digg

Join DiggAbout

Discover the best of the web!
Learn more about Digg by taking the tour.

Surprises Inside Microsoft Vista's EULA

securityfocus.com — Scott Granneman takes a look at some big surprises in Microsoft's Vista EULA that limit what security professionals and others can do with the forthcoming operating system.

Bury
show profanity settings
expand all
  • WillDearborn, on 10/12/2007, -1/+21The thing that ***** me off the most personally is the whole thing about not installing on more than 2 machines for the life of the license. I mean ***** I've installed XP countless times on like 4-5 different machines I've had over the years. I guess I would pay the $399 price tag if I could continue to do just that. Also, maybe I'm missing it but I haven't read anywhere if this means you can't reinstall on the same machine. Like say I just want to do a fresh install on the same machine. Is that ok? And what about ghost images? I would assume that I wouldn't be "installing it on a new device" if I used an image (which I do about once a month). I love windows and am really going to be dependent on Vista since DirectX 10 is exclusive, but man microsoft is starting to ***** me off.
    • alexcurpas, on 10/12/2007, -1/+25Anyway, what is a "different machine"? Changing the CPU? The MoBo? Adding a HDD?
    • WaterDragon, on 10/12/2007, -19/+6I think the term 'machine' refers to the case that all the other stuff is in.

      Sometimes people ask me what brand of computer i have, and I just have to laugh.

      Well...it's a Seagate ...I mean, an Intel... I mean, an Antec.. I mean...um..
    • darkvad0r, on 10/12/2007, -1/+11@alexcurpas:

      that is completely up to Vista to decide. I read on the vista blog that you might have to call microsoft for reactivating vista if vista decides that you're pc is just not the same anymore. And it will be up to microsoft support to decide whether vista is right or not.
    • carpespasm, on 10/12/2007, -1/+4and what exactly qualifies a new computer? if i replace the case is it new? how about if some of the parts a replaced, but i keep the motherboard? what about if i'm only keeping the case and hard drive, but replacing everything else? saying that you can only install it on 2 computers is *****, and they'll quickly find out (though they should already know).
    • ExSlashdotter, on 10/12/2007, -0/+7Here's how the hardware changes trigger reactivation in XP (in simple terms):

      1. Display adapter
      2. SCSI adapter
      3. IDE adapter
      4 Network card/MAC address (weighted as 2 points)
      5. RAM amount range (0-64mb, 64mb-128mb, etc)
      6. processor type
      7. processor serial number
      8. hard drive device
      9. hard drive volume serial number
      10. optical drive

      Basically, if every device is worth 1 point, except your network card, which is worth 2 points. If the PC is not dockable and a network adapter exists and is not changed, 6 or more of the other above points would have to change before reactivation was required. If a network adapter existed but is changed or never existed at all, 4 or more changes (including the changed network adapter if it previously existed) will result in a requirement to reactivate.

      If you've got a motherboard with tons of integrated devices, you can see how a change would force you to reactivate. Plus, the hard drive is technically checked for two things, as is the processor. Also, even with 2 identically configured machines, you can see how Ghost would violate this bigtime.
  • chaos217, on 10/12/2007, -1/+19So how would they enforce this for those of us that swap out components and upgrade constantly. Does it generate some sort of composite hardware code to identify the computer? I personally do swap, upgrade, and reformat every few months to keep my computer in tip-top shape, does that mean I have to buy a new version every couple of months?! If so I would die laughing...and they would perish in flames.
    • Kypt, on 10/12/2007, -1/+6I think it was mentioned before that for that purpose they'll consider it a whole new computer if you change the motherboard. Not entirely sure where I saw that though :/
    • brickbat, on 10/12/2007, -9/+4I think you can change the mobo as long as the hard disk is the same - so it needs to be motherboard and hard disk AT THE SAME TIME!.

      Seems fair enough to me. Different mobo and hd at the same time is not the same pc.

      reinstalling on the same pc is fine.
    • WaterDragon, on 10/12/2007, -12/+6does anyone still have only one harddrive?
    • stylerm, on 10/12/2007, -1/+4the XP license keys have an install limit on them as well. I do not know what the number is, and I doubt they will say it anywhere. However, on my last install it told me that I had installed it too much and would not let me unlock it over the internet. I had to phone up Microsoft and assure them that I hadn't used this software key on multiple machines.
    • zambuka, on 10/12/2007, -0/+6@ stylerm
      "the XP license keys have an install limit on them as well. I do not know what the number is, and I doubt they will say it anywhere"

      Home edition of XP has an install limit of 3. I think the Pro version is the same. It does actualy state this (or at least it did when XP first came out) in the EULA text that you agree to as part of the installation process.
    • Qenton, on 10/12/2007, -2/+5I have more than once either destroyed, swapped out, every part of my computer.
      I have called MS twice and had no problem dealing with the licensing issues with XP. It is usually pretty easy to deal with them on this.

      Since they claim it is the same as XP but spelled out differently I will assume until proven wrong that this will not be much of a problem with XP. Yes, I can change out EVERY component in my computer and still consider it the same computer. It is in the same case for example. Or maybe the hard drive is the same... same computer in my mind. It would be very hard to not just give the consumer what they want and avoid anyone taking them to court and getting the court to officially destroy there EULA... And note they didn't spell out what constitutes the same computer so good luck in denying any request for transfers.

      So basically it doesn't matter. It is just the same as the last EULA. I wouldn't worry about it too much.
    • spookybathtub, on 10/12/2007, -0/+5Windows XP Pro lets you register it online 10 times.  You can install and use it for up to 30 days before you register it.  Or you can just get an Enterprise Edition that never needs to be registered...
  • Shorties, on 10/12/2007, -1/+13Surprise inside? OH its like Crackerjacks except full of censorship and not that fun.
  • reldruh, on 10/12/2007, -7/+13For 90% of users this doesn't matter. Digg just happens to be composed of the 10% that it does matter to. Nobody in my family upgrades their computer without buying a completely new one, reads any benchmarks or does any virtualization. They also never read EULA's so this has exactly 0 affect on them. As up in arms as digg readers may be Microsoft can and will get away with this because the vast majority of the population will never even notice.
    • jmgibson, on 10/12/2007, -3/+23They'll get away with it because:

      1) They will tie it up for years in court costing taxpayers millions and once a judgment is reached against them they will still not choose to comply

      a) Because apparently they are above the law in the US and Internationally. Apparently Bill Gates and George Bush belong to the same country club

      2) As you said, 90% of the people could care less (but I have been a tech and system administrator for years and believe a majority of that 90% should not even be allowed to touch a computer; For reasons I won't get into here)

      3) And although I do not personally like Microsoft, their products or business practices, and as much as it pains me to say this: It is their product and they should be able to do whatever they want with it and license it however they choose.

      The bright side: Maybe just maybe Vista will help to steer users, manufacturers and developers towards Linux and we may see better support, better games and better App development for it. Thank you Microsoft!
    • PixelCloud, on 10/12/2007, -10/+2"The bright side: Maybe just maybe Vista will help to steer users, manufacturers and developers towards Linux and we may see better support, better games and better App development for it. Thank you Microsoft!"

      not if everyone who buys those products are still using windows..


      sigh.. so blind
    • cuposmuck, on 10/12/2007, -9/+5@jmgibson

      I agree with u except on 1 thing... linux isn't user friendly, and doesn't have the support/applications readily available for it.. so the average ma and pop operators. Wont touch it with a ten foot pole...

      If the average open source guru can change their attitude to windows and attempt to increase compatibility between the OSs and the overall usability of *nux, then things might change..

      Until that point *nix will remain the OS of a select group of people who know whats wrong, who always complain about it being wrong... but who never take action to correct it and make them the winning team...

      firefox is an great example of how to do this.. open office is a start but it needs a crap load of work... and linux.. well its was good when windows 3.11 was around but.. there has been any real innovation since so...

    • djpearman, on 10/12/2007, -0/+9@cuposmuck

      Firstly, when was the last time you used a Linux-based OS? I assume it's been a while because it's been a while since there were no user-friendly Linux distros available.

      Secondly, concerning compatibility: I, too, wish there was better compatibility between Windows and Linux and a lot of work is being put into achieving this - by the Linux people. It's in their interest. But it's not in Microsoft's interest, is it? So they're making it difficult - often using licensing restrictions.
    • aldimeneira, on 10/12/2007, -0/+1"a) Because apparently they are above the law in the US and Internationally."

      in the USA maybe, but MSFT is a convicted criminal that pays millions of € in Europe because of that.
    • tagawa, on 10/12/2007, -0/+1jmgibson:
      That is the most sensible, balanced comment I've read in a long time.
      Thanks for the refreshing change.
  • Sammy20, on 10/12/2007, -5/+243 solutions:

    1. Piracy
    2. Windows XP Sp2 + RyanVM update pack
    3. Linux
    • WaterDragon, on 10/12/2007, -14/+5I am so glad you didn't include Macintosh on your list, or you would just get attacked and modded down. ;-)
    • MrSunshine, on 10/12/2007, -5/+34. Zeta OS
      5. Menuet OS
    • trylleklovn, on 10/12/2007, -3/+6A Mac is also an option, but a very different one as it requires one to buy a new computer.
      My old stationary does no longer hold Windows Xp, but purely Ubuntu.
      My laptop however is a MacBook.
    • kubudubudubuntu, on 10/12/2007, -4/+6The solutions are really just:
      1. Kubuntu
      2. Ubuntu
      3. Xubuntu
      and the thousands of free apps they provide with synaptic....
    • aldimeneira, on 10/12/2007, -1/+10. Mac OS X
  • WaterDragon, on 10/12/2007, -8/+1This same story was on the front page, just about a week ago!

    It is so LAME to deliberately post duplicates of (recent) stories!
  • alexcurpas, on 10/12/2007, -2/+18Don't like it? Don't buy it. Donate some money to Wine instead.
    • GMorgan, on 10/12/2007, -2/+17I'd prefer to donate money to beer instead. May as well get drunk while you're not buying Vista.
    • WaterDragon, on 10/12/2007, -2/+11Tequila!
    • alexcurpas, on 10/12/2007, -1/+7Buying beer does not really count as donating money, but I feel ya. Beer is definitely much better than Vista. No fishy EULA to sign either.

      Sure, it's more expensive on the long run, but it might help you get laid!
  • 8086ed, on 10/12/2007, -1/+10Security pros should be allowed to penetration test an Operating System just like the "bad guys" already do without having to worry about Microsoft breathing down their backs. It's a step backward for security, not forward.
    • Nocturnal, on 10/12/2007, -2/+5Yeah, don't worry about it, MS will catch the short end of the stick when the S* hits the fan and people, including the govt. are ***** that their systems were wide open and exploited due to security researchers not able to do their jobs. It'll happen, you can bet that it will happen.
  • zblackeagle, on 10/12/2007, -1/+6"Surprises" inside a snake pit. News at 11
  • atomicbomb, on 10/12/2007, -3/+6And this is a part of the reason why I have just bought a 24" imac. and no, i'm not installing xp on it. Had enough of M$ crap. Also I love my ipod. and if apple can do that nice a job of a music player, I'm willing to give them a try on a pc.
    • alexcurpas, on 10/12/2007, -7/+2Game much?
    • eddieroger, on 10/12/2007, -0/+4That didn't take long. Thank goodness you brought us back to the real world by pointing out that we all play video games 24x7 and CAN'T do that on a Mac. I guess I'll just have to go back to my video editing and be content not playing games like I haven't for the last 20+ years.
  • sekyuritei, on 10/12/2007, -2/+6This is the last straw for me... the new EULA finding of the week... I'm making every effort to switch every aspect of what I do to Linux. It's like they're drunk on power. They've gotten more evil ever since Balmer took over...
  • xbasilx, on 10/12/2007, -1/+7quote from the article....
    "The draconian limitations I've discussed could only be enacted by a monopoly unafraid of alienating its users, as it feels they have no other alternative."

    This is so true. With each ***** evil practice MS slaps the sheep around like a pimp slapping around his whores, and it seems inevitable that there will be a mass migration to linux or mac, but nope, the sheep just stand there and take their beatings. And I've always known most people were sheep, but it still surprizes me that there's almost nothing that the sheep won't tolerate. I always wonder when the sheep will rebel, but it's obvious the sheep will never rebel cos they have grown accustomed to such vile abuses that masochism is their greatest pleasure.
  • kayjay, on 10/12/2007, -3/+1i thought we already agreed on microsoft being evil (saying: eviler than google).
  • zeptobyte, on 10/12/2007, -0/+1I'd say 95% don't care about what the EULAs say at all, 4% care enough to find out about them but won't follow them, and 1% will be genuinely scared of the "legal repercussions". I don't know if it's just that 1% that Microsoft is trying to deter or what, but they've never been very tough on their enforcement of how many times you can use a license. Once you've used up your XP license on as many computers as you're allowed (3, is it?), getting a new one is trivial. Just call up customer support and tell them you bought your copy about a year ago, and now you want to install it on granny's computer, but lost your serial number. Presto! New key in under 10 minutes.
  • acidtrx, on 10/12/2007, -3/+5Not to bash Microsoft, or Vista. But has anything remotely positive even been said about Vista? It seems like lately, all you see is negative things about it. One would think, with all the negativity floating around someone at Redmond would get the hint and at least put some effort into trying to make a better future for what is apparently the next step in the Windows family.
    • mntpng, on 10/12/2007, -2/+3Normally company would realize that perhaps what they might be doing would be harmful to themselves. However this does not apply to companies that are enjoying monopoly. Microsoft knows customer doesn't have a clear alternative and therefore they can and will impose all sorts things like WGA, draconian EULA, price hikes, etc.
  • weikiat, on 10/12/2007, -3/+0their script, these guys.

    is damn fishy.

    Maybe setup by easydns themselves?
  • mianos, on 10/12/2007, -1/+4This is what he is talking about:

    http://msdn2.microsoft.com/en-us/library/ms973265.aspx
    This stuff is over the top:
    (1) you must disclose all the information necessary for replication of the tests, including complete and accurate details of your benchmark testing methodology, the test scripts/cases, tuning parameters applied, hardware and software platforms tested, the name and version number of any third-party testing tool used to conduct the testing, and complete source code for the benchmark suite/harness that is developed by or for you and used to test both the .NET Component and the competing implementation(s);

    (3) your benchmark testing was performed using all performance tuning and best practice guidance set forth in the product documentation and/or on Microsoft's support Web sites, and uses the latest updates, patches, and fixes available for the .NET Component and the relevant Microsoft operating system

    Ie. you are not allowed to say bad things about .net (so I won't say the network latency the MS consultants we paid to test it shows it's much worse than in a native C++) application.)
    • darkstar949, on 10/12/2007, -1/+2The first part about having to disclose what you used for testing as it is in line with scientific methodology (you have to reveal you arrived at a result so that others can duplicate it). However, the parts about only being able to test "tuned" .NET is complete bunk - I should be able to do benchmark tests on a clean install of the operating system to determine the baseline operating parameters for .NET - saying you can't do that is like saying you can't take a car for a test drive.
  • carapi, on 10/12/2007, -6/+1I feel sorry for the students in this idiots class. To have a teacher who has no idea what "censorship" is trying to TEACH you about it must be hard.

    And why are all the tech guys fat ***** who still think goatees are "in" despite the fact that they haven't been in at least 10 years?
    • kubudubudubuntu, on 10/12/2007, -1/+2I didnt see anything about goatse in the article..
  • nufoto, on 10/12/2007, -2/+1What Surprises?... Some people fail to realize that we are no longer in the golden age of computing when Microsoft had lots of competition and market share was most important!

    Now that Microsoft is the Big boy they have the power to do what they want .... even if they lose a couple of percentage points in market share they will easily make for that in the sales due to the WGA and EULA.

    Just get the Microsoft drug out of your system...move on try something new...go you can do it! crying won't help! and to all the hackers out there working on Cracking the WGA please stop and think about the drug Addicts your are supporting!!
  • jellygraph, on 10/12/2007, -0/+1the licensing terms are pretty nasty. like WTF microsoft...?
  • Ascus, on 10/12/2007, -3/+1Interesting that they do not allow publishing of benchmark testing. You know that this will be heavily used when anyone publish how slow .NET is compareed to OSX or Linux. Just this clause will stop most places from even attempting to do a honest side by side comparison.

    However going to OSX because of VISTA one re-install option makes little sense, since OSX is effectively an no reinstall. Only Linux has hit beat her.

    My biggest concert will be the next release Vista 2.0? that will tighten what is determined a new machine. Its very noticable how they avoid explaining what constitutes a new maching in the EULA. I would say may persone computers, I constantly move equipment between machines, I am very fearful of the 10 upgrades limit.
  • SVPirate, on 10/12/2007, -1/+2http://www.gripe2ed.com/scoop/story/2006/10/24/0456/5625

    That's Ed Foster's original article, which this guy has blatently ripped-off :( Reporting on someone else's discoveries is one thing but dropping their article verbatim into your own to make up a good three-quarters of the content is kinda lame.

    ANYWAY, yes this alas cinfirms just what I suspected. Vista's licence system is as nasty as the rest of the god-forsaken crud that is the OS.

  • Lummoxx, on 10/12/2007, -1/+9Dear Game Developers,

    You are the only reason I need Windows anymore. Please port your code to linux, for which I'd gladly pay an extra $10 for, so that I can get rid of Windows forever.

    Sincerely,
    a Gamer
  • ray901, on 10/12/2007, -0/+3This is a lot of trouble to go to for a game engine isn't it?
  • daveyt, on 10/12/2007, -1/+2i cant find the Vista EULA on that page he links to. Have MS removed it?
    • plamoni, on 10/12/2007, -0/+2I can't find it either, I went to the link and typed "vista" in the search box and hit "go" and it told me it didn't find any results...
  • jav1231, on 10/12/2007, -2/+4All of this looks good on paper but the fact is that people will virtualize whichever version they buy. They will largely disregard their EULA's and do what they want. This merely arms Microsoft in case they decide to go after someone, which they won't. If someone calls in with an issue and are breaking the EULA, then Microsoft will enforce it.

    Frankly, I wish they would enforce it tooth and nail. I wish they would lock down even the slightest or perceived infringement. Then people would finally make the switch to OS X and Linux.
  • eddieroger, on 10/12/2007, -0/+1Fortunately, Boot Camp isn't virtualization.
  • uownedge, on 10/12/2007, -0/+2Anyone who has ever talked about OSs with me probably knows that I'm all for companies being able to protect their software (in this case, Microsoft). If they so choose to do it, that's fine. The terms of the Vista license are outrageous, but hey, it's Microsoft's product, and Microsoft's call. They're going to lose some support over it though, and they have to know this. It's fine with me though. I don't need it, and I'd love to see some more competition thrown at Microsoft. They need it in the worst way possible right now (the EULA makes this perfectly clear, does it not?).

    Competition is good for everybody.
  • digdigger, on 10/12/2007, -0/+2Looks like there is an update to allow multiple transfers. http://slashdot.org/articles/06/11/02/2055216.shtml
  •  

    Login or register to add a comment

    Create a new account or login to join in the conversation on Digg. You'll also be able to Digg stories to help promote things you like.


© Digg Inc. 2008 — Content posted by Digg users is dedicated to the public domain.
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.