Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Shakedown: How the Business Software Alliance Operates

michael posted more than 11 years ago | from the grab-by-the-ankles-shake-until-money-stops-falling dept.

News 954

An anonymous source writes: "I'm a faculty member at a public university which the Business Software Alliance contacted in a bulk mailing last Fall. Stupidly, our IT department invited them in to 'explain' licensing to us, and now we are trying to fend off an audit on our computers (public and private). Two questions: what kind of leverage does the BSA actually have against us? And does anyone have war stories, successful or otherwise, of their encounters with the BSA?" Although Slashdot is running this story as from an anonymous reader, we have contacted the source and believe the story is factual and the appeal for help is real. Consider this Slashdot's contribution to National Copyright Awareness Week.

The source continues: "The report that the BSA gave to our administration was filled with scary stories about other schools who tried to resist, so unless there's some hard evidence to the contrary I suspect our university will just roll over. We were told that:

  • auditing software *will* be installed on every campus machine;
  • the license for every program, on every machine, must be produced upon demand;
  • failure to produce licenses for all commercial or shareware software will constitute prima facie evidence of illegal possession, with penalties that could range from the confiscation of the machine to the firing of the user;
  • and this includes computers *personally* owned by faculty."

Sorry! There are no comments related to the filter you selected.

Text from artcile (in case of slashdotting)... (-1)

Trolligula (527461) | more than 11 years ago | (#3416986)

Another member of the Klez worm family is spreading fast across the Internet. Klez.h (w32.klez.h@mm, also known as Klez.g and Klez.k) is a significant variation of existing worms Klez.a [] and Klez.a [] .

Klez.h has evolved dramatically enough to be able to slip past recent antivirus signature files on some PCs. A few users will need to update their antivirus signature files to specifically include Klez.h. Because of its rapid spread, Klez.h rates a 6 on the ZDNet Virus Meter.

How it works
Klez.h arrives as e-mail with a subject line that contains 1 of approximately 120 phrases, such as: Re: A WinXP patch
Undeliverable mail--"(random)"
Returned mail--"(random)"
(random)(random) game
(random) (random) tool
(random) (random) website
(random) (random) patch
(random) removal tools
how are you
let's be friends

Some of the random words above are specific antivirus software vendor names or virus-specific names. The body text of the infected e-mail also has many variations and may include one of the following:

This is a special humour game
This is my first work.
Your're the first player.
I would expect you would enjoy it (virus name) is a dangerous virus that spread through email. (Antivirus vendor) give you the (virus name) removal tools. For more information, please visit http://www.(antivirus vendor).com

Once active on a PC, Klez.h bypasses installed e-mail software by using its own SMTP server to send infected copies of itself. To locate addresses, the worm searches files on the hard drive, looking for various file extensions that may contain e-mail addresses. On networked drives, Klez.h will simply copy itself to remote disk drives by creating a random filename, then adding an .exe, .pif, .com, .bat, or .scr extension.

Like several other recent worms, Klez.h attempts to disable antivirus software installed on the infected computer. For more details regarding the original Klez worm, see this alert [] ; for details on the previous variation Klez.E, see this alert [] .

Klez.h contains an upgraded version of the Elkern virus. Elkern.c (w32.elkern.c) runs under Windows 98, Me, 2000, and XP. Elkern.c adds a hidden file, wqk.exe, to Registry entry HKLMSoftwareMicrosoftWindowsCu rrentVersionRun WQK, which is in Windows 98 and Me. Under Windows 2000 and XP, it adds wqk.dll to Registry key HKLMSoftwareMicrosoftWindowsNT CurrentVersionW indowsAppInit_DLLs. These files are added so that Elkern.c runs anytime Windows is run. Elkern.c can corrupt files without changing their size.

Klez.h uses a well-known vulnerability in Outlook Express that is included in versions of Internet Explorer 5.01 and 5.5. Microsoft has previously released a patch [] for this. Users who have not loaded the patch are encouraged to do so or to upgrade to Internet Explorer 6 using the full installation setting.

All antivirus software companies have updated their signature files to include Klez.h. This will stop the infection upon contact and in some cases additional tools are available to help you remove an active infection from your system. For more information, see Central Command [hhttp] , Computer Associates [] , F-Secure [] , Kaspersky [] ,McAfee [] , Norman [] , Panda [] , Sophos [] , Symantec [] , and Trend Micro [] .

holy christ! (-1)

Anonymous Cowrad (571322) | more than 11 years ago | (#3416988)

I fogot to pay the gas bill!

Re:holy christ! (-1)

Anonymous Cowrad (571322) | more than 11 years ago | (#3417025)



So I'm thinking of having a kid. That way I'd have someone to fetch beer for me.

You will never escape the BSA ... (-1, Flamebait)

vlag (552656) | more than 11 years ago | (#3416996)

... while you still live and work in the USA.

Re:You will never escape the BSA ... (4, Informative)

pitcrew (541567) | more than 11 years ago | (#3417096)

In talking to a judge friend of mine you have several choices: 1. Tell the BSA to go to hell and hope they don't have probable cause to get a search warrant. If they get one they will come back with the police and then you will have a criminal problem - this is not a likely scenario for a public institution. 2. Let the BSA in and try to deal with them as best possible - however I would have my attorney do the talking to them - most attorneys don't scare too easily. 3.Tell the BSA that you are busy and to come back in a couple of weeks. In that couple of weeks clean up your act and let them in. Personally I would tell them to go to hell and make them come back with the cops. Why? So they have to fight to get into every business. If they have to do this it will eventually stop them as it will become financially impossible for them to continue. As a public institution you have a different problem than private businesses. You have a public relations problem. I'm sure that this is what the powers that be in the university are thinking about. My problem is that the BSA thinks that they are a peace agency (police agency) and they aren't. As far as I am concerned the best solution is to not deal with the software companies that support the BSA!

My personal encounter with Autodesk & M$ (5, Informative)

Taco Cowboy (5327) | more than 11 years ago | (#3417205)

This is my personal encounter - YMMV !

I attended a "seminar" hosted by Autodesk and M$ several years ago. At the entrance, the pretty girls were asking us to fill in info sheets, you know, like names, address, company you work for, et cetera, et cetera.

Since Autodesk and M$ were so kind to provide us with Orange Juice (Morn time, you know), I filled in the blanks.

Never would I thought that what I filled in ended up in BSA's file, and from then onwards - 6 years already - I and the company I work for, received THREATENING LETTERS, telling us that WE BETTER COUGH UP MONEY TO BUY GENUINE SOFTWARES or they will haul our butts in slammer.

Funny thing is, the Autodesk and M$ software we used (yes, USED, PAST TENSE !) were OFFICIALLY GENUINE, NON-PIRATED COPIES !

I got into troubles with my boss, since I was the one who filled in the blanks.

No matter how we tried to tell BSA that ALL OUR SOFTWARES ARE GENUINE, the threatening letters keep coming.

It got so bad that my boss decided to scrap M$ and all Autodesk softwares, and now we run Unix and NON-Autodesk softwares.

Yes, it actually cost us MORE to change our system, but at least, BSA, with Autodesk and M$, have NO MORE CLAIM ON US.

And the threatening letters still keep coming...

Talk about insanity.

And what happened above happened OUTSIDE of the good ol' U. S. of A.

Don't think you guys in the States suffer alone.

EULAs (0)

jackjumper (307961) | more than 11 years ago | (#3416999)

First post! Oh yeah, sorry.

I would think that you could tell them to stuff it up their ass. Unless the EULA of each individual piece of software specifically requires this upon BSA request (as opposed to the manufacturer's specific request) I would think you're in the clear.

IANAL, however...

Re:EULAs (3, Informative)

campbedj (61014) | more than 11 years ago | (#3417066)

The BSA holds Power of Attorney to act for the manufacturers in these matters. So, if you have software from a BSA member then the BSA asking to see the license IS like the manufacturer asking for the license.

Re:EULAs (1)

Anonymous Coward | more than 11 years ago | (#3417109)

"The BSA holds Power of Attorney to act for the manufacturers in these matters."
Yep, you're right. []

from that link (1)

kingpin2k (523489) | more than 11 years ago | (#3417134)

"Software piracy is a crime - it is no different from any other form of stealing." What a joke...or just a lie.

Sounds like they are spouting off. (5, Informative)

Clay Mitchell (43630) | more than 11 years ago | (#3417000)

While I'm of course not a lawyer, but what right does this organization have to come in and put anything on the computers that are privately owned? I think they are trying to make you THINK that they have right and you'll give them the go ahead because they've convinced you they do... while in reality you could tell them to go to hell and they couldn't do a thing about it.

Scared of audits? (1, Insightful)

fungus (37425) | more than 11 years ago | (#3417003)

If you want others to respect the license of your software, please at least respect other's software licenses...

Re:Scared of audits? (1)

Xader Vartec (181638) | more than 11 years ago | (#3417057)

I senserily(sp) disagree with you posting this comment on this question. This isn't about the University wanted to (arrrrgggg) pirate software. It's about an orginization having legal permission to waltz in and start jacking with your property.

I assume your University has a (or group of) lawyer(s). I would seriously attempt to convince the powers at the University that it is their best interested to require the BSA to get legal ruling (supena for all your computers is what I think would be required, a warrent is for criminal activity and I don't think the local judge would approve) stating that the University had to conform to the BSA's request.

If the BSA DOESN'T have a legal right to examine your property then they will probably back off because it would put their future strong arm tactics in jeopordy.

Re:Scared of audits? (1, Troll)

fungus (37425) | more than 11 years ago | (#3417075)

First, this is NOT a troll.

Second, I think it is very paradoxal for someone to use lots of pirated software and be furious because one company includes GPL code in their commercial software.

I just say that you must be consitent in your judgment. Enforcing software licenses is good or bad? Please choose.

It is good when its your software, but not when its someone else?

PAY ATTENTION! sigh. (2)

nyet (19118) | more than 11 years ago | (#3417117)

I don't mind if they take GPL'd code.
I don't even mind if they RESELL GPL'd.

I MIND when they stop me from redistributing GPL based code however I damn well please.

Re:Scared of audits? (3, Insightful)

MeNeXT (200840) | more than 11 years ago | (#3417163)

The issue is not about enforcement but about the tactics used. How can they demand to search for infringements? They should know on which systems these infringements exist. Imagine someone comming up to you on the street and asking you where you bought your pants and to prove it or else you will sued...

Re:Scared of audits? (1, Insightful)

Anonymous Coward | more than 11 years ago | (#3417175)

The difference between your pants and a CD is that you can reproduce the content of the CD and just paying a few cents

Legality in doing this? (4, Interesting)

morhoj (573833) | more than 11 years ago | (#3417005)

Perhaps I'm not 100% informed in what the BSA does, but how can they just march in and start installing software and demanding licensing documentation? They are not a government organization, right? It looks like they operate Internationally, so where do they get their jurisdiction to start making demands?

Re:Legality in doing this? (5, Interesting)

bstrahm (241685) | more than 11 years ago | (#3417046)

That is very simple... The legal system. I am a private organization/person. I want you to do something - I simply say Do it, or I will get a court to make you do it, and by the way it will cost you a lot of money cause you will have to pay your lawyers, my lawyers, and the damages

If you aren't breaking any licencing agreements, it just costs money to fight... But much like speeding - No large organization is perfect and someone, somewhere, will have some software that the licensing documentation isn't perfect on... The BSA is willing to bet for that (So you have to pay their legal bills, discovery, etc) are you willing to bet against it ???

Re:Legality in doing this? (4, Insightful)

ergo98 (9391) | more than 11 years ago | (#3417170)

That's called barratry [] and it's actually illegal: If you threaten groundless legal action to blackmail or intimidate, you are abusing the legal system in an unsavoury way and I believe in most Western nations you can face criminal or civil punishment.

Me First (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#3417012)


Always wanted to be the first on slashdot

Click [NEXT] to accept (1, Interesting)

dsmouse (183805) | more than 11 years ago | (#3417015)

They have all the leverage they need unless you can get the EULA thrown out.

City of Virginia Beach (2, Informative)

pvera (250260) | more than 11 years ago | (#3417018)

Search the web for what happened to the City of Virginia Beach, Virginia. They got hit big time and it was cheaper to pay than to audit all their equipment at their expense.

Re:City of Virginia Beach (3, Informative)

SocialWorm (316263) | more than 11 years ago | (#3417084)

According to this article [] at The Register, M$ ordered the audit, not the B$A. Am I missing something?

Re:City of Virginia Beach (2)

leucadiadude (68989) | more than 11 years ago | (#3417176)

M$ == B$A

Re:City of Virginia Beach (5, Insightful)

sylvester (98418) | more than 11 years ago | (#3417100)

hermph. This brings up an interesting point. When people do comparisons of the TCO of windows vs. Linux, they really oughta include the cost of an audit. And maybe a little function based on P the probability of you having unlicenced software installed and C the cost of being caught with that. Seems to me that from the sounds of it, the TCO for MS (and all BSA companies) will be hands-down higher than that of Free alternatives.

Someone should take a TCO analysis from someone in the BSA (probably MS), add an estimate of audit cost, and then compare to the same company's TCO analysis for Linux/Unix systems.

/. checked a source?! (-1, Offtopic)

Pyrosz (469177) | more than 11 years ago | (#3417021)

"...we have contacted the source and believe the story is factual and the appeal for help is real..."

This is an April fools joke isn't it?! Slashdot does not check things... ohh my brain hurts now.

Re:/. checked a source?! (0, Offtopic)

johnlenin1 (140093) | more than 11 years ago | (#3417043)

Right. Exactly how do you contact an anonymous source?

Re:/. checked a source?! (-1)

Anonymous Cowrad (571322) | more than 11 years ago | (#3417113)


they have all the answers.

Re:/. checked a source?! (0)

Anonymous Coward | more than 11 years ago | (#3417157)

Ditto that. At a public university (or for that matter most private ones), faculty members are not going to be addressing issues like these. If it was the IT group that replied to the letter, how/why would a faculty member even hear about this? What do you think those university administrators make all those big bucks for anyway?

First, (5, Informative)

crumbz (41803) | more than 11 years ago | (#3417023)

Contact your in-house legal department or if you don't have one, consider retaining counsel that specializes in IP (intellectual property). If they have sent you a formal inquiry in the attempt to perform an audit, forward all correspondence to your counsel. By no means allow any staff or others to contact them or respond to them directly or indirectly. At this point, all contact should be coming from your legal team.

Good luck.

Actually... (5, Informative)

SPYvSPY (166790) | more than 11 years ago | (#3417192)

Can I recommend that you retain lawyers that are technology generalists rather than IP counsel? I am a technology lawyer, and my experience is that IP lawyers are generally quite clueless about the nitty-gritty realities of transactional technology (e.g., the character of the major vendors, typical licensing provisions, typical workarounds, typical negotiating points, non-IP leverage points, etc., etc., etc.) IP-types (who are typically litigators rather than transactional lawyers) are more likely to take a dispute-oriented approach, rather than a more creative and effective negotiated approach. YMMV.

BSA's feedback phone number (0, Informative)

Anonymous Coward | more than 11 years ago | (#3417024)

They have a number at at toll free 800-544-3746 or local 818-882-2878 where you can let them know anonymously what you think of their practices, and how they can improve.

Call them and POLITELY explain your thoughts -- it can only help.

Re:BSA's feedback phone number (3, Funny)

great_flaming_foo (561939) | more than 11 years ago | (#3417069)

You know they have to have caller ID on that line and are most likely takeing notes on who to audit next.

Re:BSA's feedback phone number (2, Interesting)

SocialWorm (316263) | more than 11 years ago | (#3417120)

Although it is somewhat trivial, 800 and 888 numbers have a 'special' caller-id-like system which is more powerful, and which cannot be blocked the same way. I don't recall what it's called off the top of my head, but yes, if you call that number, there's a good bet the BSA will know who you are.

Re:BSA's feedback phone number (0)

Anonymous Coward | more than 11 years ago | (#3417165)

It's called "ANI" (Automatic Number Identification), it's used for billing/accounting purposes, since the receiver of the call is paying the toll charges.

Call from a pay-phone. =)

Re:BSA's feedback phone number (0)

Anonymous Coward | more than 11 years ago | (#3417070)

You might want to call from an outside payphone or some other means where the number can not be associated with you or your place of employment. I do not find the idea of them logging such things and using them in an improper way (i.e. as a starting point for picking someone to audit) hard to imagine.

Go open source (4, Insightful)

Animats (122034) | more than 11 years ago | (#3417028)

What a great time to convert to an all-open-source campus!

Some big organization needs to do this in response to a BSA audit request.

Re:Go open source (2)

einer (459199) | more than 11 years ago | (#3417108)

Make sure that the companies that subscribe to BSA services KNOW that you're going over to an all-open-source campus because of the BSA. I can't imagine the BSA being so bold if this threat were realized more than once on large enough campuses.

Re:Go open source (5, Insightful)

Derkec (463377) | more than 11 years ago | (#3417204)

Yeah, that's a great plan if you don't need to use any software. Seriously, a chemistry friend of mine works on commericial software running in the 10K per seat range. No quality open source alternitive. Oh, and it runs on Windows. Language classes use language tutoring software. Graphic art classes use photoshop. Computer science runs on donated equipment. It might be hard to get Sun to keep sending you free boxen when you remove solaris from every box you get so you can go free.

While the idea of a campus that's totally open source is cute, the idea is totally unworkable and not a feasible solution. That is the reason noone will respond this way. People spend money on software because some software is only legally available when you spend money. If I was still in high school, it would be a no-brainer to decide not to go to any school that didn't use any proprietary software.

We'd all like free software. However, with very rare exceptions, the best (or all) software in most domains is closed. Why? Because I can't find enough chemistry people and programmers who will cooperate to make me specialized software of superb quality unless I unload a big pile of cash.

Beware (5, Interesting)

dreamchaser (49529) | more than 11 years ago | (#3417030)

Once the BSA has its sights set on an organization, then that organization had better have either the licenses or the money to pony up FAST to buy them. I have seen cases where the BSA isn't satisfied with responses and comes back with Federal agents (yes, guys armed with subpoenas and guns.)

If you are reasonably sure that your licensing is OK, then you could probably stave them off. It would be a unique Uni that licenses all of the software being used though, based on my experiences.

Basically, you are screwed if you a) don't comply with them and b) don't have your licensing in order.

Re:Beware (3, Interesting)

Xader Vartec (181638) | more than 11 years ago | (#3417101)

I'm sorry but FSCK THAT!!!

If I word for an orginization (University, corporation) I am NOT going to allow some orginization to TOUCH my PERSONAL computer!!!

I don't copy software from my work but it is NONE OF THE BSA'S BUSINESS what I have on my computer (I don't pirate software either).

I think the BSA's demand to see the faculties computers is OUTRAGOUS!!!

Re:Beware (2)

dthable (163749) | more than 11 years ago | (#3417139)

I agree. I thought that Americans were protected from companies and law enforcement searching blindly without being invited. Invite them to search the school doesn't give them rights to apply the search to all home users without any cause.

And people call the GPL a virus.

Peanalized for personal computers (4, Insightful)

Aiku1337 (551438) | more than 11 years ago | (#3417037)

and this includes computers *personally* owned by faculty."

Why should an organization be peanalized for personally owned computers? Yes, IT can set rules and what not but how many users actually follow IT rules?

Note to self, don't bring laptop to work if company is being audited by gestapo...err, BSA.

Personally owned equipment? (-1)

Anonymous Coward | more than 11 years ago | (#3417041)

Tell them to fuck off. Your shit is your shit.

Requests a Court order. (2, Insightful)

infonography (566403) | more than 11 years ago | (#3417045)

Make them earn it. It will buy you some time. It also may work to keep them off your back a major trouble makers. There is little profit in lawsuits (unless your a Lawyer).

radio campaign (2, Interesting)

Doppler00 (534739) | more than 11 years ago | (#3417047)

I remember that the BSA was actually running radio ads here in Silicon valley warning companies that they had a one month grace period to audit their own software. I wonder what connection the BSA has to the government that they are able to enforce licensing and impose fines.

Re:scare campaign (1)

zaren (204877) | more than 11 years ago | (#3417181)

I got two separate letters from the BSA last year during their FUD campaign, warning that I might be randomly selected for an audit of my business computers should I fail to register all of my software.

I don't have a business, and don't use any of the software on their list of searchable software, so I decided to not worry about it, and instead decided to defend my home and family should anyone come knocking at my door, demanding entrance to my house and access to my private property.

Nobody ever showed up.

The BSA (and Microsoft, one of their primary financial backers) seem content to get money from those they can bully and scare into submitting to them.
Is Darwin an evolutionary OS? []

I simply can not understand why you let them in (0)

Anonymous Coward | more than 11 years ago | (#3417048)

Why should you cooporate anyway? Let them esad. As far as you are concerned, all your software is GPL'd.

I would really love to see them knock on my door at home, trying every legal shit they can think of and still don't get in simply because they have no proof what so ever that I run software purchased from companies they represent. Even more, as long as they are not law-enforcement agencies, they have no business knocking on my door anyway. I'm really pissed to see how many people fall into their big mouth. Just tell them to shut the $evilplace up and get the fsck out.

Website (0)

Anonymous Coward | more than 11 years ago | (#3417050)

Is it safe to go to the BSA website without being audited?

interesting read on the subject of copyrights. (1)

Transient0 (175617) | more than 11 years ago | (#3417051)

I'm not sure how this will mesh with the thoughts of the majority of /.ers but it's interesting that this piece is historic and yet it is so relevant to the world of software.

Individual Liberty: Selections From the Writings of Benjamin R. Tucker []

As a CIO myself... (5, Insightful)

Argyle (25623) | more than 11 years ago | (#3417053)

I would suggest that you 'lawyer up'.

You absolutely need your legal counsel involved in this. An IT department is generally unsuited to handle these type of business/legal affairs.

By sucking in the legal folks you turn it from an IT problem to a 'university as a whole' problem.

Do not let them strong arm you into anything. Play hardball. Tell them you are doing an internal review that could take months.

Remember, they will be very reluctant to force the issue into a courtroom. It is very bad PR for them to take an impoverished college to court. A jury would be filled with people who all have 'unlicensed' software on their home PCs.

But in the end, you will have to make a reasonable effort to be in compliance and generally pay for the software you use. That, my friend, will be unavoidable. Unless, you switch IT platforms to a free or close-to-free software environment.

Good luck.

Beeziness Software Alliance #@ +4 ; High @# (-1, Troll)

Anonymous Coward | more than 11 years ago | (#3417056)

As a non-lawyer who has practised law for many
years in both Canada and The United States of
Amerika, ignore them.

420 Lewis !!!!!!!!!

At least they're somewhat fair... (2, Insightful)

keep_it_simple_stupi (562690) | more than 11 years ago | (#3417058)

If you have a company who is grossly out of whack with licenses, they will grant you a "grace period [] ". Kind of nice to know that not everybody is out to screw you.

Just my $.02

Re:At least they're somewhat fair... (1)

einer (459199) | more than 11 years ago | (#3417127)

[screaming] SHILL! [/screaming]

kidding. ;)

The BSA isn't all bad (5, Funny)

larsu (473425) | more than 11 years ago | (#3417062)

The BSA isn't all bad. First, haggles over license increase the total cost of ownership for commercial software, which makes free (as in speech) software more attractive.

Second, I used them to shut down a competing software retail store once. The place was selling Microsoft OEM software off the shelf. A call each to the BSA and to Microsofts Piracy line and the place was out of business in 4 months. :)

Re:The BSA isn't all bad (-1, Flamebait)

Anonymous Coward | more than 11 years ago | (#3417122)

You should have been shut down you fucking scumbag!!! You are as dirty as M$ and the BSA

Re:The BSA isn't all bad (-1, Troll)

Anonymous Coward | more than 11 years ago | (#3417202)

thats realy nice i hope somone does somthing like this to you one day. you are a nazi.

The BSA can fire your employees? WTF? (0)

Anonymous Coward | more than 11 years ago | (#3417064)

On this:

>with penalties that could range from the
>confiscation of the machine to the firing of
>the user;

Exactly how is the BSA supposed to fire in-house employees? Freaky.

So let me get this right... (1)

kingpin2k (523489) | more than 11 years ago | (#3417067)

The BSA is a completely unrelated third-party attempting to enforce a contract they have no interest in? Is that about it? The license is granted by the manufacturer to the user (organization). Why does the BSA have any role here at all. If M$ doesn't feel the need to enforce their contracts through normal channels (i.e. suing you), then I'd tell the BSA to shove it. Of course, IANAL.

Slash-umptions! (2)

tommck (69750) | more than 11 years ago | (#3417141)

How do you know it's Microsoft?

Re:Slash-umptions! (1)

kingpin2k (523489) | more than 11 years ago | (#3417180)

Firstly, thanks for reading so closely. Secondly, I don't care what company it is. Have a nice day.

Warrant??? (2, Informative)

khronos (303357) | more than 11 years ago | (#3417068)

Ask them for the Search Warrant. They should at least have to have a reasonable belief that you have software on your computer that is not licensed. Arbitrary demands to search your computer are unreasonable, they cost you both time and money, no court should uphold a part of a license that subjects anyone or any institution to unreasonable searches or demands, no matter what the licensing. Notice in all EULAs they put that little clause in there that says, "If any part of this license should be found unenforceable, then the rest of the license shall remain in full effect..." That's because the EULAs have not been thoroughly tested in a court of law, and they know they are going to lose on some parts. Without some kind of evidence they're going to have a pretty weak case.

Check with the school Lawyers (1, Redundant)

Frobnicator (565869) | more than 11 years ago | (#3417071)

Most public schools have a few lawyers. Get them involved NOW.

Tell them the problem, including asking if the BSA has the RIGHT to DEMAND that you run their programs on your computers.

If the legal geeks say that they do, get together with them and jointly request the IT department to move away from those companies.

That does two things -- first, you will show the BSA (not boy scouts) that you are willing to fight back, and second, it presents a case to the school the problems of private software in a public setting. (That's an obvious Free Software comment. karma++ )

One word (5, Informative)

pongo000 (97357) | more than 11 years ago | (#3417072)

...and that word is "outrageous." If your administration does not step in and put a halt to this egregious evasion, then you can tell them I told you they are a bunch of pussies.

Seriously: Where's the search warrant? How enforceable is a EULA with such broad contractual provisions that it forces a licensee to waive all rights to due process and freedom from illegal searches? (Before you naysayers tell me the Constitution has no bearing in this, check the facts: In many cases, BSA shows up at the doorstep with their very own law enforcement escort.)

There is a legal concept known as "blue-lining" in which a judge has the legal authority to water down, modify, or even eliminate certain portions of a previously-agreed-upon contract. I learned about this after I found myself the unwitting signatory to a capricious and completely illegal legal document. The state recognized the document as legally binding; however, the state also found the terms of the agreement were overly-reaching, capricious, and without legal standing, effectively nullifying the contract.

The reason why companies continue to write obviously unenforceable contracts is that they know the number of people willing to fight in court is very low. Most will simply roll over, expose their underbellies, and submit to being raped rather than fight.

Hmm, a case for moving a whole school to LINUX. (2, Funny)

IMarvinTPA (104941) | more than 11 years ago | (#3417074)

Step 1, bury all burned CDs
Step 2, download distro of choice.
Step 3, burn that onto CD.
Step 4, format HD and install it.
Step 5, laugh when you show them the freeware license.

Step 1, transfer to another school.
Step 2, feel bad for your friends.


Vere are you Papers! (0)

Anonymous Coward | more than 11 years ago | (#3417076)

who pays for that auditing software?
what if it requires an upgrade to run?
we're trying to audit our own systems, but are resorting to payware

I would think that personal machines are off limits... (unless they are onsite)

failure to provide 'license' would be a problem...
what if you could provide invoices? paid bills for
bundled purchases of said software?
I doubt the range goes exclusively from confiscation to firing.... there are many options
that dont really fit INBETWEEN those.

Surely your univerity has legal council on staff?
They generally know when you tell folks like the BSA to pounch sand.

Firing of users? (4, Funny)

Fiver-rah (564801) | more than 11 years ago | (#3417077)

You can tell that they're full of it for at least one reason. They claim that they can force the university to fire users, including professors. This is, quite simply, bull.

It seems to me that there's no way they can force the university to fire people over licensing issues. *Especially* professors. Most of those people have tenure, you know. Professors with tenure at my university have gotten away with embezzling grant money and sleeping with undergraduate students. Depending on the tenure contract at your school, it is probably *illegal* for the university to fire professors over this issue. BSA can't possibly wield a big enough stick for this to hold any water.

As such, it seems to me like they're protesting too much. The scenario they paint is patently ridiculous.

Personal computers (2)

Ron Harwood (136613) | more than 11 years ago | (#3417080)

and this includes computers *personally* owned by faculty.
I assume you mean owned by faculty - but onsite at work? If so - why wouldn't they be treated like any other computer onsite.

Re:Personal computers (1) (566891) | more than 11 years ago | (#3417168)

and this includes computers *personally* owned by faculty.
I assume you mean owned by faculty - but onsite at work? If so - why wouldn't they be treated like any other computer onsite.
Machines brought onto campus could have anything on them. The licensing for those machines is the responsibility of the person that owns the machine and brought it on campus. The university isn't responsible for the machine in any other way, why should it be responsible for the software licenses on it?

Given the horrendous depreciation of machines I think this is a good motive for giving all tenured faculty ownership of the computer on their desk. The faculty are the worst pirates anyway. Tee-hee.

Re:Personal computers (1)

Aiku1337 (551438) | more than 11 years ago | (#3417173)

I thought the *UNIVERSITY* was being audited. This means items which were purchased with funds allocated by the university. If Prof. X (Professor by Day, k-rad elite d00d warez priate by night) decides to bring in a laptop purchased with HIS own funds, and has some unlicensed software on there, why should that reflect on the university?

IANAL obviously, but isn't that like the cops coming over with a warrant to search your house for a murder weapon, then searching your friend who happens to be there at the time, find some drugs, and then arrest him for drugs? Isn't that illegal? Maybe that's a bad analogy.

Next time... (2, Redundant)

Silver222 (452093) | more than 11 years ago | (#3417081)

Don't invite them in, ever. This is like the police department in your town mailing out letters, and you inviting them into your house to have a casual look around and "explain" the law to you. You're just asking for trouble here.

BSA or cops, they are both a pain in the ass. Don't invite them over.

Can I suggest MIT? (5, Informative)

watanabe (27967) | more than 11 years ago | (#3417085)

There have to be a few, powerful, tech savvy universities that have dealt with this before. What about MIT? Can someone here get this poor AC in touch with the right person at MIT? I'll bet some cash that MIT does not have the BSA's software on their student cluster PCs.

Also, my 2c on this: There are a few angles. Clearly, a private institution is innocent until proven guilty under US law. So, the scare tactics the BSA is using on your University take a couple of prongs:

  • For the legally not so savvy, it says "We'll sue if there's even a hint that you might not own some software! Put our software on your computers to keep us from suing."
  • For the legally more savvy, it says "We can make your life sufficiently annoying that it will be cheaper to just let us put this software on your system." Then we'll go away.
To address this for both audiences at your university, you'd like to be able to prove:
  1. Your university is not, in fact, legally liable to the BSA, and that it in general isn't responsible for what people do with their personal computers.
  2. It will be significantly more expensive to install the software they require, than it will be to get legal counsel to tell them to go away.
My guess is both those things are true: A nicely backed up presentation proving both those points would probably quelly our nightmares. Good luck! Post back and tell us what happened.

Fire that guy! (3, Interesting)

Jon Howard (247978) | more than 11 years ago | (#3417087)

If the Gestappo comes by asking if you've seen any Jews, do you ask them to explain what Naziism is all about?

Until this IP law is overturned, cower and hide if you're not williong to put your ass on the line to do something about it. In this case, your guy put his ass on the line, it's only natural that he takes what's coming to him. Consider it a form of back-assward martyrdom.

Re:Fire that guy! (5, Funny)

scrytch (9198) | more than 11 years ago | (#3417158)

If the Gestappo comes by asking if you've seen any Jews, do you ask them to explain what Naziism is all about?

Godwin's Law. Discussion over. Ask a Bosnian Muslim how he feels about your comparison. Or a Hutu.

Two solutions (0)

Profane MuthaFucka (574406) | more than 11 years ago | (#3417089)

One, is to say FUCK YOU to the BSA and make free software the standard for the university, unless there is a clear need for something that is not available through free software. Now, that might be fucking hard, because many professors have their own labs, and they will either already have entrenched themselves into non-free software. The other option is to bend over and let them fuck you in the ass. If you're a public university, you might organize some kind of fucking propaganda campaign, directed at the voters of your fair state, showing them how the fucking BSA is costing the taxpayers a lot of fucking money.

One helpful suggestion (1)

rworne (538610) | more than 11 years ago | (#3417090)

First, IANAL, but this seems obvious if there's no chance of fending off an audit:

Personal machines are the biggest risk, since your organization really has no control over them. The solution? Pass a new rule forbidding personal machines on campus. Yes it'll suck, but having such a rule in place (with appropriate disclaimers of liability) will allow your organization to get people to take those things home before the audit occurs. This can always be changed back after the audit. It runs the risk of the administrators just saying no personal machines, period, but you take your chances.

Organization-owned machines should be a lot easier to audit, since Joe Blow usually cannot waltz in and install stuff on them.

I would be careful of Linux or other free-software based machines, M$ and most likely their BSA lackeys won't take kindly to them.

Re:One helpful suggestion (0)

Anonymous Coward | more than 11 years ago | (#3417186)

Just a quick comment: the legality of what the BSA is trying to do here is suspect, but THIS legal issue is not -- if you have a machine running Linux, and you show that it is running Linux (I'm not sure what "license" you'd show, I would imaging you'd have to boot each machine individually) they can hate it all they want, but they can't legally do anything about it. In fact, if you're running some MS and some Linux, Microsoft would probably rather cut you a deal and work out licenses to get rid of those Linux boxes than force you to pull your MS boxes out entirely...and hey, if having Linux machines pisses them off, and you can prove that it influenced their post-linux-discovery actions (i.e., you were hit with a harder penalty) that might actually swing things your way a bit in court...or not. I dunno.

Lawyers. (4, Informative)

cnladd (97597) | more than 11 years ago | (#3417095)

At this point, the only leverage that they really have is fear - they're trying to intimidate you. This is what they've done to hundreds of other companies. They come in, use your "acceptance" of a software product's EULA as a hammer, and either force an audit (which, with the criminal penalties they throw at you, gets to be scarily expensive) or force you to pay upfront and forget about the audit.

Yeah, some people call it legalized extortion. IANAL. :)

For something like this, they should really go through your university's legal department. If the legal department hasn't gotten involved yet, then get them involved now! Get some counsel. They are the folks that were hired to protect you from this sort of thing (among many others).

This sounds just like pure intimidation to me. Especially once you mentioned that the audit includes personally owned computers. If they want to audit my personal laptop, which I bring into the office sometime, they would not send the notice to my employer. They would send it to me. Like I said before, talk to a lawyer. A lawyer, not the Slashdot crowd, can give you the best advice.

My two peeves here: (5, Interesting)

dschuetz (10924) | more than 11 years ago | (#3417098)

  • failure to produce licenses for all commercial or shareware software will constitute prima facie evidence of illegal possession, with penalties that could range from the confiscation of the machine to the firing of the user;
  • and this includes computers *personally* owned by faculty

I'll hit the second one first. If the personally-owned computers are on the network, they're close, maybe, to being able to audit those. Maybe. But that's really grey. I know I, for one, wouldn't let them on, and if they came into my office and said "let me look on that machine," I'd simply disconnect it and say "no."

For the first one, though, I have a much bigger problem. Can anyone cite any other [industry / realm / product space] where one is required to retain all receipts in order to prove ownership? I don't need a receipt to show that I own the shirt I'm wearing. If someone wants to accuse me of stealing it, show some evidence. I don't need a receipt to verify that I own the couch in my living room -- if someone thinks I stole it from my neighbor, fine, prove it. So, why on earth do I need a receipt for software?

I can understand the technical complications that are entailed here -- like when you've got 1 CD for 100 machines. But the legal issues are what I'm more curious about. In no other situation am I, essentially, guilty until proven innocent.

Does anyone know if anyone's fought the software industry on those terms? You can't prove I stole it, so go away. Seems like it should work, but then again, maybe I'm being idealistic.

(Okay, I thought of two examples -- cars and real estate. But those are tracked for me by the government, and if I lose a copy of my title they can send me a new one, for a modest fee.)

Pirate? (1, Funny)

Anonymous Coward | more than 11 years ago | (#3417104)

As Dr. Teague put it. R dr d-theta. ;-)

single vendor? (1, Interesting)

Anonymous Coward | more than 11 years ago | (#3417105)

have you purchased most of your software from one vendor? if so, note that to the BSA...

Do your users install applications themselves (do they have the ability to?) if not, note that as well

As i understand it, the BSA is primarilly concerned with mass piracy either A. a company using multiple copies of say win2k server or windows 2000 professional... and/or B. people installing lots of applications themselves.

just my 2 cents haveing delt with a forced audit from M$ in the past...

if you are sure you are not using lots of pirated software, ie. you buy windows with every computer and you don't let users install software (policies help alot here, in fending of responsibility) then you'll be fine... just give them the info you have...

I do not believe you have to comply with software based auditing software, specifically state that you manage licensing on the purchasing, policy, and physical software installation prevention end NOT at the client... you can probably find millions of documented analysists that would show that such software would prohibitavly increase TCO out of sight...

I wonder... (4, Funny)

cnkeller (181482) | more than 11 years ago | (#3417116)

If anyone has told the BSA to f**k off? Had them come back with Federal Marshalls/FBI, then politely let them inside, offered tea and cookies, showed all appropriate licenses, then bill the BSA for wasting the companies time in a fruitless search and wasting tax payer dollars for the marshalls....

Personally, I enclosed a RedHat sticker in their mailing and told them where to stick it....

But seriously... (2, Insightful)

spoon42 (41389) | more than 11 years ago | (#3417118)

The report that the BSA gave to our administration was filled with scary stories about other schools who tried to resist...

Seriously, why hasn't someone taken up these bozos on racketeering charges or something? And if your answer is that the bozos bought the government and it's too late, don't bother posting... Every story I hear about the BSA, including their own commercials sounds like something out of a gangster movie.
Bleh. More IP doom stories. What a waste of time. :p

A good reason... (1)

JonWan (456212) | more than 11 years ago | (#3417125)

to replace *all* possible software with Linux, BSD, ect. Leave only a few office computers and any that need special programs that can't be replaced with "free" software. Since you are a university get some CS grad students to work on installation and training. Call RedHat pay them a chunk of money to come out and help you set things up. In the long run it will be a hell of a lot cheaper that paying the BSA their fines and all of the extra licensing you don't really need. I got one of the BSAs' fishing letters the other day. They would be disappointed to see that everything here runs linux execpt an old 486 running dos 5.0 and a point of sale program. BTW the POS program will run on Linux/DosEmu/DRDos, but the computer can't handle the extra load. When the 486 gets replaced it will run linux/DosEmu.

grin and bear it (2, Informative)

fermion (181285) | more than 11 years ago | (#3417140)

It has been said before, and I am sure it will be said again, but my only experience with the BSA is as a "protection" scheme. To be clear, I buy my software and I encourage everyone I work for to buy his or her software. I believe that people who write software has a right, if they so wish, to be fairly compensated. I also believe that not every piece of stolen software out there is in fact a "lost sale". In addition, not every person has a right to Microsoft Office, or the latest version of Windows, so it they can't afford it, they really don't have a right to steal it. On the other hand, Microsoft did build the popularity of Windows, in some sense, by making it easy to steal software.

That said, my only experience with software audits is with Microsoft. It was quite a galling experience because the company I worked had spent a lot of money and time insuring that only licensed software was running on the machines. After that good faith expense, the BSA comes in and demands an audit. They basically hi jack our hardware people for a week, cause no end of interruptions to the development of our product, install gods knows what on all out machines, and wreak general mayhem. If course we could have avoided the entire thing by paying the "protection" fee. They treat the customers like addicts. It like you get the drug free know, and when you are hooked, we will exact the price.

(not help) If BSA was 100% effective.. (1)

SaberTaylor (150915) | more than 11 years ago | (#3417142)

the monopoly barriers would fall to increased free software usage.

can you think of a less awkward slogan for this concept? -->

"friends don't help friends bootleg shackles"

If you have proprietary software you are screwed (2)

mikethegeek (257172) | more than 11 years ago | (#3417151)

It's in the EULA, unfortunately... They can audit you anytime they wish. To not let them do so breaches your licenses.

For God's sake, READ THOSE EULAs! If more schools, businesses, orgs, paid attention to what they were signing themselves up to, one of two things would happen:

1. They'd opt for more "Free" as in freedom software that does not have such draconian strings

2. There would be FAR more pressure to change or limit what can be put in EULA's..

But, the bottom line, the EULA is a contract that your org agreed to soon as you clicked "I agree". Submission to the BSA is one of those things they agreed to.

Sure, much of it MAY be illegal and unenforceable, including the BSA audits, BUT, because you all "signed" the contract, it's up to your org to go to court and PROVE it...

well within their rights (2)

tps12 (105590) | more than 11 years ago | (#3417155)

Preparing to be flamed/modded down...

Let's be reasonable here. This is an industry group. They are not a company or corporation, or even a government body. That is, they don't have shareholders, and they don't get to take home bonuses if they have a "good year." In fact, the people at the BSA would consider the best year to be one in which they have no work at all.

Why? Because the BSA exists for no other purpose than to protect the investments of software companies. Whose products benefit us all (yes, even we Linux customers...for surely the software in use by banks, at the DMV, at "the club," etc. are not all free!).

So step back a bit, and calm down. If you do have illegal software, well, what is your defense? To be frank, that is illegal and immoral, and definitely does not make your university a role model for students, IMHO.

Remembering that IANAL, IIRC, if you don'thave any illegal or pirated software, what have you to hide? Basically, the fact that you are so worried about it indicates that you do have something to hide, and I have to say I feel sorry for you.

But not that sorry. After all, information regarding fines for pirating software was freely available to all who wanted to find it. If you then chose to ignore this, well, you took a risk. If you blew it, well, it sounds harsh, and IANAL, but I believe you are in trouble.

Good luck, and everyone, please remember. If you can't use free software (which does not fall under the BSA jurisdiction, IIRC), please keep it legal. The software industry benefits us all, especially at the university and business levels.

They may not have the right to come in, but.... (2, Interesting)

Jasonr1023 (554686) | more than 11 years ago | (#3417159)

I am sure that somewhere in the university there is a disgruntled, or ignorant employee that is more than willing to have private discussions with the BSA regarding the software that they and everyone else uses. Once armed with the conversations with "Insiders" then the BSA has a leg to stand on to get in with the law enforcement types and really force you to do things.

Oh, and so far as them requiring audit software on your computer... NO WAY can they do this! They would have to take you to court, sue you and win with some of the terms being software licensing monitoring.

They tried to force the company my mom worked at to do this. She called me, and we went ahead and just removed MS office from every machine and installed StarOffice.
Followed by a nice letter to the BSA and MS saying that they are going to go open source now b/c of the BS of the BSA

An Ounce of Prevention (2)

Artagel (114272) | more than 11 years ago | (#3417160)

The BSA often operates off tips from disgruntled former employees. A sufficiently credible employee, with a bad enough story, might be able to convince the feds to issue a warrant, but that is not likely. More likely is the threat to file a lawsuit.

No system will be perfect. If you implement systems to *try* to operate with properly licensed software, disgruntled former employee stories are less likely to stick, and once they see that a system is in place, the BSA will be able to see that litigation is not likely to be profitable on the occasional bad copy.

You'd rather be the angelic university that tried hard than the greedy pirating corporation that stole everything in sight.

They have no leverage!!! (1, Interesting)

Anonymous Coward | more than 11 years ago | (#3417161)

Their right is CIVIL.
It stems from an EULA which is probably illegal.
They have to show in court that the EULA is legal and that they can invade.

The stories are just marketting to scare you.

Tell them to go fuck themselves and when they try the legal process you go after the EULA they use and have it invalidated. That will piss them off no end, but it will teach them.

Yet another reason to use Open Source Software (3, Interesting)

RailGunner (554645) | more than 11 years ago | (#3417166)

.. because it keeps predators like this out of your life. The BSA is nothing more then a modern day mafia - pay them protection money, and they won't tell on you for having an unlicensed copy of an application. It's a total racket, and we ought to get a class action suit against them for extortion.

As far as whether or not they can do this, if anyone (person or organization) who wants to audit you like this is not an official department of a Government Law Enforcement Agency, whether it's federal, state, or city, then tell them to fuck off. Otherwise, you are guaranteed due process and they will need to obtain a search warrant.

Privately owned PC's would be a separate search warrant - as they are not owned by the University they the University is not liable for it's contents.

Too bad the powers that be at the University won't do this. But what they should do is just install the Open Source, Free OS of their choice and tell the BSA jackals to burn in hell.

And to any member of the BSA who might be reading this: I run Red Hat Linux 7.1 at home. Go away. Kapisch?

my vision of talking with the BSA (4, Funny)

Evil Willow (24876) | more than 11 years ago | (#3417169)

BSA: We need to see licenses for all your software.
Me: This is an open source shop, but if you tell me which open source license you would like to see...
BSA: We at least need you to run this auditing software.
Me: Hmmm, seems kinda pointless, but what the hell. Do you have a Linux version?
BSA: No. You will have to remove your Linux OS and install an MS based OS that we do support.
Me: You want me to do what?!? Get the !&@$#%*@$%^& outta my sight!

bloody good marketing campaign by the BSA. (3, Insightful)

il_diablo (574683) | more than 11 years ago | (#3417171)

[the obligitory IANAL here]

we did some research here at our company. my CEO and i were discussing it (i'm the CTO), and he told me he had done some leg work on the subject when the BSA first started their "scare tactic" TV/radio campaign.

the BSA is a software reseller. they have NO LEGAL AUTHORITY. they are not the "Software Police". they can't come to you and demand anything. you have to (stupidly, actually) ask them to come and perform an audit. then, when they find non-compliance, they offer to sell the company the licenses at a "special price".

they're vampiric...if you don't invite them in, they have no power.

of course, now that the ball has started rolling, they can probably bring some legal action. i'm not sure what legal recourse the SPA has (for example). subpoenas/warrants/etc, possibly. i imagine that there is a goverment agency to which they can appeal for such. and the BSA only has to pick up the batphone to them to start the ball rolling.

i know that doesn't help now, since they've already gotten a foot in the door. but it may help others.

Serious limitation in the 4th Amendement (1)

hacksoncode (239847) | more than 11 years ago | (#3417172)

I'm starting to think that the Founding Fathers made a serious mistake when drafting the Bill of Rights.

The rights enumerated therein should have been explicitly protected from intrusion by private parties in addition to intrusion by the government.

At the time, I think they felt that government was by far the biggest threat, and multinational and other powerful corporations didn't exist to any significant degree.

But now it's starting to seem like we need an amendment extending our protections to include such organizations.

Anyone have any thoughts on an appropriate wording?

I'm thinking something like "The rights enumerated in the Constitution are inalienable and shall not be infringed by any state or private party."

The "inalienable" part is intended prevent EULAs from making us "voluntarily" give up our rights.

One word..... (1)

xcable_hhh (442882) | more than 11 years ago | (#3417187)


Switch to different software then LARP (0)

Anonymous Coward | more than 11 years ago | (#3417188)

Then of course ARM your IT department with shotguns
and call the BSA(called extortionists in some circles) and in your best Duke Nuke'm voice say
"Come Get Some"

Live Action Role Playing is way more fun then lame ass Counter Strike.

Also ask the BSA to show you all of their licenses!

Hello. (0)

Anonymous Coward | more than 11 years ago | (#3417189)

I send you this load of .45 calibre round in order to say get the fsck off of my property!

You know, I wish I owned a company, just so I could fsck with the BSA. Arrogant bastards, as if corporations weren't usually evil enough, we've got a parasite attacking them as well.

Volunteer Groups to Partner with Education (1)

datastew (529152) | more than 11 years ago | (#3417197)

In response to Microsoft's Strong-Arm Tactics against NW Schools [] , as discussed on Slashdot here [] , the Portland Linux Unix Group [] has been discussing how to go about effectively working with the local school districts and regions.

Can anyone show us examples of Linux or other computer user groups working together well with educational districts or institutions? Also useful would be examples of schools which have successfully made the switch to mostly GNU or Open-Source software.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?