Feeds

Surprises inside Microsoft Vista's EULA

Not a thing of beauty

Choosing a cloud hosting partner with confidence

Analysis It's Autumn in St. Louis, my favorite time of year in Missouri. Coats are getting progressively thicker as the temperature drops, trees are changing their leaves in a final show of brilliant color before their skeletons show, and darkness is starting to scare away the sun a bit earlier every day.

Every Thursday night this Autumn you'll find me teaching the latest iteration of a wonderful course at Washington University in St. Louis titled "Technology in Our Changing Society". Once a week my students and I examine a different issue about the point at which technology and social change intersect, and our discussions are as fulfilling as they are knotty. I can't tell you how many times this semester I've heard someone say, "This is a really complicated issue, and I'm not sure yet what I think.

I respect and understand completely what they're saying. After all, when you're wrestling with issues around free speech, biotechnology, identity online, or virtual property, discussions tend to operate in shades of grey instead of black and white. Sometimes issues are a bit more cut and dried, and a student will utter a bon mot that perfectly encapsulates an issue.

A long time ago, a high school kid who wasn't that great of a student told the class, after a long discussion about governments and politics, "Well, here's what I've learned: socialism is fair but doesn't really work, while capitalism isn't fair but does work mostly." Not too bad for a 9th grader. More recently, I had the adults in "Technology in Our Changing Society" read both the Windows XP EULA and the GNU General Public License. When I asked them what they thought, one woman said, "The EULA sounds like it was written by a team of lawyers who want to tell me what I can't do, and the GPL sounds like it was written by a human being who wants me to know what I can do." Nice

The next version of Windows is just around the corner, so the next time we discuss software licensing in my course, the EULA for Vista will be front and center. You can read the Microsoft Vista EULA yourself by going to the official Find License Terms for Software Licensed from Microsoft page and searching for Vista. I know many of you have never bothered to read the EULA - who really wants to, after all? - but take a few minutes and get yourself a copy and read it. I'll wait.

Back? It's bad, ain't it? Real bad. I mean, previous EULAs weren't anything great - either as reading material or in terms of rights granted to end users - but the Vista EULA is horrendous.

Benchmark censorship

Ed Foster has written - with his usual righteous eloquence - a piece on his Gripelog titled "A Vista of Licensed Censorship" that covers several new restrictions in the upcoming Vista EULA. Vista Home now contains this gem:

9. MICROSOFT .NET BENCHMARK TESTING. The software includes one or more components of the .NET Framework 3.0 (".NET Components"). You may conduct internal benchmark testing of those components. You may disclose the results of any benchmark test of those components, provided that you comply with the conditions set forth at http://go.microsoft/fwlink/?LinkID=66406.

Foster brings up good points about the inevitable problems that this clause will bring. Microsoft can - and undoubtedly will - change the terms on that web page at any time, thus complicating life for anyone wanting to disclose test results.

Worse, another requirement dictates that any benchmarks must "be performed using all performance tuning and best practice guidance set forth in the product documentation and/or on Microsoft's support Web sites," thus forcing testers to use settings that aren't found in the workaday world, potentially distorting results. Foster gives this example, one that should resonate among the readers of this column:

Just by way of example, what about a security researcher who a year or so from now wants to compare the buffer overflow vulnerabilities of the original version of Vista with the inevitable SP1?

Under Microsoft's rules, the researcher could not make public the results of the older version of the software. And if you think it highly unlikely Microsoft would actually object to the benchmarks in such circumstances, think again. In 2001 Microsoft came down on an independent lab that was about to go public with performance benchmarks comparing Windows NT and Windows 2000.

Beyond the fact that censorship is almost always a bad thing (I'll agree that it's permissible in a very few cases involving national security, but that's about it), software is of such critical importance to people's lives that I can see virtually no reason why any limitations on benchmarking and testing results should ever be allowed to stand.

No virtualization for you!

Right now, consumers and businesses can buy two versions of Windows XP for their desktops: Home and Professional. Let's review the choices they're going to face, including pricing, when Vista rears its head:

  • Starter (OEM pricing only)
  • Home Basic ($199, or $99 upgrade)
  • Home Premium ($239, or $159 upgrade)
  • Business ($299, or $199 upgrade)
  • Enterprise (OEM pricing only)
  • Ultimate ($399, or $259 upgrade)

I understand that product differentiation among market segments is common and makes good sense. But this is ridiculous. Six different versions? Quick, which one is right for you: Home Premium or Business? Uhhhh...

The next step in data security

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Apple CEO Tim Cook: TV is TERRIBLE and stuck in the 1970s
The iKing thinks telly is far too fiddly and ugly – basically, iTunes
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Huawei ditches new Windows Phone mobe plans, blames poor sales
Giganto mobe firm slams door shut on Microsoft. OH DEAR
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
OECD lashes out at tax avoiding globocorps' location-flipping antics
You hear that, Amazon, Google, Microsoft et al?
Show us your Five-Eyes SECRETS says Privacy International
Refusal to disclose GCHQ canteen menus and prices triggers Euro Human Rights Court action
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.