×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Bruce Schneier Weighs in on IT Lock-in Strategies

Zonk posted more than 6 years ago | from the lock-and-key dept.

Security 186

dhavleak writes "Wired has an article from Bruce Schneier on the intersection of security technologies and vendor lock-ins in IT. 'With enough lock-in, a company can protect its market share even as it reduces customer service, raises prices, refuses to innovate and otherwise abuses its customer base. It should be no surprise that this sounds like pretty much every experience you've had with IT companies: Once the industry discovered lock-in, everyone started figuring out how to get as much of it as they can.'"

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

186 comments

Let me guess (-1, Flamebait)

Anonymous Coward | more than 6 years ago | (#22341422)

Counterpane doesn't lock you in to any single vendor. Bruce is just shilling for his .com. Yawn.

Re:Let me guess (5, Funny)

eln (21727) | more than 6 years ago | (#22341852)

I really don't think you should be talking about Bruce Schneier like that when you clearly know nothing about the man. For example, did you know that Bruce Schneier once decrypted a box of Alpha Bits? Or that he knows the state of Schroedinger's cat? It's true! [geekz.co.uk]

Re:Let me guess (1, Funny)

Anonymous Coward | more than 6 years ago | (#22343034)

"...Or that he knows the state of Schroedinger's cat?"

Maybe he does, but even Schneier cannot *make* the cat choose a state!

Re:Let me guess (4, Funny)

mrsteveman1 (1010381) | more than 6 years ago | (#22343394)

Where did you get this information? Quantum mechanics tells us that Bruce Schneier cannot be observed directly.....

Actually... (-1)

Anonymous Coward | more than 6 years ago | (#22341464)

He is a big fan.

As in... (0)

djupedal (584558) | more than 6 years ago | (#22341484)

lock-in = subscription based business model...for those that don't know :)

Re:As in... (4, Informative)

trolltalk.com (1108067) | more than 6 years ago | (#22341578)

lock-in = subscription based business model...for those that don't know :)

Nope.

Lock-in is anything that creates barriers to moving to a competitor. For example, file formats. Or email address non-portability between different ISPs (or freemail providers, for that matter). Or (in the case of telecoms) number non-portability.The subscription model is one of the ways to milk extra bucks from lock-in, but it isn't itself a "lock-in."

so is a gun to the head... (1)

djupedal (584558) | more than 6 years ago | (#22341790)

"The subscription model is one of the ways to milk extra bucks from lock-in"

Of course - I in no way declared there was a singular definition, but thanks for expanding the subject, none-the-less :)

Re:As in... (3, Informative)

misleb (129952) | more than 6 years ago | (#22342282)

Or email address non-portability between different ISPs (or freemail providers, for that matter).


This being an unintentional form a lock-in, of course. You wouldn't actually expect an email address to be portable, would you?

-matthew

Re:As in... (1)

trolltalk.com (1108067) | more than 6 years ago | (#22342598)

Or email address non-portability between different ISPs (or freemail providers, for that matter).
This being an unintentional form a lock-in, of course. You wouldn't actually expect an email address to be portable, would you?

You and I wouldn't, but that doesn't mean much (sigh). How many people do you know who won't change ISPs because they can't "bring their email address with them" if they change?

It's also one of the reasons Yahoo! is worth so much to Microsoft - a lot of people who are using their email won't bother to move, because of inertia and lock-in.

I don't understand why most people don't get together with friends and family and each pitch in a few bucks each year and have their own domain, with their own email address.

Re:As in... (2, Insightful)

anonicon (215837) | more than 6 years ago | (#22342822)

"I don't understand why most people don't get together with friends and family and each pitch in a few bucks each year and have their own domain, with their own email address."

Comfort zones and insecurity. Speaking as the "computer guy" for about 15-20 friends and family members, the idea of registering a domain name and then paying a very small monthly fee (less than $5, sometimes $0) to permanently own your own domain name and e-mail is uncomfortable when they can just keep their free 5-10 year old AOL/LocalISP address. Only my Mom owns her own domain name (which she really likes).

Chuck

Re:As in... (1)

electr01nik (598106) | more than 6 years ago | (#22343404)

Comfort zones and insecurity. Speaking as the "computer guy" for about 15-20 friends and family members, the idea of registering a domain name and then paying a very small monthly fee (less than $5, sometimes $0) to permanently own your own domain name and e-mail is uncomfortable when they can just keep their free 5-10 year old AOL/LocalISP address. Only my Mom owns her own domain name (which she really likes).

My DSL provider is having problems with the SMTP server today, so my parents are unable to send e-mail on their main account. After explaining to them that the address was on their old (dialup) ISP, they were forced to use the DSL SMTP server to send e-mail(because of port 25 blocking).

They weren't happy when they realized they've been paying $10 a month for an e-mail address for the past 18 months.

They said the same thing about cell phone numbers. (1)

khasim (1285) | more than 6 years ago | (#22342604)

This page intentionally left blank.

Re:They said the same thing about cell phone numbe (1)

misleb (129952) | more than 6 years ago | (#22342930)

That was just a technical challenge. An email address has the provider right in the freakin' address. That said, you can get portable email addresses. You just need your own domain and you can have it hosted anywhere that hosts domains.

-matthew

Be Creative! (1)

gnutoo (1154137) | more than 6 years ago | (#22342466)

A subscription model can be a form of lock in, when you don't tell the subscribers how to halt their subscription. TW/AOHell did that to a lot of people. People were reluctant to spend twice the nominal cost of gettin on line each month, so making it difficult to leave was effectively a way to keep them on AOL. The difficulty involved in terminating any subscription acts as a form of lock in.

Inversely, the myriad of lock in mechanisms employed by M$ and partners are virtual subscriptions. You don't really own the software, only a vague right to use that can be terminated without cause. The interlocking nature of the many lock in mechanisms both keep the victim from leaving and make sure the victim will need to replace everything every three years and the subscription model is complete. Windows, like a newspaper, only has value in context and for a limited time. Your old copy of MSDOS is worthless today as are most of every copy of software you have released before 2001. It only had value in context and the sooner you lose that context the better off you are.

Re:Be Creative! (3, Insightful)

trolltalk.com (1108067) | more than 6 years ago | (#22342652)

"Windows, like a newspaper, only has value in context and for a limited time. Your old copy of MSDOS is worthless today as are most of every copy of software you have released before 2001. It only had value in context and the sooner you lose that context the better off you are."

It still does whatever you had to do in times past. For example, SimCity 4 runs fine on Windows 98. A lot of places refuse to dump their Win2k setups, or they have software that still requires DOS.

Heck, I know one place that runs their financials on a Win 3.1 program. Its been doing everything they need for 15 years, and they're not going to change. It works, it runs fine under xp, and why fix what ain't broke?

Re:Be Creative! (2, Interesting)

MightyMartian (840721) | more than 6 years ago | (#22342760)

Heck, I know one place that runs their financials on a Win 3.1 program. Its been doing everything they need for 15 years, and they're not going to change. It works, it runs fine under xp, and why fix what ain't broke?


Then they're very lucky indeed. I've seen a lot of accounting/financial software that I can only conclude is intentionally busted in places, and where these bugs are addressed with "Don't worry AccountingMegaWonderPro 2008 will fix this problem", which it does, of course, but opens up new ones, which are then going to be fixed with "AccountingMegaWonderPro 2009". This kind of software is awful in many ways, because the file formats are frequently proprietary, or at the very least some sort of locked MS-Access database that even when you crack it, you find an almost uninterpretable array of tables, dictionaries, queries and fields. The export formats to CSV or XML are usually insufficiently detailed, and it still means a lot of data entry to move from one accounting package to another. I've seen business stick for years to shitty accounting systems simply because the thought of moving to a new platform is so horrifying.

Re:As in... (1)

Tom (822) | more than 6 years ago | (#22342746)

Or email address non-portability between different ISPs
I disagree on that.

Different from phone numbers, e-mail addresses aren't arbitrary. The domain part is by design tied to a particular service, server, whatever.

Portability for phone numbers makes sense, because they are just arbitrary numbers and AT&T can give you 12345 just as well as any other provider.

But portability for e-mail addresses makes as much sense as portability of your street address when you move. The best you can ask for is forwarding.

Re:As in... (1)

phantomcircuit (938963) | more than 6 years ago | (#22342868)

I believe that phone numbers were assigned much like IP addresses are, in blocks. The routing would obviously be significantly easier if the numbers are sold in blocks.

Re:As in... (4, Informative)

Sciros (986030) | more than 6 years ago | (#22341712)

That's completely wrong! A lock-in is when the consumer is "stuck" with a particular vendor. This may be due to any number of things, but subscription is not one of them. A subscription-based service only locks you in if it makes unsubscribing difficult (which may translate to costly), which has nothing to do with being a subscription-based service in the first place.

A company that runs on a subscription-based business model would *benefit* from lock-in (to keep subscriptions going), but it doesn't have to do it. Magazines don't lock you in, neither do websites with subscription-based access (e.g. IGN, or newspapers), etc. You're always free to cancel and subcribe to something else if you wish.

Re:As in... (1)

djupedal (584558) | more than 6 years ago | (#22341842)

So the small company in Malaysia that hires a consulting company in Singapore to set up a CRM, and then has to subscribe to service if it wants anything fixed or changed isn't locked into a never-ending relationship if it doesn't want to start over with another vendor or DIY...right.

Re:As in... (2, Insightful)

esper (11644) | more than 6 years ago | (#22342310)

You haven't provided enough information to determine whether that's a case of lock-in or not. If the CRM system provides the necessary tools to make it easy for the customer to export all of their data into a format which can then be imported by other CRM systems should the customer choose to change vendors, then there is no lock-in.

Now, granted, that's unlikely to be the case. However, it is the inability to move your data to a competing system which creates the lock-in. The subscription aspect has nothing to do with it one way or the other.

Re:As in... (1)

suckmysav (763172) | more than 6 years ago | (#22342322)

erm, the fact that you contracted a "small malaysian company" (which I assume produced custom, proprietary, non-open software for you) is the reason you are locked in. It is this lockin that makes it necessary for you to pay them (and only them) for a "support subscription" post purchase.

The subscription does not create the lockin, it is the end result of the lockin. If you bought an open standards based (or even widely deployed proprietary off-the-shelf) solution then you would have no lockin problem and you could then subscribe to the support service from whatever vendor you choose to.

Good grief, it's not rocket science you know.

Re:As in... (0, Troll)

djupedal (584558) | more than 6 years ago | (#22343212)

....what kind of response involves getting the example backwards...? Thanks for taking a run at me, but I'll give you a do-over if you want to try again.

"If you..." - If..... If a dwarf died and left you a million dollars and the sub cost $100,000.00 you'd... If you had to choose between jumping out of an airplane with your hair on fire and no parachute or renewing your sub... If you died the day before your sub expired... Weak :)

Re:As in... (1)

turbidostato (878842) | more than 6 years ago | (#22343628)

"...what kind of response involves getting the example backwards...?"

One based on negating your assertion and see what happens since, in order for a biunivocal relationship to be if A->B, then !A->!B.

All in all it's very obvious that in your example the vendor is able to drain money from the client in the form of a service subscription *because* the vendor successfully has locked-in the client, the contrary being plain absurd: you don't undesiringly pay money to enter a lock-in situation, you undesiringly pay money because you are locked-in.

Re:As in... (1)

misleb (129952) | more than 6 years ago | (#22342434)

So the small company in Malaysia that hires a consulting company in Singapore to set up a CRM, and then has to subscribe to service if it wants anything fixed or changed isn't locked into a never-ending relationship if it doesn't want to start over with another vendor or DIY...right.


You'd be locked into a relationship with the vendor regardless of whether or not you were paying for a subscription simply bacause a CRM system costs so much to develop. The subscription has nothing to do with the lock in.

-matthew

Re:As in... (1)

swb (14022) | more than 6 years ago | (#22341732)

I would think that it would be possible to work within subscription models almost more flexibly than non-subscription models since you don't have any ownership interest. Of course the devil is in the details.

Re:As in... (1, Insightful)

PopeRatzo (965947) | more than 6 years ago | (#22342490)

"Lock-in" = one more way that companies that are successful in a "free market" immediately go to work to make the market less free.

One more reason that Free-Market Theology is nothing but a scam to keep most people poor and working hard, and to make rich people richer and increasingly powerful and protected.

  The operative word is "protected". Note that "lock-ins" are said to "protect market share". The world is uncertain and nothing bothers the rich and powerful like uncertainty. They believe that if God was good enough to make them rich and powerful, then it's unfair that they should be subject to the same rules of uncertainty as the rest of us.

  It's why they hate things like Universal Health Coverage, Social Security, Minimum Wage, etc. If you have to be just as vulnerable to fate as the poor, then what good is being rich?

Re:As in... (4, Insightful)

bigstrat2003 (1058574) | more than 6 years ago | (#22343080)

There are perfectly good reasons to hate universal health care and Social Security apart from supposed hatred of poor people. Not all of us trust the government to be a good provider, and want the ability to opt out of a bad system. Social Security is an even better example. If I believe that Social Security is going to collapse before I can benefit (I have no opinion on the matter, for the record, as I lack sufficient information), why the hell would I want pay into such a thing?

Not everyone who wants a free market is doing it for the evil reasons you paint, and not everyone who doesn't want the programs you mention is a greedy bastard who wants to be better than poor people.

Counterexample (1)

dallaylaen (756739) | more than 6 years ago | (#22342796)

lock-in = subscription based business model...

Right, that's why Microsoft typically offers a subscription, while most linux companies only charge once per copy.

Build-your-own systems are starting to look good.. (2, Interesting)

KublaiKhan (522918) | more than 6 years ago | (#22341506)

Right down to the processor level, even. If they're going to try to lock me into their hardware and software, I want none of it.

Does anyone have a link to some resources on how one might build one's own processor? How much does it cost to do that sort of thing?

Re:Build-your-own systems are starting to look goo (4, Informative)

milsoRgen (1016505) | more than 6 years ago | (#22341596)

http://www.opencores.org/ [opencores.org]

As far as the cost of getting one of those built, I'd like to know that myself... Reminds me when I was part of the crew dismantling the old fabs responsible for the Z80 [wikipedia.org] ... Shoulda paid one of the drivers to deliver one of those Canon machines to my garage...

Re:Build-your-own systems are starting to look goo (2, Informative)

Anonymous Coward | more than 6 years ago | (#22341618)

Prohibitively expensive and time consuming (unless you want to make a 4 bit processor, some one did that recently by hand).

Re:Build-your-own systems are starting to look goo (4, Funny)

eln (21727) | more than 6 years ago | (#22341654)

Does anyone have a link to some resources on how one might build one's own processor? How much does it cost to do that sort of thing?
Well, it depends on how fast you want it to be. For my home computer, I used the instructions here [ryerson.ca] . It's a little slow for less advanced users, but I find I can surf the web at a pretty good clip once I get going. Of course, splinters can be a problem.

Re:Build-your-own systems are starting to look goo (0)

Anonymous Coward | more than 6 years ago | (#22342570)

Don't worry, Ryerson. Maybe if you save your pennies, you guys can upgrade to a single XO that you all can share. Love, U of T.

Re:Build-your-own systems are starting to look goo (5, Funny)

maxwell demon (590494) | more than 6 years ago | (#22341676)

Don't stop at the processor level. The fundamental laws of physics already contain signs of corporate lock-in. The No-cloning feature of quantum mechanics clearly is a sign of DRM built into the fundamental laws of the universe. And the inner workings of about everything we use is tied to the exact laws of the universe we are in. Therefore you have to start at the very beginning: First build your own universe!

Re:Build-your-own systems are starting to look goo (5, Funny)

some old guy (674482) | more than 6 years ago | (#22342044)

I built my own universe once, but the startup Bang really hosed up my wife's microwave.

Re:Build-your-own systems are starting to look goo (1)

Red Flayer (890720) | more than 6 years ago | (#22343312)

That's weird -- In my alternate Soviet universe, the microwave hose really banged up my wife's startup.
Now our stock options are worthless.

/Was gonna go with 'I started up my microwave and then banged my wife with a hose' but I thought better of it for some reason.

Re:Build-your-own systems are starting to look goo (1)

rahmza (862442) | more than 6 years ago | (#22343448)

That's a shame. Maybe you should have intelligently designed it and avoided the bang altogether?

Re:Build-your-own systems are starting to look goo (3, Interesting)

aeoo (568706) | more than 6 years ago | (#22342708)

Probably meant as a joke, but this is very profoundly insightful from a spiritual point of view. This is in essence what spiritual adepts in many spiritual paths will do. The "physical" lock-in is happening in your own mind at a very deep level. It is non-trivial to overcome it.

Re:Build-your-own systems are starting to look goo (0)

Anonymous Coward | more than 6 years ago | (#22342922)

What about an "Alternate Universe." Or a simple "Reality Distortion Field."

Re:Build-your-own systems are starting to look goo (3, Insightful)

webmaster404 (1148909) | more than 6 years ago | (#22341720)

Hmm? I highly doubt that any computer maker will lock you into hardware/software it just is bad business. Think of Dell, Vista failed, people started to not buy computers so they switched to letting people use XP, enough people wrote in and now they offer Linux, the hardware companies just want to sell hardware, if they can get that by offering Vista they will, if enough people request Linux they will offer that. Most hardware manufacturers want their product to be used as much as possible, if that means using standards they will (and mostly have) use it to get people to buy it. We are far away from computers (laptop and desktops not PDAs and Cell Phones and such) that have hardware/software lockin and the only one to have done it was Apple however now they let even Windows boot on Macs. The fact is, hardware manufacturers don't care about locking you into software, they just want money, if they can get that by offering MS, Linux, or whatever they will so lockin is a bad choice for them.

Re:Build-your-own systems are starting to look goo (2, Insightful)

ChrisMounce (1096567) | more than 6 years ago | (#22342404)

That's why it's called a lock-in -- you know the customers won't like what you're about to do, so you lock them in. And lock-in isn't a bool, it's a float: all companies lock customers in, but some do it intentionally and to much greater extents than others.

I do agree with what you said when it comes to smaller companies/non-monopolies -- they don't have much reason to lock-in customers, because they don't have very many customers to lock in, and because it's much more beneficial to look like the consumer-friendly guys. And even though Dell makes a lot of computers, they're not the only PC manufacturer, and any edge over their competition helps.

Re:Build-your-own systems are starting to look goo (0)

Anonymous Coward | more than 6 years ago | (#22342680)

then why can't i install linux on my ipod 3g nano...

Symantec (4, Insightful)

QuantumRiff (120817) | more than 6 years ago | (#22341628)

Is the freaking worst. We finally switched when their AV client, sitting idle on a PC that was just booted, was using 50MB of RAM. (Some of our systems only had 256 at the time). Over 4 years, our renewal costs (we're a school), went from $5/machine to $18/machine. We still use ghost, and have not seem one damn improvement in the last 4 years, even though it has gone through all sorts of different versions. (now using Ghost solution suite 2.0) I don't see any difference in the software. dear god, you would think they would use WinPE by now, and stop breaking up Ghost images into 2GB chunks. I guess 2 years ago they fixed some multicast issues. Thats it. We just moved from Backup Exec 9.1 to Backup Exec 11d (We had starting using when it was Veritas), mainly for tape encryption capabilities. Of course, it is working fairly well, unless I do something crazy Like try to encrypt our backups to tape. I sat on hold for 45 minutes yesterday, and gave up.. They just bought Altiris, which is who we were looking at to switch to from Ghost. GRRR.. They just buy companies, and then raise prices..

Re:Symantec (1)

greenbird (859670) | more than 6 years ago | (#22342274)

We just moved from Backup Exec 9.1 to Backup Exec 11d (We had starting using when it was Veritas), mainly for tape encryption capabilities. Of course, it is working fairly well, unless I do something crazy Like try to encrypt our backups to tape. I sat on hold for 45 minutes yesterday, and gave up.. They just bought Altiris, which is who we were looking at to switch to from Ghost. GRRR.. They just buy companies, and then raise prices..

You know, with the price of disk space what it is today I find it hard to come up with any reason to use tapes for backup anymore. 2 backup servers, one offsite over VPN or ssh, with encrypted RAID hard drives on LVM, rsync with hardlinks [mikerubel.org] and compressed dump for archiving is much cheaper and more reliably than tapes especially with offsite storage. This can even allow automated background backup of laptops when they're connected. What am I missing? What do tapes add that would justify the added expense and pain?

Re:Symantec (1)

QuantumRiff (120817) | more than 6 years ago | (#22342560)

Long term storage. Our state mandates that student records be archived for 99 years. We can lock tapes in a Safety deposit box. They have a much longer shelf life (and are cheaper) than hard drives. I pay about $40 for a 600GB SDLT tape. Easier rotations. No raid setup, no off site connectivity costs (we don't have an "off site" yet). Smaller footprint too.. I can go back to any point in the last 8 years and grab a file. Can you do that with you hard drives? Do you still have servers with IDE drives?

But mainly, its for long term storage..

Re:Symantec (1)

rho (6063) | more than 6 years ago | (#22343106)

Will the DLT last for 99 years? Or is this a "let the next guy dump them out to holocrystals" thing?

Re:Symantec (2, Insightful)

turbidostato (878842) | more than 6 years ago | (#22343712)

"Do you still have servers with IDE drives?"

Oh! so you are one of those that still own in operating conditions half-inch open-reel tapers?

Or else, your argument is moot, you know...

Re:Symantec (1)

ScrewMaster (602015) | more than 6 years ago | (#22342776)

I wasn't particularly thrilled when Altiris bought Wise Solutions (because we use Wise Installation Studio) but I was definitely displeased when Symantec bought Altiris. I've noticed that the latest release of Wise is slower and less stable than previous versions. Still a good product, don't get me wrong, but I don't like it one little bit when companies that I depend upon get bought out, particularly by outfits like Symantec. Hell, even if the new owner is a decent operation, shit changes, and often not for the better..

This is true, but on the other hand (1)

rastoboy29 (807168) | more than 6 years ago | (#22341634)

By being greedy for lockin one also increases the difficulty of getting the initial sale.

Re:This is true, but on the other hand (4, Insightful)

rkanodia (211354) | more than 6 years ago | (#22341744)

This isn't always true. For many users, the pain of proprietary file formats is not understood until well after the purchase.

Re:This is true, but on the other hand (1)

nschubach (922175) | more than 6 years ago | (#22341780)

Not really... if you work with the OEMs and offer them ultra cheap prices on your initial run or give them away free on the net, you can sit back and benefit from those customers coming to you for an upgraded version in the future so they can use whatever service it is that you provide.

Re:This is true, but on the other hand (3, Insightful)

idontgno (624372) | more than 6 years ago | (#22342462)

Tell it to street-level drug pushers. They mastered lock-in decades ago. It's only recently [microsoft.com] that tech marketing has risen to the level of "The first taste is free, baby!"

Yawn (0, Redundant)

clarkkent09 (1104833) | more than 6 years ago | (#22341694)

You are only as "locked-in" as you want to be. Simple answer that applies to all his examples: buy a product or service that doesn't lock you in.

Monopoly is the goal of capitalism (-1, Troll)

Anonymous Coward | more than 6 years ago | (#22341734)

That's how you make the really big bucks: become the only person who can offer a service, and offer a high price at low cost, so you have a huge margin and PE ratio.

I'm sure some witless drudge will pipe up, "But that's not good for capitalism, so it isn't the goal of capitalism!" while sitting on Mommy's lap or at Mommy's Marxist University.

He's right. The problem is that for those of us inside a capitalist system, he's wrong. We want the money. We don't care about what's good for society at large. That's someone else's problem.

If you could have an exclusive money-maker for the rest of your life, and never have to put up with the crap you face daily again, and have your kids going to great colleges with no loans, you'd take it.

We'd all take it.

The system makes whores of us all, and those who deny it are the biggest whores.

Re:Monopoly is the goal of capitalism (4, Interesting)

kidcharles (908072) | more than 6 years ago | (#22342288)

"But that's not good for capitalism, so it isn't the goal of capitalism!" while sitting on Mommy's lap or at Mommy's Marxist University
Actually the tendency for capitalism to eat itself alive with its drive for monopolization is accepted in and is part of Marxist economic theory. Another contradiction of capitalism that is an observation in Marxist theory is the desire of an individual firm to pay its employees as little as possible, but that depends on well-paid consumers having enough money to buy their products. That's my personal favorite.

Urgh... some worse than others. (3, Interesting)

Penguinisto (415985) | more than 6 years ago | (#22341740)

I love the one from Cadence that required a license key which in turn ties into a specific MAC address before it'll start up... hope the NIC doesn't die (I'm currently stuck with seeing if I can get a VM instance going and fake the same MAC for a migration... not looking good, and not a day goes by that I don't curse my predecessor for installing that POS in the first place).

Hell, my management fears vendor lock-in more than they fear Death itself (which probably explains why we're a very heavy Linux shop)...

I realize that a lot of PHB's couldn't care less (and an alarming # of CIO's and IT management don't either), but we're far enough along now that it's starting to bite a lot of accountants and IT critters square in the ass.

IMHO, it does matter, and it explains why a lot of shops are moving away from proprietary solutions, going to Linux/BSD and such.

Now if only we can definitively tackle the two biggest examples of attempted vendor lock-in alive (Exchange and MS Office), we'd be set.

/P

Re:Urgh... some worse than others. (2, Interesting)

Obfuscant (592200) | more than 6 years ago | (#22341884)

I'm currently stuck with seeing if I can get a VM instance going and fake the same MAC for a migration...

The beauty of using Linux is that you get the source code. ALL the source code. Even the code that implements the IOCTL function for "tell me my interface's MAC address".

Re:Urgh... some worse than others. (1)

GwaihirBW (1155487) | more than 6 years ago | (#22341906)

If you're running Linux, you shouldn't have to run a VM just to tell a piece of software the MAC addy it wants to hear . . .

Re:Urgh... some worse than others. (0)

Anonymous Coward | more than 6 years ago | (#22341958)

ifconfig eth0 down hw ether 00:00:00:00:00:00
ifconfig eth0 up

Re:Urgh... some worse than others. (1)

whoever57 (658626) | more than 6 years ago | (#22341994)

I love the one from Cadence that required a license key which in turn ties into a specific MAC address before it'll start up... hope the NIC doesn't die
You do know about macchanger, don't you? Or "ip link address ..."

Re:Urgh... some worse than others. (0)

Anonymous Coward | more than 6 years ago | (#22342014)

I'm assuming you're not using Linux so http://www.klcconsulting.net/smac/ [klcconsulting.net]

Re:Urgh... some worse than others. (1)

Penguinisto (415985) | more than 6 years ago | (#22342408)

That's correct - this is a legacy bit that we're stuck with on one of the few Win2k3 servers we have still going.

My thanks for the tip :)

/P

Re:Urgh... some worse than others. (1)

imbaczek (690596) | more than 6 years ago | (#22342520)

I haven't seen a NIC that can't change it's mac in the driver options on win xp. It's never called "MAC address" like it should, though.

Re:Urgh... some worse than others. (-1)

The MAZZTer (911996) | more than 6 years ago | (#22342016)

Virtual PC allows you to alter the MAC address of a VM by editing the VMC file by hand. I recall that it's needed if you want to duplicate a VM and run them both side by side (since they can't use the same MAC address, obviously).

Not sure about other VM offerings.

The only other relevant thing I can think of is that some (all?) linux distros randomize MAC addresses of network cards on boot... woe to the user who tries to use the software you're referring to through wine!

Re:Urgh... some worse than others. (1, Informative)

Anonymous Coward | more than 6 years ago | (#22342558)

No, no system randomizes the MAC address on boot. that would be insane.

Anyway, all systems allow you to set the MAC address for a NIC if you dont want to use the factory default.

ifconfig can change the MAC address on unixens, editing (i think it is) PROTOCOL.INI on windows does the same thing unless you already have a dialog in control panel for the driver for your NIC to do it through the gui.

If you change the MAC address, you should set it to an address that has the second least significant bit in the first octet to 1. This bit is called the "LocallyAdministratedAddress" and its whole purpose is that IF you set it when you change a MAC address, this bit will allow you to distinguis between globally unique MAC addresses (as you have in the factory default) and ones you have modified yourself and which therefore are not guaranteed to be globally unique. This to make it easier to see if it is your own fault or not if/when you get a duplicate mac on your network.

Re:Urgh... some worse than others. (1)

turbidostato (878842) | more than 6 years ago | (#22343756)

"The only other relevant thing I can think of is that some (all?) linux distros randomize MAC addresses of network cards on boot..."

Wow, man, that one was really great.

At the same time it explains why religion is so pervasive in human race: people have a *very* strong tendency (I'd even say a *perverse* tendency) to fullfill their ignorance out of the most absurd "explanations". 'Horror vacui', I think.

Re:Urgh... some worse than others. (1)

sconeu (64226) | more than 6 years ago | (#22342172)

VirtualBox lets you set the MAC. It's right there on the Network settings page.

Re:Urgh... some worse than others. (1)

dbIII (701233) | more than 6 years ago | (#22343332)

USB to network dongles do the job well and it's easy to change the MAC address in every OS I am familiar with (most likely the others as well). Just ask the vendor first. One was happy with this solution when they only had a choice of parallel port blocks or a MAC address and I wanted a USB dongle so the software could be legally used on a few machines. A lot of this security software is effectively abandonware that predates the trend of vanishing parallel ports.

This year (2008) I've already had licenced software blocked by the licencing tools due to a Y2K bug (permanant licence reset to expire on 1/1/2000) for six days and a broken dongle for five days. These things are very annoying but with multiple casual users on multiple machines it's hard to avoid. Personally I really want this per seat licencing to go away and hopefully Macrovision to vanish enitrly as a company taking all of their buggy code with them.

As for Exchange, there's a not a lot you can do about it once it gets in apart from try to keep it going with a lot of third party tools. It's not so bad as it was - they call it "enterprise" software now which must refer to the improvement that complete backups are now possible without shutting the whole thing down. Various fanboys will miss the word "complete" or have new definitions of it.

There's not a single new thing about lock-in (3, Insightful)

postbigbang (761081) | more than 6 years ago | (#22341886)

Just some things that are more onerous than others. This has been going on since the beginning of the industry, and it won't change. You can complain about it all you want, but it's going to continue to happen.

Everyone wants a revenue stream not a revenue pond.

That doesn't justify boorish behavior, but it explains how companies want to stay in existence, and few other models exist that allow them to do this. Once again, Bruce thinks we were born yesterday.

Re:There's not a single new thing about lock-in (2, Insightful)

Anonymous Coward | more than 6 years ago | (#22342128)

Yes you're right. But the stream and pond are illusions of greed and shortsightedness. Think of all the products over the years that you have fought with.

Power connectors. There's a perfectly good international standard but your manufacturer chooses to modify the connector making it 1mm smaller than it should be, so you have to buy their power supplies.

Batteries. There are scores of standard sizes for ever possible device. But your manufacturer decided to create one that doesn't fit anything else and nothing else will fit in its place.

The list goes on forever of course, gas connectors, plumbing joints, lamp fittings...

Each time a manufacturer decides to deliberately use a non-standard and incompatible device they seriously reduce the value of that product. Landfill sites are full of obsolete proprietry power adapters, they function perfectly well, but nobody wants a Sony XYZ from 1980 for any other use, so it goes in the trash.

That product had to be designed (to be unique) where great sums of money could have been saved by using an ISO standard.

If you over-manufacture, nobody wants the stock. You can't resell to a generic market.

These idiots cut off their nose to spite their face. The big guys understand the value and security in commodity markets, in generics and
standards. Products manufactured to standards can be resold on any market, rebranded or adapted.

The reason software can be designed for lock in is that it costs zero to (re)produce. This is why open source code is so very valuable, not because of it's functionality, it's functionality is almost irrelevant compared to the value of reuse and standards.

Re:There's not a single new thing about lock-in (2, Insightful)

postbigbang (761081) | more than 6 years ago | (#22342246)

No one argues the downsides and superfluity of lock-ins. I like FOSS. But standards are used by those that bought and paid for them. Look at the history of Ethernet if you're not sure about that. Stallman was right about many things, and one of them was greed. Open is better, but don't expect the world to change overnight.

Re:There's not a single new thing about lock-in (1)

Jeff DeMaagd (2015) | more than 6 years ago | (#22342170)

Once again, Bruce thinks we were born yesterday.

Maybe he's found his own "celebrity lock-in", where he's getting headlines for stating what's basically f**cking obvious. I think he should stick with security.

Re:There's not a single new thing about lock-in (1)

Sloppy (14984) | more than 6 years ago | (#22342654)

it won't change. You can complain about it all you want, but it's going to continue to happen.

[cynical]You're probably right[/cynical] but complaining serves a useful function, on its own. Most people don't think about lock-in, or aren't able to perceive it (until they're locked). When you complain (especially if you have a large audience, like The Bruce), you can get the word out. You can cause prospective buyers to become informed. Information is a market force. Sadly, it's a weak one, but it's something. Maybe Apple will lose a few sales over this. Maybe someone selling open phones will gain a few customers over this. Complain about it.

FWIW, in my life I have seen a few signs, that some of this information -- just a little -- does trickle down to non-nerds. The public is slowly (excruciatingly so) becoming more aware of the issue.

Re:There's not a single new thing about lock-in (1)

postbigbang (761081) | more than 6 years ago | (#22343120)

I saw this device recently, designed to be a be-all power supply for everything. It auto-senses voltage draw and feeds it. You have to get different connectors for different hardware, but it powers darn near anything from a USB widget to an Apple PowerBook (not sure about the weird connector for MacBook Pro). The idea is to give a road warrior freedom from carrying so many bricks. It's a wonderful idea, and it is doomed, sadly. Get a generic car, and you'll get a generic PC. Sorry to use automotive metaphor, but it's true. Building a better car, unfortunately, is not tied to how easily fixed it is, rather how fast it goes, and if I can fit it into my budget with the storage I need. Rarely do people think about green-ness, whether it can be fixed easily/inexpensively, has a long asset life, and other seemingly meaningful things. It seems only that it is in a desired color, and can dock an iPod. So it goes.

Re:There's not a single new thing about lock-in (1)

Vellmont (569020) | more than 6 years ago | (#22343508)


This has been going on since the beginning of the industry, and it won't change. You can complain about it all you want, but it's going to continue to happen.

I disagree. Lock-in is getting smaller every year. To give a few examples, Do you have any vendor lock-in with your SMTP server? Nope, because SMTP has been the standard mail transfer protocol for years. Are you locked into a single router vendor? Hell no, because TCP/IP is TCP/IP.

Lock-in only makes sense as far as a single vendor-neutral standard doesn't outweigh the benefits of a non-standard. The standard for document exchange is PDF, not .doc. You don't have to run any Adobe software if you don't wish to. As any industry matures, standards tend to set in and destroy lock-in.

This has *always* been the case... (5, Interesting)

wandazulu (265281) | more than 6 years ago | (#22341918)

Per the article, sure, you can switch to a Pepsi in a second if you don't like the Coke, but both Pepsi and Coke spend *enormous* amounts of money to suggest that switching to the competitor's product will make you less desirable to women, less success at your job, etc. That's what advertising is all about, trying to get you to lock *yourself* in, willingly, to a single product.

But I digress...

Everybody dreams of being Ma Bell, where even putting a plastic cone on a headset could "damage the network". A lot of companies have had their turn too. We all think of Microsoft as being the king of lock-in, but for my money, it would still be IBM, where their mainframes and mid-range machines were so locked down that you had to get approval to install *anything*. At least with a PC or even a Mac, you can install another OS and you're free and clear. With IBM equipment, they could shut you down remotely if you missed a single "usage" payment (which was calculated *by* *the* *processor* *cycle*!!).

I cannot think of a single company that wouldn't want total lock-in of its users, regardless of industry. Some are just more capable of doing it than others.

Well (1)

moogied (1175879) | more than 6 years ago | (#22342036)

The article is misleading. A big reason for "lock-in's" is due to service contracts. While I can surely move away from microsoft to linux, it would require a new service contract. I just paid for the next 3 years of Microsoft Gold Ass Pirate Support Line or whatever it is called now. Why would I ever switch to RedHat? I could do the same, maybe even cheaper... but in three years the entire place will be built on microsoft. Its not rocket science, its lazyness.

Re:Well (1)

moderatorrater (1095745) | more than 6 years ago | (#22342312)

Really? Because the biggest reasons I can't move away from Microsoft are the drivers, IE, all my software, flash, and lack of support from any other company. Want to use Western Digitals tools to format a hard drive? Boot disk or Windows. Want to play any major video game from the past 10 years? If it's one of the five that support linux, you'll only have to download a new binary. More likely, you're fucked. Want to play WoW on linux? Fine, but one of their updates may break support because it thinks you're cheating. The list goes on and on, and they're all reasons people have a hard time getting away from windows. Luckily, there's a growing market of people who have been exposed to linux from the server market and realize that they should use it for desktops. It's gained a lot of steam in the past 2 years, and it's going to keep going for the foreseeable future. Until it's a major force, however, we're stuck with Windows being the only operating system where everything works on it.

I'm sorry, there are plenty better examples (1)

captnitro (160231) | more than 6 years ago | (#22342266)

Your iPhone comes with a complicated list of rules about what you can and can't do with it. You can't install unapproved third-party applications on it. You can't unlock it and use it with the cellphone carrier of your choice.


As Gruber noted [daringfireball.net] , that's not really that complicated. It doesn't count as complicated if you can explain it in two sentences.

It's why all gaming-console manufacturers make sure that their game cartridges don't work on any other console...


I think we need another word for this than "lock-in", because a lot of the examples he cites are lock-in but mostly in the sense that Nintendo probably doesn't want to be an international standards body for video game formats. The word might be "cost". If Nintendo worries about Nintendo's problems, then they're easier to solve than trying to solve everyone's problems. Why? It's lower cost. Costs less time, less money, it's less risky. And in defense of some of those entities, firm standards rarely result in innovation. Having an ISO for hand-held game controllers might result in an easy way to write code for controllers with six buttons and vibration, but having standards for game controllers doesn't result in the Wiimote. Not worrying abut six-button vibrating controllers does.

Schneier's half-right, but he's also saying that lock-in is always a conscious factor and not just, yanno, the cost of the thing. I'm locked into my current metropolitan area by the cost of moving, but it's not city hall's problem.

As for conscious lock-in, if you don't want a phone with lock-in, you're free to get one. Enjoy paying twice as much for calls and having a per-call fee. Lock-in costs less than stuff without lock-in because it reduces risk. It's a valuable tool and one that, despite the Slashdot crowd's feeling, most consumers have little problem with as a way to get goods more cheaply.

Re:I'm sorry, there are plenty better examples (1)

jonbryce (703250) | more than 6 years ago | (#22342496)

Mu iPaq doesn't have lock in. I bought it direct from HP rather than from a phone company, and then got a SIM only contract from O2 which is less than half the price of the iPhone contract. The phone cost £320 vs £270 for the iPhone, and in at least some areas, has more features - it has GPS, a keyboard, Exchange push support, the ability to add Blackberry support, and the ability to write your own software on it using Visual Studio or possibly Mono.

Re:I'm sorry, there are plenty better examples (1)

un1xl0ser (575642) | more than 6 years ago | (#22342540)

As for conscious lock-in, if you don't want a phone with lock-in, you're free to get one. Enjoy paying twice as much for calls and having a per-call fee. Lock-in costs less than stuff without lock-in because it reduces risk. It's a valuable tool and one that, despite the Slashdot crowd's feeling, most consumers have little problem with as a way to get goods more cheaply.
As discussed above, a subscription model (including break-out fees) doesn't fit the type of lock-in that we are discussing here. The cost of getting out of a contract can sometimes be less than the cost of the phone itself, which means that the cost isn't above and beyond the cost of the product itself.

Phones are a bad example of lock-in, in my opinion. Microsoft's monopoly and the software industry is the best example of lock-in, hands down. Beyond that, corporate IT is the next best place to find vendors participating in this business strategy.

Re:I'm sorry, there are plenty better examples (1)

SeaFox (739806) | more than 6 years ago | (#22343038)

As Gruber noted [daringfireball.net], that's not really that complicated. It doesn't count as complicated if you can explain it in two sentences.

As much as I like what Gruber says in his blog, in this case he was just being another iPhone fanboi defending Apple. The difference between Nintendo vs. Sony vs. Microsoft is that even if the game discs themselves were the same size (and they weren't with the GameCube) the platforms hardware-wise were not. Comparing the three and asking why they aren't the same is an Apples/Oranges exercise. The iPhone is completely different in that there really is no compatibility difference. The fact you can unlock an iPhone and stick in a T-Mobile SIM is proof of that. The "incompatability" is completely artificial. Yes, there may be a security benefit to it. But honestly, how often do people install random apps from anywhere on their cell phone. I don't need Apple to protect me from malicious software. I'll gladly take the responsibility myself and enjoy usage of the device I paid for.

And Schneier's article itself was filed under "D" in my cabinet (for DUH). The iPhone keeps being trumpeted as some market-changing device for everyone in the wireless food chain. It's not. Except for the unmetered internet access, it really has just been business-as-usual for end users. The only major shift you're seeing is handset makers now asking for subscription kickbacks from carriers on top of their usual deals.

As for conscious lock-in, if you don't want a phone with lock-in, you're free to get one. Enjoy paying twice as much for calls and having a per-call fee.

Talk about from the Patently-False Dept. I own an unlocked phone. I'm on T-Mobile. I'm NOT on contract, and I'm NOT on prepaid. And I pay the same amount as current locked-in customers do.

If I get annoyed at T-Mobile tomorrow I can call and cancel my service and go to AT&T (hahaha), no termination fees.

Here's the secret: You don't play "keeping up with the Joneses" on your phone. And when you're eligible to, you get your phone unlocked, or buy one that isn't locked to begin with.

fuck?! (-1, Troll)

Anonymous Coward | more than 6 years ago | (#22342374)

Was at the s48e

The car analogy strikes again (2, Interesting)

Sloppy (14984) | more than 6 years ago | (#22342426)

Buying an iPhone isn't the same as buying a car or a toaster. Your iPhone comes with a complicated list of rules about what you can and can't do with it.
Unlike cars?

Re:The car analogy strikes again (1)

balloonhead (589759) | more than 6 years ago | (#22342830)

Only if you drive it on a public road. And the state sets the laws, not the manufacturer. If you own your own island and roads, you can do whatever modifications to it after purchase that you like and the maker couldn't care less.

Re:The car analogy strikes again (1)

TubeSteak (669689) | more than 6 years ago | (#22343062)

Unlike cars?
And how exactly is a car like an iPhone?
Everything from the seat you're sitting on, to the computer that controls the electronics can be changed.
About the only thing you can't outright replace in a car is the frame...

One could argue that high end luxury cars are designed to foster vendor lock-in, but you didn't make that argument.

The thing is... (1)

felipekk (1007591) | more than 6 years ago | (#22342510)

If you do it, you gotta do it right. Because if you allow the user to get out (considering that it was a painful process since you had some lock in), he is going to avoid making the same mistake again...

Paging C.A. customers! (1)

oldhack (1037484) | more than 6 years ago | (#22342852)

Well, not exactly lock-in, but stories of CA gouging their customers are stuff of legend - so I'm told. Wanna chime in here?

That's not what the article is about (1)

gelfling (6534) | more than 6 years ago | (#22342894)

It's about on-board security sub applications or attributes which are specific to that application or that applications vendor. Such as MS applications using MS specific DRM. Is this a bad thing? I don't think that it is.

just say no: a pledge (1)

zermous (1196831) | more than 6 years ago | (#22342944)

just make a pledge: As a software developer or pointy haired type, I swear that I will never make a decision that will actively add lock-in into my product without making a tangible improvement to the product. This pledge does not obligate me to go out of my way to embrace standards or interoperability but just to do my citizenly duty to play fair with my users and competitors and to refuse to kill standards or interoperability that naturally find their way into the software. Freedom is good, bottom line be damned, and I will fight for it.

BUSINESS = LOCK-IN (3, Interesting)

v(*_*)vvvv (233078) | more than 6 years ago | (#22343134)

This has nothing to do with IT. Business is all about lock-in. If this comes as a surprise, you don't know the basics of business. You can do it "cleanly" and morally and ethically through things such as superior customer service, superior product functionality, and superior value for the price. Or, you can be "dirty" and use things such as technology and software barriers, vendor pressure tactics, bias contracts and user agreements, biological mechanisms such as addiction, and lobbying and manipulating the law. The stock market, our way of evaluating and rewarding corporate perforance, unfortunately does not make any distiction between these clean and dirty lock-in tactics. The system's only real requirement is that we obide by the law and don't get caught cheating. Given this requirement, companies gain enormous advantages by being dirty. In this free capitalist market, those with advantages ultimately win and they get heavily rewarded for it. The result? Hello Microsoft, hello Nike, hello Exxon Mobil, hello Time Warner AOL Cable. And just when you thought Apple was gaining marketshare, what a surprise, we talk about how they are just getting better at being dirty.

Eventhough the government talks about being all for fair competition in an open market, their behavior and the law which they help create says otherwise. Intellectual property law, anti-trust law, and much of the consitution is comprised of lock-in catalysts. Mergers and aquisitions heavily support lock-ins as well.

Whether you are selling iPhones at Apple Stores or hotdogs at an intersection in Manhattan, you are still trying to lock-in your customers. And the better you do it, the more the United States of America will reward you.

What's so sad about lock-in... (3, Interesting)

Kjella (173770) | more than 6 years ago | (#22343232)

...is that it works. I don't know how many times I've heard the argument about going with all Microsoft or all SAP or all this and that because it's so hard to make it work with everything else. You don't throw out the incompatible software, you buy more of it until you use it for things it's not suited for and has a hundred interfaces to other applications. And once you make yourself a little "mini-monopoly" with no real alternatives, they sure know how to gauge you. While there's plenty work left ahead, I think compatibility and multiple vendors will become the major advantages of open source.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...