I'm not disagreeing that it's extremely bad advice (it is), but I don't believe the legal ramifications are all that big. Mostly it's just stupid to invest so much time/effort/money into cracking whatever USB key algorithm is used.
I'm doubtful that simply cracking the USB key, assuming you've paid for the appropriate licenses, would give a company the legal right to sue you. Many aspects of EULAs have never even been tested. Besides that, most courts would likely throw out the case brought by the Vendor if it's demonstrated that everything has been paid for. You can't just sue because people didn't play by your rules. You have to demonstrate that the other party not only caused damages but also that they violated some law or the terms of the contract (which would then be tested for validity). Again, spending a lot of money on software and then spending even more to break this or that idiotic copy protection scheme is a serious waste of time. Economics plays a very valid role here. Buy another piece of software and let the Vendor know why you're doing so. Then maybe they'll stop acting so schizophrenic. Scott On Thu, Oct 29, 2009 at 9:31 PM, Timothy Sipples <timothy.sipp...@us.ibm.com > wrote: > >I've had sufficient experience with dongles to implement > >rule 1: If your business depends on it, crack it. > > I disagree, and I think that's supremely bad advice. Hopefully you were > joking. > > In many countries, if you actually follow that advice the vendor could > successfully sue your business into oblivion. (Most businesses depend on > not being sued into oblivion.) Vendors could also unilaterally take a full > range of retaliatory actions if (when) they ever discover any such > tampering, and in many countries there'd be nothing you could do to prevent > that. As examples, the vendor could refuse to ship you patches, version > updates, deny any support to you whatsoever, and/or blacklist you and > everyone you've ever met (including your second cousin) from ever doing > business with the vendor (and the vendor's friends) ever again. And *then* > the vendor could sue your business into (further) oblivion. In many > countries you could also be liable for criminal penalties. (That'd be > personal fines and/or jail time.) > > But there's an easy solution. If your business really depends on a USB key > fob, contact the vendor and buy two, with staggered expiration dates. Put > one at site one, the other at site two. As another option, buy one USB key > fob, and set up a contract (with a specific Service Level Agreement) for > authorized remote hosting as backup. Or implement a legal variation of > these basic ideas. > > Those are much better solutions than doing something (quite frankly, at > best) dumb, don't you think? > > - - - - - > Timothy Sipples > IBM Consulting Enterprise Software Architect > Based in Tokyo, Serving IBM Japan / Asia-Pacific > E-Mail: timothy.sipp...@us.ibm.com > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO > Search the archives at http://bama.ua.edu/archives/ibm-main.html > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
