This might in fact turn out to be one of the biggest, most expensive blunders by the company in question. Years later the tale is recalled - aggressive misguided legal department sends a C&D to one of the greatest projects in human civilization. Internet responds by hackers pooling in time and resources to build an alternative, superior, free solution that becomes the benchmark effectively putting the aforementioned vendor out of business. Poetic justice.
So much fail here. If someone is aware of the vendor's name please publish it here so that I can avoid doing business with them.<p>The software company was within it's rights, but there's a big difference between what you're legally allowed to do when you detect a licence violation by a big customer and what you should do. You <i>should</i> attempt to preserve your company's good name at CERN and get the licensing situation fixed (by removing the extra copy or relicensing it). You <i>should not</i> try to go after a poor CERN student for 30k because he/she installed your software on the wrong computer despite having a valid license.
Wow, this post makes me angry and I don't know at whom. Is it the student's fault, who wanted to use the software he had legally licensed, but couldn't because of stupid licensing terms, or the company's fault for wanting to get paid for their software?<p>I'm inclined to side with the student, I think. When I pay for stuff, I want to be free to use it in a reasonable manner, and restricting usage of the software on the specific computers the company likes is not reasonable.
The thing that angers me about this, is that the user could legally access this software from his Laptop, albeit over an inferior third-party interface.<p>His choice was between accessing the software over a display proxy, and accessing the software locally. The provided functionality was essentially the same either way.<p>I don't understand how this minor technical distinction should be worth 30 kCHF.
I find the behavior of the software manufacturer rude and unacceptable. CERN is certainly not the type of company that screws you over or produces counterfeit copies for their own profit; 30kCHF is an outrageous claim.<p>Sure, people using your software without a valid license is not cool. On the other hand, AllSIM didn't suffer any damages.<p>Also, there are probably not that many potential customers in the world for AllSIM(TM). Maybe CERN should have used their power to make clear that this was the act of a naive student, and that a ridiculous fine could seriously impede the future business relation with CERN...
Yes the student fucked up, but CERN does have the 30k to spare, where as this student probably does not. Sure this is a good lesson to share, but also this is someone's life. They could have let the student go but still paid for it. Its the human thing to do
In case anyone was also wondering, that's the Swiss Franc, and not a Chinese currency, and converts to about 30,800 US dollars.<p>> As he was affiliated with a university, CERN passed all costs to them who, in turn, passed them on to the student.<p>At first I thought that the software vendor was being unjustifiable. But if you think about it, the student was not just part of CERN, he was also (using the s/w) to work on a CERN project - so it does kind of all fall back into CERN's lap. Yet CERN passed the cost to the university, which passed the fine to the student?
My opinion of CERN has gone done a few notches after reading this bitchy blog post, this is some poor sap's life they have ruined for taking initiative around silly restrictions to get shit done.<p>They should have contacted the software company in question and settled this, now both CERN and Allsim have a bad reputation and a student is deep in debt
WTF?<p>The student was wrong. He had access to a legal copy through CERN, but instead, he used a pirated copy. Not only is that legally wrong, it is bizarre.<p>The company was wrong. They are not a law enforcement agency. They have no right to demand a fine of CHF30000 be paid. At best, they can send a cease and desist. If they believe significant damages have occurred, they can sue.<p>CERN was wrong to pay the fine and pass it on to the student. For one, they had a site license. For another, after investigating, they found it to be the stupid act of a naive student who, I am sure, has learned his lesson by now. However, it was no skin off their back to pay up and pass it on. They should have refused to pay the fine and participated in coming to an amicable settlement between all parties involved.
CERN should try to mediate between the software company and the student.<p>The high fine of 30k was probably set because the company thought CERN was violating their licensing. For an institution or large company the size of CERN, 30k might be a justifiable fine.<p>If the company knew the infringement was done by a single student, they probably would not have set such a high fine.<p>Also, I doubt 30k would hold up in court as a reasonable fine, given that the student had access to the software anyway. Although him downloading the software illegaly shows some criminal energy.<p>But maybe I'm wrong and the company knowingly fined 30k for the single person's license infringement and CERN tried to avert that. Would be nice to know some more details.
Lessons to learn from this:<p>1 CERN will fuck you over, do not count on them, and definitely do not go above and beyond to finish a job assigned by them<p>2 Use outbound firewall when using pirated software. Download said pirated software only from connections that cant be traced back to you. Learn about output files watermarking (for example IDA Pro watermarks everything).<p>Good job CERN, prime blog post there, people skills so stronk!
This bulletin is obviously aimed at scaring others who were thinking of doing something similar. Still, it's a bit heavy handed, isn't it? No one was hurt, no damage was done, CERN responded immediately when notified, and it turned out to be a dumb student who fucked up. Give the dude a slap on the wrist, and let it go.
"the student has not only placed the Organization's reputation at risk"
Not nearly as much as posting about it on a publicly-accessible blog.
CERN should have told AllSIM to go pound sand on "indemnity"; just pay the difference between the license they have and the one they need, even just in kind (losing a couple of users). This under threat of losing CERN forever as a customer. I bet AllSIM would have relented: 30k CHF won't pay three weeks of lawyer fees, nor will they make up for years of CERN business.<p>That was the right thing to do, not washing their hands of it and crucifixing a kid. Unfortunate things happen all the time in business, real men deal with it with fairness. This is despicable behaviour.
You don't take a binary blob from a dubious website and install it onto a company machine, and if it was his own laptop, then you don't use such a blob to produce another blob and install that on your company's machine. That's such a damn stupid thing to to in so many ways. The IT security department has all the reasons to be angry, much worse could have happened than triggering some company's license monitoring system.<p>Having said that, I hope they are going to let go on the student with that 30k.
Was the company in question legally right? Probably (I'm not a lawyer). Was this a dick move? Totally. Did this move makes them any long term benefit? I don't think so. I think they lose this short term 30k CHF in long term by harmed reputation. So in the end everybody loses.
I'm confused. If CERN has the licenses, and the student is covered under that usage case, why wouldn't their license rights apply to the software that the student was using (regardless of where they got the the binary installation or whether it had a crack). The software has still been paid for, so why wouldn't the software company allow it? It sounds like the software company is exploiting a technicality in their licensing terms, for no real reason other than greed?
Sure, Switzerland isn't in the EU but can companies really issue huge fines to other people there? Here in the UK I believe fines/penalties in civil situations can be restricted to the actual damage caused (?).<p>I hope this ends up in court if Switzerland has similar rules. It seems like one of those situations where a company might <i>legally</i> be able to do something, but the ethics are uneasy.
I don't mean to be zealous, but I'll be honest. Why don't research organizations and international conventions have strict policies of using only free (as in freedom) software? I think this is a cautionary tale right here of why it's important. The licensing pitfalls of violating proprietary terms are so much higher stake.
This happens frequently at large corporations, where a design engineer uses either an educational or personal license on a corporate machine (or vice versa), either out of ignorance or simply because they want to work more flexibly than they'd otherwise be allowed. IT departments don't adequately educate about it, imho, and software companies are too heavy-handed in enforcement, but regardless of all this, the student was in the wrong here and absolutely knew better than to use a pirated license.
The so-called freedom that software authors have to choose a software license is in reality not a freedom, but a controlling power over other people – the users of said software.<p><a href="https://www.gnu.org/philosophy/freedom-or-power.en.html" rel="nofollow">https://www.gnu.org/philosophy/freedom-or-power.en.html</a>