows. The whole thing is just retarded. Why anybody would ever enter into such a contract is beyond me.

Re:What rights?

[LostCluster]

My point seems to have become lost. Suppose MS wants to audit you and you refuse. They try to take you to arbitration. You refuse. So they try to sue you. In court, you present the arbitration agreement...

and then you look stupid. You just submitted proof that you agreed to participate in arbitration, and Microsoft shows them a arbitrator who is saying you won't comply. Summary Judgment for the plattiff, and that's not you. You then forfeit the arbitration. You lose.

Re:What rights?

[pclminion]

I lose, but how much would I have lost if I'd allowed the audit and they found millions of dollars of infringement? That's my point.

Re:What rights?

[LostCluster]

Depends... was the allegation greater or less than your actual violations total?

Re:What rights?

It's a civil case, not criminal. How they get the evidence is irrelevant.

Re:What rights?

Not very profitable for whom? SCO's lawyers seem to have made quite a bit...

Re:What rights?

[OverlordQ]

How cheaper is it to volume license instead of buying individual copies? I mean how many computers does a Guitar Manufacturer need? If you dont Volume License can't you tell the BSA to stuff it?

Re:What rights?

[Phoobarnvaz]

Am not a big fan of the software auditors...but having been fired from a company in the past who had been caught the previous year with $250,000 US of unlicensed software in a medical billing company...was told in a meeting about this about two weeks before they let me go. Working in the IT department at the company & being escorted out of the building during a merger that had just started...I contacted BSA as soon as I got home. Told them the exact machines/software the employees were using from hacked copies.

Three weeks later at the job I got two days after being let go from this company (made more money & worked for better quality people)...heard my boss & several co-workers had been fired from the company & fined for their use of pirated software. The merger went through...only without these people who thought they would be there after it did.

The moral of this story...if you're going to screw people over & think you'll get away with it...the tables can turn. As my grandmother used to tell me...you may not get your just reward in this life...but eternity is a long time & it will happen there.

Would I do it again...in a heartbeat!!! Revenge is never a great motive...but it is sure sweet when it happens from those who deserve it. For some reason these type of people can't keep from digging their own holes.

Re:What rights?

[calmofthestorm]

Yes,but the counter-charges are criminal and civil: assault with a deadly weapon, breaking and entering, hacking laws, etc.

Consider that these are private citizens. They have as much right to break down my door with guns and break into my machines without permission as I do to arm myself like Neo, walk into Microsoft, and attempt the same thing.

Re:What rights?

[calmofthestorm]

BSA also attempts to audit shops that do not volume licnese software, eg, you bought 1000 computers and 0 Windows licenses therefore you're stealing.Of course there the yhave no legal leg to stand on aside from asking nicely.

Re:What rights?

Now what if someone did that to you, and you were properly licensed? It would waste your time. Revenge is never a great motive (as you said), and while it might be sweet when you do it to someone else, it isn't sweet when you're on the receiving end.

Re:What rights?

[selven]

If I ever got fired and was disgruntled, I would contact the BSA regardless of what software they were using. An audit is extremely annoying even if you are fully licensed.

Re:What rights?

[Hognoxious]

They have no evidence that you clicked on it though. Just because the software is installed means only that "someone" clicked the agreement.

Who? Someone who just walked in from the street? Pixies? Extra terrestrials? That wouldn't even count as reasonable doubt in a criminal case so it's not going to fly at all with the lower standard of a civil case.

So good luck convincing a court that it wasn't installed by an employee. Even if you claim that the employee didn't have the authority to do it, can you put up a convincing reason why your system wasn't properly locked down to prevent it?

Thought not. This as about as credible as that story about circumventing the EULA by getting a cat to walk across the keyboard.

Re:What rights?

[Hognoxious]

They try to take you to arbitration. You refuse . So they try to sue you. In court, you present the arbitration agreement. Now MS looks stupid, because they agreed to arbitration just as much as you agreed to it, and yet THEY are the ones initiating legal action.

Why do they look stupid? They fulfilled their part concerning arbitration. You didn't.

Re:What rights?

[Hurricane78]

Uuum, even with a court order, they are still no cops, and are therefore illegally holding that order. So I have to assume they illegally stole it from a cop. Which is exactly what I will tell the cops on the phone: Some criminals illegally dressing up like cops, having an either fake or stolen court order, attacking citizens and businesses, just like terrorists.
I will tell it in a way that will have to cops come with shotguns and shoot half of those “auditors” before even starting to ask any questions.

Re:What rights?

[kramerd]

Actually, since you lose the arbitration issue, you get fined (heavily), and then a court order requires you to go through with the audit anyway. You refuse enough, and you get more fines than you owe for the infringement, plus jail time (I assume you are the one responsible since you are the one refusing to allow the audit that you contractually agreed to). The short answer is that allowing the audit and paying your millions of dollars of infringement is much cheaper than refusing to do so.

On the other hand, if you are committing millions of dollars of infringement, then more likely than not, your business is already out of business because your business partners, supply chain, and customers have all left you for dead since you dont uphold your end of contracts. Microsoft suing you is probably the least of your worries.

Re:What rights?

[Hurricane78]

Bullshit! A contract can never surpass law and basic rights. Even if it states in big red letters and you signed it in blood, swearing to the $holyBook!

There is nothing else to say, that that every single of those statements is false and it’s the other way around.

Or else you could just hang a letter on the front door, stating that everyone who enters the building, agrees to be slowly and painfully killed. And then do just that to them when they enter.
See... still illegal.

How about you stop valuing your own sense of reality below that of others, just to be loved or for the pat on the back...
You are right because you say so. Period. Because you know better. That is the right way of thinking. Or do you think you are delusional with your own values? I don’t think so.

Re:What rights?

[Hurricane78]

NO. You just have to state that it is invalid! It’s THEIR job to prove it is valid.

You still live in a country where you’re innocent until proven guilty! Even if you yourself seem to be the biggest enemy of that by supporting their view that this isn’t the case. :/

Re:What rights?

[Zero__Kelvin]

"They show the clickwrap contract, and then you've got to prove the Microsoft EULA is invalid. Good luck with that."

WRONG. They have to show that the person who clicked accept was an authorized representative of the company (employee) and not an unauthorized user or cracker, and it is Windows, so good luck with that!

Re:What rights?

[Phoobarnvaz]

True...very true!!!

Re:What rights?

[DavidTC]

Indeed.

There is no such thing as a 'court order to let these private individuals poke around in your stuff to look for reasons you might owe them money'.

Court orders are issued for one purpose: Collecting evidence.

There are court orders that say 'Party A must turn over Evidence X to Party B', which don't need the police involved, usually stuff like tax records and stuff that the court is going to assume Party A isn't going to forge. You can turn that over directly. (Or, in reality, your lawyer will turn that over to the other lawyer using the somewhat ritualized communication that lawyers do with each other.)

But there aren't any court orders that say 'Party B can walk into Party A's property, find Evidence Y, and take it, or even record it'. No, if the court doesn't trust Party A, the police will be on hand to require Party A to comply.

Because otherwise Party A might destroy evidence right then and there (And, no Party B is not authorized to physically stop them.), or, just as bad, Party B might create evidence and claim to have 'collected' it.

If some random person walks into your place of business,or your house, or anywhere, waving a piece of paper they insist is some sort of legal document that gives them the right to do something, you should kick them the fuck out. Only police can present such documents. (Or, technically, you can receive them directly from the court also, although that will be once some sort of legal proceeding is going on, and it will be through your lawyer.)

Hell, the police are on hand for evictions, just to be sure the tenant actually leaves the property and doesn't decided to burn the place down on the way out. Of course they're going to be on hand for searches.

Re:What rights?

[Golddess]

good luck convincing a court that it wasn't installed by an employee

You do know that it is possible to buy computers with software pre-installed, right? I've never done it myself so maybe my point is invalid, but just saying...

Re:What rights?

Here's where the nonsense starts...

You consent to the audits if you have any volume licensing at all.

Well, the obvious solution here is to not do anything half-arsed. Either pirate nothing, or pirate absolutely everything. Don't register half a dozen copies, and install them on 30 computers - then you're on the radar.

I know people who have had the letters from the software "cops" arrive in their letterbox simply because they had at one stage purchased and registered some software. They existed in a database then of software users, and as a software user they were considered likely to have pirated other software. Said letter was ignored and threats weren't followed through with, but the moral of the story is "all or nothing". Either that, or go free with your software if that works for you...

Re:What rights?

[tftp]

hey have to show that the person who clicked accept was an authorized representative of the company (employee) and not an unauthorized user or cracker, and it is Windows, so good luck with that!

They don't need to show anything because it is natural and expected that an employee of the company installed some software on company's computers. For example, you seldom need to prove to anyone that you are human.

If you claim that somebody set you up the bomb then *you* need to prove that extraordinary claim. You need to make your evidence available (firewall and Snort logs, virus detection logs, meeting notes where you discussed the breach, etc.) You can't just wave your hand and have it all dismissed, especially if the company used the software on that computer for months or even years.

Re:What rights?

[Zero__Kelvin]

You obviously don't know how contractual agreements work. Perhaps you have heard of a signature? The purpose if the signature is to verify that:

A) The person who the claimant says made the agreement is in fact the person who entered into the agreement

B) The person who made the agreement was in fact in a postition to make such agreement

If the person who signed it wasn't the defendant or legal representation thereof, no lawsuit. If the person couldn't legally enter into the contract, despite being the signatory, (for example they are under the legal age) no agreement. Contract law is contract law. It doesn't change because you add a computer to the scenario.

Re:What rights?

[tftp]

The purpose if the signature is to verify that:

A) The person who the claimant says made the agreement is in fact the person who entered into the agreement

The signature does nothing like that. You need a notary stamp, signature, a record in his book and your thumbprint there to certify your signature.

B) The person who made the agreement was in fact in a postition to make such agreement

The signature does nothing like that. It's up to courts to determine if you had authority to sign a certain document. If I sign a deployment order for the US Army it doesn't make me the President.

If the person who signed it wasn't the defendant or legal representation thereof, no lawsuit.

Unfortunately, if a company owns a computer then it is legally responsible for it, 100%. That applies to any company property, and even to your personal property somewhat.

It doesn't change because you add a computer to the scenario.

True. But consider this. Your company buys 10 tons of grain from a local farmer, and you send him the purchase order signed (with an illegible scratch) by "H. Bark". Your dog is called Happy Bark. The purchase order calls for Net 30, and you don't pay. The farmer sues you, and you point at your dog and say that you didn't sign anything. Can you get away with that?

No, you can't. First of all, you accepted the delivery and made use of the product. That confirms your acceptance of the transaction. Otherwise you'd need to refuse the shipment, or at least contact the seller and attempt to return the product.

Once you accepted and used the product, the farmer's side of the deal is fulfilled and he is right in expecting the money. You, on the other hand, received the product, used it, and you expect to not pay for it? The claim that "your dog did it" will be only seen as further attempt to evade the payment, and you will dig yourself deeper into the hole.

To summarize, a business is responsible for everything that happens to its computers. If a software was installed illegally, you have several vulnerabilities:

a) an employee of the company, acting as an agent of the company, broke the law. The company is responsible for its agents.

b) the computer somehow got illegally installed software. The company proceeded to use that software, for profit and without pay. This demonstrates that the company was aware of the illegal act and supported it by not stopping the violation as soon as it learned about it.

c) even if neither (a) or (b) are sufficiently proven, the business is still at fault for having unlicensed software on your premises and under your control. The fine for that is about twice the retail cost, just what BSA usually charges, and the only evidence required to award that fine is the fact that an illegal software was installed. As I read here, that's what BSA usually aims for, since it's the easiest violation to prove and the smallest fine to pay.

Re:What rights?

[russotto]

If they don't have a court order, don't let them see anything, touch anything, install anything, connect anything. Don't answer any questions. The only information you should give them is your attorney's phone number.

BSA gets a court order. They may have lied and misrepresented the law and the facts to do so, but lying in court is only illegal if you don't have the ring of Authority about you.

Re:What rights?

[Zero__Kelvin]

"The signature does nothing like that. "

Obviously the signature does nothing at all, as it is merely a signature. I think you know what I meant and chose to ignore it anyway, but I digress. I was keeping it simple. It is much more complicated than you say, but ultimately it doesn't matter, since what the law says and what the judge does are typically entirely two different things anyway.

Re:What rights?

Installed by an employee or installed by the supplier on the instructions of an employee. Big difference - not.

Re:What rights?

[Golddess]

So if, for example, I were to order a Dell, and as one of the options I select for them to pre-install Office 2007, it's my fault if the copy they install is improperly licensed?

Real traffic cops too

[istartedi]

I don't have solid data to back it up; but I think they're giving out more tickets in California now.

The other day I actually saw somebody get nailed for "failure to yield to a pedestrian". This is indeed a big problem--to the point where I have to wait for several cars to pass through a crosswalk sometimes. Still, it doesn't seem like they cared that much about it a couple years ago.

Coincidence?

Re:Real traffic cops too

[ceoyoyo]

Maybe someone got hit. Where I used to live there were a couple of pedestrians hit in crosswalks, including one who was carrying a baby. They put the fine at $500 and the cops started enforcing it. It wasn't really a big problem before, but there was no problem at all afterward.

Re:Real traffic cops too

[biryokumaru]

For all intensive purposes

I've always thought that that was "For all intents and purposes."

Re:Real traffic cops too

[frank_adrian314159]

I've always thought that that was "For all intents and purposes."

Not on Slashdot, where men are geeks and English-speakers are nervous...

Re:Real traffic cops too

[rantingkitten]

The other day I actually saw somebody get nailed for "failure to yield to a pedestrian".

It amazes me that people think a little paint on the road grants them magical protection from the laws of physics. If you walk out into traffic, you are basically doing one of the dumbest things a human can do, and the law isn't going to protect your 150 pounds of flesh from two tons of 40mph steel.

Pedestrian right-of-way is an idiotic law that should be revoked immediately, as it makes people believe they can blindly stumble out into traffic and be okay. In reality, if you're walking, do what your mother told you to do and LOOK BOTH WAYS BEFORE CROSSING THE STREET. If there are cars coming, DON'T WALK -- it doesn't matter that you have "the right of way". Stay put until the cars are gone.

This really isn't hard, and yet idiots continue to wander into moving traffic on a daily basis.

Re:Real traffic cops too

[Rockoon]

I wise man once asked me "Why would you want to test their brakes like that?"

Re:Real traffic cops too

[Thing+1]

I always thought it was "for all intensive porpoises", about concentrating dolphins. I guess your way makes more sense.

Greedy traffic cops?

[DNS-and-BIND]

WTF is that supposed to mean? I think of some guy with beady eyes and salivating mouth clutching a Krispy Kreme and a coffee. Traffic cops are greedy? Pricks would be the word I'd use. I think they do their job out of officiousness rather than any sort of expectation of personal gain. Is greedy traffic cop one of those internet things I missed?

Re:Greedy traffic cops?

[XanC]

If "traffic cop" implied "greedy", then there wouldn't be any need for the adjective.

Re:Greedy traffic cops?

[LostCluster]

In the town next to the one I sit... there's a old police officer who has a "quota" of traffic fines he needs to collect in the budget. Miss his income number, and he's unemployed. The budget number is public record as and in as a separate line item in the official budget. He's authorized to put up a "Speed Limit 30" sign at any intersection because that's the state law at all intersections marked or not.

Now, on the way out of this town, there's a highway interchange. That's an intersection, but the state highway people don't want you going as slow as 30 miles per hour there... you won't be up to 55 on the short ramp to the highway if you do. So they've rigged this intersections with enough signs that the traffic officer is locked out... if he puts his sign up, it's not properly displayed because it's either blocked from view or too far from the intersection. He still writes tickets there, and if you take him to traffic court you can get it kicked. He's hoping you confess or just send in the check. There's even a state website where you can pay your fine with a credit card.

If enough people do get his tickets kicked, he'll be done.

Re:Greedy traffic cops?

[DNS-and-BIND]

That's not greed, though. Greed is desire far beyond that which is needed. Filling a quote is, by definition, decidedly un-greedy.

Re:Greedy traffic cops?

[Igmuth]

Well, that would only be true if "greedy" also implied "traffic cop". I mean, calling something a "cat" implies that it is a "mammal". The opposite is not true. (Even if one of my coworkers disagrees)

Re:Greedy traffic cops?

[Ariven]

Also some cops use tickets as easy overtime pay. They know that if they go to court it is typically out of their normal work shift and they will get paid OT for it. So in many cases where people think there is a quota, I think some of that is what is really happening.

In Phoenix (at least a few years ago) cops who hadnt been on the force for a while were not allowed to moonlight doing the security work in uniform, so this was their only real way to get extra cash for that period.

Re:Greedy traffic cops?

Is greedy traffic cop one of those internet things I missed?

In case you hadn't noticed, most people dislike cops. This is doubly so on the internet.

Re:Greedy traffic cops?

[Uberbah]

Methinks not, Captain Opposite Man. If the officer has to fill a quota each month, he's going to have to write tickets "beyond that which is needed". So this is, by definition, greed.

Re:Greedy traffic cops?

[Surt]

Handing out lots of traffic tickets is typically how they get their monthly or annual bonuses and promotions. So yes, greed is a major motivator there.

Re:Greedy traffic cops?

[Golddess]

But not of the officer who is writing the tickets, which I took to be the point.

Unless the officer gets a percentage of each ticket he gives out, in which case, yes, there is an incentive to write tickets "beyond that which is needed [to keep his job]".

Ernie Ball

[bmo]

I'm sure that Sterling Ball over at Ernie Ball (guitar string manufacturer) is sitting with a big grin on his face every time he reads something like this.

For those who forgot:

http://news.cnet.com/2008-1082_3-5065859.htm

In 2000, the Business Software Alliance conducted a raid and subsequent audit at the San Luis Obispo, Calif.-based company that turned up a few dozen unlicensed copies of programs. Ball settled for $65,000, plus $35,000 in legal fees. But by then, the BSA, a trade group that helps enforce copyrights and licensing provisions for major business software makers, had put the company on the evening news and featured it in regional ads warning other businesses to monitor their software licenses. Humiliated by the experience, Ball told his IT department he wanted Microsoft products out of his business within six months. "I said, 'I don't care if we have to buy 10,000 abacuses,'" recalled Ball, who recently addressed the LinuxWorld trade show. "We won't do business with someone who treats us poorly."

Re:Ernie Ball

[amiga3D]

Been there have you? I can see owning a few windoze boxen if you needed an app that was windoze specific. I think the point made by Ernie Ball was that for most of what was being done there was no need for proprietary software. Why pay the huge outlay of cash for a box that is only used to do word processing?

Re:Ernie Ball

[Shikaku]

[Citation needed]

Re:Ernie Ball

You request a cite for that comment but blindly accept a quote from 10 years ago?

Re:Ernie Ball

[Shikaku]

You request a contradiction for my post when the Citation needed could have easily applied to parent and grandparent?

Re:Ernie Ball

[dangitman]

I'm sure that Sterling Ball over at Ernie Ball (guitar string manufacturer) is sitting with a big grin on his face every time he reads something like this.

Why would he be happy about this? The quote says he doesn't like companies treating their customers poorly. This article is about companies increasingly treating their customers poorly. Why would he be grinning about that?

Re:Ernie Ball

[Stormwatch]

Because, the more Tarkin tightens his grips, the more star systems slip through his fingers. I mean, I'd suppose that Sterling Ball, as a free software advocate and victim of BSA's antics, will appreciate that news of abusive audits are forcing people to finally take a serious look at free software.

Re:Ernie Ball

[dangitman]

I mean, I'd suppose that Sterling Ball, as a free software advocate and victim of BSA's antics, will appreciate that news of abusive audits are forcing people to finally take a serious look at free software.

You're assuming he revels in schadenfreude, and enjoys seeing other people suffer. Why would you assume that? It's like assuming a rape victim enjoys hearing of other people getting raped.

Perhaps I'm not cynical enough, but I would have assumed that as a "victim of the BSA's antics" he would not enjoy seeing others victimized.

Re:Ernie Ball

[Stormwatch]

Of course not, but he could enjoy seeing the BSA get the bad press it deserves.

Re:Ernie Ball

[jimicus]

That was an interesting story - 8 or 9 years ago.

Today it's the one which gets trotted out every time - and leaves me thinking that there simply isn't another high profile migration story on the planet. Hardly a ringing endorsement.

Re:Ernie Ball

Someone should do a follow-up interview with Sterling Ball to see how they're getting on seven years later.

Re:Ernie Ball

[Golddess]

You're assuming he revels in schadenfreude, and enjoys seeing other people suffer. Why would you assume that? It's like assuming a rape victim enjoys hearing of other people getting raped.

I think you have a bit mixed up. It's more like a rape victim hearing that their assailant got raped while in prison.

Or to put it into a car analogy, someone who abhors Chevrolets hearing that Chevrolet is going bankrupt.

Re:Ernie Ball

[dangitman]

I think you have a bit mixed up. It's more like a rape victim hearing that their assailant got raped while in prison.

Except that it's nothing like that. Where in this story is the BSA getting "raped while in prison"? The story is about the BSA raping more victims.

Even if your version were correct, why would a rape victim want to see rape being perpetuated, even if it was against their own assailant?

Re:Ernie Ball

[Jesus_666]

Either that or he gets called by acquaintances wanting to know how they can switch over to FOSS quickly, taking delight in being able to help them. But yeah, the grin is unlikely even in this case. Maybe something in his office is leaking nitrous oxide.

Re:Ernie Ball

[Stormwatch]

More like seeing the bad guy EXPOSED in the media.

Just doing their job?

[Frosty+Piss]

and some are simply exploiting loopholes and technicalities to meet their targets

Arn't "loopholes and technicalities" some of the things auditors are supposed to look for?

Of course the guy is an asshole...

[cortesoft]

Julian Heathcote Hobbins, General Counsel for the Federation Against Software Theft (FAST), spoke in defence of the software industry protecting its property rights

Could the guy have a more pretentious name? Really? Julian Heathcote Hobbins? Could that guy have any other job beside going around and telling people they are using the product they bought incorrectly?

Re:Of course the guy is an asshole...

[ceoyoyo]

Come on, he can't help his name. Now, using all of them, THAT's pretentious.

Re:Of course the guy is an asshole...

[Mr.+Freeman]

He didn't write the article and put all his names in, the journalist did that.

Re:Of course the guy is an asshole...

[ceoyoyo]

Yes, and journalists have this thing for doing lots of background research to dig up people's middle names just so they can put them in articles.

Re:Of course the guy is an asshole...

Naw, that's defensive. If he'd used either pair people would presume he'd pretentiously chosen the worst; what are the odds the missing third could be as awful? He might as well throw the whole childhood scar at people and be done with it. Turn smirks to flat astonishment.

Re:Of course the guy is an asshole...

[ceoyoyo]

That's amazing. Well done.

Re:Of course the guy is an asshole...

[Hurricane78]

We’ll just send “Oberst Sturmhart Eisenkeil“ (Colonel Stormhard Ironwedge) against him. Now THAT’S a name!

I lost the source, but here is the quote again, that I saved:

During my service in the German army I came across an Oberst Sturmhard Eisenkeil — which literally means as much as “Colonel Stormhard Ironwedge”. What’s so special about him is his first name... it’s not just your average “Max”, but it’s as if his parents were trying to make up a name that sounds as militaristic as possible. I know that if should I ever write a WWII story the main protagonists will be called Oberst Sturmhard Eisenkeil and Staff Sergeant Max Fightmaster... I also know an Oberfeldwebel Killermannn in person, who would make a good henchman for the evil Oberst.

Re:Of course the guy is an asshole...

[QuantumRiff]

Only Presidents and Serial Killers use all 3 names... Wonder which one he is...

Re:Of course the guy is an asshole...

[jejones]

To paraphrase C.S. Lewis, "There was a boy named Julian Heathcote Hobbins, and he almost deserved it."

Takes a steady hand to treat customers well

[Lemming+Mark]

IMO this is one place where strong management can make a big difference by taking an explicit position on "Times are tough, we need to collect what revenue we can" vs "We need to preserve a relationship with our customers *and* help them stay in business *and* get ready to capitalise on that good relationship when the economy picks up and we want to sell more stuff". Targets should not be allowed to distract from the bigger picture, which is *serving your customers*. Sure you might have contract terms that give you "the right" to hit your customers with surprise charges in order to help keep your own business afloat but you're not really serving them, you're using them. By the same token, when I go to my local shop they have "the right" to be rude to me - I'm paying for goods, not manners. But then I'd switch purchasing to the other local shop. Everything has a cost.

But what do I know, I'm not a manager! Times are tough, people have to get by somehow.

Why would you even let them in the door?

[igotmybfg]

I work for a small (~50 person) software development firm. I have no experience on the business side of the house, so I'm open to the possibility that I'm missing something really basic here. With that said, why would a company let a software audit happen? It seems like the only possible outcomes are bad. It's not like the company can realize any revenue from an audit (and could quite possibly end up paying money to buy licenses), and even if the auditors don't find anything bad, there's still the overhead of dealing with them in the first place, i.e. dealing with auditors diverts resources away from revenue-generating activities. So the best outcome one could hope for, from a software audit, is slightly bad. Software auditors aren't government organizations, are they? Do they have warrants or magical lawyer powers that enable them to legally do this? Why not just ignore their calls and refuse them entry?

Re:Why would you even let them in the door?

Do they have warrants or magical lawyer powers that enable them to legally do this? Why not just ignore their calls and refuse them entry?

Because you consented to audits when you purchased your volume license.

Re:Why would you even let them in the door?

[amiga3D]

I'm thinking it's because you agreed to their right to audit you when you purchased the licenses. Nobody except for lawyers ever read those EULA's it seems.

Re:Why would you even let them in the door?

[timmarhy]

MS might want you to take a software audit when you buy ne licenses. so in that respect if you need to upgrade they can make it part of the deal.

personally i can't see how the manager of any company worth his salt couldn't stone wall this. first you would play dumb - really dumb -. then once they had spelt out a few times what they wanted you'd put up a few objections that don't make any sense. follow this up with a few feature questions to taking them off down another track and they will probably be ready to drop the matter on their own for all the time you are chewing up. if you've got an rep that is really switched on and sticking to his guns, then you would go to phase 2 where you demand they explain why this benefits you the customer, ask how it makes you money. kick and scream threaten to go over to a different platform, get quotes showing it'd be worth it and send it to them. after this it'd be a miracle if they persisted. obviously if they just showed up you'd kick them out the door.

Re:Why would you even let them in the door?

[Mr.+Freeman]

It's been mentioned before, but the audits are something you agree to when you purchase volume licensing. It allows the company to occasionally come in and check to make sure that you're paying for everything you're using.

Now, I don't believe that there's anything that says you have to allow the company onto your premises or any access to your network. I'm pretty sure it's just a report regarding how many computers are using how many licenses.

Re:Why would you even let them in the door?

[PPH]

Here's one scenario:

1. Pissed off (ex?)employee goes to BSA or directly to the vendor and reports, "Illegal copies are being made."
2. Vendor approaches company and says, "We have probable cause to file a complaint with law enforcement. They will come with a warrant and tear through everything. You may then be subject to criminal charges. You can avoid this by allowing us to audit and agree to a private settlemment."
3. Comapny agrees to private audit.
4. ????
5. Profit!

Re:Why would you even let them in the door?

[Gerzel]

You are forced to have the auditors by agreeing to the licenses to use certain software products.

Re:Why would you even let them in the door?

"we don't have any of your software; and if we don't have your software, we don't have a license; and if we don't have a license, you can't dangle it over us. Prove otherwise"

Re:Why would you even let them in the door?

[timmarhy]

that doesn't work because they will respond with "ok we will prove it, our auditors will be there monday" and when you refuse you just look guilty. it's better to just look stupid and waste 100's of hours of their time till they give up.

Re:Why would you even let them in the door?

[Inthewire]

Investigators (insurance, police, etc) aren't stupid. They spend a lot of time being lied to, and they know a lot more about it than most.

Re:Why would you even let them in the door?

[timmarhy]

you won't be talking to that type of person though, it'll be a sales rep saying you can't purchase that volume license without an audit. it is highly unlikely MS would pull it randomly.

if you let them in the door then you will be talking with auditors, who generally are NOT on the same level of insurance investigators. i've dealt with then a few times (not software auditors though) they are only ever concerned with covering their own arses so they feel safe signing off on the audits completion.

Re:Why would you even let them in the door?

Is it stated anywhere that you won't/can't charge them for your time during an audit?

When you get the letter warning of compliance, and you know you're 100%, send a reply saying you are compliant and if they wish to check you'll charge X (eg $100 per minute per person in the audit team, subject to a minimum of 1 hour per each person. starting from time of greeting to them leaving the premises, obviously written in the proper leagalese). Even better is to include this information with the registration (with a fee stated to be increasing, eg in line with inflation+y%) so that a couple of years down the line when they turn up and raid you, you charge them appropriately (audit team obviously includes all police, etc). If they've failed to file your notice of intent to charge for audits, that their problem. (Just like it's yours if you can't provide the actual receipt for the software.)

Re:Why would you even let them in the door?

[dbIII]

The laws of the State trump the licence conditions. They can pretend to have these powers but they don't have anything unless a Judge or similar grants it.

Re:Why would you even let them in the door?

How can the software companies know that the user who clicks on the EULA has any authority to commit their company to any legal process? If some mailroom guy downloads a Tetris clone that has a EULA that states that the BSA now can hold parties in the board room, that doesn't make it so.

ELUA?

[PinkyGigglebrain]

IIRCC some EULAs give the "authorized representatives" the authority to check your computers.

Good argument for GPL'd software.

Re:ELUA?

[Spykk]

Whoops, you forgot the L in If I Remember Contract Law Correctly.

Re:ELUA?

[spasm]

So. They still need a court order to actually authorize that 'authority' (unless you're silly enough to let them just waltz in the door), and they only get that court order if your lawyers don't earn their retainer by convincing the judge that (for example) allowing such a clause means violating medical record privacy laws (or whatever your industry ' jurisdictional equivalent is) and hence that particular clause of the contract is invalid. If auditors appear, do as other posters have suggested - ask for their court order then throw them out, and call your lawyers. If you're a tiny nonprofit or similar without lawyers a) why the hell weren't you using FOSS in the first place since you have no money, and b) call your local bar association or equivalent and find out who does pro bono for non-profits locally.

Re:ELUA?

[moosesocks]

A better argument for BSD'd software. You answer to no one.

Re:ELUA?

[AK+Marc]

IIRCC some EULAs give the "authorized representatives" the authority to check your computers.

I've never seen one that dictates the terms of the check, so you can easily put them off for at least a few days, as long as you are firm and never let them in.

Re:ELUA?

[TheRaven64]

Much as I dislike the GPL, they're equivalent in this respect. Both let you use the software in any way. It's only when you are distributing the software or derived works of the software that they differ.

Re:ELUA?

[SharpFang]

This is under assumption I agreed to said EULA. If I did, I have nothing to be afraid of. If I didn't, sorry, you're trespassing, please leave. First they have to prove I agreed to the EULA, and in order to do so they need to conduct the audit. Catch 22 for my advantage.

Re:ELUA?

[tftp]

irst they have to prove I agreed to the EULA, and in order to do so they need to conduct the audit.

It's a Catch 22 only if you consistently pirate everything or pay for everything. If you mix, then they can use the legally bought product's EULA to audit all your computers.

Re:ELUA?

[SharpFang]

I can still deny having installed any software I have legally purchased ;)

One nice thing about EULA is that it comes live the moment you install (click "I Agree"), not the moment you buy it.
The case gets worse if the software phones home, but it's still deniable with simple DHCP and allowing people to connect their private laptops.

Castle Doctrine?

My company has guns in the premises (we do some cool stuff for the government).
I just wonder does Castle Doctrine works for companies (California)?

Re:Castle Doctrine?

[swb]

You just answered your own question, "California". That means you must keep your guns disassembled and non-firing.

I'm pretty sure it also only applies to a place that would qualify as a dwelling, such as a house, an apartment, and most temporary housing (hotels, motor homes, etc). You can use deadly force in a business, but its a lot more complicated than a home is (this varies by state, too).

I'm sure they wouldn't bother, but what happens when the BSA wants to audit an entity that sits behind locked doors with real armed guards? They'd be forced to get a court order and probably an escort with US Marshalls or the county sheriff if the company didn't want to go along with it.

Or has some kind of high security clearance?

Re:Castle Doctrine?

[Golddess]

That means you must keep your guns disassembled and non-firing.

What about the police? FBI? Army? GP said they "do some cool stuff for the government" but didn't specify what. So it's possible that they don't need to keep their guns in the condition that you specified.

Re:Castle Doctrine?

[tftp]

"California". That means you must keep your guns disassembled and non-firing.

You are obviously not a gun owner in California. There is no such requirement. In fact, it is legal to carry loaded firearms on your property or in place of business, or in a hunting area. Clerks at my local gun store do that, and it is expected and normal. You can carry an unloaded gun openly anywhere in the state, even if you have ammo with you. You can also fire your guns at your property, as long as it is outside of a city (and there are a couple of other restrictions - being enclosed by the city, being near a school, having no safe place to shoot, etc.)

In related news ...

[PPH]

... Linux/OSS gains market share.

Nor are you a monopolist

[Rix]

Who can screw their customers and expect them to come back for more.

Re:Nor are you a monopolist

[Lemming+Mark]

Heh, that's certainly true too! I've been thinking a lot recently about whether predatory / monopolistic behaviour is *ever* a good idea. It seems to me it's only ever a good plan in the relatively short term. In the end, trying to squash the market under your weight rather than swim in it is always going to result in disloyal customers, faster moving competitors and loss of market position.

I'm not sure there's a way of avoiding the eventual progression of successful company -> bureaucratic monster -> innovation-averse nuisance. But I do think that it's a slide worth fighting, it just needs management to have a *really* good sense of the big picture and can make a case for doing the right thing, as opposed to chasing immediate profits or serving short term investors in the company.

The only logical conclusion...

[Rix]

Is that it's a term of the volume/"professional" licenses large organizations have to enter into.

What about this?

[pclminion]

Suppose I'm a healthcare company. Software auditors show up at my door, waving contracts in my face. I let them in. They insist that they must inspect ALL machines running, say, MS Office. Some of these machines contain sensitive health information for ten thousand patients. I have now committed 10,000 willful HIPAA violations, and could go to jail, in theory, for up to 10,000 years (maximum jail time for willful but non-malicious breach is 1 year per instance).

Or what about SarbOx? Any possibilities for violation there?

I think a strong case could be made that if you are a HIPAA covered entity who uses software which is subjects to such agreements, and you abide by the agreements, then you are committing a felony. Thus, using Microsoft software is a felony. QED

Re:What about this?

[DarkofPeace]

hey even without HIPAA, claim trade secrets, then make the auditor sign the mother of all NDAs. Then if he tells anything sue him.

Re:What about this?

[cfalcon]

I'm pretty sure you would explain the situation to the auditor, and they would find a way to check that you are in compliance without actually having access to the data you are legally obligated to protect. There are TONS of places that can't just go pushing their data around willy-nilly- some have customer data that personally identifies them. Others are running a classified network. Whatever your cause is, I'm sure they can find some way to verify that you are using their stuff with licenses without, you know, making you go to to JAIL.

Note that these folks will actually come TO you, physically. It isn't like some stupid crap where they think that "user=thief" and they require you to go on the internet and phone home every day.

I'm not defending the BSA and their enforcement regime, just pointing out that they don't behave like subrational drones as companies often do with the general public.

Re:What about this?

[kramerd]

I dont think you understand SOX, nevermind HIPAA. SOX requires increased corporate accounting controls and increases the penalties for white collar crimes related to them, including corporate fraud accountability. Software auditors would have nothing to do with it. The amount of a software violation would never approach fraud, because in order for a violation to be material, the company would be have to be small enough that they would never get audited (the BSA is not going to waste time auditing a 2 man operation that is missing 3 seats and only makes 20k a year, nevermind that this company wouldnt be public and therefore SOX wouldnt apply).

Re:What about this?

[DavidTC]

Almost all health care companies have patient information on one computer, a server for the big places and a single workstation for doctor offices and whatnot. Having the information at one place means it's a lot easier to control.

These means that all other computers can be inspected by, at most, disconnecting them from the network.

The article was actually nice.

[tjstork]

The submission made you think that Microsoft was being evil, but the article, if you actually read it, really did do the incredible thing of making Ballmer seem like a reasonable, almost likable guy. To wit, we have the same argument about the tax code in the USA. We should just have a flat tax, many people cry out, which makes sense, because, you kind of want everyone working the same number of days per year to satisfy the government. That's fair. But, the devil gets in the details. Rentals don't mind getting rid of the exemption on mortgage interest but want a greater personal deduction. Owners want bigger interest deductions. Married people want their break to be the same as unmarried people and then want additional breaks for kids. Businesses want tax breaks on anything they can get. We actually came fairly close to having a nearly flat tax in the 1980s, but then, even Republicans were arguing to get rid of it. There is never going to be a flat tax, or flat licensing, or anything else. It's just going to get even more complicated. Ironically, even the GPL, which governs something that you don't have to pay for it all, gets longer every year, trying to nail down every possible angle.

So, to summarize, Ballmer actually hit the hammer on the head in the article, people ask for simplification, but really, they want things to be complicated.

Re:The article was actually nice.

[MightyMartian]

B.S. Nobody wants Microsoft licensing to be that complex, except the SAM contractors and other licensing Nazis that Microsoft and a good chunk of the proprietary software world has let loose upon us all.

I had a SAM review last February and March, that started with a letter from a Microsoft "partner" (read: contracted henchman) that, once you got passed the bullshit about them being hear to help me, was clearly a software audit.

I was given 30 days (with an extension if I needed it) to put everything together. That part wasn't too bad. We had largely inherited the licenses from the firm that we had taken over, and it was a bit of a mess. Of our three copies of Server 2003, one was an inherited Small Business Server 2003 OEM edition that I had applied the Transition Pack to to turn into proper Server 2003, one was an OEM copy of Server 2003 R2 bought by us and one was a Server 2003 that we had inherited, purchased through Software Assurance. As well, there were about 15 Office Pro licenses, as well as 13 or 14 Office OEM copies sold with the Dells that we had inherited. On top of that, I had a backup server running Windows 2000 server, plus CALs both purchased by us and by the people we had bought everything from.

I first smelled trouble when they asked me to verify that 22 of our workstations (all running OEM copies of XP) were not running Office (they were running OpenOffice). I found the question more than a little accusatory. Then came the seeming inability for them to count CALs. At one point they had us in the red 15 CALs, despite the fact that I had invoices, both of my purchases and of the previous organization's, showing the CALs. This literally went back and forth for two weeks, until finally I had had enough, and sent off a very angry email to the contractor accusing him and his "team" of severe arithmetic disabilities, and explicitly using the phrase "you are harassing me".

Then, as if unwilling to declare defeat, they came back with a final number of -5 Server 2003 CALs, because, and get this, though I had enough CALs to cover everything, I hadn't bought this 5 CAL pack via Software Assurance, and wasn't permitted to use it as a User CAL on the Server 2003 machine installed via the single copy of Server 2003 bought via Software Assurance. I sent back a very angry letter, CCed to my manager, asking them if they seriously thought that I was going to pay $150 bucks again for CALs I already owned, because I bought them from a reseller as opposed to Software Assurance. I think at that point they got the hint that they weren't going to be getting any money out of us, and sent back a letter saying that as long as I agreed to change them into Device CALs, I'd be in the clear with them.

Now, I guess from one perspective one could say that we got off in the end, we were totally legit. But this probably consumed about $500 to $700 of my wages (my employer's money) on pointless back-and-forths as they tried to probe to find any way to make money off of us.

At this point, we are looking to abandoning Microsoft, and indeed proprietary software wherever we can. It won't be easy, and it won't always be pleasant (though it can't be any worse than the three weeks of hell that happened when we bought new Dell workstations with Vista). We're stuck with Exchange-Outlook for the medium term, but should have enough licenses to cover a small expansion that may be happening in a year. But all the new file servers are running Samba, we're set to expand OpenOffice installs, and while Office 2003 will be around for a while, there will be no upgrades to later versions, save as we replace workstations. The long-term plan is to roll more and more server operations on to open source solutions, with a set goal that when we hit 95% of our Exchange CALs, we will take the plunge and go with an open source groupware solution. I don't anticipate that we will ever be Microsoft free, but we can certainly reduce our footprint, and our exposure to the nonsensical and self-serving whims of Micro

Re:The article was actually nice.

[DavidTC]

The problem people have isn't licensing. People are fine with the many ways to license things.

What people have a problem with is proving it, and the inability of sane licensing methods to do that.

There are plenty of companies who have 50 computers running XP and have, over the years, purchased over 70 licenses for XP...and somehow still aren't in compliance, because their 20 user site license got used on a total of 23 computers, ten of which no longer exist, and they can't find the licenses for the dozen computers they bought, with XP on them, at Fry's, and someone used the wrong serial numbers on a few other computers, etc, etc.

But they really, honest to God, actually purchased 70+ licenses over the years, and even allowing nonsense like OEM versions magically expiring when the computer crashes, do actually have enough to cover all machines.

Hell, even companies that purchased all their software with their machines, and thus either have a license for it, or at worse were ripped off by the manufacturer, somehow end up not in compliance because they can't locate those licenses. (And read the other reply here for a horror story about the 'wrong' kind of licenses.)

The problem is the 'You didn't keep perfect records and you accidentally installed this copy instead of this other copy and thus you owe us eight bajillion dollars' nonsense.

Boy, that's TV Law...

[tjstork]

Thus, using Microsoft software is a felony. QED

No, I think what would happen is that they can just look at the OS, without looking at the data running in the OS. Thus, they can get a license count. But, if you won't give them one, then, you could get sued, and be forced to give one, or rather, have some third party or even the local sherriff do the count with the understanding that the HIPAA data is implicitly protected because the exposure is to officers and appointees of the court.

Which leads to a really interesting point...

You can have data be secret to Congress. You can have it be secret to the President. But you can never have data be secret to a court. Who really has all the power?

Re:Boy, that's TV Law...

[pclminion]

No, I think what would happen is that they can just look at the OS, without looking at the data running in the OS. Thus, they can get a license count. But, if you won't give them one, then, you could get sued, and be forced to give one, or rather, have some third party or even the local sherriff do the count with the understanding that the HIPAA data is implicitly protected because the exposure is to officers and appointees of the court.

I don't think you understand exactly how draconian the HIPAA statute really is. A HIPAA covered entity may not disclose or allow the possibility of disclosure of protected health information to ANYBODY without the patient's consent. That includes sheriffs, court officers, and the President of the United States. It also includes other HIPAA covered entities! That's right folks, your doctor cannot tell another doctor about you, unless it fits a VERY specific set of circumstances. I've heard horror stories of nurses losing their jobs because they told other nurses vital information about a patient's care, and I'm not talking about gossip in the hallway, I'm talking about perfectly legitimate transfers of information for the patient's benefit. The statute is so broadly worded that you can be fined because you saved a patients life.

You would essentially have to get written consent from all 10,000 patients before anybody who is not themselves a HIPAA covered entity could so much as GLANCE at those machines.

Now you might say, let's just declare ourselves to be HIPAA covered entities, and promise to abide by the law. Except it doesn't work that way. A person cannot choose to become a HIPAA covered entity. You must meet a very specific set of criteria, one of which is that you conduct electronic transactions (either billing or file transmission) regarding health care information. A software auditor simply does not meet the criteria.

HIPAA is widely regarded as one of the most overreaching, destructive laws ever passed, with insane and unintended consequences. By the way, anybody is allowed to file a HIPAA complaint against any covered entity, even if they are not associated with either the patient or the health care provider. In theory, if I knew that some health care company somewhere allowed a BSA audit, I could file complaint against them myself, and OCR would be compelled to investigate it.

You really should read up on HIPAA. It's like a god damned nuclear weapon and it has the entire healthcare industry constantly quaking in their boots.

Re:Boy, that's TV Law...

[ColdWetDog]

No, I don't think you understand HIPAA very well. It DOES allow for a number of disclosures without patient consent:

To law enforcement

To treating physicians and other clinicians, for public health activities, for health oversight purposes, to protect against personal and material harm

Even for marketing

And a raft of others.

This is not the bogeyman you are looking for.

Re:Boy, that's TV Law...

[jimicus]

BSA are not law enforcement. They just behave like it sometimes.

Re:Boy, that's TV Law...

As a HIPAA covered contractor at a healthcare company, you have no idea what you re talking about.

If you de-identify the data, you can do whatever yo want with it.

http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/index.html

Also, in the server centric world you rarely have any HIPAA covered data on your actual computer. They don't need a server login to tell all the desktops are windows.

Re:Boy, that's TV Law...

To governmental and other health care bodies. The BSA or any software auditor ain't the government, nor are they any other health care body...

Re:Boy, that's TV Law...

No, you don't understand HIPAA law.

The first two links you point to are for GOVERNMENTAL entities that allow the sharing of data. And those are for a JUSTIFIABLE BUSINESS NEED. Any of those disclosures are still protected. That is the data that is disclosed still cannot be released to another entity unless it meets the same need requirements for sharing.

The BSA or any of their related entities are not even close to a GOVERNMENTAL agency that would have the authority or even a justifiable business need to access a computer with PHI on it. If I had a court order to allow the search, I'd still only do it under duress and with proper auditing of the audit software to ensure it does what it says it does and not capture data. And even then, I'd only allow a hardcopy report to leave. Or I'll do a manual audit and I'd be doing the clicks and typing and the BSA person can watch and we'd have our corporate attorney present watching both of us.

And even when data is shared, it's only the minimum allowable to be shared. So if there was a share for marketing, the selection of the data would run in one database, the extract would only be names and addresses for the mailings and those would be stored in a unlinked seperate file for the mailing program to produce the output. That's a far cry from allowing the BSA complete access to the computer with the HIPAA data on it.

Re:Boy, that's TV Law...

[DavidTC]

I've heard horror stories of nurses losing their jobs because they told other nurses vital information about a patient's care, and I'm not talking about gossip in the hallway, I'm talking about perfectly legitimate transfers of information for the patient's benefit.

I once heard a horror story about a couple in a car who were parked and making out, and they heard a noise, and the boy goes out to investigate...well, to make a long story short, it was his feet thumping against the roof.

All these seems somewhat offtopic, though.

It's worth pointing out, that, in the real world, 'losing your job' is not a way for HIPAA can punish people.

Re:Boy, that's TV Law...

Just because you haven't been busted yet doesn't mean you're doing it right. I just haven't filed a complaint against you yet (you WILL be investigated, and they love to create intricate scenarios which create violations from minor things). I have wielded this hammer multiple times with great effect. One person ended up with probation, that one was awesome. I love watching medical personnel hop-to-it when somebody says "HIPAA". And you can fucking bet I take advantage of that all the time.

which is how things are supposed to work.

[SuperBanana]

Then they just come back an hour with a motion of discovery, the constable, and 3 deputies.

And the problem is what, exactly? That's exactly what they SHOULD have to do.

The reason the BSA shows up unannounced is because they're fishing, and hoping to get enough to THEN either threaten you or take you to court. There is no possible good to come, and nothing that will work in your favor, by granting them access.

They've already decided that it's not worth the cost of filing a suit, and in order to get anywhere, they need to have evidence, which they may not have in sufficient quantity. A pissed off sysadmin with a bone to pick is about as credible as a fox in a chicken coop.

The company that says "go fish, assholes" MIGHT see them again with a court order in hand, but it's not likely. The company that says "uuuuuh....okay, come on in" finds themselves in a few weeks threatened with a huge lawsuit, or a "settlement" calculated to be just below what the company could possibly afford...

Re:which is how things are supposed to work.

[JoeMerchant]

The company that says "go fish, assholes" MIGHT see them again with a court order in hand, but it's not likely. The company that says "uuuuuh....okay, come on in" finds themselves in a few weeks threatened with a huge lawsuit, or a "settlement" calculated to be just below what the company could possibly afford...

Unless you actually have nothing to hide... I know, unlikely in a large organization, but if you really do run a clean ship, they've got nothing unless they lie, and if you catch them in a lie, treble damages for all expenses incurred should be an easy win.

Re:which is how things are supposed to work.

[bdo19]

What happens if you run a clean ship but they find something you've (sincerely) accidentally overlooked?

Re:which is how things are supposed to work.

[amiga3D]

The fact is that in a large organization mistakes WILL be made. It happens, things are overlooked and with no actual intention to infringe you can still be in violation. You will still be penalized. I'd like to know how many times the BSA invade a company and don't find any violations. I'd bet it almost never happens.

Re:which is how things are supposed to work.

[ObitMan]

Even if you have nothing to hide, Why on earth would you allow another organization unfettered access to your computer systems?
no thank you.
If you force them to get a court order then they are bound by the letter of that order as to what they can do.

Re:which is how things are supposed to work.

At a minimum it requires some assistance from your staff. While they are assisting with access, answering questions, etc, they are not producing for your company. The "nothing to hide" argument is irrelevant. There is no benefit for voluntary cooperation.

Re:which is how things are supposed to work.

You cant run a clean ship. and they WILL find a violation.

Have you even studied microsoft licensing? It's a field of landmines.

And yes I have seen 3 such BSA audits... One was certain he had everything. they nailed them on a technicality... the license stickers. you must have PRINTED receipts to back them up or they dont count. Pc's bought from staples do not specify the software license on the receipt. you are hosed.

Re:which is how things are supposed to work.

[JoeMerchant]

What they want is for you to run your own internal self-audits, so just the very fear of them makes you do their job for them... Personally, I have found free software to be adequate to run most business functions (except for interfacing with businesses that don't use free software...) and if these clowns keep up the strong-arm tactics, they will push more and more organizations to discover that free software is better for them, too.

Re:which is how things are supposed to work.

[JoeMerchant]

Oh, definitely preferred to let them proceed with the prescriptive court order, and do your own audit while they are out getting it. And, having done your own audit, you are better able to make a case against them if they attempt to "plant" anything while auditing your systems.

Audits are part of the cost of doing business, very common in lots of areas besides software licenses, but they are costly and if you have an audit-free alternative it certainly becomes that much more attractive.

Re:which is how things are supposed to work.

[toddestan]

Still, why would you let them in? There's nothing in it for you. Best case scenario is they poke around for a while, waste some of your time, leave, and that's it. Anything else involves fines, lawsuits, and more wasted time.

Re:which is how things are supposed to work.

[JoeMerchant]

I think the point is that when you sign on the dotted line to get a bulk license, lowering your average cost from $1000 per workstation to maybe $400 per workstation for the full suite of OS/Office, scattered Adobe apps, etc., you also sign consent for these audits.

Hell, if you read your clickwrap for a standard piece of software there might also be audit clauses in there from some vendors. So, when you tell them to go away, they may very well come back with court authorization to search - if they're good negotiators, they'll make you believe that the search will be much more painful if they have to get the court ordered authorization - there might even be clauses in the shrink wrap obliging you to pay for their costs in obtaining the court order, which could be a profit center in itself for them ($250/hr legal fees add up fast.)

So, I guess the thing I really like about GPL is that, even though it's long winded and complex, it's a standard that once you understand, you don't have to think about it again, until the next version comes out. Once upon a time AT&T told me they had the right to raise my long distance rates without prior notification (in point of fact, they tripled them between billing cycles.) I told their billing department to find the agreement I signed that said they could do that. 3 years later they mailed me an amended term of service giving them just that right - to post current rates on their website, subject to change at any time, all I had to do was pay my current bill to accept the agreement. I haven't used AT&T home phone services in over 15 years now, and I dropped them when they bought out my wireless carrier. Sad part of software vendors for the customer is that there usually isn't a simple choice based on terms of service.

Re:which is how things are supposed to work.

[russotto]

Unless you actually have nothing to hide... I know, unlikely in a large organization, but if you really do run a clean ship, they've got nothing unless they lie, and if you catch them in a lie, treble damages for all expenses incurred should be an easy win.

Nope. Even if you're 100% legal, BSA just makes stuff up. Remember, they don't consider possession of the original media (even at a 1:1 ratio of media to installations) as sufficient to indicate that a copy is legal. Nor do the little hologram stickers for Windows mean anything. No; they want the original purchase receipt, with the same company name and address and everything. (if your company bought another company... sorry bud, BSA won't consider the copies acquired from the company you bought to be legal, receipt or no)

Of course, black letter copyright law does not back them up at all on this. But they've got that $150,000 nuclear option if you lose in court, so, you feel lucky, punk?

Re:which is how things are supposed to work.

[JoeMerchant]

Unless you actually have nothing to hide... I know, unlikely in a large organization, but if you really do run a clean ship, they've got nothing unless they lie, and if you catch them in a lie, treble damages for all expenses incurred should be an easy win.

Nope. Even if you're 100% legal, BSA just makes stuff up. Remember, they don't consider possession of the original media (even at a 1:1 ratio of media to installations) as sufficient to indicate that a copy is legal. Nor do the little hologram stickers for Windows mean anything. No; they want the original purchase receipt, with the same company name and address and everything. (if your company bought another company... sorry bud, BSA won't consider the copies acquired from the company you bought to be legal, receipt or no)

Of course, black letter copyright law does not back them up at all on this. But they've got that $150,000 nuclear option if you lose in court, so, you feel lucky, punk?

As crappy as all this is, it truly is just the cost of doing business with this particular group of "security agents." Larger organizations will just pay an annual "protection fee" (subscription agreement, whatever) to them which acts as a "don't hassle me, I just paid up" notice.

At the end of the day, if you're running a business with 20-30 employees, carrying over $1M/year in payroll, forking out $20K/year in licensing fees to stay clean may just be cheaper than wrestling with the pigs (remember, you will both get muddy, but the pig will enjoy it.)

In the long run, we're all dead

[Rix]

They only need a good plan so long as it effects them. Long term planning from corporations can only ever be an aberration.

Can't find...

... any provisions about auditors in the GPL.

Just sayin'...

Roasting chestnuts

[symbolset]

Here's a nice old story about a Microsoft software user that got audited, sued, fined and dragged through the press. Apparently they sell guitars. Of course a loss for somebody is naturally a win for somebody else.

Re:Roasting chestnuts

I think you'll find it's the strings for guitars they sell - I have the odd one or 2 lying around here

Re:Roasting chestnuts

Ernie ball sells primarily guitar and bass strings. His better known product is the slinkies line of strings.

Re:Roasting chestnuts

[MadChicken]

They make guitars too, though under a slightly different name: http://www.music-man.com/instruments/

Re:Roasting chestnuts

[gander666]

Some damn fine instruments there. About on par with my Tom Anderson. I would love to own and play a Musicman

Re:Roasting chestnuts

[cob666]

Ernie Ball does a LOT more then just sell guitars. They have a very good reputation in the music industry for making a good product and (more times than not) a consistent product.

This is a great warning to large companies like Microsoft and Adobe and also the BSA. But unfortunately, not every company is in a position to just drop an OS like Windows because of issues like user training, third party applications, business specific software that is only available for Windows, as well as client and vendor compatibility.

I firmly believe that the BSA (Business Software Alliance) was granted way too much authority by Congress.

Re:Roasting chestnuts

They sell guitar strings, not guitars.

Negotiated rights

[sjbe]

You consent to the audits if you have any volume licensing at all. You also gave up your right to sue and have consented to going to arbitration.

So what? You might lose the suit but it doesn't mean you cannot sue even if you did "agree" to arbitration. Any sufficiently large software deal will (or should) have lawyers on both sides of the licensing agreement. It's quite possible to cost the software vendor a sizable fortune in legal fees if they can't act civilized so it's not as if the software vendor or even the BSA holds all the cards.

Furthermore if some random schmoe just one day shows up on my door claiming to be from Microsoft and claiming he's here to do an audit he'd better have some pretty convincing proof or he isn't getting past the secretary. Any audit worthy of the name would take some serious planning anyway for an organization of any size so "suprise inspections" usually aren't. (I'm an accountant so let's just say I'm familiar with audits) If the licensing agreement is being seriously broken, a surprise inspection will not be necessary to find this out.

The only ones who really get screwed are the smaller enterprises who lack the sophsitication to deal with issues like this properly.

Re:Negotiated rights

[tftp]

Furthermore if some random schmoe just one day shows up on my door claiming to be from Microsoft and claiming he's here to do an audit he'd better have some pretty convincing proof or he isn't getting past the secretary

That would be a letter from Microsoft, and it will sail past the secretary right onto your desk. The copy of your volume licensing agreement, where you agree to the audit, will be attached.

"suprise inspections" usually aren't

And that is just fine because you will have to clean the mess and buy all the missing licenses. That's what they wanted all along - not necessarily to fine you. As you say, suing or fines aren't free to the software vendor.

The only ones who really get screwed are the smaller enterprises

Yes, not just because they are not as organized and don't have lawyers at the ready, but most often because they are too cheap to buy the software in the first place. A small business, having no volume licensing and living from hand to mouth, has a good chance of flying under the radar until some disgruntled employee calls the BSA.

Details details details

[sjbe]

IIRCC some EULAs give the "authorized representatives" the authority to check your computers.

True. Many of these agreements have such a clause. So now we have to define who an authorized representative is, how they will identify themselves as such, under what circumstances they are allowed to even be on your property much less touch your computers, how they will conduct the audit so as not to be unduly burdensome to your ongoing business, etc. They might have the right to audit but there are a LOT of details they'll have to address (if you are smart) before they get anywhere near your computers. It isn't carte-blanche to do whatever the hell they want.

Cops.

[Nick+Driver]

All of my firm's clients are government agencies in Texas, more that half of whom are in some form or other of law enforcement. For some strange reason, the software auditors don't seem too eager to mess with Texas.

Thank you, Captain Obvious

[Black+Cardinal]

From the third article linked: "I don't anticipate a big round of simplification," Ballmer said. "Whenever you simplify you get rid of something."

Duh. That would be the point, wouldn't it?

Re:Thank you, Captain Obvious

Tell that to the people simplifying my Linux desktop!

Every time I read of these audits...

[X86Daddy]

I see a trend in that the BSA or whichever witch-hunter is mining information on existing licensees, looking for differences in numbers of seats for OS, office suite, email users, etc... So, for the business that wishes to avoid this nonsense, it appears that pirating every single piece of proprietary software they use would be safer than trying to license some, most, or even all of it without some kind of bulletproof guaranteed software accounting and desktop lockdowns in place. Obviously, full-on use of free software would beat that, but I'm just noticing that the people getting "busted" seem to always be those who made some purchases.

Forward the parent to Microsoft

[bradley13]

The BSA (and similar organization) earn their collective salaries by collecting fines. They have zero financial interest in customer satisfaction, because they do not sell anything. The vendors that contract with these organizations need to realize that this damages their customer relationships.

Our small company could transition to open-source pretty easily. The servers are already Linux, but we haven't gotten farther than that - it is extra effort that no one really has time for. If the BSA were to come calling, our story would be much like the parent: we are in compliance, but the sheer irritation of an audit would be the impetus to throw out our remaining Adobe and Microsoft products.

One simplification that Microsoft should make in their license terms is to eliminate the provision for audits. If they think you are in violation of software licensing terms, they could still take you to court like anyone else. By eliminating their use of the BSA, they would do a lot for their customer relations.

Re:Forward the parent to Microsoft

[sgtrock]

You do know that the BSA was founded and initially by a consortium of software vendors that happened to be led by Microsoft, don't you? The BSA is doing exactly what Microsoft wants them to do.

Loopholes, more like Landmines

[deniable]

There are things in licenses that are just made to cause trouble.

For example, Windows Server licenses are tied to a specific piece of hardware. You have to have enough licenses for every virtual Windows server on each host in an ESX cluster. The maximum number that will ever exist on one box multiplied by the number of boxes. There are other options like Datacenter, where you just have to count the chips, not the cores.

Going the other way, if anyone were silly enough to run Linux on Server 2008, they'd need Windows CALs for the Linux users too. Companies used to have to have a second license if they wanted to use their own image of a machine they bought with OEM Windows on it. They still might.

Another fun one, you can't buy an OEM copy of Windows 7 for your own use. You have to install it on a machine and sell it to someone else. If you keep it, you've violated the license.

As soon as I saw 'License Engineers,' I knew things had gone too far.

Has anyone here ever tried reading a license?

[jimicus]

Seriously, anyone?

Part of my job description is making sure the company is up to scratch with their licensing. So I have to read the licenses - and I do.

I have concluded that software licenses are written expressly to trip up customers. Even when they're relatively straightforward, they often contain clauses which would be considered absurd in almost any other commercial contract.

For instance, the only license that allows you to roll out Windows using an imaging system (eg. Ghost) is one of the volume licenses - and for the most part they include a clause which states "You will buy a license for every PC-compatible computer in your organisation". Now you know why so few companies are taking Linux seriously on the desktop. I have no idea how enforceable such a clause would be, but I can't see many companies wanting to challenge Microsoft in court.

Re:Has anyone here ever tried reading a license?

[DamonHD]

I would have thought that this is exactly the sort of monopolistic behaviour that brought down the wrath of (for example) the EU on the heads of Microsoft and Intel.

Have you forwarded the relevant clauses to your local regulator for their reference and interest?

Rgds

Damon

Re:Has anyone here ever tried reading a license?

"You will buy a license for every PC-compatible computer in your organisation"

Per client user or a device. Simply don't install the accessing software to those devices for which you don't want to buy device licenses or limit the user access to the software accessing the licensed server software to those users for which the user license have been purchased. That or is not an exclusive or. Additionally, make sure to purchase the EC license, priced by functionality and software, for those undetermined amount of off-site contractor or customer Linux/Unix/Windows clients accessing indirectly via a server to that server hosting the licensed software. Otherwise, you might have to purchase the normal device or a user based license for certain known amount of clients, again forcing you to limit the access by devices or users. So, in order to deploy the Linux desktops safely without the licensing cost, with Microsoft servers running in the same organization, one would have to install an application firewall, permitting information and service replies to flow only from the Linux devices or users to Microsoft servers, not the other way around. Other solutions might be air- or human gaps in the network but those wouldn't be very satisfying. In conclusion, using FOSS for servers is like using floss for dental hygiene.

You should be a monopolist

[stephenpeters]

I've been thinking a lot recently about whether predatory / monopolistic behaviour is *ever* a good idea.

Monopolistic behavior is a great idea if you are the CEO of a public company. All your average CEO has to do is really push short term results hard to keep quarterly earnings obsessed Wall Street happy. The CEO usually has an exit strategy of quit with a large golden handshake plus large pension, then rinse and repeat until retirement in the Bahamas. If the company goes tits up because of this strategy who cares. Wall street will have sold the shares at a high price to suckers long before the share price collapses and the CEO will be working elsewhere with a track record of large profits during his/her past employment. Employees and customers are just collateral damage.

Legally binding?

[s-whs]

> You are forced to have the auditors by agreeing to the licenses to use certain software products.

Unless a court has agreed that this is so, your statement is untrue.

What if the contract says you have to give up your first child in case you stop using M$ products? Even if you agree (which you have no option not to do in many cases due to M$ monopoly and other software not being made for other operating systems), this will not be legally binding.

It's like that with lots of clauses in e.g. warranties. There are often lots of provisions and exclusions in warranties that are not legal as they reduce ones rights compared to the standard rights. That's not allowed... (at least in Europe)

Saving £120 per year

[Joce640k]

Remind me again how much Windows 7 costs them to buy...?

I love this bit

[mormop]

"Ballmer also suggested that education should be given government stimulus funding to enable young people to gain experience on the computing systems they would meet in the real world."

Seriously Mr B, go fuck yourself. You don't need the money and young people, on the whole, are pretty good at working things out for themselves as they have a "click and see what happens" approach mixed with the ability to ask another kid who knows. Doesn't matter if it's OpenOffice, Office 2007, whatever, if they really want it to do something, they'll find a way. The weak point is quite often the teachers.

Seriously, in the UK you cannot be a teacher without a University degree. A University degree should teach you to analyse a problem, research the problem and apply a solution. In software, this boils down to "I can't do X in program Y", go to Google and type "how do I do X in program Y", click links until you find answer and follow instructions on page. Most of the time they seem incapable of following this simple idea. They'll even come in and as me then watch me hit Google and search for a solution (often the first result returned) but it never dawns on them to do the same themselves next time (and no, support isn't my job). I showed a year 7 how to find something out using the "F1" key and he was amazed, he just didn't know.

The best thing for education, would be for kids to be trained to work stuff out for themselves by teachers who are trained to work stuff out for themselves. This "teaching people to use the software they'll use in the real world" argument is crippling and the seeming inability for people with far higher qualifications than mine to work out even minor problems has seriously dented my faith in the higher education system.

Re:I love this bit

[baptiste]

Wish I had mod points to mod you up - after reading through the comments - great way to end my reading because it's very true. I'm an IT professional and when you tell people Google is your most valuable resource, it never dawns on them that they have access to it too! Teaching young kids problem solving like this - great idea. But never happens.

Re:I love this bit

[DavidTC]

Mandatory xkcd

Re:I love this bit

[Geekbot]

I think what the parent is pointing out, and absolutely true, is not that they don't realize they could use Google but that they still can't figure it out. After years of university they still lack the skills to research a problem to find the answer. This is nothing less than pathetic when technology that was common place 10 years ago allows you to type keywords, get a list of thousands of relevant pages, with short summaries of the articles/pages, and is as easy as clicking a button to go to each and read the instructions.

I'm in America and I'm horrified to read that the problem isn't limited to the US. I have had the chance to work with educators and I am still in shock every time someone with 17-18 years of schooling cannot do simple problem solving steps and is generally unwilling to even attempt to do so.

Are geeks good at problem solving because their desire to play with the computer required them to learn? Or are they drawn to computers because of some innate skill at problem solving? I refuse to believe that problem solving is some special mutant power that only 10% of the population has. I despise the fact that students are asked to read a chapter out of a book and answer a few look-up questions for 12 years while no one is teaching them how to compare and contrast or do research on their own.

getting even, getting to "Sorry"

[harvey+the+nerd]

"Kudos to Adobe for screwing themselves so bad."

Kudos only if you go around your neighborhood and get *several* other business to dump the offensive company, like MSFT or Adobe. For large companies you need to hit back 10-20x harder to get even or an apology. Apologies or "Sorry" are more sincere when they're down a few million.

I like my new strings even more now!

[Zero__Kelvin]

I'm a guitar player and I just recently put a set of Ernie Ball strings on my Ibanez Prestige RG1570. I liked them well enough, but now I love them. I'll be buying Ernie Ball from here on out. On a side note, FTA:

""I don't anticipate a big round of simplification," Ballmer said. "Whenever you simplify you get rid of something.""

Even Ballmer admits that getting rid of Windows simplifies things ;-)

I'm an "MS Fanboy", but, even I am wavering... apk

Not only because of the fact that a person like Mr. Ballmer really, imo @ least, shouldn't be the type of person running a tech company (especially software related ones) like MS. Car sales, yes. Software Engineering based concerns though? Sorry... no.

And, after all? I'm NOT the ONLY ONE SAYING IT either -> http://slashdot.org/article.pl?sid=08/05/06/0052218

(I state that, along with others here & elsewhere, because Mr. Ballmer himself, afaik @ least, doesn't possess the ability to do the job of software engineering himself (whereas his predecessor "King Billy" (I call Mr. Gates that out of RESPECT, not ridicule mind you) actually could do so, thus, he understands what "geeks" want, himself being one (& how can you cater to those you sell to, without having been one yourself so you understand them better from "having walked a mile in their shoes", more-or-less)))

I also have been REPEATEDLY pointing out a problem Microsoft created in the HOSTS file to their mgt. (on their blogs in their "Engineering Windows 7" blog by Mr. S. Sinofsky (top mgr. for Windows 7, iirc) -> http://blogs.msdn.com/e7/archive/2009/02/25/feedback-and-engineering-windows-7.aspx and http://blogs.msdn.com/e7/archive/2009/02/09/recognizing-improvements-in-windows-7-handwriting.aspx?CommentPosted=true#commentmessage & to a user here named Foredecker who has stated he is senior mgt. @ MS - & he hasn't even honored a simple request of mine, even though he conceded I have a strong set of points on that note here -> http://slashdot.org/comments.pl?sid=1467692&threshold=-1&commentsort=0&mode=thread&cid=30384918 ...

End result? Same deal: Blown off totally, on both accounts (as were others).

MS is starting to "slip" & that's coming from myself (a HUGE proponent of what Microsoft really is, a great company that has helped change the way folks think & communicate + do business really).

APK

P.S.=> I've actually considered moving to KUbuntu 9.1.0 lately, because LINUX has some QUITE a ways (especially since I 1st tried in, via Slackware 1.02 circa 1993/1994 iirc) but, I still like Windows 7 (though it does tend to eat RAM like mad, & then spit back errors it's "out of memory" (this I "got into" w/ Dr. Mark Russinovich & others @ the Windows IT Pro forums, even before VISTA released even, & told them their attempt @ UNIX-like memmgt would backfire on them (it did for sure in VISTA, but Windows 7's a WEE BIT better than VISTA was on that account @ least)))...

Still, I do know, FOR SURE, that the HOSTS file issue in Windows exists (VISTA was ok with it, until MS "Patch Tuesday" 12/08/2008, when suddenly after that? A hosts file in Windows can no longer use 0 as a valid blocking address vs. known bad servers, & now, @ best, it can only use 0.0.0.0 (which yes, is smaller, faster & BETTER than the default "loopback adapter" of 127.0.0.1 for that, but... even it is larger & thus slower to load + parse, than 0 is))... I showed them this with INDISPUTABLE evidences to that fact, but in the end? Blown off...

Imo @ least, when a company stops listening to customers with VALID concerns & evidences? They're on the way downwards... see, evidence to that, afaik? Is that only 18% of Windows users have gone the route of Windows 7 (that tell anyone anything? It's not just "economic conditions" & folks outta work (lack of disposable income) causing that, but also that they've still got issues & a bad rep from VISTA, in Windows 7 (such as I have just pointed out))...

Don't get me wrong: I'd LOVE to see MS continue their dominance, I really would, but... well, see the above! apk

Problem in the first sentence

[HalAtWork]

Clearly the problem is right there in the first sentence:

As the recession bites, software auditors are cracking down, and some are simply exploiting loopholes and technicalities to meet their targets

Their target should be making sure that those they are auditing are not using unlicensed software, not to create a new situation where the auditee is now considered to be infringing even though they have made every attempt towards legitimacy.

The Mindset that was the downfall of GM

Were big, and we can rape you as we choose.
Open source, c'mon in! ...Lorenzo

The key is the court order

[tjstork]

If I had a court order to allow the search, I'd still only do it under duress

The courts are allowed to do whatever they want, that is the point.