Frisking the Machine
posted by:Jennifer Manning // 04:50 PM // July 29, 2005 // Surveillance and social sorting
From: Globe and Mail, by Jack Kapica
Microsoft is making new demands.
The software behemoth started a program on Monday that requires users of its Windows operating system to prove their copies are legitimate. If not, Microsoft will not let them get add-ons to Windows XP.
The program, called Windows Genuine Advantage, will frisk your machine to see if it's running an authentic version of Windows. If it detects a counterfeit copy, it will offer two options — users can fill out a piracy report, provide proof of purchase and send in the counterfeit CDs to get a free copy of Windows Home Edition or Windows Professional; or those who just submit a piracy report — telling when, where and from whom they got the software and send in the counterfeit copy — will get either version of Windows at half price.
In the spirit of further generosity, Microsoft will allow users of unauthorized Windows programs to install security-related updates, which are used to plug software flaws exploited by viruses and hackers.
Privacy advocates are looking at the situation closely, but aren't likely to find much beyond theoretical concerns. Microsoft has been collecting information like this for some time, starting with Service Pack 2 for Office 2000, when the company's then-new authentication system not only recorded your Office serial number, but also took a look at the hardware in your machine.
This time, the company seems to have broadened its list of things to look for, scanning your machine not only for product keys, software authorization codes and operating-system version, but also for details on the flow of data between the operating system and other hardware, such as printers.
This latest wrinkle has been tested as an option for the past 10 months on some 40 million users, Microsoft says, and it was such a success that the company has decided to drop the "option" part.
Microsoft has assured users that no personal data is being collected for the validation process, and information will remain completely anonymous. All that will happen is the user of the software in question will be denied upgrades.
This all sounds reasonable, even though the company is broadening its definition of what information it wants from PC users while much of the Western world is passing legislation designed to increase privacy protection in an increasingly digital world.
There are, however, legitimate concerns with Microsoft's actions, such as how the company will extract our consent to divulge the information (most complaints about privacy involve the issue of "valid consent," I'm told by Philippa Lawson, executive director of the Canadian Internet Policy and Public Interest Clinic). There are also concerns about how long Microsoft will keep the information, and whether the company might decide to use that information in the future for purposes not outlined (or even foreseen) in the current agreement.
But I will assume for the moment that Microsoft's intentions are beyond reproach. That leaves me with other concerns.
First, this validation process is being done in the name of stopping software piracy, which is a very real concern in the digital age, especially with the level of mass piracy in the Asia-Pacific region, Eastern Europe, the Middle East and other places. But I have long suspected that the Business Software Alliance, an industry group against software theft, has greatly inflated the dollar value of corporate losses. The BSA — and the Canadian Alliance Against Software Theft, its counterpart here — has issued press releases for some years estimating colossal economic losses to piracy; all appear to operate on the assumption that every piece of pirated software represents a lost sale, and things like lost salaries of software salespeople are folded into the calculation, plumping up the outrage.
Yet much of what constitutes piracy in the more civilized corners of the world is largely the result of the atmosphere that computer users breathe. Software is constantly being upgraded and fixed, security holes are patched and new versions reissued so frequently that every piece of software ultimately behaves as though it's an unfinished version of what's to come next.
It has become an act of courage and expense to upgrade our software — especially operating systems — and wary buyers have come to see themselves as beta testers, always waiting for a finished version. So they approach buying software differently from, say, the way they buy TV sets, which do not need weekly visits to the repair shop. People are naturally chary of spending large sums of money on software that will offer them an unending string of security holes to patch, and then be urged to upgrade entirely within a year or two.
If software companies want to cut piracy, their strategy should include finishing their products, and not treating their customers so cavalierly or so carelessly. That way, buyers might start to consider software as something of value that they're investing in, rather than as a half-baked "beta" product that happens to come in a box.
My other concern is that Microsoft is, after all, a member of the BSA, which includes Adobe, Apple, Autodesk, Avid, Bentley Systems, Borland, Cadence, Cisco Systems, CNC Software/Mastercam, Dell, Entrust, HP, IBM, Intel, Internet Security Systems, Macromedia, McAfee, Inc., PTC, RSA Security, SAP, SolidWorks, Sybase, Symantec, UGS Corp. and Veritas Software, which merged with Symantec earlier this year. BSA members finance anti-piracy strategies, and presumably share the information collected.
Is Microsoft sharing the information it collects using Windows Genuine Advantage with other members of the BSA? The company hasn't said, although I'd be surprised if Microsoft didn't share it with its worthy allies. At least we should know about it, and have the member companies listed in any agreement we are asked to make.
Perhaps the BSA should spend more effort earning the respect of its customers before frisking us all as though we are thieves.
Trackback Pings
TrackBack URL for this entry:
http://www.blogonnymity.com/powerblog/mt-tb.cgi/105
