Fri, Aug 31 2007 18:46
Dear Mr. Ballmer and Mr. Ozzie:
I've written open letters to Mr. Ballmer before, I've never done one to Mr. Ozzie. Here's one to both:
It's about Vista. I like it. I really do. But you really need to do something about Windows Genuine Advantage. Because I see comments from SBS consultants who are being personally impacted by WGA's false positive flagging of genuine machines as degenuine and they don't want that near their business clients. And quite frankly I don't blame them.
From a VAP/VAR who is dealing with a machine that has a WGA that won't flag as genuine. While he hasn't lost functionality, the fact that he cannot get it fixed using reasonable measures is unreasonable"It’s been most of this week – I followed the official route from the WGA site, submitting a support request with the tests/documentation. I was contacted in 24hours by email (as promised), to be told a support engineer will contact me within the next 24 hours ;-/. And that happened - so the first 48 hours were ‘as designed’. Now that I’ve tried the suggestions without resolution and submitted the results, I guess it’s a wait of another 24 hours? The newsgroups are full of folks with ‘invalid license’. Shame on MS. I’m off for the weekend now, but I’ll be danged if I’ll willingly recommend my business customers risk this (or my ‘home’ friends, for that matter). Long live XP, and have a great weekend everyone."
The risk of Vista is too great. You are impacting future sales with the inability to see that the risk of WGA to your valid business customers is too great. And all that stuff that Mr. Ozzie is working on, the Software as a Service is going to nail the coffin into Vista that much more in the business world. We won't care what operating system we run. It's just a shell. It doesn't matter. The applications matter. And Office 2007 is priced in a retail manner to outprice it from most folks if they don't buy it via OEM channels. So the more you tighten the grip on WGA on Vista, the more we will realize that the operating system doesn't matter as much anymore, and that we'll push our vendors to provide Software as a Service.
As someone said... you willing to roll the dice again on WGA? Run mission critical machines with the possibility that WGA servers will be working like they should? Can you guarantee... GUARANTEE that this will never ever happen again?
The more I read about Vista in the various books and blogs I read, the more I'm getting excited about when I can match up the Server and the Workstations security level. I don't get the UAC prompt and to me the folks that complain about it, it just showcases that we don't understand user rights and permissions.
I can deFUD User Account Control. I can explain people about turning off UAC turns off IE in protected mode. I can tell people to tweak the setting if they insist that it's so annoying to them. And, quite frankly, I'm beginning to think that humans that compute have lost all ability to deal with change.
But here's the deal. What I can't deFUD is WGA.
Sure you can say that you will put in place policies and procedures to ensure that you are monitoring it better but you cannot reassure this consultant when he says:
"I won't tolerate a business interruption because of WGA, not for one second. I don't intend to give it an opportunity to do so, anytime soon"
You can't guarantee that not for one second.
And neither can Nick with the current system in place.
So here's your action plan:
Ensure that there will never again be a possibility of business interruption due to Vista's WGA servers. Ever. And not just monitoring to ensure that you can roll back. Flat out never a possibility. Never a risk. Never.
That's your goal and your mantra. And until you ensure that Vista will not and cannot be impacted by failed WGA servers, the risk to business is too great for many to accept.
It's that simple.
P.S. For those of you looking to write your own certified mailed letter to Mr. Steve Ballmer and Mr. Ray Ozzie, you can send those to One Microsoft Way, Redmond, WA 98052-6399 USA. More information on contacting the Board of Directors can be found on the "Contact the Board" site.
Filed under: Security