Outside The Box
Random thoughts about AutoCAD, ObjectARX, and the meaning of life.
All Original Content Copyright 2006 - 2008 Owen Wengerd, All Rights Reserved
2009-03-01
I want to consider software licensing practices in general, but with the specific facts and history in the Vernor vs. Autodesk lawsuit as a backdrop.
In the Vernor case, Tim Vernor purchased several boxes of AutoCAD software, and never even read, let alone agreed to, the terms of the license agreement inside the box. When Vernor listed the AutoCAD software for sale on Ebay, Autodesk sent Ebay a notice that claimed Vernor's auction violated Autodesk's copyright. In order to benefit from the safe harbor provisions of the Digital Millennium Copyright Act (DMCA), Ebay was obligated to remove the auctions. Vernor responded by filing a lawsuit accusing Autodesk of making false copyright violation claims.
Additional facts have since come to light. For one, we've learned that the AutoCAD software that Vernor purchased had been previously upgraded to a newer version. Vernor did not know this when he purchased the software; and in any case, it's not clear that this fact has any bearing on the outcome of the suit.
Given this set of facts, let's analyze the Vernor case not from a purely legal perspective, but from a more abstract "moral" perspective. After all, society is the ultimate arbitrator of what is wrong and what is right with respect to our laws. We ultimately determine whether laws are fair by whether we follow them willingly (and whether we put pressure on our legislatures to change them).
Steve Johnson opines that Autodesk is morally right in the Vernor case, because the software Vernor purchased was "tainted" due to having been upgraded by the original owner.In Steve's view... [see Steve's comment below where he chides me for ascribing this view to him - O.W.] Presumably, one who holds this view sees Vernor's original purchase as akin to someone purchasing stolen goods. With stolen goods, the law (and hopefully our moral compass) recognizes that the purchaser of the stolen goods has no legal right to them.
Autodesk offered the original owner a discounted price for a newer version of AutoCAD in exchange for a promise to destroy the older version. The original owner reneged on its promise to destroy the old version, and sold it to an unwitting buyer instead.
It follows that both Autodesk and Tim Vernor were treated unfairly by the company that sold the AutoCAD software to Vernor. Despite the company's history of using pirated software, Autodesk gave them the benefit of the doubt when selling them a discounted upgrade. Vernor, by all accounts, had no idea and no way of knowing that the software he purchased had been previously upgraded. This is a recipe for disaster.
Unfortunately, this sort of disaster is all too common. In many cases, software users simply don't read license agreements. If they do read license agreements, they don't understand them. After all, most of us are not lawyers, and we can't reasonably be expected to hire a lawyer to evaluate the license agreements of every software product we use. How then can we be expected to follow them exactly and without fail?
Consider that it's entirely possible that the company from which Vernor bought his AutoCAD software had no idea that they had agreed to destroy the upgraded AutoCAD software. At least from a moral perspective, we can have some sympathy for the company if they honestly had no idea they were violating any agreements when they sold the software to Vernor.
Could Autodesk have required the upgraded AutoCAD software to be returned, or required certification by an independent "software recycler" that it had been destroyed? Sure they could have. In fact, such requirements did exist in the early days of software license agreements. Had Autodesk done so, the Vernor court would probably have concluded that AutoCAD was licensed, not sold.
Why even require the old version to be destroyed when upgrading? If we stop using the old version, why shouldn't we be allowed to sell it at market value? Doesn't recycling old software make just as much sense as recycling old tires? We have been conditioned to believe that discounted upgrades are good for us, but are they really?
Would we accept a legal regime under which tire manufacturers could force us to destroy our old tires as part of the new tire purchase agreement? Oh, you say, that comparison isn't valid because tires eventually wear out of their own accord, whereas old software continues working forever! First of all, old software doesn't continue working forever. How many people still use VisiCalc? Furthermore, what would this line of reasoning conclude about potential tires of the future that last forever? We'd have to start licensing tires instead of purchasing them!
What would happen if software vendors could not legally prevent "used" software from being resold on the open market, no matter how it was purchased or upgraded? For one, it would increase competition, because new versions of software would be competing not only against software from other vendors, but also against older versions of itself. In a world where software is priced based on what the market will bear, the net effect would be lower prices and higher quality (not to mention less frequent "upgrades") for all software.
I think the Vernor case is just one example illustrating how the current software licensing system has sprung a leak, and is in need of repair. Can it be patched, or does it need to be replaced? Can the bleeding be stopped at the ankle, or should it be stopped it at the neck? This is a classical case of the Petcock Problem.
Software industry advocates like the Business Software Alliance (BSA) proclaim that the solution is educating consumers. Education may be important, but I think that "educating consumers" should not be left to an industry alliance.
I have some ideas about how the system can be reformed, but I think we have to start by recognizing that there's a problem.
In the Vernor case, Tim Vernor purchased several boxes of AutoCAD software, and never even read, let alone agreed to, the terms of the license agreement inside the box. When Vernor listed the AutoCAD software for sale on Ebay, Autodesk sent Ebay a notice that claimed Vernor's auction violated Autodesk's copyright. In order to benefit from the safe harbor provisions of the Digital Millennium Copyright Act (DMCA), Ebay was obligated to remove the auctions. Vernor responded by filing a lawsuit accusing Autodesk of making false copyright violation claims.
Additional facts have since come to light. For one, we've learned that the AutoCAD software that Vernor purchased had been previously upgraded to a newer version. Vernor did not know this when he purchased the software; and in any case, it's not clear that this fact has any bearing on the outcome of the suit.
Given this set of facts, let's analyze the Vernor case not from a purely legal perspective, but from a more abstract "moral" perspective. After all, society is the ultimate arbitrator of what is wrong and what is right with respect to our laws. We ultimately determine whether laws are fair by whether we follow them willingly (and whether we put pressure on our legislatures to change them).
Steve Johnson opines that Autodesk is morally right in the Vernor case, because the software Vernor purchased was "tainted" due to having been upgraded by the original owner.
Autodesk offered the original owner a discounted price for a newer version of AutoCAD in exchange for a promise to destroy the older version. The original owner reneged on its promise to destroy the old version, and sold it to an unwitting buyer instead.
It follows that both Autodesk and Tim Vernor were treated unfairly by the company that sold the AutoCAD software to Vernor. Despite the company's history of using pirated software, Autodesk gave them the benefit of the doubt when selling them a discounted upgrade. Vernor, by all accounts, had no idea and no way of knowing that the software he purchased had been previously upgraded. This is a recipe for disaster.
Unfortunately, this sort of disaster is all too common. In many cases, software users simply don't read license agreements. If they do read license agreements, they don't understand them. After all, most of us are not lawyers, and we can't reasonably be expected to hire a lawyer to evaluate the license agreements of every software product we use. How then can we be expected to follow them exactly and without fail?
Consider that it's entirely possible that the company from which Vernor bought his AutoCAD software had no idea that they had agreed to destroy the upgraded AutoCAD software. At least from a moral perspective, we can have some sympathy for the company if they honestly had no idea they were violating any agreements when they sold the software to Vernor.
Could Autodesk have required the upgraded AutoCAD software to be returned, or required certification by an independent "software recycler" that it had been destroyed? Sure they could have. In fact, such requirements did exist in the early days of software license agreements. Had Autodesk done so, the Vernor court would probably have concluded that AutoCAD was licensed, not sold.
Why even require the old version to be destroyed when upgrading? If we stop using the old version, why shouldn't we be allowed to sell it at market value? Doesn't recycling old software make just as much sense as recycling old tires? We have been conditioned to believe that discounted upgrades are good for us, but are they really?
Would we accept a legal regime under which tire manufacturers could force us to destroy our old tires as part of the new tire purchase agreement? Oh, you say, that comparison isn't valid because tires eventually wear out of their own accord, whereas old software continues working forever! First of all, old software doesn't continue working forever. How many people still use VisiCalc? Furthermore, what would this line of reasoning conclude about potential tires of the future that last forever? We'd have to start licensing tires instead of purchasing them!
What would happen if software vendors could not legally prevent "used" software from being resold on the open market, no matter how it was purchased or upgraded? For one, it would increase competition, because new versions of software would be competing not only against software from other vendors, but also against older versions of itself. In a world where software is priced based on what the market will bear, the net effect would be lower prices and higher quality (not to mention less frequent "upgrades") for all software.
I think the Vernor case is just one example illustrating how the current software licensing system has sprung a leak, and is in need of repair. Can it be patched, or does it need to be replaced? Can the bleeding be stopped at the ankle, or should it be stopped it at the neck? This is a classical case of the Petcock Problem.
Software industry advocates like the Business Software Alliance (BSA) proclaim that the solution is educating consumers. Education may be important, but I think that "educating consumers" should not be left to an industry alliance.
I have some ideas about how the system can be reformed, but I think we have to start by recognizing that there's a problem.
I'm a firm supporter of intellectual property rights. I fully support the rights of software publishers to own and profit from their creative work. I make my living as both a consumer of software and a publisher of software, so my views on software licensing reflect what I consider to be a healthy symbiosis between producers and consumers.
Intellectual property laws are (or should be) designed to protect this symbiotic relationship for the public good. The patent system is designed not to protect patent owners from pirates, but to promote inventions and improvements on previous inventions that benefit the public. The fact that patent laws do help to protect patent owners from pirates is merely a side effect of the underlying goal of promoting the public interest. We, the public, grant exclusive rights to patent owners for a specific time in exchange for them making public the details of their invention. Innovative inventors can thus build on a body of previously published inventions rather than starting from scratch. This system of "open source" innovation speeds the evolution of technology, and everybody benefits from it.
Copyright laws must be viewed in the same light. Copyright laws are designed to promote and enhance the public good by encouraging the production and publication of creative works. In exchange for giving copyright owners certain rights for a certain period of time, the public gets to enjoy and build upon a body of creative work. Some argue that the benefit of copyright protection provides a financial incentive to create the works in the first place, and that without such an incentive the works would never be produced at all. While this is undoubtedly true, consider that there are other ways to provide financial incentives (by providing government grants, for example), so I think it's important to view this aspect of copyright protection as a consequence of the goal to promote the public interest, not as a goal in and of itself.
Copyright laws have long recognized a need to prevent copyrights from being abused by providing exceptions to the protection they afford to publishers. The Fair Use doctrine is the most common such exception in US copyright law. The First Sale doctrine (or "exhaustion rule" in some jurisdictions) is another example of a limitation on copyrights. These exceptions and limitations evolved in response to attempts by copyright owners to abuse copyrights in a way that contravened their purpose of promoting the public interest.
Software licenses are a relatively new phenomenon, but they rely on very old law: contract law. It is important to understand that a software license agreement is a contract. The commercial software publisher agrees to give us limited and conditional copy rights and authorizes us to use the software in exchange for a fee. If the license agreement that we agreed to authorizes us to install and use the software on one computer, but we install it on ten computers, then we are violating both contract and copyright law (because we copied the software without permission). If the license agreement that we agreed to forbids us to resell the software to someone else, but we decide not to use the software ourselves and sell it anyway, we are violating only contract law (because we made no unauthorized copies).
There are several contract law issues typically encountered with software license agreements.
First, typical commercial software license agreements suffer from their unilateral nature. The contract is drawn up by the publisher with no negotiation or input from the consumer. Some question whether these are valid contracts in the first place, because they lack the "meeting of the minds" element that some judicial interpretations of contract law require.
Second, software license agreements are not usually consummated until after the sale, when the software is finally installed. We purchase the software, essentially committing to our side of the bargain before we even know the terms of the contract to which we must eventually agree in order to use the software. This is inherently unfair, and there are still many unsettled questions about whether or not such a contract can ever be equitable and enforceable.
If you've been following the Vernor vs. Autodesk lawsuit, you'll know that the US federal district court in that case ruled that AutoCAD software was sold, not licensed, and therefore subject to the First Sale Doctrine. The First Sale Doctrine says, in essence, that a publisher cannot contractually restrict the downstream resale or distribution of a copyrighted work beyond the "first sale". The court, at least in its initial ruling, rejected Autodesk's argument that AutoCAD was licensed, and therefore exempt from the First Sale doctrine. It should be noted that the Vernor lawsuit is far from over, and this first sale decision could well change before the dust settles.
The courts will eventually reach a final decision in the specific case of Vernor vs. Autodesk, but why was this lawsuit even necessary in the first place? It's difficult to envision any outcome in which every injury is rectified. It could even be argued that everybody loses, no matter the outcome. And this is just one case in one jurisdiction.
In the end, the final result of the Vernor case may not have much impact on how software is sold. It ultimately comes down to us, the union of consumers, to decide what kind of system we want. Unfortunately, right now we're doing the software limbo while we wait faithfully for the next service pack. I think that we need more than a service pack. A system restore might be in order.
Intellectual property laws are (or should be) designed to protect this symbiotic relationship for the public good. The patent system is designed not to protect patent owners from pirates, but to promote inventions and improvements on previous inventions that benefit the public. The fact that patent laws do help to protect patent owners from pirates is merely a side effect of the underlying goal of promoting the public interest. We, the public, grant exclusive rights to patent owners for a specific time in exchange for them making public the details of their invention. Innovative inventors can thus build on a body of previously published inventions rather than starting from scratch. This system of "open source" innovation speeds the evolution of technology, and everybody benefits from it.
Copyright laws must be viewed in the same light. Copyright laws are designed to promote and enhance the public good by encouraging the production and publication of creative works. In exchange for giving copyright owners certain rights for a certain period of time, the public gets to enjoy and build upon a body of creative work. Some argue that the benefit of copyright protection provides a financial incentive to create the works in the first place, and that without such an incentive the works would never be produced at all. While this is undoubtedly true, consider that there are other ways to provide financial incentives (by providing government grants, for example), so I think it's important to view this aspect of copyright protection as a consequence of the goal to promote the public interest, not as a goal in and of itself.
Copyright laws have long recognized a need to prevent copyrights from being abused by providing exceptions to the protection they afford to publishers. The Fair Use doctrine is the most common such exception in US copyright law. The First Sale doctrine (or "exhaustion rule" in some jurisdictions) is another example of a limitation on copyrights. These exceptions and limitations evolved in response to attempts by copyright owners to abuse copyrights in a way that contravened their purpose of promoting the public interest.
Software licenses are a relatively new phenomenon, but they rely on very old law: contract law. It is important to understand that a software license agreement is a contract. The commercial software publisher agrees to give us limited and conditional copy rights and authorizes us to use the software in exchange for a fee. If the license agreement that we agreed to authorizes us to install and use the software on one computer, but we install it on ten computers, then we are violating both contract and copyright law (because we copied the software without permission). If the license agreement that we agreed to forbids us to resell the software to someone else, but we decide not to use the software ourselves and sell it anyway, we are violating only contract law (because we made no unauthorized copies).
There are several contract law issues typically encountered with software license agreements.
First, typical commercial software license agreements suffer from their unilateral nature. The contract is drawn up by the publisher with no negotiation or input from the consumer. Some question whether these are valid contracts in the first place, because they lack the "meeting of the minds" element that some judicial interpretations of contract law require.
Second, software license agreements are not usually consummated until after the sale, when the software is finally installed. We purchase the software, essentially committing to our side of the bargain before we even know the terms of the contract to which we must eventually agree in order to use the software. This is inherently unfair, and there are still many unsettled questions about whether or not such a contract can ever be equitable and enforceable.
If you've been following the Vernor vs. Autodesk lawsuit, you'll know that the US federal district court in that case ruled that AutoCAD software was sold, not licensed, and therefore subject to the First Sale Doctrine. The First Sale Doctrine says, in essence, that a publisher cannot contractually restrict the downstream resale or distribution of a copyrighted work beyond the "first sale". The court, at least in its initial ruling, rejected Autodesk's argument that AutoCAD was licensed, and therefore exempt from the First Sale doctrine. It should be noted that the Vernor lawsuit is far from over, and this first sale decision could well change before the dust settles.
The courts will eventually reach a final decision in the specific case of Vernor vs. Autodesk, but why was this lawsuit even necessary in the first place? It's difficult to envision any outcome in which every injury is rectified. It could even be argued that everybody loses, no matter the outcome. And this is just one case in one jurisdiction.
In the end, the final result of the Vernor case may not have much impact on how software is sold. It ultimately comes down to us, the union of consumers, to decide what kind of system we want. Unfortunately, right now we're doing the software limbo while we wait faithfully for the next service pack. I think that we need more than a service pack. A system restore might be in order.
2009-02-27
Bruce Schneier argues that data is the pollution of the information age, and "just as 100 years ago people ignored pollution in our rush to build the Industrial Age, today we're ignoring data in our rush to build the Information Age."
Software is still surfing the wave of technology revolution. In the tug-of-war between producers and consumers, the producers are still pulling the rope and consumers are just hanging on.
Just as the coal mines, steel mills, and sweat shops of the burgeoning industrial age led to organized labor and labor laws, the consumers of the information age will eventually need to come to grips with the predatory practices of greedy software barons through collective bargaining and regulation.
You've all heard the old software vs. car argument, right? Is buying software like buying a car? Or is it like leasing a car? Or are cars just a bad analogy, because software isn't like cars at all?
Is software really different, or have we just been conditioned to believe that it's different?
The problem is that we're still coming to terms with software, both legally and morally. Software companies have had a clear advantage in this information age frontier, and they have used their advantage to mold the software model to their liking. The software industry has successfully convinced us that software is licensed, not sold, and that because it is licensed, the old rules don't apply.
Indeed, it seems like software license agreements have been around forever. We've accepted them, adapted to them, and basically ignored them. In the meantime, software companies have added more restrictions to their license agreements, lobbied legislators to create new laws that protect the restrictions, and quietly begun building case law in support of the software license regime.
This is the software limbo. How low can we go? When will the laborers of the information age unite and say "enough is enough"?
Software is still surfing the wave of technology revolution. In the tug-of-war between producers and consumers, the producers are still pulling the rope and consumers are just hanging on.
Just as the coal mines, steel mills, and sweat shops of the burgeoning industrial age led to organized labor and labor laws, the consumers of the information age will eventually need to come to grips with the predatory practices of greedy software barons through collective bargaining and regulation.
You've all heard the old software vs. car argument, right? Is buying software like buying a car? Or is it like leasing a car? Or are cars just a bad analogy, because software isn't like cars at all?
Is software really different, or have we just been conditioned to believe that it's different?
The problem is that we're still coming to terms with software, both legally and morally. Software companies have had a clear advantage in this information age frontier, and they have used their advantage to mold the software model to their liking. The software industry has successfully convinced us that software is licensed, not sold, and that because it is licensed, the old rules don't apply.
Indeed, it seems like software license agreements have been around forever. We've accepted them, adapted to them, and basically ignored them. In the meantime, software companies have added more restrictions to their license agreements, lobbied legislators to create new laws that protect the restrictions, and quietly begun building case law in support of the software license regime.
This is the software limbo. How low can we go? When will the laborers of the information age unite and say "enough is enough"?
Labels: CAD Industry, legal
2008-12-06
The increased sharing of electronic CAD data (ala BIM) holds a lot of promise, but it also exposes companies and individuals to additional liability and risk. This additional risk is coming into focus more and more as actual cases of costly legal battles confront engineers and architects.
The June 2008 AUGI wishlist results contain "Design File Locking" as the top wish by a substantial margin, and Shaan Hurley lists it as number 3 in the AU 2008 AutoCAD wish list. Clearly, interest in file and IP security has been growing steadily.
As demand for IP security grows, there are sure to be snake oil security vendors trying to cash in on it. I received a spam email a few days ago from SafeNet, Inc. promising "a cost-effective and easy to integrate solution that provides reliable and effective security through the use of digital signatures." Whenever I see such statements with a long string of buzzwords, my snake oil alarm goes on alert. Digital signatures are for authentication and establishing trust -- they cannot and do not provide "reliable and effective security", although I suppose they could be used by a system that does.
In the last year or two, a number of companies have claimed to market software that "secures" AutoCAD DWG files. When I see such a claim, it invariably refers to software that creates an anonymous unequally scaled MINSERT entity. These can be created or "exploded" with a few lines of AutoLISP code. Frequently these companies claim to "encrypt" the drawing, which may sound sexy, but is an outright lie. If this is a level of "security" that meets your needs, at least use one of the many free versions posted throughout the internet (DETER.VLX from DotSoft is one I know of).
There are solutions, but they always require changes in the workflow process that involve difficult tradeoffs and careful evaluation of what is technically feasible and practical versus the costs of implementing the changes. There is no such thing as installing a single piece of software to instantly solve the problem. If you are looking for ways to protect intellectual property in your drawing files, don't be fooled by snake oil security vendors.
Disclaimer: One of my hats is the president of CADLock, Inc., makers of CADVault for AutoCAD.
The June 2008 AUGI wishlist results contain "Design File Locking" as the top wish by a substantial margin, and Shaan Hurley lists it as number 3 in the AU 2008 AutoCAD wish list. Clearly, interest in file and IP security has been growing steadily.
As demand for IP security grows, there are sure to be snake oil security vendors trying to cash in on it. I received a spam email a few days ago from SafeNet, Inc. promising "a cost-effective and easy to integrate solution that provides reliable and effective security through the use of digital signatures." Whenever I see such statements with a long string of buzzwords, my snake oil alarm goes on alert. Digital signatures are for authentication and establishing trust -- they cannot and do not provide "reliable and effective security", although I suppose they could be used by a system that does.
In the last year or two, a number of companies have claimed to market software that "secures" AutoCAD DWG files. When I see such a claim, it invariably refers to software that creates an anonymous unequally scaled MINSERT entity. These can be created or "exploded" with a few lines of AutoLISP code. Frequently these companies claim to "encrypt" the drawing, which may sound sexy, but is an outright lie. If this is a level of "security" that meets your needs, at least use one of the many free versions posted throughout the internet (DETER.VLX from DotSoft is one I know of).
There are solutions, but they always require changes in the workflow process that involve difficult tradeoffs and careful evaluation of what is technically feasible and practical versus the costs of implementing the changes. There is no such thing as installing a single piece of software to instantly solve the problem. If you are looking for ways to protect intellectual property in your drawing files, don't be fooled by snake oil security vendors.
Disclaimer: One of my hats is the president of CADLock, Inc., makers of CADVault for AutoCAD.
Labels: AU 2008, CADLock, CADVault, digital signature, encryption, legal, security
2008-10-15
Did you ever wonder what press release writers do in their spare time? Given Autodesk's recent trademark litigation with SolidWorks and related efforts by Autodesk to trademark "DWG", and given the fact that US Patent and Trademark Office (USPTO) trademark examiners are known to use Wikipedia during their research, it doesn't take an evil genius to realize that a little subversive editing here and there might be helpful to the corporate cause. So, I decided to use Wikiscanner to go spelunking through the labyrinth of Wikipedia editing history to see if I could unearth any nuggets.
It didn't take long to find some interesting edits. For example, in the edit history for "SolidWorks" you can see that someone from an Autodesk IP address changed "and has since been copied by others like [[Autodesk Inventor]]" to "and is now part of the midrange CAD market along with [[Autodesk Inventor]]". Eventually this changes to "and is currently a leader in the 'midrange' CAD market", and from that to "It is currently one of the most popular products in the 3D mechanical CAD market" with a citation to a SolidWorks web page as evidence of the claim.
I expected to find plenty of quid pro quo, but I have to say, either SolidWorks' press release writers are a lot sneakier than Autodesk's, or they have a lot less free time. According to this list of edits from SolidWorks IP addresses, there haven't been any edits made to Autodesk entries since about March of 2007. In October of 2006 someone from SolidWorks changed a few things in the entry for "Autodesk Inventor", but then things appear to have cooled off considerably.
So what about "DWG"? The entry for "AutoCAD DWG" contains this edit from an Autodesk IP address made in January of 2007, but not much since. Two months later, someone from Autodesk changed "for that reason they constituted a consortium ([[OpenDWG]]) to develop open tools to access DWG data" to "for that reason they constituted a consortium ([[OpenDWG]]) to reverse engineer Autodesk's technology and access DWG data". Since then, things have been fairly quiet on the "DWG" front.
My conclusion is that blog posts like this one from Franco Folini at NOVEDGE Blog may have resulted in more strict internal controls being instituted over the editing of Wikipedia content. I have no doubt that it still goes on, but covertly enough to provide plausible deniability.
Labels: Autodesk, file formats, legal, ODA, SolidWorks
2008-07-29
InfoWorld columnist and legendary consumer advocate Ed Foster died over the weekend. Ed was a tireless crusader for consumer rights in the digital age, and he will certainly be missed. For many years Ed has authored GripeLine, where he called companies and politicians to task for abusive anti-consumer practices.
I've written before about how Ed exposed and publicised shamefully lopsided software license agreements, including Autodesk's and Adobe's. Recently, Ed commented about the May, 2008 Vernor decision (see my ADSK v ODA web site for more information about the Vernor case).
It will be no easy task to fill Ed's shoes. We can be certain, though, that his work must go on.
I've written before about how Ed exposed and publicised shamefully lopsided software license agreements, including Autodesk's and Adobe's. Recently, Ed commented about the May, 2008 Vernor decision (see my ADSK v ODA web site for more information about the Vernor case).
It will be no easy task to fill Ed's shoes. We can be certain, though, that his work must go on.
Labels: Autodesk, CAD Industry, legal
2008-05-22
From the NewsFeed on my ADSK v ODA web site:
"The court today issued an order denying Autodesk's motion to dismiss the charges in the Vernor lawsuit. Normally such a denial is perfunctory and mundane, but in this ruling the court performs a breathtaking analysis of whether the AutoCAD software was a sale or a license, and reaches conclusions that, if not reversed, are certain to change the face of software sales in the USA. Technically, the scope of this order is limited to simply refusing to grant Autodesk's motion to dismiss the lawsuit, but the implications of the judge's analysis are almost stunning in their rejection of Autodesk's legal claims. I'm sure you will be hearing much more about this order in the coming weeks, as the entire software industry will certainly take notice of this case."
Labels: Autodesk, CAD Industry, legal
2007-12-10
We use digital signatures every time we visit a secure web site. Visiting a secure web site involves an authentication process that includes verifying the identity of the server by ensuring that its digital certificate, or "server certificate", is signed by a trusted certificate authority. This verification process might involve verifying an entire chain of certificates from the actual server certificate up through one or more intermediate certificate authorities and ending with a trusted root certificate authority. This all takes place quickly and automatically before the web page is displayed in your web browser because the web browser includes built in logic to do this work without any user interaction. More importantly, the web browser warns us when the server certificate is expired or invalid.
The biggest obstacle when using digital certificates in a CAD environment today is not creating them, but easily and automatically verifying them at the receiving end. Even in a completely digital distribution system where everybody works from the CAD model, the various software tools we use to view and work with the model do not handle digital signature verification automatically in a standardized way. As long as downstream consumers of CAD data cannot easily and automatically ensure the trustworthiness of digital data, they will continue to rely on handwritten signatures on paper.
A second obstacle to the use of digital signatures is the difficulty in accepting that digitally signed data is only trustworthy while it remains in digital format, and therefore the digital file is the "record" document. There is substantial social inertia that must be overcome before a digital document can gain the same amount of trust as a paper document. Engineers and architects must deal with the specter of previously hidden meta data in their CAD models becoming part of their signed document, thereby exposing them to new liabilities that don't exist with paper drawings. Construction supervisors must learn to refer to the CAD model instead of relying on hardcopy blueprints when resolving disputes or establishing responsibility for errors. Here I think it should be noted that the use of a digitally signed model does not preclude the creation of hardcopy blueprints. Those can be created and "wet stamped" separately at the same time the CAD model is signed digitally; or they can be created in the field for reference without any signature at all.
AutoCAD has supported digital signatures for several years, but using the built in functionality is limited to only individual DWG files, lacks support for co-signing (more than one person signing), and forces the signed document to remain in the proprietary DWG format or lose its signature. These problems can be worked around by using third party tools, but doing so requires recipients to use the same tools.
Over the past few years, many government plan review bodies have amended laws and administrative rules to accommodate digital signatures as part of the plan review process. Without standardization, however, organizations still struggle to effect the necessary changes in their workflow. A lack of uniformity in terminology from one set of regulations to another adds to the confusion. If you are involved in amending or creating rules or regulations that enable the use of digital signatures, you should use generic and well defined terms of art in the regulations, but supplement these with practical guidelines that mention specific technologies, software tools, and file formats that will meet the legal requirements and that you are capable of working with.
If you are an architect, engineer, or CAD manager working to implement digital signatures into your firm's workflow, there are some concrete steps you can take to make the task easier. Start by segregating your distribution network into "digital-only" and "hardcopy" classes of downstream users. Begin the transition with the digital-only part of the network (perhaps only the plan reviewing authority, for example). Next, decide which file format to use for your digital "documents". Rather than signing CAD files, many companies start by signing 2D output files such as PDF, DWFx, or XPS. These files are essentially digital versions of the hardcopy documents, so they are more familiar to a wider audience and avoid some of the liability issues of exposing formerly hidden metadata that lives within the CAD model files.
You'll need to obtain a digital ID and establish internal policies for storing and accessing the digital ID so that only the owner of the digital ID ever has access to the private key. Windows includes a built in certificate manager that you can use to view and manage your digital IDs. To start the certificate manager, run the certmgr.msc management console by entering its name in the Start -> Run command window. Your digital certificate will be installed in your personal certificates folder along with a link to the private key stored in the Windows secure key repository. Make a backup of the digital ID by exporting it to a password protected PFX file. Once a backup is made, the private key should be marked as not exportable to further secure it.
If you want to create digitally signed AutoCAD DWG files, you can use the digital signature feature of AutoCAD to sign a drawing file either while saving it or after it is saved. You should also consider subscribing to a commercial time service (see What time is it?) to ensure that your signatures are accompanied by a reliable time stamp in case your digital ID becomes compromised at some point in the future. Third party tools like CADVault for AutoCAD even make it possible for different people to sign different parts of the CAD model, but such advanced functionality is not needed in most cases.
If you use different CAD software that does not support digital signatures natively, or if you choose to sign only the secondary files produced by exporting your CAD model to a different format, then you will need to use either tools specific to that format or third party tools that work with files of any format. Adobe Acrobat (PDF) and Microsoft's free XPS Viewer both provide integrated digital signature tools that use the same digital IDs that you would use in AutoCAD, Internet Explorer, or Outlook/Windows Mail, and both applications are easy for recipients to obtain and use.
Another popular tool for managing digital IDs and signing files is an open source tool called GnuPG. GnuPG utilizes encryption and key storage standards called OpenPGP. OpenPGP is not compatible with the X.509 standard used by Windows and many other encryption tools, however it is an attractive alternative when cost or closed source tools are a prohibitive barrier. There are many other digital signature resources available on the internet for those wanting more information, or needing specialized tools.
Unfortunately, no matter what software tools or file formats you use, today's CAD software and document viewers still do not provide the user experience that web browsers do when it comes to digital signatures. These problems can be overcome by end users, but ultimately they need to be addressed by the makers of the software tools we use. Software for handling digital data will need better user interfaces that allow users to easily specify which digital signatures should be trusted for which purposes, and provide requisite warnings when a document should not be trusted. I am confident that these improvements will come in the future, especially as more companies begin to use digital signatures in their workflow and demand for better digital signature support rises.
If you already use digital signatures with your CAD related documents, I would like to hear about it. Please leave a comment about your experiences, whether good or bad!
The biggest obstacle when using digital certificates in a CAD environment today is not creating them, but easily and automatically verifying them at the receiving end. Even in a completely digital distribution system where everybody works from the CAD model, the various software tools we use to view and work with the model do not handle digital signature verification automatically in a standardized way. As long as downstream consumers of CAD data cannot easily and automatically ensure the trustworthiness of digital data, they will continue to rely on handwritten signatures on paper.
A second obstacle to the use of digital signatures is the difficulty in accepting that digitally signed data is only trustworthy while it remains in digital format, and therefore the digital file is the "record" document. There is substantial social inertia that must be overcome before a digital document can gain the same amount of trust as a paper document. Engineers and architects must deal with the specter of previously hidden meta data in their CAD models becoming part of their signed document, thereby exposing them to new liabilities that don't exist with paper drawings. Construction supervisors must learn to refer to the CAD model instead of relying on hardcopy blueprints when resolving disputes or establishing responsibility for errors. Here I think it should be noted that the use of a digitally signed model does not preclude the creation of hardcopy blueprints. Those can be created and "wet stamped" separately at the same time the CAD model is signed digitally; or they can be created in the field for reference without any signature at all.
AutoCAD has supported digital signatures for several years, but using the built in functionality is limited to only individual DWG files, lacks support for co-signing (more than one person signing), and forces the signed document to remain in the proprietary DWG format or lose its signature. These problems can be worked around by using third party tools, but doing so requires recipients to use the same tools.
Over the past few years, many government plan review bodies have amended laws and administrative rules to accommodate digital signatures as part of the plan review process. Without standardization, however, organizations still struggle to effect the necessary changes in their workflow. A lack of uniformity in terminology from one set of regulations to another adds to the confusion. If you are involved in amending or creating rules or regulations that enable the use of digital signatures, you should use generic and well defined terms of art in the regulations, but supplement these with practical guidelines that mention specific technologies, software tools, and file formats that will meet the legal requirements and that you are capable of working with.
If you are an architect, engineer, or CAD manager working to implement digital signatures into your firm's workflow, there are some concrete steps you can take to make the task easier. Start by segregating your distribution network into "digital-only" and "hardcopy" classes of downstream users. Begin the transition with the digital-only part of the network (perhaps only the plan reviewing authority, for example). Next, decide which file format to use for your digital "documents". Rather than signing CAD files, many companies start by signing 2D output files such as PDF, DWFx, or XPS. These files are essentially digital versions of the hardcopy documents, so they are more familiar to a wider audience and avoid some of the liability issues of exposing formerly hidden metadata that lives within the CAD model files.
You'll need to obtain a digital ID and establish internal policies for storing and accessing the digital ID so that only the owner of the digital ID ever has access to the private key. Windows includes a built in certificate manager that you can use to view and manage your digital IDs. To start the certificate manager, run the certmgr.msc management console by entering its name in the Start -> Run command window. Your digital certificate will be installed in your personal certificates folder along with a link to the private key stored in the Windows secure key repository. Make a backup of the digital ID by exporting it to a password protected PFX file. Once a backup is made, the private key should be marked as not exportable to further secure it.
If you want to create digitally signed AutoCAD DWG files, you can use the digital signature feature of AutoCAD to sign a drawing file either while saving it or after it is saved. You should also consider subscribing to a commercial time service (see What time is it?) to ensure that your signatures are accompanied by a reliable time stamp in case your digital ID becomes compromised at some point in the future. Third party tools like CADVault for AutoCAD even make it possible for different people to sign different parts of the CAD model, but such advanced functionality is not needed in most cases.
If you use different CAD software that does not support digital signatures natively, or if you choose to sign only the secondary files produced by exporting your CAD model to a different format, then you will need to use either tools specific to that format or third party tools that work with files of any format. Adobe Acrobat (PDF) and Microsoft's free XPS Viewer both provide integrated digital signature tools that use the same digital IDs that you would use in AutoCAD, Internet Explorer, or Outlook/Windows Mail, and both applications are easy for recipients to obtain and use.
Another popular tool for managing digital IDs and signing files is an open source tool called GnuPG. GnuPG utilizes encryption and key storage standards called OpenPGP. OpenPGP is not compatible with the X.509 standard used by Windows and many other encryption tools, however it is an attractive alternative when cost or closed source tools are a prohibitive barrier. There are many other digital signature resources available on the internet for those wanting more information, or needing specialized tools.
Unfortunately, no matter what software tools or file formats you use, today's CAD software and document viewers still do not provide the user experience that web browsers do when it comes to digital signatures. These problems can be overcome by end users, but ultimately they need to be addressed by the makers of the software tools we use. Software for handling digital data will need better user interfaces that allow users to easily specify which digital signatures should be trusted for which purposes, and provide requisite warnings when a document should not be trusted. I am confident that these improvements will come in the future, especially as more companies begin to use digital signatures in their workflow and demand for better digital signature support rises.
If you already use digital signatures with your CAD related documents, I would like to hear about it. Please leave a comment about your experiences, whether good or bad!
Labels: AutoCAD, digital signature, DWF, file formats, legal, PDF, XPS
2007-06-21
AutoCAD 2004 introduced the ability to digitally sign drawing files when they are saved, but very few people use this feature. Even fewer use the time stamp feature that goes along with it. Time stamping a digital signature is important when it's not only important to know *who* signed it, but also *when* they signed it.
For time stamping to be reliable and trustworthy, you need an independent (and trustworthy) third party to provide the time stamp, along with a verifiable receipt so that anyone can verify the authenticity of a claimed time stamp in the event of a future dispute.
Since the inception of the digital signature feature, AutoCAD has included three default time servers for this purpose. Unfortunately, none of the three are accessible any more. If you need to digitally sign drawing files with a time stamp, you'll have to modify this list of time servers.
The list of time servers is maintained in a file named timesrvr.txt in the AutoCAD installation folder. You can edit the file with notepad, and the format is obvious and straightforward when you view the file.
If you just want to play around with time stamps, try adding the following to the end of the file (you do not need to restart AutoCAD to see the new servers):
NIST A [Maryland] (time-a.nist.gov)
NIST B [Maryland] (time-b.nist.gov)
As of this writing, both of these NIST servers are available and working, but you get what you pay for. For officially incorporating time stamped digital signatures into your workflow, I recommend subscribing to a commercial time service with guaranteed uptime and a web based time stamp verification console. I can't recommend one, because I have never used a commercial time service myself, but a good place to start is the list of public time servers maintained by NTP.org at http://support.ntp.org/bin/view/Servers/.
For time stamping to be reliable and trustworthy, you need an independent (and trustworthy) third party to provide the time stamp, along with a verifiable receipt so that anyone can verify the authenticity of a claimed time stamp in the event of a future dispute.
Since the inception of the digital signature feature, AutoCAD has included three default time servers for this purpose. Unfortunately, none of the three are accessible any more. If you need to digitally sign drawing files with a time stamp, you'll have to modify this list of time servers.
The list of time servers is maintained in a file named timesrvr.txt in the AutoCAD installation folder. You can edit the file with notepad, and the format is obvious and straightforward when you view the file.
If you just want to play around with time stamps, try adding the following to the end of the file (you do not need to restart AutoCAD to see the new servers):
NIST A [Maryland] (time-a.nist.gov)
NIST B [Maryland] (time-b.nist.gov)
As of this writing, both of these NIST servers are available and working, but you get what you pay for. For officially incorporating time stamped digital signatures into your workflow, I recommend subscribing to a commercial time service with guaranteed uptime and a web based time stamp verification console. I can't recommend one, because I have never used a commercial time service myself, but a good place to start is the list of public time servers maintained by NTP.org at http://support.ntp.org/bin/view/Servers/.
Labels: AutoCAD, digital signature, legal
2007-03-02
No, Microsoft didn't really try to patent photons, but check out the the ironic twists described in this account of a recent US Supreme Court hearing. Here's a summary (exaggerated a bit for effect):
1. Microsoft argues that software is not patentable, therefore it is not guilty of patent infringement.
2. The US Government argues on Microsoft's behalf that software is patentable, but photons are not.
1. Microsoft argues that software is not patentable, therefore it is not guilty of patent infringement.
2. The US Government argues on Microsoft's behalf that software is patentable, but photons are not.
The title sums up the puzzling conclusion in a recent 6th Circuit Court of Appeals ruling (CA6 Grusenmeyer Decision.pdf) in a decision about a copyright infringement claim filed by Cleveland architect Jeffrey Grusenmeyer.
Grusenmeyer had contracted to provide a "master plan" for Magnificat High School. The master plan was provided to Magnificat in hardcopy format, Magnificat paid the architect $15,000 as agreed in the contract, and the project was apparently concluded. Some time later, a Magnificat facility manager requested DWG files for "personal use". Grusenmeyer asserted at the time that he retained all rights to the DWG files but agreed to provide them on the condition they only be used internally and not be further distributed.
Fast forward to the eventual "request for proposal" for an anticipated new building at the school. Upon request, Magnificat provided the Grusenmeyer files to the defendants (a competing architectural firm), who then used portions of the files in their winning proposal. The defendants were aware that Grusenmeyer claimed copyrights to the files, but they used the files anyway. The appeals court notes that "[a]ccording to the individual DSC architects, such reliance on drawings of existing conditions is routine in the industry."
In affirming the district court's summary judgement in favor of the defendants, the appeals court noted that the contract between Grusenmeyer and his client (Magificat High School) provided that Grusenmeyer would "provide a master plan for the implementation of the capital improvements program, including plans, renderings, and perspectives suitable for use in presentation and future reference during master plan implementation." They concluded that this "plain language" gave Magnificat permission to send the AutoCAD DWG files to Grusenmeyer's competitor.
The district court had previously ruled that Grusenmeyer's drawings were not sufficiently original to warrant copyright protection, but the appeals court did not address the copyrightability issue at all, dismissing the infringement claim out of hand with their opinion that Grusenmeyer had already given Magnificat carte blanche copyrights to the files vis a vis the quoted clause in their contract -- even though the files were never provided as part of the contract!
I think the court erred in determining that the DWG files were subject to the terms of the master plan contract (its incorrect interpretation of the contract notwithstanding), but what I find really surprising in the ruling is the appellate court's complete disregard of the plaintiff's claimed and federally registered copyrights.
The moral of the story
If you are providing electronic files, don't rely on copyright law alone to protect your intellectual property. This case reinforces the 3 C's for protecting AutoCAD DWG files: copyright, contract, and CADLock.
Update
William Patry (Senior Copyright Counsel, Google Inc.) writes about this case at The Patry Copyright Blog: Make Sure the Contract is Signed.
Grusenmeyer had contracted to provide a "master plan" for Magnificat High School. The master plan was provided to Magnificat in hardcopy format, Magnificat paid the architect $15,000 as agreed in the contract, and the project was apparently concluded. Some time later, a Magnificat facility manager requested DWG files for "personal use". Grusenmeyer asserted at the time that he retained all rights to the DWG files but agreed to provide them on the condition they only be used internally and not be further distributed.
Fast forward to the eventual "request for proposal" for an anticipated new building at the school. Upon request, Magnificat provided the Grusenmeyer files to the defendants (a competing architectural firm), who then used portions of the files in their winning proposal. The defendants were aware that Grusenmeyer claimed copyrights to the files, but they used the files anyway. The appeals court notes that "[a]ccording to the individual DSC architects, such reliance on drawings of existing conditions is routine in the industry."
In affirming the district court's summary judgement in favor of the defendants, the appeals court noted that the contract between Grusenmeyer and his client (Magificat High School) provided that Grusenmeyer would "provide a master plan for the implementation of the capital improvements program, including plans, renderings, and perspectives suitable for use in presentation and future reference during master plan implementation." They concluded that this "plain language" gave Magnificat permission to send the AutoCAD DWG files to Grusenmeyer's competitor.
The district court had previously ruled that Grusenmeyer's drawings were not sufficiently original to warrant copyright protection, but the appeals court did not address the copyrightability issue at all, dismissing the infringement claim out of hand with their opinion that Grusenmeyer had already given Magnificat carte blanche copyrights to the files vis a vis the quoted clause in their contract -- even though the files were never provided as part of the contract!
I think the court erred in determining that the DWG files were subject to the terms of the master plan contract (its incorrect interpretation of the contract notwithstanding), but what I find really surprising in the ruling is the appellate court's complete disregard of the plaintiff's claimed and federally registered copyrights.
The moral of the story
If you are providing electronic files, don't rely on copyright law alone to protect your intellectual property. This case reinforces the 3 C's for protecting AutoCAD DWG files: copyright, contract, and CADLock.
Update
William Patry (Senior Copyright Counsel, Google Inc.) writes about this case at The Patry Copyright Blog: Make Sure the Contract is Signed.
Labels: AutoCAD, CADVault, legal, protection
2006-12-12
The recently filed lawsuit has been a hot topic lately, and I've been following it along with everyone else. As a little side project, I decided to create a parallel blog dedicated to the ongoing battle between Autodesk and ODA. The new blog is at http://www.ADSKvODA.com.
The site is still a work in progress, but I hope you'll check it out, and offer suggestions for improvements. Click on the Lawsuit Tracker link to view all the court documents in the case, and subscribe to the site's feed to stay informed of new developments.
The site is still a work in progress, but I hope you'll check it out, and offer suggestions for improvements. Click on the Lawsuit Tracker link to view all the court documents in the case, and subscribe to the site's feed to stay informed of new developments.
About Me
- Name: Owen Wengerd
- Location: Apple Creek, Ohio, United States
I'm a starving artist specializing in the programming genre. I work in my home office, where I am the owner and sole proprietor of ManuSoft as well as the President and chief software artist of CADLock, Inc.
Syndication
Archive
December 2006January 2007
March 2007
April 2007
May 2007
June 2007
August 2007
September 2007
November 2007
December 2007
January 2008
February 2008
March 2008
April 2008
May 2008
June 2008
July 2008
August 2008
September 2008
October 2008
December 2008
January 2009
February 2009
March 2009
July 2009
August 2009
September 2009
November 2009
December 2009
January 2010
March 2010
Recent Comments
:Actually, bus lines and truckers lease their tires (and give them back to upgrade when needed).
@ March 2, 2009 12:46:00 PM EST
antman:I think the bleeding needs to be stopped at the neck.
Beyond the facts of this case, we could pretend that the original company sold their upgraded copy of AutoCAD to Vernor, and destroyed and uninstalled all copies in their possession. In this scenario, the EULA *still* would have been violated.
Last year I was eventually able to successfully "transfer my license" of AutoCAD (notice I didn't say "sell"), but only after navigating a large number of hurdles, the biggest of which was closing my business. I had put my own work on hold to become a full-time employee, but that wasn't enough for Autodesk.
Especially given the current market, there are quite a few shops that now have a surplus of licenses. These businesses not only have these "assets" that have no monetary value, but are also being penalized by having to continue paying subscription fees for a software license that is not even being used.
@ March 2, 2009 4:32:00 PM EST
:Owen, I think the point about education is important and in my opinion the BSA (the BSAA for we Ausies) does not educate but pushes a point of view that is not supported by the facts.
As you know Autodesk and I have been arguing about their Subscription and Licence Terms and Conditins for over four (4) years and the only reason we have the solution we have is because I have made a unilateral declaration.
The outcome could have been much better for both of us had Autodesk not chosen to refuse to negotiate.
That's the simple key to solving the entire issue!
No reforms are actually required if that one simple step is followed.
@ March 2, 2009 5:39:00 PM EST
:Software vendors have been using the 'software is licensed, not sold' argument as a foundation for consumer fraud.
No other industry that is subject to competition is able to sell grossly-defective products to consumers, without forcing them to enter into an agreement in which the 'licensee' must agree to accept the software with all defects, both known or unknown, and with no assurance the software vendor has revealed everything it knows about defects.
The fact is that our current laws provide the means for software vendors to engage in what amonts to a high-tech shell game with consumers, and get away with it.
If one has their doubts about that, consider the fact that one of every three dollars spent on IT is lost, primarly as a result of defective software.
Also consider how much money the BSA and other industry consortiums spend lobbying our legislators to protect their interests, giving themselves the means to engage in what is for all intents and purposes, consumer fraud.
@ March 2, 2009 7:26:00 PM EST
Steve Johnson:"In Steve's view, Vernor's original purchase is akin to someone purchasing stolen goods."
Can you point out where I've made such a statement? I have been careful to avoid any accusations of theft, receiving stolen goods or other illegal activity, or any implications that Vernor's actions are akin to such activity.
I have made the statement that I think Vernor's actions are morally wrong, and I stand by that. I have never accused him of being a fence, or anything akin to it.
Please be more careful when paraphrasing the views of others.
@ March 6, 2009 8:09:00 PM EST
Owen Wengerd:Steve, I've changed the wording to more accurately reflect what I intended to convey. Do I understand correctly that you deny claiming any justification for your conclusion? Or only the one I ascribed to you?
@ March 6, 2009 9:42:00 PM EST
Steve Johnson:Thanks for changing the wording. It's great being part of a company like CADLock where it's OK to chide your boss in public. I can't imagine any Autodesk blogger chiding Carl Bass, can you?
No, I don't deny claiming any justification for my conclusion. I just deny claiming that Vernor is akin to a crook!
My main justifications for considering Vernor's actions morally wrong are:
1. He sold something that I believe the average fair-minded person in the street would say he has no right to sell: the remnants of software that has been upgraded.
2. He sold something that it is quite likely the buyer would believe to be considered by Autodesk a legitimate piece of software. In other words, it's probable that the buyer, on learning that the software he bought is considered non-existent by Autodesk, will think he has been ripped off.
3. It seems that Vernor took a "don't ask, don't tell" position about the legitimacy of the software. I think a buyer/seller of software has a duty to carefully check its legitimacy.
My last point against Vernor is, ironically, damaged by Autodesk's removal of the ability to transfer licenses, and the accompanying non-availability of an Autodesk mechanism to check that the software is kosher. However, any one of these three points is enough for me to still feel comfortable with my opinion that Vernor selling this upgraded software is morally wrong.
I intend to express my views on this subject at more length when you've finished your series of posts and I've had chance to give them some careful thought. I'm hoping to see a description of how you would expect this brave new world to operate.
@ March 9, 2009 1:20:00 AM EDT
Owen Wengerd:Regarding Autodeskers chiding Carl Bass in public: very true, but then again I can't exactly fire you on a whim like I imagine Carl could his antagonist.
Fair enough on your justification. I think I view the situation pretty much the same way you do, except with more shades of gray and less black and white.
In my post I intended to distill this viewpoint down into something easier to grasp, like "akin to stolen goods", which I don't see as much different at all.
My main point of contention with your reasoning is that you apply "caveat emptor" to Vernor, but not to his customer. This may have been a reasonable expectation before the Ebay era, but things have changed.
My next post on the topic of software licensing will be about where we go from here, but don't hold your breath.
@ March 9, 2009 2:22:00 AM EDT
Steve Johnson:There's no inconsistency in my attitude towards Vernor and his customer. If his customer sold the software to somebody else, I would consider that to be morally wrong, too.
The caveat emptor principle applies to both buying parties, but it's the selling that concerns me much more than the buying.
If you buy something that's effectively worthless (e.g. a printer for which ink is no longer available), that's just harm you've inflicted on yourself through lack of care. It is its own punishment, if you like.
The same doesn't apply to the seller. If you sell that same thing to some other sucker, you're not punishing yourself, you're inflicting harm on somebody else. Even if it's through carelessness rather than vindictiveness or greed, it's still wrong, in my view.
@ March 9, 2009 8:26:00 AM EDT
:Owen and Steve,
I have watched you two guys discuss this issues with some interest; Vernon's personal 'morality' aside, if you are looking for a 'solution' to licencing how about you look at what I have done and promote that as a way forward.
There are easily recognized solutions embodied in what I have done requiring no changes to laws, addition of new laws and or court cases; just professional behaviour by both vendor(s) and customer(s) excersized within the laws already in existance.
All that is required is for software users to understand what I have done then do the professional thing and exercise the rights already enshrined and awaiting their use.
Software licencing is a bluff: Vendors are prepared to put (your) money behind their abuse of terms and conditions; but cannot sustain the bluff if their customers were not so lazy and stopped 'sitting on the fence' arguing, not acting!
What actually needs 'reform'? Let's get this debate going; maybe you could start by telling me why ALL/other software users could not, should not or will not simply follow my lead. What I have done is in place and working right now.
@ March 10, 2009 5:53:00 PM EDT
:In the main Owen I would agree completely with what you have said here with one notable exception; you say, "It is important to understand that a software license agreement is a contract."
This may be true in some instances but I believe I have adequately demonstrated Autodesk's Subscription and Licence Terms and Conditions are NOT contracts.
Furthermore it is not in the best interests of Autodesk's customers, or the industry, for them to be recognized as contracts for the simple reason Autodesk have chosen to use their terms and conditions to impose invasive conditions that NO sensible person should accept or society should allow.
But the crux of Autodesk's problem lies in the fact Autodesk and its dealers are totally incapable of negotiating their terms and conditions; this refusal has rendered Autodesk's Subscription and Licence Terms and Conditions VOID.
In my blog Caveat emptor I have demonstrated how this has occurred and published my personal declaration.
If more Autodek customers tackled this issue as I have done reform would occur in a manner more useful and of greater benefit to both vendors and customers alike without the costly involvment of the courts and lawyers.
In the mean time I may be the only person, out of millions, that daily uses Autodesk software whilst being completely free of any obligation to Autodesk!
At least for the moment ;-)
@ March 2, 2009 5:59:00 PM EST
skatterbrainz:A very interesting view indeed. I would agree completely, except for the aspect of open source and Creative Commons. Not a comparison, per se, but rather an alternative. In many situations, consumers don't have a choice due to requirements lock-in (features, compatability) as well as expertise (average person's ability to install, configure and maintain a fully open source environment).
@ February 27, 2009 4:37:00 PM EST
Owen Wengerd:I would argue that open source is not generally a viable alternative to commercial software. Certainly in some markets, open source alternatives can provide push-back against an overbearing software industry, but I think a healthy software economy must be based on a legal framework under which both closed source and open source products can be commercially viable.
@ March 1, 2009 6:50:00 PM EST
MikePerry:Hi Owen
Informative, well written and easy to understand (follow) set of articles on "Digital Signatures"...
Take care, Mike
@ December 11, 2007 7:39:00 AM EST
olga13:My name is Olga and I work for a company that specializes in digital signatures.
You have a lot of knowledge on digital signatures and the article is great.
If anyone is interested, there's some useful background (non-commercial) information about digital signatures at http://www.arx.com/digital-signatures-faq.php.
@ April 23, 2008 6:29:00 AM EDT
:FWIW, here is URL containing list of all NIST time servers:
http://tf.nist.gov/tf-cgi/servers.cgi
and more on the keeper of official NIST time here:
http://www.visitkarpathos.com/articles/?article=17
> Modern electronic systems, such as electronic navigation or
> communications systems, depend increasingly on precise time and time
> intervals,” Dr. Matsakis said. “Examples would be the ground-based
> LORAN-C navigation system and the satellite-based Global Positioning
> System.
With 22 timeservers, software which can hop among servers should not
encounter a situation where all are down, unless massive areas of the
Internet are down, in which case other issues may very well take
precedence.:)
In fact, I've used Atomtime:
www.atomtime.com for many years to sync my PC clocks to NIST, and never
encountered a problem other than my own Internet connection being down.
I don't know anything about "commercial" time servers, but my guess is
they just resell USNO time.
Why pay for it again? You already paid last April 15 (and the year
previous, etc.).
@ December 28, 2009 2:35:00 PM EST
Owen Wengerd:I expect the NIST time servers (which, as you point out, are not really "free" because US taxpayers pay for them) are sufficient for most applications. However, commercial time servers should theoretically offer some guarantee, and in any case, someone to blame when there's a problem. For some applications, that is more important than cost.
@ December 28, 2009 2:39:00 PM EST