Another Vista Piracy Story

Most of this has already been said in the other stories I linked to, but I liked this story because it made a suggestion as to why Microsoft is going to all this effort to protect the software (and cause more work for IT staffs)…

Microsoft’s actions may be an attempt to protect its existing revenue stream even as it shifts to a new operating system and new delivery model, said Carmi Levy, analyst with the Info-tech Research Group last month.

With the future of boxed software being called into question, Microsoft needs to work harder than ever to protect its business, said Mr. Levy (see Microsoft’s Suing Spree).

The latest technologies in Vista could be its attempt to ensure that it does not lose out on significant chunks of revenue from what could become its next money spinner.

So the implication here is that Microsoft is scared, because – a) people are looking at other operating systems meaning Linux and Apple, b) people are looking at using products that don’t require that the software is installed on every machine, meaning things like Google and their on-line offerings.

Software Protection Program

While today is the day for Microsoft anti-piracy stories. Here is a ZDNet story out of the UK that talks about people being shut of out of their machines if the operating system is not activated.

If Vista is not activated with a legitimate product registration key in time, the system will run in “reduced functionality mode” until it is activated, said Thomas Lindeman, a senior product manager at Microsoft. In this mode, people will be able to use a Web browser for up to an hour, after which time the system will log them out, he said.

Plus there is a lot more in the story about the ’software protection program’ Microsoft is announcing…

The new technology is part of Microsoft’s new “Software Protection Platform”, which the company plans to announce on Wednesday. It will be part of future versions of all Microsoft products, but debuts in Windows Vista and Windows Server “Longhorn”

and…

Barring people from using their PC is a significant change from the antipiracy features that Microsoft bolted on to Windows XP with Windows Genuine Advantage. In XP, the piracy-busting features only put a block on downloading additional programs from Microsoft’s Web sites…

…Microsoft will continue to check if Vista was legitimately acquired, even after activation. This happens, for example, when downloading additional Microsoft programs. Should a licence key be deemed illegitimate, the user will be given another 30-day grace period to acquire a legitimate licence key, Microsoft said.

During this grace period warnings will be displayed and Vista will block access to the Windows Defender antispyware tool, ReadyBoost memory expansion feature and Aero advanced graphics option, Microsoft said. Also, a persistent text will display in the lower right hand of the screen: “This copy of Windows is not genuine.

Then we get this nice explanation of the work that will be involved to help a company authorize Microsoft Products in the future.

… Microsoft is also changing the way businesses license its software. New licensing systems will replace the current volume licence keys, which have been widely abused..

Starting with Vista, Microsoft will offer two different types of keys and offer three different ways to distribute them within an organisation. In all cases, some more work will be required on the part of the technology department at a company.

The first type of product key to replace the current system is called “multiple activation key,” or MAK. An IT pro at a company can install a key on a machine that will then need to be validated online. Alternatively a proxy can be set up centrally to activate multiple systems at once, according to Microsoft.

The second licensing option is called “key management service”, or KMS. This requires the organisation to set up a KMS service on the corporate network that will activate client machines. The Vista PCs will silently find the KMS service and activate, according to Microsoft.

I really like the last piece of the story…

It may seem as though businesses will have to count all their licences, but it’s really not as bad as it sounds, said Michael Silver, an analyst with Gartner.

“It has nothing to do with licence counting right now, but companies will need to expend time and effort and some money to administer this, in the name of helping Microsoft recoup revenue lost to piracy,” he said. “There needs to be more of a benefit [for customers]. Linux and Mac communities will try to make hay with this, but this will not be the tipping point.”

While I think that part is total crap, one of the biggest problems with people I talk to is they don’t have a software asset management program in place currently. So they don’t know if the products installed on their machines are legal or not. Companies “want” to be compliant or legal, but they always mention the amount of work and time that would be needed to do it – so they just ignore the problem.

No doubt they “will have” to do this with Microsoft products in the future, because they are forced to. But what happens when other companies start doing the same type of thing? Adobe is already doing a new license scheme, how long until everyone is doing some thing like this. Odd’s are that every vendor is going to want their own special system in place to work with their tools, this sounds like a lot of work in the future.

 

 

 

 

 

 

 

 

Straight Talk about ITIL

Nice story on the basics of ITIL.

CIOs grapple with new complexity

Here is a ComputerWeekly

As enterprise software markets mature, many suppliers are generating more of their revenue from existing customers than from new sales.

“To maintain their growth, suppliers need to maximise revenues from existing business rather than chase new contracts. It is up to IT directors to ensure that they select and manage the most appropriate licence model for their business, rather than adopt an unsuitable and costly alternative.”

pointing out that vendor audits are on the rise…

Bill Monk, director at compliance consultancy LOCS, said, “Recently there has been lot more pressure from suppliers to conduct software audits or ensure that the customer is paying what they are supposed to be paying.”

pointing out that the “software police” are out there…

As part of this supplier push to make firms meet their obligations, anti-piracy software industry groups such as the Federation Against Software Theft and the Business Software Alliance have been promoting the use of software asset management tools.

I don’t agree with the next statement though…

But Monk said this was not necessarily the answer. “In my experience, there are not that many tools out there that will do the job,” he said. “The output generated by asset management software generally needs a lot of filtering and massaging before it can be put to use.”

Ah… then how are you supposed to figured out what you own? You need to have an asset management tool to get an inventory, collect software usage information and to help with the software reconciliation process.

If you choose the wrong inventory tool, then yes you do have to do a lot of post-processing to the data to clean it up and make sense of it. That is why you need to a tool that does some thing more than grab all of the file header information about the executables on a machine.

But even if I did have a tool that took a lot of work to get useful information out of it, that is still better than NOT having the information to begin with.

They briefly mention the new ISO 19970-1 standard for software asset management…

Monk said a potentially more useful development was the release of the first part of the ISO 19970-1 standard for software asset management. “It has its shortcomings, mainly because so few software suppliers have signed up for it, but once it goes through several iterations it should plug a gap,” he said.

I think this is a good step forward, but I would ask Mr. Monk a quick question… you think this is potentially useful for people, but the spec says you need to have an inventory – so you must need an inventory tool in order to do it?

I do agree totally with the last piece…

“For small and medium-sized enterprises in particular, what is really good is that it sets out the processes and procedures firms need in place to do things properly. In other words, it tells you how to buy, approve, install and manage software – and a lot of firms need that kind of guidance.”

There is no tool out there for fixing broken processes and that is the biggest issue I see, most companies don’t have a firm set of policies and procedures in place. Or if they do have these defined, not many of them actually enforce them.

Exodus of Windows 98

Here is a PRWeb story about the end of life for Windows98 highlighting the need for an asset management program. I’m always a little stunned by how many corporate customes I visit are still running Windows 98 in their environment, some times because an application relies on it, but a fair number of times it is just because they haven’t bothered to upgrade their machines.

If Microsoft can’t get people off of Windows 98 in the corporate environment, how easy do they think it is going to be to get them to move to Vista? This is going to be a huge change for them. Odds are they have a large block of machines running 2000 or XP, but still it makes you think.

I do agree with a this statement…

“This situation highlights the importance of really understanding what your corporate assets are and how they are used,” explained Szablowski. “Without a clear picture of the downstream impact of an operating system, including the software and the business functions that will be impacted, you cannot prepare appropriately for the change.” To upgrade Windows 98 to Windows XP, an analysis of RAM was required to determine the number of machines that required an accompanying hardware upgrade. “Unless you can hone in on the systems affected, you are stuck upgrading everything. The money wasted on even one botched upgrade project cost-justifies IT asset management.”

Another Microsoft SAM Story

Here is another story about Microsft and software asset management. In this story Microsoft is saying that a SAM program isn’t an audit, which is some thing I totally agree with. But they way in which Microsoft is going about this really seems like an audit.

What I am taking away from the story is basically this… Microsoft mines a lot of the software purchase history to see what people own, if they notice some irregularities in the information they find, they will contact you, offer to have a third-party come in and help you figure out what you really have installed and what you really own.

So Microsoft is trying to talk people into a Software Asset Management program, because Microsoft is our fiends, via a sort of intimidation process. That is where I don’t agree with what they are doing.

There is so much you can say about this, read the whole story.

Desktop search tools a risks?

About two months ago, I was at a customer site and they wanted to know if I could identify what desktop search applications were installed on their machines? I knew I could do this, so I brought up a report to show the various applications and they seemed to be happy with the results.

This was the first time I had been asked for this type of report, so I asked them why there were looking for this. It turns out that they were running into issues with people installing the new Google desktop search tool and enabling the option that allows them to search multiple machines. When this option is enabled, the index information is stored on external servers.

This was viewed as a large security issue and a policy was being put in place to disallow this software from being installed by employees. In the meantime, they needed to make sure they could identify the computers with the software installed so they could get the IT staff to uninstall the software.

I think this covers several different areas of desktop management:

• should end-users be able to install software?
• do companies have a software policy in place?
• do employees realize there is a software policy?
• does the company have a method for identifying unauthorized applications on their machines?
• do the companies have a means to block unauthorized or rouge applications from running on these machines?

All of these issues highlight the need to have some sort of resource management system in place:

• that regularly inventories the workstations to identify what applications are installed, so you can detect unauthorized installations
• that can enforce policies on the users and workstations, so they don't have the rights to install software
• that can deploy authorized applications to the workstations, so that you can deploy applications to locked down machines
• that can block or disable unauthorized applications from being run on the workstations, for those situations where you can not lock down the users desktops but still need the ability to control what is being used on the machines.