Symantec Hit by Product Activation Glitch

An anonymous reader writes "According to this article, Symantec has hit a snag in their product activation scheme. On a certain machine, the software machine would always ask for the activation when the computer is started or restarted, despite the fact that they have thoroughly tested the scheme." According to the article, Symantec has finally managed to replicate the problem, and those hit by the bug are asked to contact Symantec's support channels. However, there's no mention of a fix yet.

Re:Oh for the love of god

[tomstdenis]

This is showing evidence in favour that activation schemes are just plain bad business. E.g. the potential money you save by hindering piracy minus the lost sales due to pissed off customers => positive or negative?

This message was brought to you by the Manham Canning CanManer Tom St Denis.

Honest users the victims

[Gavin Rogers]

How many times do we need to see stuff like this?

Product activation only irritates legitimate buyers of software and all it does to software piracy is encourage hacking or mass duplication of enterprise edition CDs.

When you have legit customers using 'pirate' discs because the product activation features annoy them (or completely prevent them from using the software at all) you've just backed the slowest horse in the customer satisfaction race.

Is anyone surprise?

[Darth_Foo]

It's not like M$ didn't have the same snags over two years ago with XP. Product activation schemes are just another flavor of compatibility problem that the software/hardware industries have been having since the first geek stuck the first expansion card into bus slot. Try as they might, coders always miss SOMETHING and no matter how many hardware and software configurations are tested prior to release, there will always be more combinations than they can test.

Problems!

[hookedup]

Product Activation on products as important as antivirus apps is bad IMO. When average users are confronted with this, its easy for them to get frustrated with, and what happenes when average users get frustrated with software? They dont use it.

As with all stories about virri, here [grisoft.com] is the link to a FREE Antivirus app.

Yeah...

[CFBMoo1]

This is exactly why I bought a copy of McAffee's. I didn't want to have to deal with product activation on windows with something that could protect my data. I think of product activation in this case as getting mugged in a street and having a cop stand by while your getting mugged cause you didn't give him the product key for the taxes you spent.

Although I heard from a relative that they got billed by McAffee's even after they told them to cancel their subscription for virus updates. I was told they were basiclly ignored by the company. So if you have to run windows be very careful what you get when your dealing with anti-virus packages.

It's sad really, all of this adds the the nightmare of maintaining a windows system. My linux box has none of these problems and was 10x easier to install then Windows XP. (Mandrake 9.1)

When will they learn?!

[rs6krox]

Remember back in the day, when copy protected 5 1/4" floppies were all the rage? The software would lock up and freak out. And within a couple of days somebody would post a program to copy the disk without the protection to your local BBS. Sometimes just copying the floppy would make the software more stable. Remember dongles (some companies STILL use them)?! Remember the dongle remover programs that tricked the program into thinking there was a dongle there when there wasn't?

Copy protection rarely stops piracy, and usually screws with the customer. Online activation is just the newest wave. Even M$ can't get it right. Has anyone met somebody who really really likes online activation?

IMHO, the best way to fight piracy is to have a great product that's reasonably priced. And the purchase price buys you support and updates. Each CD key can only register once for a support/update password, so those who pirate the software don't get support. And catching a pirated key/support p assword combination is as easy as running your HTTP logs through an analysis program.

No vendor will ever completely stamp out piracy, the best they can hope to do is making purchasing the product as attractive as possible.

Re:Oh for the love of god

[AllUsernamesAreGone]

It will always be negative. Always. Those who support copy protection tend to be in two camps - those who believe copy protection actually works (also known as the group who have their head so far up their arse that they can count their own teeth) and those who admit that copy protection doesn't prevent the pros copying the product, but it does prevent "casual piracy". The former group obviously has a connection with the planet more tenuous than that held by someone on an LSD trip so they can be ignored. The latter group sounds reasonable, until you realise that, on the whole, "casual piracy" isn't Joe Sixpack giving his mate a copy of the original CD, it's Joe Sixpack giving his mate a copy of the cracked CD. So It doesn't even have that much effect on so-called casual piracy either. So you piss off your customer base for a tiny reduction in copying, while the number of cracked versions in the wild will probably increase because the customers that actually want to use the product, but don't want to put up with the activation, will use the cracked version.

It is utter, complete and total stupidity.

The only explanations I can come up with for companues that actually waste their time on this crap is that the decision makers don't even know what these computer things are, they need their collective braincell examining or it's related to insurance premium reduction.

Re:Honest users the victims

[Nogami_Saeko]

I'm waiting for it to hit the fan over Adobe's product activation that's required on their new "Creative Suite" products (ie: Photoshop and Friends).

Just like XP, you have to let your machine either contact Adobe over the internet, or phone their customer service number to get the activation code that's locked to your individual computer.

Oh yes, and apparently you can only activate twice over the internet, then you HAVE to phone their CSRs to explain why you're not a pirate giving copies to your friends to justify additional installs. Guilty until proven innocent I suppose.

I'm willing to bet there's going to be a backlash against them similar to the Intuit tax activation fiasco.

N.

When will they learn? (My rant)

[Anonymous Coward]

Product activation doesn't faze the pirates, all it does is enrage legitimate buyers and drive them to competitors (or to pseudo-piracy themselves).

Last week I started setting up two new G5s for a client. They use QuarkXPress, the 6.0 version of which has adopted product activation (I've been steering all my clients to Adobe InDesign, but this particular one was willing but unable to switch for some reason). Any Mac people reading this who historically know how bad Quark is can see where this is going. Three times, I retyped the two codes on the sheet that came with the upgrade CD to activate the software, and I'm punching the damn things in correctly-- what do I get? "Invalid serial number." So I have to call these fucktards to get this shit activated, which I'm not doing until I have the second machine running, so I won't have to call a second time if that one fails as well. And after I clone the build to the second G5, I'll have to uninstall the Macromedia shit they got and reinstall and activate it, because that has activation as well. What a colossal waste of time.

And all of these companies make it such a fucking hassle to get a multi-user install code, that when I do a build destined for multiple machines I just have clients buy single-user licenses so they're covered, and I install the shit with warezed site-license codes. Why doesn't every company simply offer a web page where one can go, punch in all of their single-user codes for a given product, and in return get a single code good for that number of licenses? I don't have time to sit on hold with the Volume Licensing Department, I have work to do! And Quark, those fucking bastards CHARGE you to consolidate licenses, so I just used warezed multi-user codes for them, too, as long as my clients have enough single licenses to cover themselves. You can take my Office v.X Volume License Edition install CD when you pry it from my cold, dead hands-- no more typing in those stupid fucking codes from MS, either.

Oh, and speaking of MS, last week I had to add 5 CALs to a client's Terminal Server. Microsoft e-mailed us two "proof of purchase" type codes, and we had to go to a web site and punch them in to get the actual install code. But did that work? Noooo, I ended up having to call them to get the fucking code. All this jumping through hoops, I ended up billing the client for an HOUR, just to punch in a fucking 25-character license code. It's ridiculous.

As you can see, these anti-piracy features do nothing but waste my billable time (and ultimately my clients' money), and force legitmate users to turn to cracks and hacks and codez to get things done in an efficient manner.

What this post fails to mention...

[ptr2void]

... is what project it is talking about.

Time to fill in the facts, it would seem.

Re:Honest users the victims

[diersing]

I have a legit copy of Windows XP. Because of my work, I rebuild my home machine often to test and validate settings/configurations/builds. After doing MS online activation the first couple installs, all subsequent installs require me to call MS. I have to feed them a 42 digit string, answer a number of questions and explain to them why I've installed so many times, then have them give me another 42 digit string. The process adds 15-20 minutes of pain_in_the_ass to any install.

Linux in public access computers

[s20451]

I've seen the same problem with public access terminals in a library. About half were linux, and the users would only use them if they had to (i.e., all the windows machines were in use).

Maybe, if you charge for use, you could try the following: start with a few linux machines, and charge less for using them -- and hang a little sign saying, "These machines use linux, they cost less because linux is free and windows is expensive". Make them as similar to windows as possible, with similar desktops and behaviors.

People might be willing to put up with something new if it will save them money. Just my $0.02.

Re:Oh for the love of god

[Mr. Dop]

Any lock no matter if its software or physical can eventually be defeated. Actually that applies to any security measure, if it was designed by a human; it can be defeated by one.

All a lock does is keep honest people honest. It will never keep out a determined attacker.

Futile

[t_allardyce]

Software copy-protection is like CD copy protection: its just not going to work: Anything you do to try and restrict software someone will find a way around it simply because every system out there is based on the same line of code:

if(product activated){run product} else {don't}

what ever method they use it all boils down to just running the program or not running it, at the most there will be afew extras that keep checking or individual modules activating, and the most complex might involve running some parts on a dongle but all these can essentially be bypassed. This is why microsoft is so keen to get TCPA off the ground because they know full well that they and most of their windows-developer friends' business models will colapse unless they can totally restrict the platform and have anyones ass if they try and bypass it.

Why would NAV need it anyway?

[nsxdavid]

The interesting thing to me is that the big benefit of the current crop of antivirus programs, like NAV, is that they have this constant feed of updates to stay (nearly) up with the virus arms race. Symantec charges extra for that, and I think they should. I paid the fee gladly and they've keep viruses off my Winders machines purdy gewd.

So the real business model, like the one I rely on at my company, is recuring revenue. That's where the gold is because its multiplicitive with SKU sales. Mmm Mmm good!

End of the day, what Symantec should want people to pass around copies of NAV, but make it so it's only really effective if they keep it up to date through a subscription. I think in this case the subscription is warranted because NAV actually does have to do a substantial amount of work on a continuous basis. You are paying them to be your front lines in an ongoing battle and they, like many of the others, do a good job.

AOL got the model right when they put threw AOL disks out of airplanes for all those years just to get the subs. That model would work for antiviral software and many other things as well.

Re:Problems!

[Dunark]

Product Activation on products as important as antivirus apps is bad IMO. ...

How about that. I'd think the product activation scheme would provide a nice target for malicious code. Why try to outsmart the antivirus when you can more easily make it refuse to work?

Re:Honest users the victims

[hermango]

FYI, one of my jobs at the voice mail company I work for is to design and write the Product Activation code. My stuff works consistently. Why? Because I don't examine the general computer hardware. I look for a piece of hardware (the voice board) that has a serial number in it that I can retrieve. Using that I can get a hard confirmation that I'm looking at the correct thing that enables my license file. It allows us to determine how many ports of voice mail are running, what sort of integration is enabled for what the VM is connected to, and ASL of other extra-money features we have for sale. All the software is on the system we well and it is activated on a per-feature basis by the license file. What happens when the voice board fails, as they've been known to do? Well, we send them a new voice board and a new license file, they send back the voice board. The fallacy of all this "product activation" stuff is that it is trying to do a generalization from stuff that doesn't have hard serial numbers available. And so it works right up until the time that the hardware starts getting changed, at which time it fails. My stuff also fails if the specific piece of hardware I'm looking at fails. The only solution I see to the hardware lock is to have a standard device that every software vendor uses and a standard way for the end user to get a replacement when theirs craps out. And the stuff has to work for some specific period of time after the hardware device fails to give the user time to get a replacement. While I suspect that anything can be hacked, including my stuff, it would take a while to do it. I don't know that there is any one Final Solution, so I just thought I'd throw in mine.

Re:Honest users the victims

[T5]

And this tying of guaranteed accessible serial numbers to individual hardware components is one of the reasons that Microsoft is sticking their noses in the BIOS business. [slashdot.org] That will certainly make things easier for them with respect to product registration, DRM, and the like, as well as provide an incentive for others like Symantec and Adobe to adopt and promote their DRM strategy. "one ring", as it were...

SYMANTEC: PLEASE READ THIS

[symbolic]

I do not purchase software that requires activation.