Corporations Suffer Microsoft Activation Bug 744
Uncle Bob writes "Trustworthy Computing, eat your heart out! As of the 2003-04-14 update, people are reporting that Office 2000 SR1a is now asking to be "registered" again. And again, and again. Very little information has been posted on the traditional news sites (the only link I could find was The Register. Note - The Register's story is not quite accurate, but the registration bug is real. Our company with approx 80,000 PCs has been hit...."
80,000 (Score:-1, Insightful)
Yay for not upgrading (Score:4, Insightful)
QC? (Score:5, Insightful)
My company is not affected, though. We have a few Office 2000s installed, but they work without trouble. My school, on the other hand, changed to OpenOffice a year ago. Guess that's the safer choice for now ;)
But seriously: If Microsoft keeps making mistakes like this one (which effectively costs a LOT to large companies), they're pretty much giving away a huge market share to open source. Thank God they are (still) so incompetent!
Ahem... (Score:4, Insightful)
I'm looking forward to a day when BSA (and other above-law organisations) will enforce all win users to buy ms licences for everything they use. That'd be a happy day for Linux.
Re:upgrade (Score:5, Insightful)
Is OpenOffice really there yet? During our final presentation last week in a CS class, a fellow was trying to explain to the teacher why his entire presentation featured scrunched up, barely legible text. "I created it in OpenOffice and brought it into PowerPoint," he explained, as the class laughed at at him.
I'm not saying that it's not a good product, but is it ready for prime time?
Re:80,000 (Score:3, Insightful)
Dell is the next windows gatekeeper.
Change the system time !!! (Score:1, Insightful)
Microsoft products are like some big ghey shareware program you have to re-set your system clock to continue to use their buggy half-assed bs programs.
Am I missing somthing here or did I drink too much beer while watching the Leafs loose to Philly last night
Re:80,000 (Score:1, Insightful)
Not cost effective (Score:5, Insightful)
The main cost here would not be the licensing, but rather the training until the same level expertise is reached with the new system for the workstation user (lost man hours, actual cost of training etc.) and support costs.
I don't know what the acceptable standard is of system administrators to users, but lets say 100 users need a support staff of 3-5 people (depending on the field of expertise, shifts, back up personel, crisis management etc.) to gurantee uptime somewhere near 99.9% of the time. The avg. college kid can probably work as an intern in a lot of these when it comes to M$ based solutions, but when you go off into the world of Unices, where people actually need to have a basic understanding of what is happening support costs (and the avg. wage of the staff) would skyrocket. So grudgingly, I have to say that Open source would probably not be the answer for them, unless they phase it in through usual upgrade cycles and develop an efficent system for training (and that is very much an 'if')
Re:80,000 (Score:2, Insightful)
This comment is not even close to being "insightful" its simply a whore's ploy to suck up to the slashdot mentality by offering a canned statement. For this opinion to be insightful, some sort of evidence would have had to be expressed.
Furtthermore, if this was in fact a satire of the slashdot community, as I must wonder if it is, then that should have been made far more apparent.
CollegeBlows.com [collegeblows.com]: Because College Blows.
Planned obsolecense... (Score:2, Insightful)
I, however, am unaffected by this tragic event. I'm a happy Apple Macinotsh owner who uses Mac OS X and OpenOffice.
Really, there is no reason why corporations have to stay with M$; OpenOffice is good enough for the average business user.
Re:80,000 (Score:0, Insightful)
Anyone that mods this down probably also hasn't used OpenOffice.
Remember: OpenSource is only free if your time has no value...
good example! (Score:5, Insightful)
This is a problem that PHBs, legislators and your dear old granny can understand, so spread the word.
Re:upgrade (Score:4, Insightful)
The student deserved it. He should AT LEAST have ran through it once on the presentation setup, to catch any bugs like that. (We do that here at work, and we all have the exact same system.)
OoO isn't quite ready for prime time yet (see last 2 journal entries). It's getting better and better, but it's still behind Office in too many areas to perform a coup.
Re:This hit us. (Score:2, Insightful)
Re:upgrade (Score:5, Insightful)
The only way to _really_ be sure that something looks exactly right in two places is to use PDF.
THe same thing would have likely happened in many other cases not involving StarOffice at all.
I'm not saying StarOffice is perfect, but people seem to be blaming StarOffice for every little problem they have, completely ignoring the times when they happen on their current system, or even when it might not be StarOffice that's at fault.
One thing I love about the latest StarOffice beta is that it allows you to convert PPT files to Flash for web usage - that's a cool feature!
Why is it (Score:5, Insightful)
Apparently it's affecting few systems, and not every install of SR1a, else it would be major news and be covered by mainstream media, and there'd be a downloadable patch or something.
Could it be some sort of user error? Installing as an unprivelidged user, or using some automated registry cleaner? Or Gator? Gator wrecks a lot of stuff, ya know.
It isnt affecting anything in our office, or any of our clients.
Is it possible that linux zealots are making a mountain out of a molehill? Nah, that's unpossible.
Re:QC? (Score:4, Insightful)
Re:This hit us. (Score:5, Insightful)
All the big wigs here think open source software is way too buggy to be trusted. At the same time I see them complaing about Microsoft bugs, and think to myself... "Lets assume for a minute that OSS is buggy, but atleast you are not paying for it!"
But I dont care. I tried on multiple occassions to save the company money by advocating the use of open source libraries, and enhancing existing libraries, instead of writing them from scratch or purchasing a commericial one. I was made dismissed as being another one of those 'linux geeks who have no understanding of how business works'. Who knows? perhaps they are right. But I'm never going to try to propose an open source solution to a problem to this company again. Besides, I realized, that if my suggestion DID save the company money, I wouldn't get much out of the savings, all of it would go into the pockets of the top few. Whats the point?
Anyway, as far as this bug goes. Microsoft will probably have a quick fix available on their website soon.
Re:upgrade (Score:3, Insightful)
Re:This hit us. (Score:3, Insightful)
And you didn't fix it? That's just bad networking.
MAP ROOT S:=SERVER/Volume:USERS/$USERNAME
Tell the users to save ALL files on S:\. Now set your office prefs default directory to S:, and 99% of the time the user won't even know the difference.
IMHO, in a Windows environment, MAP ROOT is a PITA. :P
But what are you using Windows as a file server for? Ahh, you're paid hourly
Re:Sweet. (Score:5, Insightful)
Re:This hit us. (Score:5, Insightful)
From a practical point of view, who verifies the costs? What if I report to Microsoft that my 100 person support team spent two work days dealing with some small bug. And by the way, our support people make $250k/year.
As nice as your proposal sounds in terms of fairness, any person or company has two choices in software:
1) Use Microsoft's products and take what they're given.
2) Don't use Microsoft's products.
The parent poster's company has made its decision. They should deal with it.
-B
Re:Ahem... (Score:3, Insightful)
Read the article. This bug affects only the corporate versions:
Re:This hit us. (Score:2, Insightful)
Be careful how you say things like that and when. During negotiations was probably a bad time, as the people you were pitching the idea to were pre-occupied with other matters (ie, they couldnt use office).
WAit about a week til after the storm dies down, and management may be more willing to listen to new ideas.
Also a BIG thing to NOT do at any point in that process is gloat about "I told you so's" - it makes the gloater look bad too.
Re:Just a bug (Score:3, Insightful)
All of these are excellent products and I can have them for nothing if I want. How do you explain how they got to be excellent products, given your "business model" argument?
Re:This hit us. (Score:4, Insightful)
Yeah, they won't notice the difference because they will still save the files on their C drive. At least that's been my experience.
CF Iraq, Palladium, the DMCA: Silence != Not Real (Score:5, Insightful)
Or (much more likely) many of those same "news" organizations use the very product they cannot use today.
Though I say that somewhat tongue in cheeck, it is quite possible Microsoft is excersizing its economic and legal muscle (threat of lawsuits etc.) to keep a number of customers and news sites quiet.
Another factor is quite possibly that most people (rightfully) mistrust Microsoft and only upgrade when they are compelled to (e.g. purchasing new hardware, renewing a support contract with the Evil Empire, and so on). That being the case, most people who have stayed away from XP (the majority of Windows users), and those who are running old-enough versions to be unaffected, will not have been so crippled. This time.
Whatever the reason, this is akin to the lack of DMCA criticism seen in the mainstream media (which is a part of the very cartels benefiting from the DMCA), the lack of skepticism in the reporting of "trusted computing", "DRM", "Palladium", et. al. Clearly it has been reported in a couple of places, and very obviously it is affecting a fair number of people.
Silence doesn't mean nothing is going on. The fact that a few journalists have enough integrity to point out a story others either can't, or won't, report doesn't mean there is nothing going on. Did you really expect MSNBC to say something bad about Microsoft's core strategy ("trusted" computing)? They may hold their punches on bug reports and security alerts, but with something this important to their long-term monopolistic strategies you can bet they'll pull all the stops out to keep things as quiet as they can. We have seen such strong-arm tactics in the past WRT PC Magazine and others, back in the late 1980s and early 1990s when Microsoft was building its first monopoly. Expect to see such successful tactics used in a similair fashion as Microsoft seeks to encode its monopoly into every PC at the hardware level, and into every program at the software level through trusted key exchange and encryption protocols (Palladium, TCPA, DRM, etc.).
Whether or not this particular instance is an example of such strong-arm, corporate censorship and intimidation isn't really important (I merely point out that such things have come out of Redmond in the past, and can be expected to again), it is important to remember that, in a Palladium/TCPA/DRM/Microsoft world, the ability of anyone to report any kind of failure of this kind will be reduced to zero as more and more people adopt such crippled technologies. For purely technical, if not both technical and political/litigious, reasons.
The only real protection for people's data, freedom (including that of expression), and their ability to use the hardware and software they have purchased is to use uncrippled software. Right now those choices are limited to Apple and Free Software (on the consumer end), and to various non-Microsoft systems on the higher end (workstation/server). Of all those, only free software is guaranteed to remain uncrippled in perpetuity; all of the others can (and will, if it is deemed to be profitable) cripple their software at any time in the future whenever they so desire.
Which is why anyone taking a long term view toward protecting and preserving the integrity and accessiblity of their data must at least consider using free software, and deploying it wherever possible.
Open formats are good (and important), but open implimentations are really required for true safety. What good is an open format if only one company has adopted it, no free software to read it exists, and that company goes under? Not much, particularly if that format is difficult or cumbersome to impliment. Now you get to pay someone to reimpliment that open format in order to get at your data
Re:Why is it (Score:1, Insightful)
Hmm... did someone issue a press-release about it? The media is incapable of independent thought.
Passing the buck... (Score:5, Insightful)
On the other hand, if they choose an open source product, if there is a bug, there's nobody to pass the buck too. So the manager is taking on the burden of responsibility if that software does have bugs in it. He'll be perceived as exposing the company to unnecessary risk just to save a few bucks.
This is part of an overall attitude problem in corporate america. Managers, generally, suffer more for a mistake than they gain for a success. Success is expected, that's doing your job. Failure is incompetence. Of course failure caused by an effort to get the company ahead of the game is still failure, so why take the risk. Hire contractors, and pay for software vendors because if there is a mistake you just dump the blame onto them, cut ties, and your job is secure.
Re:This hit us. (Score:4, Insightful)
Yeah, they won't notice the difference because they will still save the files on their C drive. At least that's been my experience.
I've been doing this at different companies for 7 years from Win 3.1 to Win2k. If they have files on C:, move them to S:, change their default save locations, tell them to save everything on S:. S: is their personal home directory.
Once their default locations are changed, they have to PURPOSELY save to c:. If you've informed them in writing, AND you've made these default changes, any lost files due to workstation issues is entirely the fault of the user. They can bitch an moan all they want, but if you lay it all out for them, there's nothing that can touch you.
You can say, "Hey, I did this, this and told them that. Their workstation is configured to save on the server, and that user decided not to. There isn't anything more that can be done, they need to change their habits."
If need be, include the S: drive notification with the information you give new users (passwords/email addr/etc). Make it a template, standard form, whatever. Make SURE they know saving on C is nothing less than reckless.
Re: This hit us (Score:2, Insightful)
If only everyone would adopt this policy: MS would either die off, or be forced to do some proper testing if we all refused to do their testing for them!
Apple/Orange comparison. (Score:4, Insightful)
I mentioned that [...] and she said that they discussed it many times, but they ran figures on how much money they spent/lost just switching from one *program* to another (training and help desk support), let alone to a whole new operating system [,,,]
Their concerns are genuine. But their experience has no doubt been largely with switching between one Microsoft- or Mainframe-based application and another. Things may have changed a lot.
It's a pity she's no longer with IBM. Since they're now spending billions on Linux support her department would have a well-funded in-house helper and upper-management buyin for an experiment the next time the issue came up. (And her department's management would get interdepartmental-cooperation brownie points for trying it, too.)
Such an experiment for IBM would be a benefit regardless of the outcome. If it failed, the Linux people could analyze why and help the open-source community fix it. If it succeeded they could trumpet it to the business world in their next press push. B-)
Re:Passing the buck... (Score:5, Insightful)
Re:This hit us. (Score:2, Insightful)
Well, if you're that big a company, you have a professional IT department that performs each upgrade on just a few systems to make sure it won't do anything nasty, right?
This is a problem with procedure, not specific operating systems or programs, and any intelligent IT person will realize this- if you keep claiming "see see, told you so, we should be using linux", you'll be labelled what you are- a zealot, and worse, someone who's doing -zero- to solve the problem.
You don't roll out something unknown to the whole friggin' company...you roll out upgrades to a handful of people, and make sure it goes smooth...and THEN you deploy it company-wide. This was one of the very first things I learned playing IT-guy for a small company.
Had you test-deployed the service pack to a select few machines, you wouldn't be having this problem, now would you, hmmm?
Re:Hit most of my ex-clients too (Score:5, Insightful)
I don't understand. What kind of place would install an update on 20,000 computers without testing it first? Somebody (besides Microsoft) fucked up big.
Re:Passing the buck... (Score:3, Insightful)
If you propose something different, you will have to take the responsibility for it, no matter wether it's open or closed source.
My thoughts on security. (Score:2, Insightful)
Why attack the encryption algorithm directly? Instead reverse engineer and bypass the parts of the OS that invoke the license checks. Or fool the probes which try to determine your hardware signatures. "Borrow" a key. Or for that matter just be sure to run IIS, as it lets perfect strangers run any applications they want on your computer, it should just as easily let you use your own computer too without any security checks
I do have two important observations though:
Re:sue? (Score:4, Insightful)
The lawsuit should be by the stockholders of a company, against execs that sign large licensing agreements with Microsoft after this incident. Microsoft fuckups are now a historically established and well known problem. Only an incompetent (or corrupt?) executive would flush company equity down the drain like that, or take such huge risks in the future. That would be wilfully negligent mismanagement of someone else's assets.
I hate to say it... but it might be worthwhile to examine such an executive's own portfolio, to see if they have anything to personally gain by transferring funds from the company where they work, to Microsoft. Although I'd certainly hope it's not the case, it may be that there's more going on than mere negligence.
Nah, I'm being paranoid. Nobody running a large company would do anything against the interests of stockholders for their own personal financial gain. Just forget I said it -- it's so inconceivable.
Re:This hit us. (Score:5, Insightful)
Microsoft's entire marketing scheme counters this rather wise statement. They want people to use automatic updates. They want to be able to push out EULA upgrades at will. They want this control over companies very badly.
It's too bad that the companies only learn after it is too late.
bad attitude (Score:3, Insightful)
That mindset has always been silly and now it's dangerous. What happens to a moron who keeps buying stuff that sucks when he could get stuff that works for much less? Hmmm? The test case implementations of Linux enterprise wide are out and enough people know about them that it's in Forbes and the Economist read by the big dogs. The folks mindlessly clinging to M$ are going to be reduced to very few and fired. They can then go home and practice with pirated XP junk till the BSA hauls them to jail.
Re:This hit us. (Score:2, Insightful)
So you're supposed to test an update for how many years before employing? This is Windows 2000 and Office 2000!
I don't see anything in the article about this happening only to sites which recently upgraded to 3 year old software, but I could have missed it.
Institutionalized Stupidity (Score:1, Insightful)
Maybe the people in your company should have had the brains to buy the enterprise version, which doesnt need to be activated.
I will now resume laughing at you.
Re:Hit most of my ex-clients too (Score:2, Insightful)
You test it on one machine 2 weeks ago, it works fine. You roll it out to 20k machines, it works fine. The date occurs and you're hooped.
Re:Passing the buck... (Score:4, Insightful)
The problem with that argument is this: do you actually see Microsoft or any other software company actually _accepting_ laibilities due to bugs in their own software? So there's really no one to pass the buck to, regardless of who wrote the software, open or closed source. I guess at least you can _blame_ Microsoft and be somewhat out of the hot seat, but they would laugh at you if you want compensation for broken software.
Tie to grab (Score:3, Insightful)
The solution is rather obvious: when you propose an Open Source Software solution, you must also include the costs of paying someone else (such as IBM) to provide support.
Re:fire the sysadmins who installed it!! (Score:1, Insightful)
Honestly, when this patch initially came out, months and months ago, the systems were tested, and they worked. Then the 80,000 machines were upgraded, and ALL WAS WELL.
These sysadmins can't see the future. How is it their fault that there was timebomb code in something they installed? You're about the 4th poster to make your point, so many of you don't seem capable of thinking this bug through.
Why else would MS be saying a clock-rollback is a solution?
Re:Makes me glad (Score:3, Insightful)
Indeed. If some organization could get 1/10th of the income Microsoft gets for MS Office, I'm sure they could develop an Office suite that kicks MS Office's butt, and still have a few billion $ left over for, I don't know, a couple Ferraris and Porsches for every member of the development team. The amount of money companies all over the world collectively pour into MS is ridiculous.
Re:This hit us. (Score:2, Insightful)
Re:Hit most of my ex-clients too (Score:5, Insightful)
Re:Piracy (Score:2, Insightful)
I remember one day i was at the bank. The security guards there suddenly(due to an error in their training) forced all the ligitimate costomers out of the bank and in to the street, then they blocked the door so noone could get in. Stopped everyone from getting any business done that day. The security guard vendor had to come to the bank and replace the guard before the bank could open again.
Re:Piracy (Score:3, Insightful)
If that's ever happened, it's time to find a new bank.
Not Just Corporations, and Not Just Office (Score:2, Insightful)
Re:This hit us. (Score:3, Insightful)
Or when they disconnect their portable, and take it to a meeting?
Sorry. There's lots of environments where "save everything to the file server" is *really* bad advice. (And of course, many where it's good advice.)
But OpenOffice is actually NOT FREE? (Score:3, Insightful)
Plus, OpenOffice is totally free.
Since you're using OpenOffice at your company, you might be interested to know that you could be in violation of the gpc (general polygon clipping library) license. gpc, which is often mistaken for a GNU item since it starts with a 'g', is required to build OpenOffice. However (and I've never seen this mentioned or reported anywhere), it comes with a very restrictive 'non-commercial-use' license. Presumably anything linked with it (like OpenOffice) should also be considered for 'non-commercial-use' only as well, right?
To me this is a major problem. I'm also not thrilled to see it require Java. We need a good free, open source office suite for free operating systems, but I don't think this is it.
Re:Passing the buck... (Score:3, Insightful)
Large companies don't want the long, sensible answer, they want to quickly be able to point the finger at someone (Microsoft, or whoever allowed OSS to be used) and be gone. That's how they usually deal with problems, and this is nothing that may come to you as new. The details can be worked out afterwards.
I am not saying that line of reasoning is right, but that it's usual, so some people feeding kids think they are more secure beign able to blame a large company (not to be able to get the lost productivity back). This is where IBM, Oracle and some others come to play. OSS image must improve to the point where one can simply state "we are using what the most sucessfull companies use" and carry on to apply the patch that by then is surelly available...