Feeds

MS Whistler copy protection climb down begins – in Germany?

If we do it they might not buy our software - there's a worry...

  • alert
  • submit to reddit

Combat fraud and increase customer satisfaction

With Whistler Microsoft plans to introduce a new form of copy protection involving compulsory registration and resulting in 'single use' software. But there are signs of revolt among the troops - at least in Microsoft Germany.

In today's edition of the Financial Times Deutschland, Microsoft Germany spokesman Tomas Jensen is quoted as describing Microsoft Deutschland as a special, sensitive case, and suggesting that although the rest of the world may be forced to put its hands up to the new "product activation" system, Germany could be let off. But later in the day Jensen seemed to be saying he'd told the FTD nothing of the kind, just that no decision had been made, and that Germany was a critical market for Microsoft.

Which from where we're sitting doesn't sound a heap of a lot different from what the FTD said he'd said in the first place. The new copy protection procedure has appeared in the Whistler beta, but there's been no public commitment by Microsoft to actually introduce it - so 'no decision has been made,' anywhere, is a perfectly rational line for managers to take.

And we'll translate that stuff about the importance of Germany. Germany was, as the FTD notes, the nearest thing to a stronghold for OS/2 that IBM had, during that OS war. These days it's strong for Linux, and if Microsoft gets too insensitive and kicks German users around too hard, a revolution in one of the company's biggest and most prosperous markets is a perfectly plausible scenario.

On top of that, you may recall German court skirmishes over the legality of Microsoft trying to prohibit the resale of OEM versions of Windows. So if Microsoft did try to use copy protection to enforce single use, single machine sales of Whistler (and indeed Office 10, which will likely use the same system), the German courts are perfectly capable of unpicking the whole deal.

Nor is it a massive leap of the imagination to foresee other European countries following up on this, as various investigations crank on and various governments mull the benefits of open software.

The sensitivity is not however limited to Europe - many people in the open source movement see the big opportunity as coming when Microsoft finally goes a step too far, and the users start just saying no. Microsoft undoubtedly wishes to enforce universal product registration that locks single users into single software packages on single machines, but although the company isn't known for its tact and diplomacy, it could quite likely be sufficiently concerned for its revenues to think twice on this one.

As it stands, the system being tested with Whistler generates a code during installation. Via a phone or Web registration process this is then used to unlock the software. But here's the kicker - the code itself is generated by a combination of the product key (as per existing software) and a unique ID produced by the particular machine the software is being installed on.

The intention is that the unlock key you get back from Redmond is only valid for one machine, even if we're talking a no-name you built yourself and installed a full retail copy of Whistler on. It's not absolutely clear what is used to generate the machine code, but it seems likely to be a combination of bios, graphics and various other bits of hardware kicking around in there.

So if you swap out some of your hardware and try to reinstall the software, the unlock key quite probably won't work, and you'll have to phone up Microsoft and argue the toss. That is of course if the system works and is hard to get around.

Given the experience of compulsory registration of Office 2000 victims, one could doubt that it will work, even without your knowing about the kerfuffle over Whistler build 2410, which was initially pulled because of, er, problems with installation keys. And even if Microsoft can get it to work technically, the inconvenience that'll be caused to some companies will probably get them looking for wrinkles to rip the protection out.

If Microsoft does go with the system it apparently doesn't intend to use it on volume purchased software, which lets larger businesses off, but that's of no help to people who buy software in smaller quantities, who'll shout long and loud. We reckon Microsoft will back off this time - but they'll be back. ®

Related Link

Financial Times Deutschland story, auf Deutsch, natürlich

SANS - Survey on application security programs

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Oh no, Joe: WinPhone users already griping over 8.1 mega-update
Hang on. Which bit of Developer Preview don't you understand?
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
IRS boss on XP migration: 'Classic fix the airplane while you're flying it attempt'
Plus: Condoleezza Rice at Dropbox 'maybe she can find ... weapons of mass destruction'
Ditch the sync, paddle in the Streem: Upstart offers syncless sharing
Upload, delete and carry on sharing afterwards?
New Facebook phone app allows you to stalk your mates
Nearby Friends feature goes live in a few weeks
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.