Recession Turning Software Auditors Into Greedy Traffic Cops

judgecorp writes "As the recession bites, software auditors are cracking down, and some are simply exploiting loopholes and technicalities to meet their targets, according to analyst Forrester. They may be within their rights, but they aren't endearing themselves to users; Steve Ballmer faced weary customers in London last year, and admitted Windows licenses have deliberate 'gotchas.'"

Easy solution.

[Anonymous Coward]

(1) Outsource your work to a very large country which dosen't care about IP laws.
(2) Profit!

(1a) Outsource your work to domestic individuals who have the compatible software regardless of license legitimacy.
(2a) Don't shake their hands when you make a deal. Pay'em through some guy meeting them at an Italian restaurant every week. Stop showing up when they fail to deliver.
(3a) Wanna keep your house? 1a and 2a for you unemployed Americans whose baby food money is going towards military ammunition.

Re:Easy solution.

[ozmanjusri]

(1) Outsource your work to a very large country which dosen't care about IP laws.

Shame you got modded troll. This is pretty insightful, though it should say "Outsource your work to a country which has lax tax laws."

One of the most unintentionally hilarious points in TFA is Steve Ballmer's comment;

Users such as the Government of the Isle of Man are already saving up to £120 per year using the beta version of Windows 7

The Isle of Man is largely an offshore tax haven with around 1,350 desktop computers for the entire government. If all of the promised "£100 per desktop per year" savings materialise, the IoM government will have saved a grand total of £135,000 by using beta software. So why would Ballmer be so interested in such a small deployment?

Accounts for Microsoft Ireland Research, an Irish subsidiary of the global software giant, show that the company paid just €460,000 in tax, on profits of more than €1.2 billion last year.
http://www.taxresearch.org.uk/Blog/category/microsoft/ [taxresearch.org.uk]

That's 0.04% tax.

Still wondering why Microsoft is heavily involved in an offshore tax haven?

Even funnier, the IoM Government was an early supporter of Windows Vista, and claimed savings switching to that OS. Though only completing their rollout in October 2009, they were just in time to save even more money changing to Windows 7. If they keep making savings upgrading like that, pretty soon Microsoft'll be paying them for installing Windows.

Re:Easy solution.

[Anonymous Coward]

I'm posting AC because I do IT work for IOM gov. Your post is full of misinformation.

First of all it's disingenuous to represent the Isle of Man as a "tax haven". It's one of the few offshore jurisdictions that aren't on the US blacklist of tax havens and has tax information sharing agreements with anyone that matters. We don't have "lax tax laws". We're one of the only 3 jurisdictions whitelisted by the UK to conduct online gambling precisely because we have good regulation and anti-money laundering protection. And the overall level of tax burned on the IOM is about the same as the US.

Second. There are about 5000 desktop and laptop computers. Now you might not think such small numbers don't matter, but it's not the numbers, it's where they are. The IOM has everything you'd find in your average government, from the executive offices right down to sewage treatment, water utilities, power generation, hospitals, schools, roads, etc, etc. Only it's much smaller. So why does MS care? Because they can deploy their products across an entire and extremely varied organisation, and capture that in only 5000 machines.

As for the Vista/Windows 7 thing. The software is licenced through microsoft's rental scheme, so whether they stay on Windows XP or Windows 7 doesn't matter, they pay the same. The claimed savings were down to lower maintenance costs etc. Also after the deployment of Vista, the upgrade to Windows 7 (like all their application deployments) is through a system called SMS. It's deployed over the network, overnight and is completed with one reboot. No user settings are lost as they're all on network profiles.

I don't like MS as much as the next slashdotter, but you're talking about things you don't know. Stop.

Re:Easy solution.

[ozmanjusri]

The US blacklist isn't the only definition of tax haven, and the IoM only avoided the blacklist by signing more tax information exchange agreements than other offshore havens.

From Wiki;

The Isle of Man does not charge corporation tax, capital gains tax, inheritance tax or wealth tax. Personal income tax is levied at 10–18% on the worldwide income of Isle of Man residents, up to a maximum tax liability of £100,000. Banking income tax is levied on the profits of Isle of Man based banks at 10% and income from the rent of Isle of Man property is levied at the same rate.

Re:

[ozmanjusri]

Not all of that €1.2 billion is taxable in Ireland, you idiot.

Read the links. It's what I put them there for.

According to the Irish Independent, in the past two years Microsoft’s Irish subsidiary has paid dividends totalling €5bn to its Seattle-based parent. That’s despite making profits less than that at €2bn pre tax a year.

Understand what's happening yet?

I just don't even open the door

[GNUALMAFUERTE]

I don't use ANY proprietary software at my company. I own a software development company in Argentina. If I get an auditor (Auditions here are done by ARBA, the state-wide equivalent of the IRS in Buenos Aires) I just won't even open the door. Sue me if you want. I use NO privative software, and no one has any right to log in into my servers or workstations (We have ~40 machines at our offices).

Fuck them in the ass.

Re:I just don't even open the door

[Anonymous Coward]

I don't use ANY proprietary software at my company.

This is great for anyone who can get free software to do their bidding. For everyone else, this really pushes free software into the limelight in a good way (e.g. - we'll use it until we see the value and THEN we'll pay for the "enterprise" support).

Adobe products apparently "phone home". My former employer was just approached by Adobe about some unlicensed copies on the network (the users have full admin rights, per most Windows environments). They settled out of court for $2 million (USD) but immediately dropped Adobe from the suite in favor of free software.

Kudos to Adobe for screwing themselves so bad.

Re:I just don't even open the door

[RoFLKOPTr]

They settled out of court for $2 million (USD) but immediately dropped Adobe from the suite in favor of free software.

Kudos to Adobe for screwing themselves so bad.

I'd hardly call getting a $2,000,000 check "screwing themselves". Especially since, if they hadn't -- as you say -- "screwed themselves" like that, they would have gotten nothing.

Re:

[PitaBred]

And now they'll get nothing else, when the company could have been a good customer, along with bad publicity. I won't every buy anything from Adobe now.

Re:

[Devout_IPUite]

So they lost $20,000 present day value for $2,000,000 present day. Sounds like a good deal for Adobe.

Re:I just don't even open the door

[Anonymous Coward]

So they lost $20,000 present day value for $2,000,000 present day. Sounds like a good deal for Adobe.

Sure, until today's 200 employee shop turns into tomorrow's Google and the CEO decides that since he isn't going to buy Adobe but still needs the equivalent of their software, they're going to develop an equivalent, open source it and put Adobe out of business.

It's never a good idea to piss off your customers.

Re:I just don't even open the door

[Trahloc]

Pissing off "one customer", when you have millions, and when you can get money from that one customer with little or no blowback? Seems like a winning scenario to me.

Except its stories like this that keep me from using any adobe products and then recommending alternatives for any clients/friends/family when I can. While I alone have only cost them a few tens of thousand dollars in lost revenue I know there are thousands of others doing the same. So while it might be a winning scenario in that one instance it wont be in the long run.

Re:

[Serious Callers Only]

Except its stories like this that keep me from using any adobe products and then recommending alternatives for any clients/friends/family when I can.

Exactly. This doesn't come as a surprise given that the quality of their flagship products has been declining steadily over the last 10 years. I've used Photoshop since the 90s. I remember a time when Adobe came out with innovative software which was a pleasure to use. Simple but powerful. Now most days I curse them for some bug, horrible Windows inspired UI, or bullshit Acrobat plugin their astonishingly low quality installers chose to give me without asking. Just the other day I had to manually install th

Re:

[Trahloc]

I'll bite. It's not that a company is enforcing their IP rights that annoy me. It's the fact that the customer had a multitude of legitimate licenses and then Adobe still goes for the throat. Strong arming your customers into compliance I'm fine with, shiving them in the back is another thing though. If a client makes money off a piece of commercial software then the creator should be paid. We pay almost 20k/mo in licensing so these aren't idle words. But if you fall out of compliance, which is almost

Re:

[Gerzel]

Getting free software to do ones bidding is really just learning how to use it and doesn't take any more time than non-free software in most cases. The thing is that there are some differences and that in schools proprietary is what is taught.

Yes it is harder for some applications but for the vast majority of office work FOSS is just as good. If you really need that little boost and can't afford to pay the time then pay the money and say hello to the auditor with a smile on your face as you agreed to the

Re:

[Burz]

Getting free software to do ones bidding is really just learning how to use it and doesn't take any more time than non-free software in most cases.

I have to disagree with that as far as desktop applications go. Although I normally hold up Firefox as a shining example of what other FOSS projects could achieve, the 'eco-system' doesn't really work for end users even with this nice browser.

For instance, I recently setup some Ubuntu systems for a shop doing heavy online sales through eBay. One day soon after, someone there decides to get a better camera but can no longer select the resulting JPEG files for uploading because the new camera does filenames i

Roasting chestnuts

[symbolset]

Here's a nice old story [cnet.com] about a Microsoft software user that got audited, sued, fined and dragged through the press. Apparently they sell guitars. Of course a loss for somebody is naturally a win [sun.com] for somebody else.

Re:

[cob666]

Ernie Ball does a LOT more then just sell guitars. They have a very good reputation in the music industry for making a good product and (more times than not) a consistent product.

This is a great warning to large companies like Microsoft and Adobe and also the BSA. But unfortunately, not every company is in a position to just drop an OS like Windows because of issues like user training, third party applications, business specific software that is only available for Windows, as well as client and vendor co

I like my new strings even more now!

[Zero__Kelvin]

I'm a guitar player and I just recently put a set of Ernie Ball strings on my Ibanez Prestige RG1570. I liked them well enough, but now I love them. I'll be buying Ernie Ball from here on out. On a side note, FTA:

""I don't anticipate a big round of simplification," Ballmer said. "Whenever you simplify you get rid of something.""

Even Ballmer admits that getting rid of Windows simplifies things ;-)

Re:I just don't even open the door

[Quasar1999]

Some how, in North America, your mentality would be viewed as admission of guilt, and they'd find you guilty of pirating software that quite probably hasn't even been written yet.

We seem to have fallen into a guilty until proven innocent beyond any doubt (no matter how unreasonable) system up here... How's the weather down there? If you guys have cheap internet, I'm willing to emmigrate...

Re:I just don't even open the door

[GNUALMAFUERTE]

I agree with that. Actually, there are many screwed up views on the US about many subjects. Argentina is far from being a paradise. We are a mess in many areas, but we are much more free. I have many friends from the states (Being a coder, you just make friends in all parts of the word), and I hear many talk about the land of the free. Freedom in the US is a scarce value. We are a lot more free down here. You can use drugs without the cops bothering you, People are not suing each other all the time, and you can actually live without a credit card, a bank account, and financial records. You can live in cash, without being chased, and just say 'fuck the government, I want my own little Anarchy". If you leave everyone alone, and don't expect anything from the government, they have no way of bothering you. That's the way I choose. I stay out of their way, and they stay out of mine. Sure, if you are into the game, they will fuck you up. But if you decide to play alone, you stand a chance.

About your questions, the weather is very nice, the place is beautiful (sort of European-looking, but with virtually unlimited natural resources, less people, lots of cheap land, and the best food in the world). About internet access, I'm paying 33 Dollars for unlimited 3G access anywhere in the country [coverage is pretty good, i have signal everywhere, even outside the cities], and 42 Dollars for a 4MB Cablemodem, that works pretty well.

Cheers.

Re:

[GNUALMAFUERTE]

Agreed about the ladies ;)

Let me tell you something, Argentina is far away from being heaven (Specially since Heaven doesn't existe :D ). We have a lot of problems, the same corrupt governments we've always had, and a lot of things to fix as a country. But, regardless of all that, Argentina is a beautiful land, with great potential. We just have to start doing certain things better :).

Regarding immigrating here, the constitution says "Para nosotros, nuestra posteridad, y para todos los hombres del mundo que

Re:I just don't even open the door

[pclminion]

The civil justice system has NEVER been an "innocent until proven guilty" system. Unlike criminal justice, civil justice is about "preponderance of evidence." Roughly, this means that whoever's case is more impressive, wins. You don't have to prove anything, you just have to be more convincing than the other guy. And if you don't try to defend yourself? You lose by default. This isn't new. It's always been this way.

Re:

[Runaway1956]

"Three strikes and you're OUT!"

This is the mentality that legislators throughout Europe and the English speaking nations are working with. Specific examples? Just google for any story about computers being confiscated so that the law and/or corporate cronies can build a case against you.

Yes, I know, I'm not addressing the GP's post specifically - just pointing out that he can't be very far wrong based on recent reading.

Re:

[emcron]

Eh? How do things work there down under?

Software audits don't entail some government henchman knocking on your door at random and demanding to see what's inside. Audits in the U.S. are usually for companies licensing large volumes of software for multiple users. The agreements they enter into allow the software maker (Micosoft, Adobe, etc.) to ask for and recieve an accounting of installed copies of software to make sure you're paying for what you are using or are otherwise properly licensed.

They don'

Re:

[bmo]

>They don't just show up and kick down your door.

Yes, they do.

http://www.google.com/search?hl=en&safe=off&client=opera&rls=en&q=bsa+raid&btnG=Search [google.com]

--
BMO

Re:

[bmo]

>So I stopped after the first page, but none of those had anything to do with the OP or the subject at hand.

First link.

http://www.foxnews.com/story/0,2933,312948,00.html [foxnews.com]

You lose, Pumpkin.

--
BMO

Re:

[emcron]

Right, but the difference between you and me is apparently that I actually read the articles.

The fox news story you cite is about a guy who received a *letter* from the BSA informing him that he was not properly licensing his software. He later admits he had shoddy book and record keeping.

No one showed up at his door, no one demanded to be let inside, and no one got anywhere near his property or computers.

I'm not saying the BSA's tactics with respect to settlement payments are to be applauded, but

Traffic cops?

[Mashiki]

Would have been better to use blood sucking lawyers.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Easy solution.

[wizardforce]

Exactly. On a somewhat related note, I think it would be interesting to see how the recession has affected the use of FOSS due to the necessity of cutting extraneous costs like software licenses.

Re:

[Runaway1956]

Opinion only: Little to no effect yet. Most companies are trying to ride out the recession. (Read, management is still enjoying a nice paycheck, and most of their usual perks) When, and only when, management is looking at cuts to their own pay and/or benefits will they look at FOSS as an alternative. Then, there will be problems. All those donations to schools has ensured that most people only know the MS way of life, and it will cost to migrate to anything else.

But, if the recession isn't solved with

Re:

[Anonymous Coward]

I don't know about where you work, but where I am they dropped all new software purchases & maintenance for software they owned 12 months ago.

But they aren't planning on moving to open source. They purchased the software, they aren't hiring anyone, and so they don't need to do anything.

Long live Office 2000!

Re:Easy solution.

[bendodge]

Microsoft hates that mentality. Therefore, they are moving to a subscription model with Office 2010. But they've got a tough road converting the huge base of Office 2000, XP, 2003, 2007 people who have a license into infinity.

Re:Easy solution.

[Anonymous Coward]

4. REPORTING AND AUDIT. If Customer wishes to increase the number of Installed System, then Customer will purchase from Red Hat additional Services for each additional Installed System. During the term of this Agreement and for one (1) year thereafter, Customer expressly grants to Red Hat the right to audit Customer's facilities and records from time to time in order to verify Customer's compliance with the terms and conditions of this Agreement. Any such audit shall only take place during Customer's normal business hours and upon no less than ten (10) days prior written notice from Red Hat. Red Hat shall conduct no more than one such audit in any twelve-month period except for the express purpose of assuring compliance by Customer where non-compliance has been established in a prior audit. Red Hat shall give Customer written notice of any non-compliance, and if a payment deficiency exists, then Customer shall have fifteen (15) days from the date of such notice to make payment to Red Hat for any payment deficiency. The amount of the payment deficiency will be determined by multiplying the number of underreported Installed Systems or Services by the annual fee for such item. If Customer is found to have underreported the number of Installed Systems or amount of Services by more than five percent (5%), Customer shall, in addition to the annual fee for such item, pay a penalty equal to twenty percent (20%) of the underreported fees.

Re:Easy solution.

[stephanruby]

What is Red Hat thinking? Written notice? Microsoft doesn't always give notice, that's why its audits are so successful. At least during one incident reported on Slashdot, they didn't give any notice and just showed up with Federal agents and guns.

Re:Easy solution.

[selven]

Let's see:

-10 days notice
-at most once a year unless you get caught
-if you make a minor mistake, you pay up and you're done
-if you make a major mistake, you pay up 120% and you're done

Sounds better than anything Microsoft or Adobe have to offer.

Re:

[Lumpy]

If you have competent IT centOS is a better choice than redhat.

Why pay for support you dont use?

Re:

[LostCluster]

Yep, nobody would threaten to sue you for using Linux.

Excuse me, jcr, you've got a phone call from a SCO on line 3. I think you might want tot take it.

Re:

[Gerzel]

Depends on the flavor. Try debian.

Re:

[Minwee]

Don't run Windows. "Software auditors" are just about unknown to users of any other platform.

I think you meant "to users of any other platform where the hardware costs less than a car." Oracle, for example, has a long history of auditing its customers and only the most brain damaged among them would run it on Windows.

They are not looking for endearment

[Suki I]

They may be within their rights, but they aren't endearing themselves to users; They are not looking for endearment, they are looking for a paycheck.

Re:

[pete6677]

Exactly. Microsoft long ago passed the point of having to care about what people think of them.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[Suki I]

And DIGITAL and Control Data and . . .

Re:

[biryokumaru]

... The US Government...

Re:

[the_other_one]

The Conservative Party of Canada

Re:They are not looking for endearment

[Gerzel]

And as an advocate for FOSS and other alternatives to MS I salute them for going after that buck at the expense of their users and cheer them on to drive harder.

What rights?

[SuperBanana]

They may be within their rights,

What right would that be, exactly? If they're not law enforcement, and they don't have a court order, they have zero "rights." Yes, even if they show up wearing fancy raid jackets to try and look like law enforcement.

I've posted this several times before. If the BSA or any of these other vultures come knocking, they have ABSOLUTELY NO RIGHT TO DO ANYTHING, SEE ANYTHING, TALK TO ANYONE, etc WITHOUT A COURT ORDER. If they have one, that means you're already in the process of being sued, and the first person you should call is your lawyer, and you should ONLY do EXACTLY what the court order requires you to.

Here's the Superbanana Super Guide To BSA Bullshit Shutdown.

• Your receptionist and anyone else that is near the front door should keep them as far out of the building as possible, at a minimum the reception area. Block their path. If they even so much as poke your check with a finger, call the police immediately. Maybe even call the police, preemptively ("Hi, 911? Some people in raid jackets showed up at our business, they're not police, but they seem to be pretending like they are. There's a lot of them, we think they might be trying to rob us or something.") At a company where I worked, we had a silent alarm button at the reception desk.
• Send someone to find the most senior person in the company, preferably an officer (CEO, CFO, President, etc.) They do all the talking. That talking should consist almost entirely of "Who are you" (where your attorney will send a very nasty letter to). "Do you have a court order?" (No.) "Get off our property, you're trespassing."
• If the "auditors" refuse to leave, get physical, or try to connect to the network or start poking around, call the police immediately.

If they don't have a court order, don't let them see anything, touch anything, install anything, connect anything. Don't answer any questions. The only information you should give them is your attorney's phone number.

Re:What rights?

[LostCluster]

Here's where the nonsense starts...

You consent to the audits if you have any volume licensing at all. You also gave up your right to sue and have consented to going to arbitration. In that, BSA claiming they have a report you licensed X and you are using Y copies (from the upset employee you fired a month ago) and unless you present a defense, you lose. So, you've got to let the auditors do their count of computers... You can slow them down and get into compliance in the meantime, but you can't keep them

Re:What rights?

[pclminion]

Giving up your right to sue doesn't mean you can't sue. I've seen it done. Party A and Party B enter an arbitration agreement. Party A believes Party B has failed to fulfil some contractual obligation. Party B disagrees, finds fault with Party A, and sues Party A. In court, party A enters the original contract into evidence. Party B disputes it. A hearing is scheduled. A question of validity of the contract is raised. Party A then sues Party B for breach of contract. The whole thing is tied up in the courts for 17 months. The issue is resolved when everybody gets so fucking tired of it that they just walk away.

You say I gave up my right to sue? How are you going to prove it? I guess you'll have to... TAKE ME TO COURT.

Re:What rights?

[LostCluster]

They show the clickwrap contract, and then you've got to prove the Microsoft EULA is invalid. Good luck with that.

Re:

[tchuladdiass]

They have no evidence that you clicked on it though. Just because the software is installed means only that "someone" clicked the agreement. Or maybe not -- all software has bugs in it, maybe the installer didn't show an agreement (due to a faulty video card driver, for instance).

Re:

[Golddess]

So if, for example, I were to order a Dell, and as one of the options I select for them to pre-install Office 2007, it's my fault if the copy they install is improperly licensed?

Re:

[pclminion]

I didn't say I'd WIN, I said that just because I have an arbitration agreement doesn't mean I have to abide by it. It's fundamentally impossible to give up your right to sue somebody. It just makes it a hell of a lot less likely that you'll win.

Re:What rights?

[LostCluster]

Yep. You have a right to sue when you have no chance of winning. It just isn't a very profitable right to exercise.

Re:

[LostCluster]

My point seems to have become lost. Suppose MS wants to audit you and you refuse. They try to take you to arbitration. You refuse. So they try to sue you. In court, you present the arbitration agreement...

and then you look stupid. You just submitted proof that you agreed to participate in arbitration, and Microsoft shows them a arbitrator who is saying you won't comply. Summary Judgment for the plattiff, and that's not you. You then forfeit the arbitration. You lose.

Re:

[tftp]

hey have to show that the person who clicked accept was an authorized representative of the company (employee) and not an unauthorized user or cracker, and it is Windows, so good luck with that!

They don't need to show anything because it is natural and expected that an employee of the company installed some software on company's computers. For example, you seldom need to prove to anyone that you are human.

If you claim that somebody set you up the bomb then *you* need to prove that extraordinary claim.

Re:

[tftp]

The purpose if the signature is to verify that:

A) The person who the claimant says made the agreement is in fact the person who entered into the agreement

The signature does nothing like that. You need a notary stamp, signature, a record in his book and your thumbprint there to certify your signature.

B) The person who made the agreement was in fact in a postition to make such agreement

The signature does nothing like that. It's up to courts to determine if you had authority to sign a certain documen

ELUA?

[PinkyGigglebrain]

IIRCC some EULAs give the "authorized representatives" the authority to check your computers.

Good argument for GPL'd software.

Re:

[mindbrane]

If they even so much as poke your check with a finger

I presume you intended to type cheek?

IANAL, but the law, as I was instructed in it, in British Columbia, Canada suggests that if you think someone is trespassing you should inform them they're trespassing. You can then place a hand on them to escort them off the property, if the resist, even to the point of simply slipping away from the hand you've place on them they can then be seen as having assaulted you.

Corporations and most lawyers use intimidation as a matter of course, as do government agencies. I'm

Re:

[speedlaw]

Thank you. I am forever amazed at those who expect a company to "play fair" or "do the right thing". May as well expect a hungry shark not to eat that cute puppy who fell off the dock. Having litigated against some big companies, the OP has the right attitude.

Re:

[Phoobarnvaz]

Am not a big fan of the software auditors...but having been fired from a company in the past who had been caught the previous year with $250,000 US of unlicensed software in a medical billing company...was told in a meeting about this about two weeks before they let me go. Working in the IT department at the company & being escorted out of the building during a merger that had just started...I contacted BSA as soon as I got home. Told them the exact machines/software the employees were using from hacked

Re:

[Anonymous Cowpat]

good, now everything is on some paperwork, you can get the evidence thrown out later by getting the order thrown out.

Re:What rights?

[calmofthestorm]

Yes,but the counter-charges are criminal and civil: assault with a deadly weapon, breaking and entering, hacking laws, etc.

Consider that these are private citizens. They have as much right to break down my door with guns and break into my machines without permission as I do to arm myself like Neo, walk into Microsoft, and attempt the same thing.

Re:

[pclminion]

A motion of discovery ON WHO'S BEHALF? Dude, I WISH it worked like that. I'm curious what the fuck my neighbor keeps doing in his garage at 3:00 in the morning. I'll just go down to the courthouse and get a court order to search his home, right?

Re:What rights?

[amiga3D]

Maybe, but then they're limited by what the court has stated they can do. If you voluntarily allow them access then the sky is the limit.

which is how things are supposed to work.

[SuperBanana]

Then they just come back an hour with a motion of discovery, the constable, and 3 deputies.

And the problem is what, exactly? That's exactly what they SHOULD have to do.

The reason the BSA shows up unannounced is because they're fishing, and hoping to get enough to THEN either threaten you or take you to court. There is no possible good to come, and nothing that will work in your favor, by granting them access.

They've already decided that it's not worth the cost of filing a suit, and in order to get anywhere, they need to have evidence, which they may not have in sufficient quantity. A pissed off sysadmin with a bone to pick is about as credible as a fox in a chicken coop.

The company that says "go fish, assholes" MIGHT see them again with a court order in hand, but it's not likely. The company that says "uuuuuh....okay, come on in" finds themselves in a few weeks threatened with a huge lawsuit, or a "settlement" calculated to be just below what the company could possibly afford...

Real traffic cops too

[istartedi]

I don't have solid data to back it up; but I think they're giving out more tickets in California now.

The other day I actually saw somebody get nailed for "failure to yield to a pedestrian". This is indeed a big problem--to the point where I have to wait for several cars to pass through a crosswalk sometimes. Still, it doesn't seem like they cared that much about it a couple years ago.

Coincidence?

Re:

[ceoyoyo]

Maybe someone got hit. Where I used to live there were a couple of pedestrians hit in crosswalks, including one who was carrying a baby. They put the fine at $500 and the cops started enforcing it. It wasn't really a big problem before, but there was no problem at all afterward.

Re:

[biryokumaru]

For all intensive purposes

I've always thought that that was "For all intents and purposes."

Greedy traffic cops?

[DNS-and-BIND]

WTF is that supposed to mean? I think of some guy with beady eyes and salivating mouth clutching a Krispy Kreme and a coffee. Traffic cops are greedy? Pricks would be the word I'd use. I think they do their job out of officiousness rather than any sort of expectation of personal gain. Is greedy traffic cop one of those internet things I missed?

Re:

[XanC]

If "traffic cop" implied "greedy", then there wouldn't be any need for the adjective.

Re:Greedy traffic cops?

[LostCluster]

In the town next to the one I sit... there's a old police officer who has a "quota" of traffic fines he needs to collect in the budget. Miss his income number, and he's unemployed. The budget number is public record as and in as a separate line item in the official budget. He's authorized to put up a "Speed Limit 30" sign at any intersection because that's the state law at all intersections marked or not.

Now, on the way out of this town, there's a highway interchange. That's an intersection, but the state highway people don't want you going as slow as 30 miles per hour there... you won't be up to 55 on the short ramp to the highway if you do. So they've rigged this intersections with enough signs that the traffic officer is locked out... if he puts his sign up, it's not properly displayed because it's either blocked from view or too far from the intersection. He still writes tickets there, and if you take him to traffic court you can get it kicked. He's hoping you confess or just send in the check. There's even a state website where you can pay your fine with a credit card.

If enough people do get his tickets kicked, he'll be done.

Ernie Ball

[bmo]

I'm sure that Sterling Ball over at Ernie Ball (guitar string manufacturer) is sitting with a big grin on his face every time he reads something like this.

For those who forgot:

http://news.cnet.com/2008-1082_3-5065859.htm [cnet.com]

In 2000, the Business Software Alliance conducted a raid and subsequent audit at the San Luis Obispo, Calif.-based company that turned up a few dozen unlicensed copies of programs. Ball settled for $65,000, plus $35,000 in legal fees. But by then, the BSA, a trade group that helps enforce copyrights and licensing provisions for major business software makers, had put the company on the evening news and featured it in regional ads warning other businesses to monitor their software licenses. Humiliated by the experience, Ball told his IT department he wanted Microsoft products out of his business within six months. "I said, 'I don't care if we have to buy 10,000 abacuses,'" recalled Ball, who recently addressed the LinuxWorld trade show. "We won't do business with someone who treats us poorly."

Re:

[amiga3D]

Been there have you? I can see owning a few windoze boxen if you needed an app that was windoze specific. I think the point made by Ernie Ball was that for most of what was being done there was no need for proprietary software. Why pay the huge outlay of cash for a box that is only used to do word processing?

Just doing their job?

[Frosty Piss]

and some are simply exploiting loopholes and technicalities to meet their targets

Arn't "loopholes and technicalities" some of the things auditors are supposed to look for?

Of course the guy is an asshole...

[cortesoft]

Julian Heathcote Hobbins, General Counsel for the Federation Against Software Theft (FAST), spoke in defence of the software industry protecting its property rights

Could the guy have a more pretentious name? Really? Julian Heathcote Hobbins? Could that guy have any other job beside going around and telling people they are using the product they bought incorrectly?

Re:

[ceoyoyo]

Come on, he can't help his name. Now, using all of them, THAT's pretentious.

Re:

[ceoyoyo]

Yes, and journalists have this thing for doing lots of background research to dig up people's middle names just so they can put them in articles.

Takes a steady hand to treat customers well

[Lemming Mark]

IMO this is one place where strong management can make a big difference by taking an explicit position on "Times are tough, we need to collect what revenue we can" vs "We need to preserve a relationship with our customers *and* help them stay in business *and* get ready to capitalise on that good relationship when the economy picks up and we want to sell more stuff". Targets should not be allowed to distract from the bigger picture, which is *serving your customers*. Sure you might have contract terms that give you "the right" to hit your customers with surprise charges in order to help keep your own business afloat but you're not really serving them, you're using them. By the same token, when I go to my local shop they have "the right" to be rude to me - I'm paying for goods, not manners. But then I'd switch purchasing to the other local shop. Everything has a cost.

But what do I know, I'm not a manager! Times are tough, people have to get by somehow.

Nor are you a monopolist

[Rix]

Who can screw their customers and expect them to come back for more.

Re:

[Lemming Mark]

Heh, that's certainly true too! I've been thinking a lot recently about whether predatory / monopolistic behaviour is *ever* a good idea. It seems to me it's only ever a good plan in the relatively short term. In the end, trying to squash the market under your weight rather than swim in it is always going to result in disloyal customers, faster moving competitors and loss of market position.

I'm not sure there's a way of avoiding the eventual progression of successful company -> bureaucratic monster -

Why would you even let them in the door?

[igotmybfg]

I work for a small (~50 person) software development firm. I have no experience on the business side of the house, so I'm open to the possibility that I'm missing something really basic here. With that said, why would a company let a software audit happen? It seems like the only possible outcomes are bad. It's not like the company can realize any revenue from an audit (and could quite possibly end up paying money to buy licenses), and even if the auditors don't find anything bad, there's still the overhead

Re:

[amiga3D]

I'm thinking it's because you agreed to their right to audit you when you purchased the licenses. Nobody except for lawyers ever read those EULA's it seems.

Re:

[timmarhy]

MS might want you to take a software audit when you buy ne licenses. so in that respect if you need to upgrade they can make it part of the deal.

personally i can't see how the manager of any company worth his salt couldn't stone wall this. first you would play dumb - really dumb -. then once they had spelt out a few times what they wanted you'd put up a few objections that don't make any sense. follow this up with a few feature questions to taking them off down another track and they will probably be ready

The only logical conclusion...

[Rix]

Is that it's a term of the volume/"professional" licenses large organizations have to enter into.

Re:Why would you even let them in the door?

[Gerzel]

You are forced to have the auditors by agreeing to the licenses to use certain software products.

Re:

[dbIII]

The laws of the State trump the licence conditions. They can pretend to have these powers but they don't have anything unless a Judge or similar grants it.

In related news ...

[PPH]

... Linux/OSS gains market share.

What about this?

[pclminion]

Suppose I'm a healthcare company. Software auditors show up at my door, waving contracts in my face. I let them in. They insist that they must inspect ALL machines running, say, MS Office. Some of these machines contain sensitive health information for ten thousand patients. I have now committed 10,000 willful HIPAA violations, and could go to jail, in theory, for up to 10,000 years (maximum jail time for willful but non-malicious breach is 1 year per instance).

Or what about SarbOx? Any possibilities for violation there?

I think a strong case could be made that if you are a HIPAA covered entity who uses software which is subjects to such agreements, and you abide by the agreements, then you are committing a felony. Thus, using Microsoft software is a felony. QED

Re:

[cfalcon]

I'm pretty sure you would explain the situation to the auditor, and they would find a way to check that you are in compliance without actually having access to the data you are legally obligated to protect. There are TONS of places that can't just go pushing their data around willy-nilly- some have customer data that personally identifies them. Others are running a classified network. Whatever your cause is, I'm sure they can find some way to verify that you are using their stuff with licenses without,

Re:Boy, that's TV Law...

[pclminion]

No, I think what would happen is that they can just look at the OS, without looking at the data running in the OS. Thus, they can get a license count. But, if you won't give them one, then, you could get sued, and be forced to give one, or rather, have some third party or even the local sherriff do the count with the understanding that the HIPAA data is implicitly protected because the exposure is to officers and appointees of the court.

I don't think you understand exactly how draconian the HIPAA statute really is. A HIPAA covered entity may not disclose or allow the possibility of disclosure of protected health information to ANYBODY without the patient's consent. That includes sheriffs, court officers, and the President of the United States. It also includes other HIPAA covered entities! That's right folks, your doctor cannot tell another doctor about you, unless it fits a VERY specific set of circumstances. I've heard horror stories of nurses losing their jobs because they told other nurses vital information about a patient's care, and I'm not talking about gossip in the hallway, I'm talking about perfectly legitimate transfers of information for the patient's benefit. The statute is so broadly worded that you can be fined because you saved a patients life.

You would essentially have to get written consent from all 10,000 patients before anybody who is not themselves a HIPAA covered entity could so much as GLANCE at those machines.

Now you might say, let's just declare ourselves to be HIPAA covered entities, and promise to abide by the law. Except it doesn't work that way. A person cannot choose to become a HIPAA covered entity. You must meet a very specific set of criteria, one of which is that you conduct electronic transactions (either billing or file transmission) regarding health care information. A software auditor simply does not meet the criteria.

HIPAA is widely regarded as one of the most overreaching, destructive laws ever passed, with insane and unintended consequences. By the way, anybody is allowed to file a HIPAA complaint against any covered entity, even if they are not associated with either the patient or the health care provider. In theory, if I knew that some health care company somewhere allowed a BSA audit, I could file complaint against them myself, and OCR would be compelled to investigate it.

You really should read up on HIPAA. It's like a god damned nuclear weapon and it has the entire healthcare industry constantly quaking in their boots.

Re:Boy, that's TV Law...

[ColdWetDog]

No, I don't think you understand HIPAA very well. It DOES allow for a number of disclosures without patient consent:

To law enforcement [aele.org]

To treating physicians and other clinicians, for public health activities, for health oversight purposes, to protect against personal and material harm [state.tx.us]

Even for marketing [hhs.gov]

And a raft of others. [hhs.gov]

This is not the bogeyman you are looking for.

Re:

[jimicus]

BSA are not law enforcement. They just behave like it sometimes.

Re:

[Anonymous Coward]

No, you don't understand HIPAA law.

The first two links you point to are for GOVERNMENTAL entities that allow the sharing of data. And those are for a JUSTIFIABLE BUSINESS NEED. Any of those disclosures are still protected. That is the data that is disclosed still cannot be released to another entity unless it meets the same need requirements for sharing.

The BSA or any of their related entities are not even close to a GOVERNMENTAL agency that would have the authority or even a justifiable business need to

Thank you, Captain Obvious

[Black Cardinal]

From the third article linked: "I don't anticipate a big round of simplification," Ballmer said. "Whenever you simplify you get rid of something."

Duh. That would be the point, wouldn't it?

Has anyone here ever tried reading a license?

[jimicus]

Seriously, anyone?

Part of my job description is making sure the company is up to scratch with their licensing. So I have to read the licenses - and I do.

I have concluded that software licenses are written expressly to trip up customers. Even when they're relatively straightforward, they often contain clauses which would be considered absurd in almost any other commercial contract.

For instance, the only license that allows you to roll out Windows using an imaging system (eg. Ghost) is one of the volume licenses - and for the most part they include a clause which states "You will buy a license for every PC-compatible computer in your organisation". Now you know why so few companies are taking Linux seriously on the desktop. I have no idea how enforceable such a clause would be, but I can't see many companies wanting to challenge Microsoft in court.

I love this bit

[mormop]

"Ballmer also suggested that education should be given government stimulus funding to enable young people to gain experience on the computing systems they would meet in the real world."

Seriously Mr B, go fuck yourself. You don't need the money and young people, on the whole, are pretty good at working things out for themselves as they have a "click and see what happens" approach mixed with the ability to ask another kid who knows. Doesn't matter if it's OpenOffice, Office 2007, whatever, if they really want it to do something, they'll find a way. The weak point is quite often the teachers.

Seriously, in the UK you cannot be a teacher without a University degree. A University degree should teach you to analyse a problem, research the problem and apply a solution. In software, this boils down to "I can't do X in program Y", go to Google and type "how do I do X in program Y", click links until you find answer and follow instructions on page. Most of the time they seem incapable of following this simple idea. They'll even come in and as me then watch me hit Google and search for a solution (often the first result returned) but it never dawns on them to do the same themselves next time (and no, support isn't my job). I showed a year 7 how to find something out using the "F1" key and he was amazed, he just didn't know.

The best thing for education, would be for kids to be trained to work stuff out for themselves by teachers who are trained to work stuff out for themselves. This "teaching people to use the software they'll use in the real world" argument is crippling and the seeming inability for people with far higher qualifications than mine to work out even minor problems has seriously dented my faith in the higher education system.

Re:The article was actually nice.

[MightyMartian]

B.S. Nobody wants Microsoft licensing to be that complex, except the SAM contractors and other licensing Nazis that Microsoft and a good chunk of the proprietary software world has let loose upon us all.

I had a SAM review last February and March, that started with a letter from a Microsoft "partner" (read: contracted henchman) that, once you got passed the bullshit about them being hear to help me, was clearly a software audit.

I was given 30 days (with an extension if I needed it) to put everything together. That part wasn't too bad. We had largely inherited the licenses from the firm that we had taken over, and it was a bit of a mess. Of our three copies of Server 2003, one was an inherited Small Business Server 2003 OEM edition that I had applied the Transition Pack to to turn into proper Server 2003, one was an OEM copy of Server 2003 R2 bought by us and one was a Server 2003 that we had inherited, purchased through Software Assurance. As well, there were about 15 Office Pro licenses, as well as 13 or 14 Office OEM copies sold with the Dells that we had inherited. On top of that, I had a backup server running Windows 2000 server, plus CALs both purchased by us and by the people we had bought everything from.

I first smelled trouble when they asked me to verify that 22 of our workstations (all running OEM copies of XP) were not running Office (they were running OpenOffice). I found the question more than a little accusatory. Then came the seeming inability for them to count CALs. At one point they had us in the red 15 CALs, despite the fact that I had invoices, both of my purchases and of the previous organization's, showing the CALs. This literally went back and forth for two weeks, until finally I had had enough, and sent off a very angry email to the contractor accusing him and his "team" of severe arithmetic disabilities, and explicitly using the phrase "you are harassing me".

Then, as if unwilling to declare defeat, they came back with a final number of -5 Server 2003 CALs, because, and get this, though I had enough CALs to cover everything, I hadn't bought this 5 CAL pack via Software Assurance, and wasn't permitted to use it as a User CAL on the Server 2003 machine installed via the single copy of Server 2003 bought via Software Assurance. I sent back a very angry letter, CCed to my manager, asking them if they seriously thought that I was going to pay $150 bucks again for CALs I already owned, because I bought them from a reseller as opposed to Software Assurance. I think at that point they got the hint that they weren't going to be getting any money out of us, and sent back a letter saying that as long as I agreed to change them into Device CALs, I'd be in the clear with them.

Now, I guess from one perspective one could say that we got off in the end, we were totally legit. But this probably consumed about $500 to $700 of my wages (my employer's money) on pointless back-and-forths as they tried to probe to find any way to make money off of us.

At this point, we are looking to abandoning Microsoft, and indeed proprietary software wherever we can. It won't be easy, and it won't always be pleasant (though it can't be any worse than the three weeks of hell that happened when we bought new Dell workstations with Vista). We're stuck with Exchange-Outlook for the medium term, but should have enough licenses to cover a small expansion that may be happening in a year. But all the new file servers are running Samba, we're set to expand OpenOffice installs, and while Office 2003 will be around for a while, there will be no upgrades to later versions, save as we replace workstations. The long-term plan is to roll more and more server operations on to open source solutions, with a set goal that when we hit 95% of our Exchange CALs, we will take the plunge and go with an open source groupware solution. I don't anticipate that we will ever be Microsoft free, but we can certainly reduce our footprint, and our exposure to the nonsensical and self-serving whims of Micro