April 2002


Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Steve Cavrak <[log in to unmask]>
Reply To:
Departmental Technology Coordinators <[log in to unmask]>
Mon, 8 Apr 2002 16:02:50 -0400
text/plain (59 lines)

A New High in Underhanded Licensing
  April 1, 2002
  By Bradley F. Shimmin

I'm no software pirate, but Microsoft's newest venture
into software licensing has me tempted to raise the
cannon and fire a few shots across Bill Gates' bow. It
appears that with its recent release of Office v.X for
Apple Mac OS X, Microsoft has come to a very distinct
conclusion: Users and administrators can no longer be
trusted to comply with the company's EULA (End-User
Licensing Agreement).

Customarily, a single-user license agreement lets a user
install two copies of a product, presumably on a laptop
and on a desktop machine. Vendors have relied on users
to honor this two-machine rule.

In an unprecedented move only John Ashcroft could love,
Office v.X enforces the rule using a little UDP (User
Datagram Protocol) magic. Whenever you start up any
Office application, it throws out a UDP packet, which
includes your license code to Port 2222 on your local
network. If another machine responds from that port with
the same code, your local application will terminate
with a polite notification that you've exceeded your
license. The idea is that both you and your Office suite
can exist in only one place at one time.

The good news is that Office doesn't seem to be
notifying Microsoft of any accidental or purposeful
piracy attempts. The UDP traffic simply bounces around
your LAN. The bad news, however, is threefold: First,
users can't split Office applications across two
machines, so you can't run Entourage on machine A and
Excel on machine B simultaneously. Second, there's no
such thing as an incremental license. If a home user
wants to run two different Office applications on two
different machines, he or she has to fork over an
additional $499. Third, by using standard IP
technologies (such as UDP), Microsoft has opened up your
machine to a host of denial-of-service attacks. All a
miscreant needs to do is run a malformed header against
Port 2222 and, presto, Office v.X will crash.

For now, I'm certain many users will risk conducting a
bit of UDP-port-blocking magic of their own to
efficiently exercise their own Office v.X licenses--or
simply to secure their own desktops. My hope is that
Microsoft, in turn, will look a little more closely at
its licensing options before enacting draconian
measures. Here's a hint: An incremental $50 license
extension per seat would meet many users' budgets.

-- Bradley F. Shimmin, [log in to unmask]