EULAs, RFID tagging and other Halloween horrors

It is a scary, scary world out there

  • alert
  • submit to reddit

Internet Security Threat Report 2014

Letters It is Halloween, so we thought we'd get as scary as we could and head straight for Microsoft's Vista EULA. Security Focus' Scott Granneman took a look inside the new EULA and gave himself quite a fright. We hear the shock turned his hair white (no, not really).

The key issue here for us from a development/QA perspective is that we are entirely dependant on virtual machine for testing. So much so that one wonder how we ever meanaged without it (the obvious answer being 'slowly' and 'with less coverage').

But we'll still have to test ALL of these versions, whether we're legally allowed to run them in VMWare or not. So either the cheapo versions don't get tested, or we have to source whole new machines JUST to sit there with a copies of Vista on it. The prospect of having to dig Ghost out of the cupboard just to be able to revert a testbed to a snapshot is a painful one. It's an unreasonable ask from MS when we're testing our stuff for THEIR operating system.

Having said that, I'm not sure what the Action Pack will allow us, it may be we'll be less restricted than retail licence holders. But not all developers choose to use or can afford MSDN licences.

At the moment, there's nothing but the EULA to stop them using Vista versions however they like, but given MS' penchant for retrofitting piss-poor functionality restrictions, and rights-holders penchant for suing the arse off their customers these days, who'd want to gamble their business on that?


It never ceases to amaze me how Microsoft continually gets away with its hubris when there is the excellent Linux as a valid, valiant alternative to Redmond shenanigans. I still use Windows 98 and hell will freeze over before I install XP, let alone Vista. Sooner or later Microsoft is going to overreach itself, and maybe Vista will be the final straw.


I think you misread the virtualization clause. It says that if the software is installed on the device, you can't run another copy of the software in a virtualized environment. It doesn't say that if you run Parallels you can't run/install the licensed software. It just says you can't use it a second time in a virtualized environment.

The license still sucks.


The license transfer provisions in the Vista EULA make my 'grandfathers axe' style of machine usage rather expensive, I'd have thought. I installed Windows XP on a somewhat arbitrary mix of home brew computer parts some years ago now. I tend to do my upgrades piecemeal.

That hardware box has a different motherboard, CPU, RAM, hard drives, video card and other stray peripheral devices. The case is the same, with a shiny license code affixed, but that too could well change at some point.

With the EULA provisions contained in Vista, at what point does Microsoft consider the license to have been "transferred" to another machine?


never mind virualization, and security pros - what about gamers, and other frequent upgraders?

When does a 'device' stop being the old device, and start being a new one ?


I like section 5 (validation) point d. "You may only obtain updates or upgrades for the software from Microsoft or authorized sources."

So if some group (that hasn't given MS money for authorization) releases security fixes before Microsoft and you wish to use them (cf http://www.theregister.co.uk/2006/10/03/zero-day_ie_fix_encore/ ), not only is this disrecommended, not only would it void your warranty (in as much as a Microsoft warranty is worth anything), but in fact voids your licence to use the software in the first place.

That's not anti-competitive at all I'm sure, cough, cough.


The licence transfer thing used to have another gotcha in it and I bet it still does. If your company changes hands then (as you can't sell the licences on) you need to go and rebuy them again. No-one seems aware of this but if FAST pay you a visit you will find out very expensively.


Microsoft has reached the point where it is difficult to grow market share appreciably - instead, they need to grow revenue per customer and I suspect we'll see increasing restrictive EULAs as part of their effort to do that. On the other hand, it's common knowledge that consumers don't read these things - it's unlikely anyone could understand them without a law degree. If push comes to shove it will be interesting to see if courts will uphold the EULA or if common law expectations of merchantability and fitness for intended use will prevail.

Thanks for shining a spotlight on the issue and raising public awreness.

- Jim

> How stupid does *** Microsoft, who fed him this line of bull - think we are? Very stupid. Very, very stupid. After all, mankind are more disposed to suffer....


About the virtualization, where's the problem? Virtualization is for pros and business use.

It's for testing, development etc. In that environment people don't tend to use home software (yeah, I know, many do but they're bonkers). So I don't see what the problem really is with this kind of restriction.

But it's nice to see that you're not biased in this article, really...


Mr. Granneman wrote: "And, I'll add, a further lowering of respect for Microsoft."

C'mon, further lowering, is this even possible?


"the fact that it's virtually impossible to buy a PC that doesn't have Windows already installed"

This is not a fact. It is myth and FUD and anti-Microsoft religious raving.

My local computer shop (World of Computers, Milton, Cambridge) will sell you a computer with or without an operating system of your choice, and will even install an operating system you give them when they build your machine. I know that Cambridge is different and special, but it can't be *that* different and special - this must be possible in other places as well ... and if it isn't you can always buy mail order from WoC.

That's not "virtually impossible", a better description would be "standard service from a main supplier to a city of 100,000 people".


We can confirm that both Oxford and Cambridge are *that* different and special.

Great article; here's some free marketing advice for Microsoft: release Vista before Thanksgiving so it can be served as the main course--that's about the only use I can see for this underwhelming makeover of XP.


Monopolies are bad. For us, yes. But also for Microsoft.

The smallpox virus of real choice is spreading across the newly-discovered continent of computing diversity and Microsoft is looking like a native who never got exposed to the virus when young.

Can we expect them to get away with just a few nasty scars, or are they going to die a painful slow death? I don't know, but I do think we should give them an infected blanket..


And on that unsanitary note, we'll ask you to click on the button below, and turn to page two...

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
Swiss wildlife park serves up furry residents to visitors
'It's ecological' says spokesman, now how would you like your Bambi done?
Win a year’s supply of chocolate (no tech knowledge required)
Over £200 worth of the good stuff up for grabs
Facebook's Zuckerberg in EBOLA VIRUS FIGHT: Billionaire battles bug
US Centers for Disease Control and Prevention contacted as site supremo coughs up
Internet finally ready to replace answering machine cassette tape
It's a simple message and I'm leaving out the whistles and bells
ePassport to Transnistria: NEXTIFYING the Nation State with BONG
Hey the Man, you can't geoblock distributed democracy
Red Bull does NOT give you wings, $13.5m lawsuit says so
Website letting consumers claim $10 cash back crashes after stampede
Down-under record: Australian gets $140k for pussy
'Tiffany' closes deal - 'it's more common to offer your wife', says agent
Trolls have DARK TETRAD of personality defects, say trickcyclists
Think psychopathy and BDSM dungeons, not desktops
The iPAD launch BEFORE it happened: SPECULATIVE GUFF ahead of actual event
Nerve-shattering run-up to the pre-planned known event
prev story


Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.