feature article
Subscribe Now

What Are You Buying?

Watch Out For More Than Just the Small Print

It looks so beguiling – on-line access to your favourite software so you never have to worry about updates, patches, new releases, whatever. The consumer companies are all going for it – Microsoft, Adobe and others. But it leaves me with a sinking feeling. Why?

Obviously I realised years ago that I never owned the software that I bought, for real money, on a deck of 5.25” floppy disks – I merely had a license to use it. And that license could be subject to various serious limitations.

As an anecdotal aside, I was told of a team that was working on a new release of some well-established embedded software that was based on Microsoft Windows. Some keen young man read the license and discovered,

You may not use the Microsoft software in any device or system in which a malfunction of the software would result in foreseeable risk of injury or death to any person. This includes operation of nuclear facilities, aircraft navigation or communication systems and air traffic control.

This was a bit of a problem, since the application was none of those listed but had the potential, no matter how small, to cause injury if it went wrong.

When did you last read your licenses, or do you just tick the box that says you have and then move on? I have written before (License to Bill) about the games company that included in its license:

“By placing an order via this Web site on the first day of the fourth month of the year 2010 Anno Domini, you agree to grant Us a non transferable option to claim, for now and for ever more, your immortal soul. Should We wish to exercise this option, you agree to surrender your immortal soul, and any claim you may have on it, within 5 (five) working days of receiving written notification from gamestation.co.uk or one of its duly authorised minions.”

And that then went on to say, “We reserve the right to serve such notice in 6 (six) foot high letters of fire, however we can accept no liability for any loss or damage caused by such an act. If you a) do not believe you have an immortal soul, b) have already given it to another party, or c) do not wish to grant Us such a license, please click the link below to nullify this sub-clause and proceed with your transaction.”

Around 7500 customers clicked to accept the clause.

Now most End User License Agreements (EULAs), the license you agree to when ticking the box, may contain more immediately damaging clauses than losing your immortal soul. There is often a clause or clauses that say the software developer can monitor your use of the software and also provide automatic updates, which can, in some cases, include software from third parties. And if the software causes problems with the rest of your system, that is your problem, not the software suppliers. Many EULAs prohibit reverse engineering the program, digging into it to see how it works, or making any changes to the software. As for running benchmarks over several programmes – sure, you can do that, but many EULAs don’t allow you to publish the results. McAfee (then called Network Associates and now part of Intel) used to say, “The customer shall not disclose the results of any benchmark test to any third party without Network Associates’ prior written approval.” So no talking about your evaluation tests at a technical conference, then.

This is not a new problem, but what about when you move into the cloud, as many software suppliers are doing? Adobe, for example, will soon no longer provide its Photoshop and InDesign software as a single purchase. Instead, they are providing Creative Cloud, with a monthly subscription, and a range of add-ons, including web storage and access to additional services. If you commit to a year’s subscription, the monthly fee in the US is $50. The upside is that the cloud provides for collaborative working and access from a range of devices. But a quick look at the reviews on the Adobe web site shows discontent and disquiet. There are concerns over the cost of rental, particularly for users who don’t want to use the entire suite but only one or two applications (at the cost of $20 per month per application), and the potential for rental to be ratcheted up in the future, slow loading from the web onto the desktop, issues with OS compatibility, the requirement to allow internet access at least once a month for license validation, and, at least earlier this year, strong concerns about bugs in the new applications.

Microsoft is also offering its Office suite in the same way, as Office 365. It, too, has add-ons, including Skype World Minutes, cloud storage, etc. What you pay depends on which version you choose, but, for home users, the US price is $99.99 a year – much less than Adobe, but then, Office always was cheaper than the Adobe products. Business users are forbidden from using the Home Premium (it is in the EULA) and have to go down a slightly different route, which is $150 per user per year, but, according to the Microsoft web site, it includes “business-class email, a public web site, web conferencing, and document sharing.”

My personal concerns, based on many years of previous experience, are that I am not confident about the process of continuous upgrade that seems to becoming the norm, and, also, I am convinced that rental costs will rise.

My concern about continuous upgrade is that all companies, not just Microsoft, have a history of issuing bug fixes that have disastrous side effects. I can see a future where the whole world wakes up to find that Word has collapsed overnight.

Ratcheting up rental is not an unreasonable concern. The big suppliers of big software to big companies normally work to a model of a perpetual license plus an annual fee for maintenance and support. This is usually a percentage of the initial purchase cost and, a few years ago, was normally around 15%. It has gradually crept up and is now, for products like SAP, which are now essential to an organisation’s operations, around 22%. That is, you are paying the equivalent of the original fee every four to five years. It used to be said that the companies making razors would sell the razor at a low price to make a profit on the razor blades. In this context, the big companies appear to be making a profit on the razor as well as on the blades.

The big players here are probably assessing moving to the cloud, but they have already been beaten to it by companies offering “Software as a Service” (SaaS). These are smaller players without the huge user base, who are offering flexible options.

A final concern is over the security of the documents held in the cloud. With the latest revelations about the NSA and GCHQ, is there any reason to assume that anything stored in the cloud is not accessible by a government? And the fact that a contractor was able to download enormous quantities of classified information, albeit for what he saw as the public good, doesn’t mean that another contractor couldn’t download my information and pass it to a competitor for commercial gain. In fact, one might just possibly conceive of a government accessing the documents of a foreign company to assist its own industry.

So far I have looked at commercial, rather than technical, software. But the same trends are here as well: around four years ago there was a flurry of discussion about the EDA companies providing their products as SaaS, and, if you dig around, you find that there are some SaaS options available from the big boys, but they are not, in my experience, being aggressively marketed. One issue is pricing, but another is the sheer size of the files that advanced EDA currently needs. Moving these through even high-speed links can take time. Also, many semiconductor companies can be even more paranoid than other companies about security.

And security concern is not just about other people reading your files. There are already well-documented outages of cloud-based servers: Amazon, Facebook, Dropbox, Google Drive, and Twitter all suffered outages in the first half of 2011. And Microsoft lost Office 365, Outlook.com and Bing at different times in the same period. Many of these appear to be technical problems associated with massively complex systems, but these companies, and the services they offer, are also juicy targets for hackers.

There are some benefits – but I find it kind of spooky when a search on my Google page on the desktop is immediately available on my cell phone and iPAD. Opening the Kindle reader on my cell phone brings me to the point where I finished reading on the iPAD – at least if Amazon hasn’t deleted them as I crossed a national border, or just because it doesn’t like me. And, again, I don’t own those eBooks but merely have a license to read them. (N.B. – I still don’t own a dedicated eBook reader and use Kindle for out of copyright books to read in quiet moments.). 

Maybe I am just feeling grumpy; maybe I am just becoming reactionary and nostalgic for the days of 16-bit processors and 5.25 disks. But, once again, it looks as though, when you are buying, or rather licensing, software, you have to tread very carefully.

3 thoughts on “What Are You Buying?”

  1. With cloud EDA, auto-update is a huge no-no. And the EDA guys seem to be aware of that. When you start a design, you pretty much need to be able to freeze the tool version for the life of the project. Having a last-minute ECO result in complete rerouting because the routing algorithms were tweaked (“improved”) overnight would cause no end of heartburn.

Leave a Reply

featured blogs
Jun 14, 2021
By John Ferguson, Omar ElSewefy, Nermeen Hossam, Basma Serry We're all fascinated by light. Light… The post Shining a light on silicon photonics verification appeared first on Design with Calibre....
Jun 14, 2021
As a Southern California native, learning to surf is a must. Traveling elsewhere and telling people you’re from California without experiencing surfing is somewhat a surprise to most people. So, I have decided to take up surfing. It takes more practice than most people ...
Jun 14, 2021
The Cryptographers' Panel was moderated by RSA's Zulfikar Ramzan, and featured Ron Rivest (the R of RSA), Adi Shamir (the S of RSA), Ross Anderson (professor of security engineering at... [[ Click on the title to access the full blog on the Cadence Community site. ...
Jun 10, 2021
Data & analytics have a massive impact on the chip design process; we explore how fast/precise chip data analytics solutions improve IC design quality & yield. The post The Importance of Chip Manufacturing & Test Data Analytics in the Semiconductor Industry ap...

featured video

Kyocera Super Resolution Printer with ARC EV Vision IP

Sponsored by Synopsys

See the amazing image processing features that Kyocera’s TASKalfa 3554ci brings to their customers.

Click here for more information about DesignWare ARC EV Processors for Embedded Vision

featured paper

What is a Hall-effect sensor?

Sponsored by Texas Instruments

Are you considering a Hall-effect sensor for your next design? Read this technical article to learn how Hall-effect sensors work to accurately measure position, distance and movement. In this article, you’ll gain insight into Hall-effect sensing theory, topologies, common use cases and the different types of Hall-effect sensors available today: Hall-effect switches, latches and linear sensors.

Click to read more

featured chalk talk

Building Your IoT Toolbox

Sponsored by Mouser Electronics and Digi

December 17, 2020 - IoT design is a complex task, involving numerous disciplines and domains - including embedded design, software, networking, security, manufacturability, and the list goes on and on. Mastering all those moving parts is a daunting challenge for design teams. In this episode of Chalk Talk, Amelia Dalton chats with Andy Reiter of Digi International about development, deployment, manufacturing, and management tools for IoT development that could help get your next design out the door.

Click here for more information about DIGI XBee® Tools