|
New PubPat Blog on Software Patents and Microsoft Does Something Right |
|
Thursday, September 14 2006 @ 04:44 PM EDT
|
PubPat has just started a new blog on software patents, providing links to articles and resources. It's called Software Patent Watch. It's brand new, and I thought you might like to read one of the early entries, because it's on the subject of Microsoft's Open Specification Promise. Microsoft, in this instance, has done a praiseworthy thing and they should be credited. Fair is fair. I earlier linked in our News Picks section to Andy Updegrove's article, in which he commended them too, but I want to have it here in the main section, because this really is a step forward and I want it in our permanent collection. Also, Software Patent Watch has an interesting angle on the story. [Update: So does Sun's Simon Phipps, who mentions three items he'd like tweaked, which you can read from a link on David Berlind's blog.] Microsoft has made improvements on their Windows Genuine Advantage privacy statement in connection with their validation process too, as I'll show you after the blog entry.
First, here's the Software Patent Watch entry:
Microsoft Makes Open Specification Promise
Microsoft made an irrevocable promise yesterday to not assert any of its patents against the implementation of some web based standards. In drafting the promise, MS sought input from several folks within the Free / Open Source Software community, some of whom have their feedback publicly quoted. For one, Mark Webbink of Red Hat said
[T]he text of the OSP gives sufficient flexibility to implement the listed specifications in software licensed under free and open source licenses.
This is indeed a solid step of disarmament by a firm whose history was not built on sharing. It is also another significant piece of evidence that patent restraints on standards are not good for businesses involved with that standard or the public in general. Particularly, MS states:
Many of these specifications are currently undergoing further standardization in certain standards organizations. To the extent that Microsoft is participating in those efforts, this promise will apply to the specifications that result from those activities (as well as the existing versions).
So, MS is promising, in advance, not to assert patents over any standard that it helps to develop. This flies in the face of the patent hawk mantra that patents are "necessary to incentivize development." Truth be told, MS and others develop standards because they benefit from the existence of the standard itself, not some patent that they may some day receive.
I am not so naive as to think that praise will necessarily lead to all leopard spots changing overnight, but when folks do right, it's appropriate to say so, no matter what else they do or have done. So, I'm happy to be able to say, Well done!
Now, about the Windows Genuine Advantage story. For context, you might like to read this Business Week article on the EU-Microsoft verbal fisticuffs going on right now about Vista, and in the article it mentions in passing Microsoft's PDF viewer for Vista that the EU Commission is concerned about: The Commission is also concerned about a file viewer called Metro that will be included in Vista. Metro can display documents created in the PDF format developed by Adobe Software (ADBE), which could erode Adobe's market leadership in PDF creation tools. Meanwhile, though, before Vista arrives,
Microsoft has just released a PDF plugin for free download by customers running "Genuine Microsoft Office." And that's how I ended up rereading the privacy statement. The plugin file is humorously, to me, titled SaveAsPDFandXPS.exe, at least the one linked to by ZDNET's report. No doubt that will remind you that they have their own PDF-like format, XPS, which you can use instead of PDF should you so desire. You can get it as SaveasPDF.exe only or as SaveasXPS.exe only as well. In reading the Microsoft webpage, I noted this sentence: "As described in our privacy statement, Microsoft will not use the information collected during validation to identify or contact you." That reminded me that a few months ago, the validation process included such things as your hard drive serial number, which absolutely would identify you as far as I'm concerned, so I thought I'd take a look at the privacy statement again and see if I could put those two things together. In fact, I believe there is some improvement. They now give you, as part of the validation process, a unique identifier, instead of collecting your hard drive serial number. That's a step in the right direction. And they provide now at least some information about what they retain.
Here's what they collect now: The tools collect such information as:
* Computer make and model
* Version information for the operating system and software using Genuine Advantage
* Region and language setting
* A unique number assigned to your computer by the tools (Globally Unique Identifier or GUID)
* Product ID and Product Key
* BIOS name, revision number, and revision date
* Volume serial number
In addition to the configuration information above, status information such as the following is also transferred:
* Whether the installation was successful
* The result of the validation check
As standard procedure, your Internet Protocol (IP) address is temporarily logged when your computer connects to an MGA website or server. These logs are routinely deleted.
Software piracy is a worldwide problem. To help spot possible systematic abuse of volume licenses, geographical location of the computer being validated is derived from its IP address. This is done at a precision that does not identify an individual user or computer. To help protect your privacy, only a non-unique portion of your IP address is used and retained with the information collected above. The suspicious side of my brain notes that it says "such information as" which means to me that it isn't necessarily the complete and final-forever list. But even with that quibble, it's better than it was, if only because it tells you now what information is retained. Of course, two class action lawsuits probably were somewhat inspirational. And you have to like having your computer calling home to the mother ship with what is still quite a lot of information about you. But here's what they used to scoop up about you: Q: What information is collected from my computer?
A: The genuine validation process will collect information about your system to determine if your Microsoft software is genuine. This process does not collect or send any information that can be used to identify you or contact you. The only information collected in the validation process is:
* Windows product key
* PC manufacturer
* Operating System version
* PID/SID
* BIOS information (make, version, date)
* BIOS MD5 Checksum
* User locale (language setting for displaying Windows)
* System locale (language version of the operating system)
* Office product key (if validating Office)
* Hard drive serial number
Q: How does Microsoft use this information?
A: The information serves three purposes:
* It provides Web page flow, tailoring the pages you see based on your responses.
* It conveys demographics, which help Microsoft to understand regional differences in Windows or Office usage.
* It confirms user input. User input is often compared against data collected from the PC in order to determine whether to grant a users request for additional access.
So, no more hard drive serial number collecting and what they do with the information has changed. [Update: Some readers point out that some call a hard drive a volume, and they are suggesting Microsoft has merely renamed the hard drive as a volume. If you are a customer, you might wish to ask, if privacy matters to you. Also, read the comments on this article. And if that is the case, and Microsoft is just playing with words, I retract half of my praise.] It's awful still, to me, to be tracked at all, and I can't figure out why customers put up with it, but if you have to be tracked and followed around as you use your computer, an assigned number is probably better with respect to privacy than your hard drive's serial number. Also, hopefully it gives you the ability to swap in a new hard drive when the first one dies without WGA getting all hot, bothered and confused. GNU/Linux software is better still, because nobody cares how many times you install or who you share the software with or who you are or what you are doing or your bios info or where you obtained your software and there is no calling home you must agree to, but fair is fair. Improvements should be noted, and this is an improvement. So there you are, two sincere pats on the back from Groklaw to Microsoft. [Update: Or maybe one, depending on what we find out about the hard drive issue.]
|
|
Authored by: tiger99 on Thursday, September 14 2006 @ 04:51 PM EDT |
If needed, to help PJ [ Reply to This | # ]
|
|
Authored by: tiger99 on Thursday, September 14 2006 @ 04:52 PM EDT |
Please try to make clickable links if possible. Thanks. [ Reply to This | # ]
|
|
Authored by: Anonymous on Thursday, September 14 2006 @ 05:00 PM EDT |
The original reason for 'closed source' was to reduce the cost of service, and
the original reason for 'open source' was to give the user the freedom to
tinker.
Now, so long as Microsoft respect people's right to use stuff other
than Microsoft's products (and in return not expect Microsoft to service them),
we are getting somewhere.
A relatively small fraction of the computers in
the world run Microsoft-ware. Most of the computers in the world are embedded
contoller chips, like the ones made by MicroChip; they will mail you free samples,
their business is in selling them by the ten thousand. It's only the human-sized
'Personal' ones that run Microsoft-ware.
Nowadays there are also the games
consoles. That's the growth market. [ Reply to This | # ]
|
|
Authored by: Anonymous on Thursday, September 14 2006 @ 05:05 PM EDT |
"So there you are, two sincere pats on the back from Groklaw to
Microsoft."
lol
Count your fingers PJ ;)
[ Reply to This | # ]
|
|
Authored by: luvr on Thursday, September 14 2006 @ 05:12 PM EDT |
I'm confused now. Under "The tools collect such information as:" they do
include the "Volume serial number," don't they? Is that different
from the "Hard drive serial number," then? [ Reply to This | # ]
|
|
Authored by: Brian S. on Thursday, September 14 2006 @ 07:07 PM EDT |
And based on all past performances:
"SUCH INFORMATION AS...., AND
ALSO....."
Microsoft have to stop playing with words.
They've played
with words for years. They're playing the EU with words now:
They claim "not
to understand the EU ruling".
Everyone else does. Everyone else has been
explaining it to them for years.
"No bundling" of their "security product"
and "browser" means that Vista must come in a way that a purchaser of Windoze
must have the installation choice of Microsoft's product or one from an
alternate supplier. Windoze Update should include an option to reflect this
fact and not update their "security product" by default. Some people may choose
to have Microsoft's patches tested by someone else before they choose to update
their OS. On option to use PDF should come on the same terms as using their own
product, an automated link to Adobe during the applications install if they
don't wish to dirty their CD.
They've had nearly three years to get
themselves organised since the ruling. Microsoft only understands it's own
interpretations of words, not unlike SCOG has it's own interpretation of words
at a trial in Utah.
Microsoft should be "EXPLICIT".
"We Collect
A,B,C,D......etc". "We do NOT collect any other information."
Not littered
with future lawyer salary checks. Brian S.
[ Reply to This | # ]
|
|
Authored by: Anonymous on Thursday, September 14 2006 @ 07:59 PM EDT |
The language doesn't clarify just what it applies to. I read it as they won't
sue over any *their* "standards" if implemented in an open source
project (and I doubt that was a big concern since I'm sure they'd be happy to
have their non-standard version of XML implemented far and wide...)
What isn't clear, to me at least, is what happens if someone tries to modify
*their* protocol, or to write a compatible one from scratch.
The words are an improvement over previous statements, but OTOH, previous
statements didn't say anything at all, and this one doesn't say much.
Guess I'm just a confirmed skeptic... [ Reply to This | # ]
|
|
Authored by: jplatt39 on Thursday, September 14 2006 @ 11:24 PM EDT |
Respectfully, I wish Microsoft would go a lot farther, because I don't
necessarily believe they will control these patents for the duration of these
patents. I agree this is a positive step, when compared and contrasted to the
other positions they have taken, however given that Gates and Ballmer, like
everyone else, are vulnerable, and that Gates has explicitly said he wants to
step down in a couple of years (I still don't entirely believe he'll make it) I
don't see why someone might not come along and treat these patents the way th
Gif and Jpeg patents were treated. Of course, Gif is dead, but if Microsoft
really wants to be on the side of the angels, they should understand what can be
done even with our somewhat barbaric copyright and trademark laws, and try to
persuade our Congresspeople that those alone should protect our code.
[ Reply to This | # ]
|
|
Authored by: CraigRinger on Friday, September 15 2006 @ 02:19 AM EDT |
The EU commission has been doing well in some areas - for example, trying to
force Microsoft to open and document interfaces for replacing or
supplimenting built-in functionality in their server and client products.
In particular, their efforts to get full SMB and AD documentation, including AD
PDC operation, is commendable.
On the other hand, this latest argument
is just stupid:
The Commission is also concerned about a
file viewer called Metro that will be included in Vista. Metro can display
documents created in the PDF format developed by Adobe Software (ADBE), which
could erode Adobe's market leadership in PDF creation
tools.
It's worth noting that Adobe Reader is a free
download. I fail to see how Microsoft shipping a PDF viewer does Adobe any
harm. It'll lose a little advertising ("Adobe Reader") and a little
revenue from its "online PDF creation" tie-in in Adobe Reader. On the other
hand, its format becomes even more universally supported. Even if it DID harm
Adobe, this isn't like MSIE - they're not actively killing a
competitor.
Imagine if this argument had been applied 10 or 15 years
ago. Microsoft would've been prevented from adding features to their OS
including:
- Digital camera photo processing
- Bitmap viewing
and editing
- Fax support
- An E-mail client (though many of us
would prefer that OE had never been written, really)
- IPSEC client
support
- IPSEC server support on server versions
- A
firewall
- Audio and video playback
- A minimalist word
processor
- Printer drivers (if you go back far enough, they were a major
competitive difference between different word processors; the OS had no drivers
at all).
- Basic video editing
- ... and lots more
All
these additions - which benefitted users considerably, with the possible
exception of Outlook Express - came at the cost of others selling similar add-on
products for Windows. However, unlike MSIE, they weren't done with the apparent
intention of killing off a competitor. There is nothing wrong with
adding features to an OS. Anti-trust laws cover the abuse of market
power to intentionally harm a competitor by using power and resources in one
market to take control of others. They do not prevent the monopolist from
improving their products, or from entering new markets.
I'd be much
happier to see the EU refocus on the important bits - forcing MS to leave room
for others to improve, extend, and replace parts of their OS and their network
platform through documentation and reasonable licensing requirements. That'll
actually do some good. Stopping them from adding functionality won't. [ Reply to This | # ]
|
|
Authored by: Anonymous on Friday, September 15 2006 @ 05:15 AM EDT |
...with anything, for anything.
Given their past performance, their most apparently praiseworthy actions must be
the most carefully scrutinised. There <em>will</em> be an ulterior
motive or side-effect; an immoral monopolist doesn't change.
The only action of Microsoft I could bring myself to praise without reservation
would be their winding up the company and donating all the proceeds to the poor.[ Reply to This | # ]
|
|
Authored by: billyskank on Friday, September 15 2006 @ 07:12 AM EDT |
because, sadly, they're used to it. Using their computer is not the only
activity that is monitored. Store loyalty cards monitor our movement and
purchases. In Britain, a plethora of CCTV cameras on the motorway network
record our licence plates as we drive past and our travels are noted. A vast
amount of information is kept on us, and I think we have become numb to it.
Microsoft is not being uniquely evil in this regard, I fear.
---
It's not the software that's free; it's you.[ Reply to This | # ]
|
|
Authored by: kberrien on Friday, September 15 2006 @ 07:35 AM EDT |
I've noticed for a while now, that with Windows update, you can uncheck (at
least after selecting 'Custom') WGA and it'll let you download the other
security patches, where before you were forced to download WGA. And according
to the WGA cleaning program I don't have it installed... so not entries in
registry either.
Either at some point they went totally stealthy, or MS opted for an undocumented
opt out strategy.[ Reply to This | # ]
|
|
Authored by: Observer on Friday, September 15 2006 @ 08:54 AM EDT |
Quote:
So, MS is promising, in advance, not to assert patents
over any standard that it helps to develop.
I believe that is
a bit of an overstatement, at least insofar as it says, any standard. I
think MS refers to a specific set of standards (or at least, a group of
standards that they are currently working on), but I don't think they have made
a blanket statement that refers to all patents covering standards that they have
participated in.
However, as PJ says, this is still a positive step. The
patents guarantee that no one else can try to grab the technology out from under
them, but don't prevent any other party from implementing the standard. They
may still give MS some leverage over the standards (not sure about that), but
not enough to significantly tip the playing field to their advantage. ---
The Observer [ Reply to This | # ]
|
|
Authored by: hopethishelps on Friday, September 15 2006 @ 10:54 AM EDT |
Let's respond positively to Microsoft's action, which seems to be beneficial
to the world of standards-based computing.
It's right to be cautious;
Microsoft does have a bad track record when it comes to supporting standards. In
fact, it's not an overstatement to say that Microsoft has actively tried to
sabotage agreed standards in some instances.
But it's wrong to assume
that everything Microsoft will ever do will always be motivated by evil
intention - as several Groklaw posts seem to do. Organizations, like people, can
change. There have always been people in Microsoft who have wanted the company
to support open standards; perhaps they are now winning some internal
arguments.
Scepticism, yes. Blind Microsoft-bashing, no. [ Reply to This | # ]
|
|
Authored by: Anonymous on Friday, September 15 2006 @ 02:06 PM EDT |
And the volumn serial number is supposed to be an improvement over the
drive serial number how?
Neither one of these options protects you when:
A. Your hard drive dies. All moving head disk drives have moving parts and
eventually die, no matter how well they are made. If you use a flash drive, the
number of read/write operations is finite.
B. Your machine gets wacked somehow and the service personal re-builds
your system from an in-house release of the software.
Either way WAG STINKS!!!!!!
HOW ABOUT MS DOCUMENTING ON GROKLAW HOW IT INTENDS TO ADDRESS
THESE ISSUES?????????[ Reply to This | # ]
|
|
Authored by: Anonymous on Friday, September 15 2006 @ 02:09 PM EDT |
IF YOUR HARD DRIVE DIES, THE VOLUMN SERIAL NUMBER ON THE NEW DRIVE
WILL NOT BE THE SAME!!!!!!!!!!!!!!!!![ Reply to This | # ]
|
|
Authored by: Anonymous on Friday, September 15 2006 @ 06:35 PM EDT |
If you have a network card installed then the GUID will include the MAC address
of this network card. This doesn't seem so different to the hard disc ID to
me.
Now that Wi-Fi networks and broadband routers are common I think the number of
machines with network cards in them is rapidly increasing.
So I'm not sure it should be that much of a pat on the back...[ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, September 16 2006 @ 05:42 AM EDT |
They collect BIOS info and check the bios MD5 check sum. Does this
also mean that if I put in my own BIOS software, I cannot
authenticate?
I guess this the much dreaded ''[trusted|treacherous]
computing'' plan in action. [ Reply to This | # ]
|
|
Authored by: Simon G Best on Saturday, September 16 2006 @ 04:38 PM EDT |
Could this be Microsoft setting things up for a patent attack? Their "promise" says, "Microsoft
irrevocably promises not to assert any Microsoft Necessary Claims against
you..." (emphasis mine). What's to stop Microsoft from transferring those
patents to an entity not bound by that "promise"? Sounds like part of a plan to
me:-
- Collect underpants - I mean, patents.
- "Promise" not
to assert them against FOSSers.
- After a while, quietly transfer the
patents to a litigious entity not bound by that "promise".
- Watch as the
litigious entity goes on the rampage, "promise" intact, and let the news media
turn it into FUD all by themselves.
Reminds me a bit of how the
Daleks offered the Thals food, just so that they could exterminate
them.
Three other things:-
They
say:-
“Microsoft Necessary Claims” are those claims of
Microsoft-owned or Microsoft-controlled patents that are necessary to
implement only the required portions of the Covered Specification that are
described in detail and not merely referenced in such
Specification.
(Emphasis mine). So, if there's another way to
do it, the "promise" doesn't apply (if I've understood it
correctly).
They say:-
“Microsoft Necessary
Claims” are those claims of Microsoft-owned or Microsoft-controlled patents that
are necessary to implement only the required portions of the Covered
Specification that are described in detail and not merely referenced in
such Specification."
(Emphasis mine). Sounds like it's got
ready-made 'Embrace, Extend, Extinguish' built in!
They
say:-
“Microsoft Necessary Claims” are those claims of
Microsoft-owned or Microsoft-controlled patents that are necessary to implement
only the required portions of the Covered Specification that are described
in detail and not merely referenced in such
Specification."
(Emphasis mine). So, if Microsoft's got
patents covering things that are needed for implementing the "Specification",
but which are not "described in detail" but "merely referenced in such
Specification"...?
To quote a dentist: "Is it
safe?"
--- NO SOFTWARE PATENTS - AT ALL! [ Reply to This | # ]
|
|
|
|
|