Brian, Interesting story. I have to ask: given that at that point you had evidence that they were running unlicensed code, why not just send them a bill? The unspoken "next call will be from our lawyer" might should be convincing, no?
On Mon, Feb 26, 2018 at 9:27 PM, Brian Westerman < [email protected]> wrote: > If someone violates a copyright, there are legal and I think criminal > penalties. But I doubt the FBI will get involved if you decided not to pay > CA for using Panvalet. > > You can't over simplify the issue and decide categorically that all > vendors that want to "protect" their software are bad. Just like people, > there are indeed some bad vendors, whether or not they have product > "protection" doesn't enter into the equation. > > How would a vendor even know that someone didn't take a "personal" copy of > their unprotected code from site A to site B? Does that happen, it sure > does. > > Microsoft did a study several years back on how much time they spent > fixing problems and helping people who had pirated copies of their code, > and it was something on the order of 38%. That didn't mean that 38% of the > people running Windows were running pirated copies, just that during their > study, 38% of the people who called gave pirated copy codes. > > They were losing more money on the support of the code for the pirated > versions than was deemed "acceptable". The same problem can (and likely > is) true for other vendors. Several of our Syzygy products come with parts > that are not protected by keys or code. We frequently get calls from > people who are not out customers to fix (usually the same problem over and > over again) problems with the unprotected code who are not very happy when > we inform them that we can't offer them support for the code without them > being an actual client, but that doesn't stop them from trying. > > We had a person, just a few months ago, (who is a member of this list and > knows who I am talking about), who called with a "problem" for our SyzInfo > program (it's a small program we send to sites to display their site > information, CPU, LPAR, SYSPLEX, MEMORY info, etc., a lot of interesting > information) because they just got a z13 and our code supposedly didn't > support it yet. It worked, but didn't give "completely valid" results. We > actually added support for the box over 18 months before it came out, so we > were fairly perplexed. When asked for his site-ID, he gave it, (it turned > out to be one from his old site) and we emailed him the new code for his > whole product matrix (4 complete products and support modules). Then we > received a call from him to tell us that the new products would "no longer" > operate on his CPU. When we asked for the CPU type and serial, he gave us > his old serial from the old shop, so the client support people re-verified > and sent out a new copy even though there was no real changes made. He > told us that it still didn't work so we asked him to execute SyzInfo and > send a screen print of the results. Instead of the screen print, he > "supposedly" cut/pasted the results which showed that the product thought > exactly what was running was what we shipped. He escalated the problem > (which sent it to me), to be resolved, and I asked him to re-execute > SyzInfo for the screen print and got the same cut/paste thing, but it was > different from the original one he sent the day before. The new one had > several of the values transposed and the CPU was now a EC12 not a z13 as he > had originally reported having the problem with in the first place. I > called him and got one of his co-workers who told me that they were not > running our code, and he had no idea what I was talking about. It turned > out that they were running a z13 and never had a EC12 (they upgraded from a > z10 recently). I explained what had just happened and was told that he > would talk to his boss and that they would handle the "problem". > > We never heard back from the person or that site again, but they still > participate on this site. When I contacted their old site to ask if things > were okay, I was told that they were going great and they had no problems > whatsoever, but that the person I was asking about no longer worked there > and had not for well over 2 years. > > Now, I realize that it's just one occurrence of a bad person, which does > not make every one bad, but in our case, we expended probably 30 man-hours > of time on a problem that didn't even exist. How many of those could a > small company, or even a large one absorb? > > I would like to say this is a one-time occurrence, but I can't. Similar > events happen several times a year, but normally it doesn't get to me to > fix because they discover much sooner that something was amiss. > > Our products have built-in protection, actually they all have 3 separate > protection mechanisms. We offer free trials that can go up to several > months when necessary, and every product has a built-in allowance of extra > time after the expiration date and we warn well in advance of the time > left. Some of the products even tell you every time they execute how many > days are left, which of course can be turned off (except for the last 30 > days). > > Most vendors don't have a way to enforce voluntary compliance, but I > believe that the vast majority of them have some sort of protection built > into their products. And while most people believe that IBM does not keep > track of product use, they would be wrong. Is it possible to get around > the protections? You bet. We believe here, and I'm sure that most other > vendors also believe, that he vast majority if not all of our clients are > extremely trustworthy, and likewise we hope they think we are trustworthy > as well. > > Wasn't it Ronald Reagan who said, "trust, but verify". :) Who would I be > to argue with the great communicator? I worked for him for 6 years, he was > no dummy. > > So, I also agree that this shouldn't be another long drawn out fight over > "to key or not to key", and I also realize that there are some sites who > might not run our products because they are protected. I don't think it's > too many because we have over 700 clients. > > I realize this is going to sound facetious, but when I first read some of > the rants from people complaining about how they are not trusted I can't > help but wonder if they lock their homes and cars. Do they put the WPA2 > passwords on their routers? Do they have a pin on their phone? And if so, > is it just that they believe that everyone should trust them, but they need > not trust everyone else? > > I don't expect any non sarcastic responses to this, and I probably > wouldn't read them anyway, (yes I will, but I probably won't admit it), but > sometimes I wonder about how people can divide their lives up so simply and > exactly that everyone else who doesn't do something "their way" is > "wrong". Is that a sure sign that I'm getting old that I have a hard time > understanding why there seems to be no such thing as grey any more. If > you're not 100% "good" then you're "bad", or more likely, if you're not > 100% "like me" then you're "bad". > > What happened to diversity? And why get so virulent about it? > > Hopefully this won't start a full rant from anyone, but I'm sure it will, > especially from the guy who I told you about above. > > Brian > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN > -- zMan -- "I've got a mainframe and I'm not afraid to use it" ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
