Feeds

Vista's EULA product activation worries

Walking on thin ice?

Protecting users from Firesheep and other Sidejacking attacks with SSL

The EULA ominously warns that: "Before you activate, you have the right to use the version of the software installed during the installation process. Your right to use the software after the time specified in the installation process is limited unless it is activated. This is to prevent its unlicensed use. You will not be able to continue using the software after that time if you do not activate it."

What does this mean? Essentially, if you buy a license to the software from a reputable dealer, but choose not to transmit information to Microsoft, you forfeit your ability to use the licensed software.

What is interesting is not whether you have the right to use unactivated-but-properly-purchased software, but how Microsoft enforces its right. What Microsoft says is that the software will simply stop working. So, where is the proof that the software is not activated? Who has the burden of proof? What if you assert that you did activate the product, but Microsoft claims you did not? What if you attempt to activate the product, but Microsoft’s servers are down, or they provide improper information, or their servers are hacked and give you bad activation information?

What the contract states is that unless you can activate the product (irrespective of whose fault it is that you cannot activate), you forfeit your right to use the product, and therefore access to any of the information on any computers using the product.

The license is also silent on what happens after you fail to activate the product. Is there a mechanism for you to at least open the product to allow you to activate it, or do you get a Blue Screen of Death? Since their objective is to ensure that the product is activated, presumably they will allow you to at least get an internet connection and take you to an activation screen.

Once you activate the product, then you would assume that you are golden to go ahead and use the product, right? Wrong.

You see, even after you activate the software it will, according to the EULA, "from time to time validate the software, update or require download of the validation feature of the software". It will once again "send information about the...version and product key of the software, and the internet protocol address of the device".

Here's where it gets hairy again. If for some reason the software "phones home" back to Redmond, Washington, and gets or gives the wrong answer - irrespective of the reason - it will automatically disable itself. That's like saying definitively, "I'm sorry Dave, I'm afraid I can't do that..."

Unless you can prove to the satisfaction of some automoton that the software is "genuine", or more accurately, that under the relevant copyright laws that you have satisfied the requirements of the copyright laws and all of the terms of the End User License Agreement, the software will, on its own, go into a "protect Microsoft" mode. Besides placing an annoying "Get Genuine" banner on the screen, and limiting your ability to get upgrades, the EULA warns that "you may not be able to use or continue to use some of the features of the software". The EULA itself does not state which features these are, but the website advises that, unless you can show that you are genuine, you won't be able to use Windows ReadyBoost(tm), which lets users use a removable flash memory device; the Windows Aero(tm) 3D visual experince; or the Windows Defender anti-spyware program.

But the contract doesn't limit Microsoft to these disabling attributes. It just says they have the right to limit your ability to use features - pretty much any features they decide to at any date. And guess what. You agreed to it.

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
'Windows 9' LEAK: Microsoft's playing catchup with Linux
Multiple desktops and live tiles in restored Start button star in new vids
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
iOS 8 release: WebGL now runs everywhere. Hurrah for 3D graphics!
HTML 5's pretty neat ... when your browser supports it
Mathematica hits the Web
Wolfram embraces the cloud, promies private cloud cut of its number-cruncher
NHS grows a NoSQL backbone and rips out its Oracle Spine
Open source? In the government? Ha ha! What, wait ...?
Google extends app refund window to two hours
You now have 120 minutes to finish that game instead of 15
Intel: Hey, enterprises, drop everything and DO HADOOP
Big Data analytics projected to run on more servers than any other app
SUSE Linux owner Attachmate gobbled by Micro Focus for $2.3bn
Merger will lead to mainframe and COBOL powerhouse
iOS 8 Healthkit gets a bug SO Apple KILLS it. That's real healthcare!
Not fit for purpose on day of launch, says Cupertino
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.