Comments on: Microsoft kicks off the year of the audit

CIOs would do well to consider open source as a defense against software audits by Microsoft and other increasingly desperate enterprise software vendors.

[therealgeeves]

It is dangerous to allow your business or government to rely on closed source systems.
Better to invest money in more talented people - if you can find some...

[FutureGuy]

@Matt Asay. I can't image how much more "openly" biased you could be. Now you are accusing MS for trying to make sure its software is not being pirated after stating "Piracy is illegal and wrong". You are being a real hypocrite and I am guessing you know that. Cnet: Dost this guy pay you to put his nonsensical articles.

[FellowConspirator]

To be fair, the accusation is accurate: MS has stepped up auditing and prosecution of those not compliant. Presumably what you're objecting to is the insinuation that it's wrong. It's clearly not wrong for MS to prosecute third-parties for copyright infringement, and in some cases license term violations might be actionable too.

Personally, I find their methods to be invasive and harsh, but it's really up to them to decide to what extent they want their users to fear them. Lately, even small violations and poor records keeping has led to lawsuits. Lots of small organizations simply don't save all the original license materials or systematically document things. Ever see a local church get sued because they couldn't produce the original box for the copy of Word they have on the secretary's computer? It sure happens. But, that's MS' business.

Unfortunately, few people take the license compliance overhead into account so they don't do it, don't have money to do it right, and haven't a clue that there are alternatives that would eliminate the need entirely. Lots of people are MS customers by default; they simply don't know they could opt out or how.

[Mr. Dee]

Matt's post is even more contradictory when he mentions Redhat who expects to be paid for their open source commercial distribution just like Microsoft expects to be paid for Windows and Office. The last time I checked, Microsoft does not hold a gun at your head saying, 'buy our software or else'. I want to add, Open Source software is junk, the fact that Windows and Office continue to permeate this planet prove that the only people using Linux is Richard Stallman, Matt Asay and Linus Torvald.

[LinuxGuyRI]

Mr. Dee,

You've gone and shown you have no clue what your are talking about. I suppose VMWare is crap, Oracle is crap, SAP is crap, these are all applications built on or that use open source software. Very good applications indeed. Red Hat doesn't expect to be paid for their software, they expect to be paid for the support contract that the licensing fee represents. Anyone can use Red Hat via the Fedora or CentOS projects for free. Microsoft may not be holding a gun to the consumer's head, but they do hold a gun the heads of Dell, HP, and every other PC vendor with a Microsoft OEM contract. Half the people using Office and Windows do so because it came on their computer, not because they choose to use it. If you put OpenOffice (the MS Office equivalent in open source) in front of a consumer, they'd be able to use it no problem and probably wouldn't even notice the difference. Of the 50% that are business users, a majority of those use MS Office for the same reasons, the computer they purchase is part of an overall package that includes Windows and Office, which simplifies the purchase of hardware and software, nothing more. If they were offered a PC in a nice package with Linux and OpenOffice, they'd be just as happy.

With more and more applications going web-based, the need for Windows and MS Office is dwindling.

[Penguinisto]

@FutureGuy:

He didn't say that MSFT and the BSA is bad for looking to protect their own - they're rotten because they basically use it as an excuse to conduct a shake-down, and make the RIAA look like altar boys when they do it.

Look at it this way: If you get audited, odds are very good that there are going to be apps (and OSes) that have more installs than licenses.

How? Easy:
* They check decommissioned/stored equipment as well as the stuff you use, and if you forgot to shred the HDD's...
* No company (and I mean NONE) that have been audited by the BSA has ever had a perfect accountability rate (unless the company were a 100% open-source-only shop, or had site/universal licenses for literally everything you have that the BSA affiliates sell). This means that how much it will cost you depends on how far off you were. If it's just one or two licenses, you get an uncomfortable fine and get to promise to pretty much buy more licenses than you'll ever use. If it's more than that, you get a choice: pay a six-figure fine (or worse), or face a lawsuit and an injunction to pretty much shut down your business during that time.
* Refuse a BSA audit? You get an injunction to pretty much shut down your IT infrastructure (and your business) during the ensuing lawsuit and raid.
* Voluntarily ask the BSA to audit you (they have that program)? They're more lenient, but it will still likely cost you way more than you thought to "get back in complaince".

IOW, it's a quasi-legal shakedown. Unless you're a member of the BSA (ever wonder why Apple, MSFT, or Novell never get audited?) you stand a good chance of experiencing one eventually.

[gggg sssss]

LinuxGuyRI
When Oracle and SAP were launched, there was no such thing as open source, so I am not sure what you are talking about. and neither do you.Even today, the open source elements in both of these are trivial.

[odubtaig]

So, Oracle is identical to how it was when launched and has never run on Linux? I mean, Oracle haven't done Oracle Unbreakable Linux? So, 'built on or use'... still fits the definition.

Seems Mr. Dee missed that part with the words "U.S. Marshals", but then he's not sharp.

[humanssssss]

If we continue to let Microsoft dictate licensing agreement, we will continue to find ourselves being a pirate. Every year or so, Microsoft decides to switch from per license, to per user, to per device, to per license per user, to per license per device per user to per license per device per user per year, and any permutation of said licensing scheme. Now that they have 6-7 versions of Vista, add that to the permutation and you will have chaos.

There's also a disconnect in communication between the vendor selling the software and Microsoft employees about licensing model. Furthermore, licensing model is so complicated that within Microsoft, if you ask two persons the same licensing question, you get two different answers.

There ought to be some laws prohibiting the government from criminalizing people and let the free market sort this out. It is Microsoft responsibility to CONTROL their software to prevent pirating. Meaning, they need to include a checking mechanism in their software to disable the software if it's not a legitimate purchase. By allowing Microsoft to use the laws to criminalize people, it is inducing Microsoft to allow free reign on their software and get them to switch their development to RECORDING those who pirate their software to sue for money. This is unethical and the judge should push this back to Microsoft saying that they better have some kind of control in their software. It's like a house. It's built with a door for a reason.

[rapier1]

I agree. MS should force everyone to use license servers and dongles. That will help immeasurably.

[Penguinisto]

@rapier1:

I agree as well - big time.

IF Windows was never pirated, I doubt MSFT would stay in existence as far as consumer marketshare goes.

[CountryClubRepublican]

My spouse works in Microsoft sales. Microsoft does not go after companies who have lax license accounting or control as implied by the article. Microsoft knows some employees will use EA software to load bootleg copies on some computers; and it is not worth pissing off your customer to nitpick about those. Microsoft is going after the companies that buy 10 copies of windows, and end up loading it on 300 machines. This is just blatant theft.

Going to open source is not the answer. Open source is "free" in that you don't buy the software itself, but alot of the cost goes into deployment and support. No savings there. Plus, Microsoft's strength lies in it's partner ecosystem which develops apps specific for industries.

[humanssssss]

There's a difference between not going after and the right to go after. Microsoft is a corporation looking to squeeze every dime from every consumers. The fact that they don't go after today, does not mean they won't go after tomorrow if they find themselves not meeting earning expectation.

It is a strategy for Microsoft to RECORD all infringers today to sue tomorrow. They are not force by any entity to create CONTROL on their software to prevent pirating because they know they make more money by allowing people to casually pirate because this has several benefits, one marketing, two education, three future lawsuit.

If Microsoft was to CONTROL their software, their software won't have such a high proliferation rate and they won't have lawsuits to extract money from.

The judge should force Microsoft to make significant measure to CONTROL their software before they can attempt to sue for damage.

We are allowing Microsoft to abuse the legal system when this is a commerce issue.

[James7777777]

humanssssss
"If Microsoft was to CONTROL their software"

You mean like having activation keys? Or perhaps distributing updates that alerts users if they are not running a valid copy and helping them purchase a legal copy? Oh wait they already do all that.

The fact is licensed software is often superior to open source, unfortunate, but true. If people want to enjoy the benefits they need to pay for the software, as long as they do there is nothing to worry about.

[irperez]

My god this guy is truly against buying software! There's no such thing as a free lunch my friend. You go open source, you'll find yourself with very few people who can support those systems. And very very expensive support costs. I know, I'm a Software Architect.

You go with buying software, you actually get better support, documentation and faster response to fixes or bugs. The open source industry on average is behind the normal industry. You go open source, you usually don't get all the bells and whistles that you would get when paying for software. So your choice.

Not to mention, open source industry doesn't have the financial resources to build developer networks and partners as Microsoft has done. Their development community is amazing and their software libraries cannot be compared.

[LinuxGuyRI]

What a bunch of FUD. There are plenty of people who can support open source software and vendors like Red Hat and Canonical (Ubuntu) provide excellent support at a cost much less than Microsoft and without the use of Indian call centers.

The fact is more and more commercial software vendors are producing products that run on open source platforms just because the cost of development is much less expensive than Microsoft platforms. Intuit (Quickbooks), SAP, Oracle all make enterprise applications that run on open source.

IBM is huge into open source, and I do believe they have plenty of money to throw around.

I don't believe for a second that you are a software architect, and if you are, you hoaxed your way into the position.

[gggg sssss]

Ford, GM and Chrysler used to say thier crap smelled less as well. See how well that worked for them.

[odubtaig]

I think someone hasn't read Matt's job description. -5,000,000 points.

[amadensor]

Remember, they do not have to find fault to create hassle and cost for your business. As one who has had license audits (6 audits in 9 months from one vendor without a single license out of line) used as a bullying tool, I can tell you they get expensive. We actually had extra staff whose sole purpose was doing the audits. The disruption to productivity was worse than I would have ever expected. The vendor wanted us to use one of their applications on a public facing site. Once we did, the audits went away, and they write up a white paper saying how much we saved by using their software instead of the software we were using. The dollars of savings were true, but they were all attributed to the cost of the audits going away, not really the cost of using the software itself.

[Penguinisto]

There is a solution for that...

...come the next cycle, ditch that vendor publicly and entirely, and go with someone else (even if you have to hire a programmer to write the thing in-house).

If I were in your shoes I would've done that the first time that vendor called with such nonsense. I'd let's 'em audit away, and then let them ask me why the number of licenses (and installs) from that vendor kept getting smaller and smaller...

[Monetmum]

Having recently worked for a major MS reseller I will say there is a push by MS for audits and to go after those that are not in compliance. MS really ramped it up in Q1of 08, added temp help to do the audits. Many companies just do not read the license or contract T&C's, or else don't understand it, b/c it is convoluted legal speak. Most of what I saw were customers that just didn't know they were out of compliance not an intentional abuse. It's the buyer's responsibility to know what they have signed and it's MS's right to pursue it once signed. That being said, I hated having to dog customers that couldn't afford to true up licensing. The ratio to revenue was huge for some. That environment was part of the reason I left the biz.

[sting7k]

Lol, wow what a summary of the article.

1. Follow the LAW
or
2. Don't pay for anything because they charge to much for it anyway and you can get "better" stuff for free on the internet.

I have yet to find anything for free that was ever better than anything I paid for. Theft is theft, doesn't matter if it's a car, a TV, or an OS. If the cops showed up at your door asking about the new car in your drive way but you didn't have any documents to back it up would you say I found it on the street for free?

[Penguinisto]

Ever been scuba-diving? I can guarantee you that the "free" air you're breathing right now is far superior to the canned stuff one pays to have jammed into a cylinder. ;)

[gcharlan]

I agree with the sentiment that software developers deserve to make a living. It's wrong to use someone else's stuff in a business without giving back somehow. I contribute to OpenOffice because I find it valuable.

It's clear that the people who are posting here have never actually had to PUT TOGETHER an Open Business or Open Value agreement (Microsoft's smaller business volume license programs).

The licensing caveats are unclear and many of them make little sense.

1. Each machine needs to come with a "business" OS OEM license in order to use your Volume license OS, so you can't buy a volume license and install on NO OS or Vista Home machines.

2. You need CALs for any user or device that will authenticate against a Windows server. XP Included 2k server CALs but not 2k3 or 2k8 CALs. These can be bought in 1, 5, or 20 user packs, and the CAL must match the license type...with no fewer than 30 different SKUs for SBS03 CALS alone.

3. According to the Microsoft Small Business community partner lead, Office is licensed by presentation device. If you have users running terminal services to access Word or Outlook the company needs to own a license for EVERY DEVICE THAT COULD POSSIBLY connect and show the programs to the end user, no matter its OS. So you're technically supposed to buy extra licenses of Office 2007 and keep them on the shelf because there's no license tracking or verification for remote access in Office 07.

But many smaller business aren't aware of the details of these licensing programs and their eye glaze over as I try to explain WHY they need to buy another license of Vista Business or XP Pro...and why they CAN'T RDP into their desktop and use all their programs...and why they need to keep ALL receipts and paperwork relating to software.

Every time Microsoft promises to streamline and make licensing easier they really just drop another load of crap on their partners. BSA audits ALWAYS find a problem because the licensing schemes are impossible to understand for all but the smallest environments (and they don't make financial sense there).

I have no problem with MS going after "heavy abusers" but the rules for the rest of us need to become simpler and less costly.

[odubtaig]

1. Didn't know that one (good thing I'm not a sysadmin).
3. It's my understanding that if you have more users than devices (job sharing for example) then you have to buy user CALs for every user rather than device CALs for every device. Yes/No?

[humanssssss]

@odubtaig

How come after reading the EULA, you do not know how to properly account for your license use? If you don't understand the agreement, why agree?

[odubtaig]

Unless I've missed something, I've not mentioned anything that would have come up in my personal use of Windows and, as I'm not a sysadmin or an employer, I've never dealt with volume licensing. All my personal licenses are the more expensive individual per-computer licenses and the only server I have at home runs on Linux so I've never personally dealt with the kind of licensing discussed here.

In answer to your question: because I thought I did understand the agreement.

As it is, I don't deal with CALs, terminal server or volume licenses so I've never agreed or disagreed to those. My experience has been entirely theoretical (in a 'learning the MCSE because it might be useful' sense).