Bruce Schneier Weighs in on IT Lock-in Strategies

dhavleak writes "Wired has an article from Bruce Schneier on the intersection of security technologies and vendor lock-ins in IT. 'With enough lock-in, a company can protect its market share even as it reduces customer service, raises prices, refuses to innovate and otherwise abuses its customer base. It should be no surprise that this sounds like pretty much every experience you've had with IT companies: Once the industry discovered lock-in, everyone started figuring out how to get as much of it as they can.'"

Build-your-own systems are starting to look good..

[KublaiKhan]

Right down to the processor level, even. If they're going to try to lock me into their hardware and software, I want none of it.

Does anyone have a link to some resources on how one might build one's own processor? How much does it cost to do that sort of thing?

Re:Build-your-own systems are starting to look goo

[milsoRgen]

http://www.opencores.org/ [opencores.org]

As far as the cost of getting one of those built, I'd like to know that myself... Reminds me when I was part of the crew dismantling the old fabs responsible for the Z80 [wikipedia.org]... Shoulda paid one of the drivers to deliver one of those Canon machines to my garage...

Re:Build-your-own systems are starting to look goo

[Anonymous Coward]

Prohibitively expensive and time consuming (unless you want to make a 4 bit processor, some one did that recently by hand).

Re:Build-your-own systems are starting to look goo

[eln]

Does anyone have a link to some resources on how one might build one's own processor? How much does it cost to do that sort of thing?

Well, it depends on how fast you want it to be. For my home computer, I used the instructions here [ryerson.ca]. It's a little slow for less advanced users, but I find I can surf the web at a pretty good clip once I get going. Of course, splinters can be a problem.

Re:Build-your-own systems are starting to look goo

[maxwell demon]

Don't stop at the processor level. The fundamental laws of physics already contain signs of corporate lock-in. The No-cloning feature of quantum mechanics clearly is a sign of DRM built into the fundamental laws of the universe. And the inner workings of about everything we use is tied to the exact laws of the universe we are in. Therefore you have to start at the very beginning: First build your own universe!

Re:Build-your-own systems are starting to look goo

[some old guy]

I built my own universe once, but the startup Bang really hosed up my wife's microwave.

Re:

[Red Flayer]

That's weird -- In my alternate Soviet universe, the microwave hose really banged up my wife's startup.
Now our stock options are worthless.

/Was gonna go with 'I started up my microwave and then banged my wife with a hose' but I thought better of it for some reason.

Re:Build-your-own systems are starting to look goo

[aeoo]

Probably meant as a joke, but this is very profoundly insightful from a spiritual point of view. This is in essence what spiritual adepts in many spiritual paths will do. The "physical" lock-in is happening in your own mind at a very deep level. It is non-trivial to overcome it.

Re:Build-your-own systems are starting to look goo

[webmaster404]

Hmm? I highly doubt that any computer maker will lock you into hardware/software it just is bad business. Think of Dell, Vista failed, people started to not buy computers so they switched to letting people use XP, enough people wrote in and now they offer Linux, the hardware companies just want to sell hardware, if they can get that by offering Vista they will, if enough people request Linux they will offer that. Most hardware manufacturers want their product to be used as much as possible, if that means using standards they will (and mostly have) use it to get people to buy it. We are far away from computers (laptop and desktops not PDAs and Cell Phones and such) that have hardware/software lockin and the only one to have done it was Apple however now they let even Windows boot on Macs. The fact is, hardware manufacturers don't care about locking you into software, they just want money, if they can get that by offering MS, Linux, or whatever they will so lockin is a bad choice for them.

Re:

[ChrisMounce]

That's why it's called a lock-in -- you know the customers won't like what you're about to do, so you lock them in. And lock-in isn't a bool, it's a float: all companies lock customers in, but some do it intentionally and to much greater extents than others.

I do agree with what you said when it comes to smaller companies/non-monopolies -- they don't have much reason to lock-in customers, because they don't have very many customers to lock in, and because it's much more beneficial to look like the consumer-f

Symantec

[QuantumRiff]

Is the freaking worst. We finally switched when their AV client, sitting idle on a PC that was just booted, was using 50MB of RAM. (Some of our systems only had 256 at the time). Over 4 years, our renewal costs (we're a school), went from $5/machine to $18/machine. We still use ghost, and have not seem one damn improvement in the last 4 years, even though it has gone through all sorts of different versions. (now using Ghost solution suite 2.0) I don't see any difference in the software. dear god, you would think they would use WinPE by now, and stop breaking up Ghost images into 2GB chunks. I guess 2 years ago they fixed some multicast issues. Thats it. We just moved from Backup Exec 9.1 to Backup Exec 11d (We had starting using when it was Veritas), mainly for tape encryption capabilities. Of course, it is working fairly well, unless I do something crazy Like try to encrypt our backups to tape. I sat on hold for 45 minutes yesterday, and gave up.. They just bought Altiris, which is who we were looking at to switch to from Ghost. GRRR.. They just buy companies, and then raise prices..

Re:

[greenbird]

We just moved from Backup Exec 9.1 to Backup Exec 11d (We had starting using when it was Veritas), mainly for tape encryption capabilities. Of course, it is working fairly well, unless I do something crazy Like try to encrypt our backups to tape. I sat on hold for 45 minutes yesterday, and gave up.. They just bought Altiris, which is who we were looking at to switch to from Ghost. GRRR.. They just buy companies, and then raise prices..

You know, with the price of disk space what it is today I find it hard to come up with any reason to use tapes for backup anymore. 2 backup servers, one offsite over VPN or ssh, with encrypted RAID hard drives on LVM, rsync with hardlinks [mikerubel.org] and compressed dump for archiving is much cheaper and more reliably than tapes especially with offsite storage. This can even allow automated background backup of laptops when they're connected. What am I missing? What do tapes add that would justify the added expense an

Re:

[QuantumRiff]

Long term storage. Our state mandates that student records be archived for 99 years. We can lock tapes in a Safety deposit box. They have a much longer shelf life (and are cheaper) than hard drives. I pay about $40 for a 600GB SDLT tape. Easier rotations. No raid setup, no off site connectivity costs (we don't have an "off site" yet). Smaller footprint too.. I can go back to any point in the last 8 years and grab a file. Can you do that with you hard drives? Do you still have servers with IDE drive

Re:

[rho]

Will the DLT last for 99 years? Or is this a "let the next guy dump them out to holocrystals" thing?

Re:

[turbidostato]

"Do you still have servers with IDE drives?"

Oh! so you are one of those that still own in operating conditions half-inch open-reel tapers?

Or else, your argument is moot, you know...

Re:

[Vombatus]

Long term storage. Our state mandates that student records be archived for 99 years. We can lock tapes in a Safety deposit box.

You do realise that backup and archiving are two entirely different things, don't you?

Re:

[ScrewMaster]

I wasn't particularly thrilled when Altiris bought Wise Solutions (because we use Wise Installation Studio) but I was definitely displeased when Symantec bought Altiris. I've noticed that the latest release of Wise is slower and less stable than previous versions. Still a good product, don't get me wrong, but I don't like it one little bit when companies that I depend upon get bought out, particularly by outfits like Symantec. Hell, even if the new owner is a decent operation, shit changes, and often not fo

This is true, but on the other hand

[rastoboy29]

By being greedy for lockin one also increases the difficulty of getting the initial sale.

Re:This is true, but on the other hand

[rkanodia]

This isn't always true. For many users, the pain of proprietary file formats is not understood until well after the purchase.

Re:

[nschubach]

Not really... if you work with the OEMs and offer them ultra cheap prices on your initial run or give them away free on the net, you can sit back and benefit from those customers coming to you for an upgraded version in the future so they can use whatever service it is that you provide.

Re:This is true, but on the other hand

[idontgno]

Tell it to street-level drug pushers. They mastered lock-in decades ago. It's only recently [microsoft.com] that tech marketing has risen to the level of "The first taste is free, baby!"

Urgh... some worse than others.

[Penguinisto]

I love the one from Cadence that required a license key which in turn ties into a specific MAC address before it'll start up... hope the NIC doesn't die (I'm currently stuck with seeing if I can get a VM instance going and fake the same MAC for a migration... not looking good, and not a day goes by that I don't curse my predecessor for installing that POS in the first place).

Hell, my management fears vendor lock-in more than they fear Death itself (which probably explains why we're a very heavy Linux shop)...

I realize that a lot of PHB's couldn't care less (and an alarming # of CIO's and IT management don't either), but we're far enough along now that it's starting to bite a lot of accountants and IT critters square in the ass.

IMHO, it does matter, and it explains why a lot of shops are moving away from proprietary solutions, going to Linux/BSD and such.

Now if only we can definitively tackle the two biggest examples of attempted vendor lock-in alive (Exchange and MS Office), we'd be set.

/P

Re:

[Obfuscant]

I'm currently stuck with seeing if I can get a VM instance going and fake the same MAC for a migration...

The beauty of using Linux is that you get the source code. ALL the source code. Even the code that implements the IOCTL function for "tell me my interface's MAC address".

Re:

[whoever57]

I love the one from Cadence that required a license key which in turn ties into a specific MAC address before it'll start up... hope the NIC doesn't die

You do know about macchanger, don't you? Or "ip link address ..."

Re:

[sconeu]

VirtualBox lets you set the MAC. It's right there on the Network settings page.

Re:

[dbIII]

USB to network dongles do the job well and it's easy to change the MAC address in every OS I am familiar with (most likely the others as well). Just ask the vendor first. One was happy with this solution when they only had a choice of parallel port blocks or a MAC address and I wanted a USB dongle so the software could be legally used on a few machines. A lot of this security software is effectively abandonware that predates the trend of vanishing parallel ports.

This year (2008) I've already had licenced

Re:

[Chris Mattern]

I love the one from Cadence that required a license key which in turn ties into a specific MAC address before it'll start up

Good thing that almost all NICs can be configured to be any MAC you want if necessary.

Re:

[CodeBuster]

If you are using Linux then it probably isn't an issue, set the MAC to whatever you want. However, in windows it is also possible to alter the MAC address of your network interfaces to something other that the factory defaults. The procedure is as follows:

Go to the Properties menu of the Ethernet adapter, in the Advanced tab, as "MAC Address", "Locally Administered Address", "Ethernet Address", "Physical Address" or "Network Address". The exact name depends on the Ethernet driver used; not all drivers' s

Re:

[Penguinisto]

That's correct - this is a legacy bit that we're stuck with on one of the few Win2k3 servers we have still going.

My thanks for the tip :)

/P

Re:

[imbaczek]

I haven't seen a NIC that can't change it's mac in the driver options on win xp. It's never called "MAC address" like it should, though.

Re:

[turbidostato]

"The only other relevant thing I can think of is that some (all?) linux distros randomize MAC addresses of network cards on boot..."

Wow, man, that one was really great.

At the same time it explains why religion is so pervasive in human race: people have a *very* strong tendency (I'd even say a *perverse* tendency) to fullfill their ignorance out of the most absurd "explanations". 'Horror vacui', I think.

Re:

[nevali]

The only other relevant thing I can think of is that some (all?) linux distros randomize MAC addresses of network cards on boot... woe to the user who tries to use the software you're referring to through wine!

Presumably there are no DHCP or BOOTP clients for Linux, then?

There's not a single new thing about lock-in

[postbigbang]

Just some things that are more onerous than others. This has been going on since the beginning of the industry, and it won't change. You can complain about it all you want, but it's going to continue to happen.

Everyone wants a revenue stream not a revenue pond.

That doesn't justify boorish behavior, but it explains how companies want to stay in existence, and few other models exist that allow them to do this. Once again, Bruce thinks we were born yesterday.

Re:

[Anonymous Coward]

Yes you're right. But the stream and pond are illusions of greed and shortsightedness. Think of all the products over the years that you have fought with.

Power connectors. There's a perfectly good international standard but your manufacturer chooses to modify the connector making it 1mm smaller than it should be, so you have to buy their power supplies.

Batteries. There are scores of standard sizes for ever possible device. But your manufacturer decided to create one that doesn't fit anything else and nothin

Re:

[postbigbang]

No one argues the downsides and superfluity of lock-ins. I like FOSS. But standards are used by those that bought and paid for them. Look at the history of Ethernet if you're not sure about that. Stallman was right about many things, and one of them was greed. Open is better, but don't expect the world to change overnight.

Re:

[Jeff DeMaagd]

Once again, Bruce thinks we were born yesterday.

Maybe he's found his own "celebrity lock-in", where he's getting headlines for stating what's basically f**cking obvious. I think he should stick with security.

Re:

[Sloppy]

it won't change. You can complain about it all you want, but it's going to continue to happen.

[cynical]You're probably right[/cynical] but complaining serves a useful function, on its own. Most people don't think about lock-in, or aren't able to perceive it (until they're locked). When you complain (especially if you have a large audience, like The Bruce), you can get the word out. You can cause prospective buyers to become informed. Information is a market force. Sadly, it's a weak one, but it's so

Re:

[postbigbang]

I saw this device recently, designed to be a be-all power supply for everything. It auto-senses voltage draw and feeds it. You have to get different connectors for different hardware, but it powers darn near anything from a USB widget to an Apple PowerBook (not sure about the weird connector for MacBook Pro). The idea is to give a road warrior freedom from carrying so many bricks. It's a wonderful idea, and it is doomed, sadly. Get a generic car, and you'll get a generic PC. Sorry to use automotive metaphor

Re:

[Vellmont]

This has been going on since the beginning of the industry, and it won't change. You can complain about it all you want, but it's going to continue to happen.

I disagree. Lock-in is getting smaller every year. To give a few examples, Do you have any vendor lock-in with your SMTP server? Nope, because SMTP has been the standard mail transfer protocol for years. Are you locked into a single router vendor? Hell no, because TCP/IP is TCP/IP.

Lock-in only makes sense as far as a single vendor-neutral standard

Re:

[postbigbang]

With rare exception, standards are bought and paid for. Look at who's on the IEEE committees..... the ITU.... it's not civilian engineers, it's sponsored lobbyists. Certainly, they don't always get their way, and there's a bit of democracy-- if that's what you want to call it. Vendor-neutrality is somewhat of an oxymoron.

Sun, IMHO, used to manipulate Ethernet by using non-standard frame gaps. Their traffic would get through before someone else's that respected a frame gap. SMTP is a horrible standard, and y

Re:

[gbjbaanb]

In a way there already is a systematic approach to open business models.. or remind me how well IBM and GEC are doing as IT vendors nowadays..

If MS and others increases their lockin practices (and I'm sure they will try more and more) then they will only serve to increase the number of Linux desktops out there. Its ironic that the best way to get Linux on the Desktop is for Microsoft to do everything in its power to keep Windows there :)

Re:

[DavidNWelton]

In Information Rules [squeezedbooks.com] the authors suggest that clients need to be informed about the potential for lock in, and crucially, to negotiate a good deal before signing up, while they still have bargaining power.

This has *always* been the case...

[wandazulu]

Per the article, sure, you can switch to a Pepsi in a second if you don't like the Coke, but both Pepsi and Coke spend *enormous* amounts of money to suggest that switching to the competitor's product will make you less desirable to women, less success at your job, etc. That's what advertising is all about, trying to get you to lock *yourself* in, willingly, to a single product.

But I digress...

Everybody dreams of being Ma Bell, where even putting a plastic cone on a headset could "damage the network". A lot of companies have had their turn too. We all think of Microsoft as being the king of lock-in, but for my money, it would still be IBM, where their mainframes and mid-range machines were so locked down that you had to get approval to install *anything*. At least with a PC or even a Mac, you can install another OS and you're free and clear. With IBM equipment, they could shut you down remotely if you missed a single "usage" payment (which was calculated *by* *the* *processor* *cycle*!!).

I cannot think of a single company that wouldn't want total lock-in of its users, regardless of industry. Some are just more capable of doing it than others.

I got lockwd in...

[tristian_was_here]

I got locked into Ballmer's secret office after he found Linux on my laptop while sitting in the park.

I did manage to escape the MS compound dodging flying chairs!

You jest, but

[Burz]

Recently I've compared MS sales force to Jehovah's Witnesses, but the reality is often worse than that and the following anecdote [web-strategist.com] reminded me:

Back in 1995 on a public list I wrote a message critical of Microsoft.

They used their DevNet developer database to locate a colleague at my place of work through whom they applied pressure at senior management level, i.e. vailed threats to withdraw discounts etc., in an attempt to prevent further criticism from me.

Fortunately, Microsoft's emails to management actually confirmed everything that I'd said was true. I still have copies with management's handwritten comments.

At least I'm not paranoid anymore - I know what they'll do with all that information.

I'm sorry, there are plenty better examples

[captnitro]

Your iPhone comes with a complicated list of rules about what you can and can't do with it. You can't install unapproved third-party applications on it. You can't unlock it and use it with the cellphone carrier of your choice.

As Gruber noted [daringfireball.net], that's not really that complicated. It doesn't count as complicated if you can explain it in two sentences.

It's why all gaming-console manufacturers make sure that their game cartridges don't work on any other console...

I think we need another word for this than "lock-

Re:

[jonbryce]

Mu iPaq doesn't have lock in. I bought it direct from HP rather than from a phone company, and then got a SIM only contract from O2 which is less than half the price of the iPhone contract. The phone cost £320 vs £270 for the iPhone, and in at least some areas, has more features - it has GPS, a keyboard, Exchange push support, the ability to add Blackberry support, and the ability to write your own software on it using Visual Studio or possibly Mono.

Re:

[un1xl0ser]

As for conscious lock-in, if you don't want a phone with lock-in, you're free to get one. Enjoy paying twice as much for calls and having a per-call fee. Lock-in costs less than stuff without lock-in because it reduces risk. It's a valuable tool and one that, despite the Slashdot crowd's feeling, most consumers have little problem with as a way to get goods more cheaply.

As discussed above, a subscription model (including break-out fees) doesn't fit the type of lock-in that we are discussing here. The cost of getting out of a contract can sometimes be less than the cost of the phone itself, which means that the cost isn't above and beyond the cost of the product itself.

Phones are a bad example of lock-in, in my opinion. Microsoft's monopoly and the software industry is the best example of lock-in, hands down. Beyond that, corporate IT is the next best place to find vendors

Re:

[SeaFox]

As Gruber noted [daringfireball.net], that's not really that complicated. It doesn't count as complicated if you can explain it in two sentences.

As much as I like what Gruber says in his blog, in this case he was just being another iPhone fanboi defending Apple. The difference between Nintendo vs. Sony vs. Microsoft is that even if the game discs themselves were the same size (and they weren't with the GameCube) the platforms hardware-wise were not. Comparing the three and asking why they aren't the same is

The car analogy strikes again

[Sloppy]

Buying an iPhone isn't the same as buying a car or a toaster. Your iPhone comes with a complicated list of rules about what you can and can't do with it.

Unlike cars?

Re:

[balloonhead]

Only if you drive it on a public road. And the state sets the laws, not the manufacturer. If you own your own island and roads, you can do whatever modifications to it after purchase that you like and the maker couldn't care less.

Re:

[TubeSteak]

Unlike cars?

And how exactly is a car like an iPhone?
Everything from the seat you're sitting on, to the computer that controls the electronics can be changed.
About the only thing you can't outright replace in a car is the frame...

One could argue that high end luxury cars are designed to foster vendor lock-in, but you didn't make that argument.

That's not what the article is about

[gelfling]

It's about on-board security sub applications or attributes which are specific to that application or that applications vendor. Such as MS applications using MS specific DRM. Is this a bad thing? I don't think that it is.

BUSINESS = LOCK-IN

[v(*_*)vvvv]

This has nothing to do with IT. Business is all about lock-in. If this comes as a surprise, you don't know the basics of business. You can do it "cleanly" and morally and ethically through things such as superior customer service, superior product functionality, and superior value for the price. Or, you can be "dirty" and use things such as technology and software barriers, vendor pressure tactics, bias contracts and user agreements, biological mechanisms such as addiction, and lobbying and manipulating the law. The stock market, our way of evaluating and rewarding corporate perforance, unfortunately does not make any distiction between these clean and dirty lock-in tactics. The system's only real requirement is that we obide by the law and don't get caught cheating. Given this requirement, companies gain enormous advantages by being dirty. In this free capitalist market, those with advantages ultimately win and they get heavily rewarded for it. The result? Hello Microsoft, hello Nike, hello Exxon Mobil, hello Time Warner AOL Cable. And just when you thought Apple was gaining marketshare, what a surprise, we talk about how they are just getting better at being dirty.

Eventhough the government talks about being all for fair competition in an open market, their behavior and the law which they help create says otherwise. Intellectual property law, anti-trust law, and much of the consitution is comprised of lock-in catalysts. Mergers and aquisitions heavily support lock-ins as well.

Whether you are selling iPhones at Apple Stores or hotdogs at an intersection in Manhattan, you are still trying to lock-in your customers. And the better you do it, the more the United States of America will reward you.

Re:

[gujo-odori]

Is superior customer service, superior functionality, and superior value for price really lock-in? I work for a company that provides all three of those (our product is expensive, perhaps one of the most expensive in our market sector, but it's still superior value for price) and we have very low customer churn because our customers love us and tell us so all the time. They stay with us because they wan to; the nature of our product is such that it could be ripped out and replaced with a competing product (

What's so sad about lock-in...

[Kjella]

...is that it works. I don't know how many times I've heard the argument about going with all Microsoft or all SAP or all this and that because it's so hard to make it work with everything else. You don't throw out the incompatible software, you buy more of it until you use it for things it's not suited for and has a hundred interfaces to other applications. And once you make yourself a little "mini-monopoly" with no real alternatives, they sure know how to gauge you. While there's plenty work left ahead, I think compatibility and multiple vendors will become the major advantages of open source.

complicated?

[tfoss]

Not really. [daringfireball.net]

-Ted

WRONG! iPhone application signing key not leaked!

[prxp]

The key published in tuaw's erica sadun's blog post is NOT the iphone's application signing key (as wrongly infered by Scheneier).
The key is actually an AES key for the DMG ram disk image file that is part of the iphone firmware update process. Nothing to do with application signing. The key doesn't even have enough size to be mistaken for an usable RSA key (I wonder if Scheier has noticed that).
Anyone can check that out on the various iPhone hacking blogs (and also on the very same one that posted this

Makes sense if you're a capitalist

[ajs318]

Product unreliability ordinarily doesn't benefit manufacturers, because most consumers are smart enough not to buy the same make next time; but the situation is inverted when the manufacturer of the unreliable products holds a monopoly. And sometimes it doesn't even need to be a full monopoly: you can have several players ostensibly competing in a free market. But that freedom is often just an illusion.

Think about it: If John Thomas's Panasonic stereo breaks, and he already has lots of CDs, he might buy a Philips next time -- after all, it will plug into the same mains socket and play all the same discs. If John Thomas's Glow-worm boiler packs up in the middle of winter, he might replace it with a Worcester or Baxi boiler -- which will use the same gas and electricity, and plumb in just fine to his existing radiators and hot water system. If John Thomas's Ford Focus breaks down one time too many, he might trade it in for a Vauxhall Astra -- it will use the same fuel and can be driven on the same roads.

But if John Thomas's Wii breaks, and he already owns several Wii games, he has precious little choice but to buy another one from Nintendo. The games may well have cost more than the console -- it would be a waste not to have anything on which to play them.

Despite outward appearances, Nintendo, Sony and Microsoft aren't really competing in a free market; because their products are not interchangeable in practice -- unlike CD players, gas boilers or cars. Once you have invested in a game on one platform, it can only be used on that platform -- you can't replace your Wii with a PS3 and take your games across. And if you ask the vendors to replace your Wii games with PS3 equivalents, they'll laugh at you. (A store will probably exchange a few unopened games bought in ignorance as a gift for someone who has a different console than you thought; but even then it's technically ex gratia, not a statutory right.)

And if John Thomas's copy of Microsoft Word pisses him off one time too many, and he has many documents already in .doc format that he needs to be able to access, he can't replace it with anything else and still be sure that his documents will render correctly. Even worse, if his sister Fanny buys a brand new computer that comes with a brand new version of Word, John's copy now most probably won't be able to read documents saved by Fanny in future (unless she saves them as an older version, which is deliberately made awkward and throws up dire warnings) -- so he is all but forced to buy his own new copy of Microsoft Word.

Re:As in...

[trolltalk.com]

lock-in = subscription based business model...for those that don't know :)

Nope.

Lock-in is anything that creates barriers to moving to a competitor. For example, file formats. Or email address non-portability between different ISPs (or freemail providers, for that matter). Or (in the case of telecoms) number non-portability.The subscription model is one of the ways to milk extra bucks from lock-in, but it isn't itself a "lock-in."

Re:

[somersault]

Or having to buy a bank of hours for your outsourcing partner, as we do :/ d'oh!

so is a gun to the head...

[djupedal]

"The subscription model is one of the ways to milk extra bucks from lock-in"

Of course - I in no way declared there was a singular definition, but thanks for expanding the subject, none-the-less :)

Re:As in...

[misleb]

Or email address non-portability between different ISPs (or freemail providers, for that matter).

This being an unintentional form a lock-in, of course. You wouldn't actually expect an email address to be portable, would you?

-matthew

Re:

[trolltalk.com]

Or email address non-portability between different ISPs (or freemail providers, for that matter).

This being an unintentional form a lock-in, of course. You wouldn't actually expect an email address to be portable, would you?

You and I wouldn't, but that doesn't mean much (sigh). How many people do you know who won't change ISPs because they can't "bring their email address with them" if they change?

It's also one of the reasons Yahoo! is worth so much to Microsoft - a lot of people who are using their

Re:

[anonicon]

"I don't understand why most people don't get together with friends and family and each pitch in a few bucks each year and have their own domain, with their own email address."

Comfort zones and insecurity. Speaking as the "computer guy" for about 15-20 friends and family members, the idea of registering a domain name and then paying a very small monthly fee (less than $5, sometimes $0) to permanently own your own domain name and e-mail is uncomfortable when they can just keep their free 5-10 year old AOL/Lo

They said the same thing about cell phone numbers.

[khasim]

This page intentionally left blank.

Re:They said the same thing about cell phone numbe

[misleb]

That was just a technical challenge. An email address has the provider right in the freakin' address. That said, you can get portable email addresses. You just need your own domain and you can have it hosted anywhere that hosts domains.

-matthew

Re:

[suckmysav]

You need to read up on how the internet naming works before you make such ridiculous assertions.

   

Re:

[OECD]

You need to read up on how the internet naming works before you make such ridiculous assertions.

Yeah, because that's SO different from how telephony worked before they actually did solve that problem. I guess I should just not use my phone now, because I'm not in the area code it says I am.

Re:They said the same thing about cell phone numbe

[suckmysav]

Yeah, sure. What you are suggesting is that I should be able to move house from one country/city/town/suburb but still be able to receive the mail sent to my old home address*. It's an utterly retarded idea.

When you use an @domain symbol your dns server directs the query to the server that is responsible for that domain. ie, the server operated by (or on behalf of) the owner of the domain.

If you want email portability then you can register your own domain . It's really quite simple.

If you don't want to do that then guess what, you can get an email address on somebody elses domain. If you choose to move from their domain you don't retain any rights to continue using a domain name that you don't own

How is that difficult to understand?

Honestly, sometimes I think we need a better class of geeks on slashdot. Is Digg down at the moment?

* Yes, I realise that you can do a temporary mail redirect but this costs money and is very resource intensive. If *everyone* tried to do this in perpetuity then the system would be completely unworkable, both logistically as well as inuitively.

Re:

[Kadin2048]

You need to read up on how the internet naming works before you make such ridiculous assertions.

In the GP's defense, telephone numbers worked like that at one point, too. It was basically a hierarchical system, where all the numbers beginning with a certain exchange would be physically connected to that CO. It just would not have been possible to take the same number from one part of a city to another, because the infrastructure didn't support it.

Telephone number portability only became possible when the telcos added an additional level of abstraction into the call-routing systems. This wasn't tri

Re:

[suckmysav]

I realise this, but there was one MAJOR difference. All phone numbers were owned by only a few telco companies and as such it was politically possible for them to be forced into providing cross provider portability or run the risk of losing their common carrier status ie licence.

The domain system is much different. There are hundreds of thousands of domains owned by almost as many individuals and companies. It is not politically or technically feasible to force some sort of email portability across domains

Re:

[Tom]

Or email address non-portability between different ISPs

I disagree on that.

Different from phone numbers, e-mail addresses aren't arbitrary. The domain part is by design tied to a particular service, server, whatever.

Portability for phone numbers makes sense, because they are just arbitrary numbers and AT&T can give you 12345 just as well as any other provider.

But portability for e-mail addresses makes as much sense as portability of your street address when you move. The best you can ask for is forwarding.

Re:

[phantomcircuit]

I believe that phone numbers were assigned much like IP addresses are, in blocks. The routing would obviously be significantly easier if the numbers are sold in blocks.

Re:As in...

[Kadin2048]

Portability for phone numbers makes sense, because they are just arbitrary numbers and AT&T can give you 12345 just as well as any other provider.

They can now. This is a relatively recent development. The old rotary-pulse dial switching system didn't allow for such things, and although numbers might have appeared arbitrary to the customer, they were anything but to the phone company. Individual phone lines (last four digits, in our current numbering scheme) were connected to exchanges (first three digits of the 'phone number,' but in the past these were lettered or had other designations, like city or town), and if you moved from one exchange to another, your number changed. The phone number actually drove the routing equipment -- you couldn't just give someone a random 7 or 10 digit number and make it work. (Similar to how IP routing worked under classful networks.)

Over time, telephone call routing got more flexible. I'm not familiar with exactly how it works today, but there is obviously another layer, probably many layers, beneath the "phone number" you use and remember. That has been abstracted away from the actual 'hardware' and can be assigned arbitrarily.

Email addresses are currently hierarchical, in the same way that phone numbers used to be (under exchanges). If you want to send it to bob@company.com, you first send it to the mailserver for "company.com" and then it sends it on to Bob. But that's sort of an arbitrary design consideration. If you wanted to have a different MX record for "bob@company.com" than "joe@company.com", there's no fundamental reason why you couldn't, provided you were willing to completely trash and rewrite the DNS servers and MTAs.

More usefully, rather than screwing around with DNS, the best way to accomplish email portability would be to build another layer of abstraction on top of email as it currently exists. Instead of remembering people's emails, remember their real names or handles, and then have your email program consult some sort of global distributed database in order to find their email address (which would change whenever they moved ISPs or networks). Then you could change emails whenever you wanted and the people sending you mail would never know; it would all be hidden below the user level. And in fact there are some electronic-mail systems (e.g. Lotus Notes) that don't operate using user and domain names, and have their own systems allowing for more flexibility.

Re:

[Tom]

More usefully, rather than screwing around with DNS, the best way to accomplish email portability would be to build another layer of abstraction on top of email as it currently exists. Instead of remembering people's emails, remember their real names or handles, and then have your email program consult some sort of global distributed database in order to find their email address (which would change whenever they moved ISPs or networks).

Exactly. You point out the important difference: Phone numbers may have an internal meaning, but that is hidden from the user.

E-Mail addresses have an obvious meaning. I can't be quite sane and think that jane@ibm.com is still available under that address after she's left IBM. It simply wouldn't make sense. (except as a forward for some time, of course.)

Re:

[naoursla]

Warrent Buffet calls it a moat.

http://www.investopedia.com/ask/answers/05/economicmoat.asp [investopedia.com]

And subscriptions often result in the opposite of lock-in.

For example, if you were able to buy a Zune music subscription there is nothing preventing you from switching to another service. However, if you buy a bunch of songs on iTunes then you lose the ability to play them should you switch from iPod to Zune. Apple gets to charge a premium on iPods partly because of this fact (the fact that they are beautifully designe

Re:As in...Lock-in Backfires

[Technician]

Lock-in is anything that creates barriers to moving to a competitor.

Often lock-in is the driving force to open standards and the proprietary vendors have to change or die. The most recent example of this that I can point to is the theatrical lighting industry. Martin, Strand, MSI, and other inteligent lighting manufactures all had their own standard for running lighting. Touring companies found it difficult to interface with all the lighting systems. A committie was formed to produce a standard that wasn't any of the already established standards to avoid any patent and royalty bias toward any one manufacture.

The birth of the DMX-512 standard came out. Now it is almost impossible to sell any lighting system that doesn't support the standard.

http://www.usitt.org/standards/DMX512.html [usitt.org]
"This standard is intended to provide for interoperability at both communication and mechanical levels with controllers made by different manufacturers."

Almost everything now uses the new standard from Drama, Dance, and Club Nightlife. If you buy an intelligeht moving light, It's almost guaranteed to use the DMX-512 signal, even if the connector isn't the standard 5 pin XLR. An exception to the DMX standard is the one for architectural using multiple wall stations for building lights. Even these control systems often output DMX-512 signals to use standard dimmers.

In some specialty fields some still try with something other than the standard. As an example the animated Christmas lights often use the Lights-o-Rama system which is incompatible with everything else.

http://www.lightorama.com/ [lightorama.com]

It is a cheaper alternative with a lower cost per dimmer, but it is limited to dimmers only. It won't run all the disco and concert moving color changing lights. And of course you can only use their software and interface to run the dimmers.

Re:Be Creative!

[trolltalk.com]

"Windows, like a newspaper, only has value in context and for a limited time. Your old copy of MSDOS is worthless today as are most of every copy of software you have released before 2001. It only had value in context and the sooner you lose that context the better off you are."

It still does whatever you had to do in times past. For example, SimCity 4 runs fine on Windows 98. A lot of places refuse to dump their Win2k setups, or they have software that still requires DOS.

Heck, I know one place that runs their financials on a Win 3.1 program. Its been doing everything they need for 15 years, and they're not going to change. It works, it runs fine under xp, and why fix what ain't broke?

Re:

[MightyMartian]

Heck, I know one place that runs their financials on a Win 3.1 program. Its been doing everything they need for 15 years, and they're not going to change. It works, it runs fine under xp, and why fix what ain't broke?

Then they're very lucky indeed. I've seen a lot of accounting/financial software that I can only conclude is intentionally busted in places, and where these bugs are addressed with "Don't worry AccountingMegaWonderPro 2008 will fix this problem", which it does, of course, but opens up new ones

Re:As in...

[Sciros]

That's completely wrong! A lock-in is when the consumer is "stuck" with a particular vendor. This may be due to any number of things, but subscription is not one of them. A subscription-based service only locks you in if it makes unsubscribing difficult (which may translate to costly), which has nothing to do with being a subscription-based service in the first place.

A company that runs on a subscription-based business model would *benefit* from lock-in (to keep subscriptions going), but it doesn't have to do it. Magazines don't lock you in, neither do websites with subscription-based access (e.g. IGN, or newspapers), etc. You're always free to cancel and subcribe to something else if you wish.

Re:

[djupedal]

So the small company in Malaysia that hires a consulting company in Singapore to set up a CRM, and then has to subscribe to service if it wants anything fixed or changed isn't locked into a never-ending relationship if it doesn't want to start over with another vendor or DIY...right.

Re:

[esper]

You haven't provided enough information to determine whether that's a case of lock-in or not. If the CRM system provides the necessary tools to make it easy for the customer to export all of their data into a format which can then be imported by other CRM systems should the customer choose to change vendors, then there is no lock-in.

Now, granted, that's unlikely to be the case. However, it is the inability to move your data to a competing system which creates the lock-in. The subscription aspect has noth

Re:

[suckmysav]

erm, the fact that you contracted a "small malaysian company" (which I assume produced custom, proprietary, non-open software for you) is the reason you are locked in. It is this lockin that makes it necessary for you to pay them (and only them) for a "support subscription" post purchase.

The subscription does not create the lockin, it is the end result of the lockin. If you bought an open standards based (or even widely deployed proprietary off-the-shelf) solution then you would have no lockin problem and y

Re:

[turbidostato]

"...what kind of response involves getting the example backwards...?"

One based on negating your assertion and see what happens since, in order for a biunivocal relationship to be if A->B, then !A->!B.

All in all it's very obvious that in your example the vendor is able to drain money from the client in the form of a service subscription *because* the vendor successfully has locked-in the client, the contrary being plain absurd: you don't undesiringly pay money to enter a lock-in situation, you undesiri

Re:

[misleb]

So the small company in Malaysia that hires a consulting company in Singapore to set up a CRM, and then has to subscribe to service if it wants anything fixed or changed isn't locked into a never-ending relationship if it doesn't want to start over with another vendor or DIY...right.

You'd be locked into a relationship with the vendor regardless of whether or not you were paying for a subscription simply bacause a CRM system costs so much to develop. The subscription has nothing to do with the lock in.

-mat

Re:

[swb]

I would think that it would be possible to work within subscription models almost more flexibly than non-subscription models since you don't have any ownership interest. Of course the devil is in the details.

Re:

[PopeRatzo]

"Lock-in" = one more way that companies that are successful in a "free market" immediately go to work to make the market less free.

One more reason that Free-Market Theology is nothing but a scam to keep most people poor and working hard, and to make rich people richer and increasingly powerful and protected.

The operative word is "protected". Note that "lock-ins" are said to "protect market share". The world is uncertain and nothing bothers the rich and powerful like uncertainty. They believe that

Re:As in...

[bigstrat2003]

There are perfectly good reasons to hate universal health care and Social Security apart from supposed hatred of poor people. Not all of us trust the government to be a good provider, and want the ability to opt out of a bad system. Social Security is an even better example. If I believe that Social Security is going to collapse before I can benefit (I have no opinion on the matter, for the record, as I lack sufficient information), why the hell would I want pay into such a thing?

Not everyone who wants a free market is doing it for the evil reasons you paint, and not everyone who doesn't want the programs you mention is a greedy bastard who wants to be better than poor people.

Re:

[rossz]

Even if Social Security doesn't collapse, from a financial point of view, it's an extremely bad investment.

Besides, the government broke every single promise they made about Social Security. For example, the promised the money would go into a special fund that wouldn't be touched. Of course it went right into the general fund and pissed away. They also promised (and put into the law!) that the Social Security number would never be used for identification purposes.

I'd much rather put the money into a 401k

Re:

[Boiling_point_]

If I believe that Social Security is going to collapse before I can benefit ... why the hell would I want pay into such a thing?

That's just it. Seeing welfare as a purely financial thing misses the entire point.

Where I live, we have nowhere near the ratio of people in deep poverty that some other countries do. Having fewer really poor and desperate people in my society makes my society safer, cleaner and generally a bunch happier. In my society, I'm not waiting for the end of my career to experience t

Re:

[clare-ents]

I sincerely hope you manage to draw twice as much money from the healthcare system than you put in so it becomes an excellent financial investment.

Personally I'd rather stay healthy.

Counterexample

[dallaylaen]

lock-in = subscription based business model...

Right, that's why Microsoft typically offers a subscription, while most linux companies only charge once per copy.

Re:Let me guess

[eln]

I really don't think you should be talking about Bruce Schneier like that when you clearly know nothing about the man. For example, did you know that Bruce Schneier once decrypted a box of Alpha Bits? Or that he knows the state of Schroedinger's cat? It's true! [geekz.co.uk]

Re:Let me guess

[mrsteveman1]

Where did you get this information? Quantum mechanics tells us that Bruce Schneier cannot be observed directly.....

Re:Monopoly is the goal of capitalism

[kidcharles]

"But that's not good for capitalism, so it isn't the goal of capitalism!" while sitting on Mommy's lap or at Mommy's Marxist University

Actually the tendency for capitalism to eat itself alive with its drive for monopolization is accepted in and is part of Marxist economic theory. Another contradiction of capitalism that is an observation in Marxist theory is the desire of an individual firm to pay its employees as little as possible, but that depends on well-paid consumers having enough money to buy their products. That's my personal favorite.

Re:

[evanbd]

Another contradiction of capitalism that is an observation in Marxist theory is the desire of an individual firm to pay its employees as little as possible, but that depends on well-paid consumers having enough money to buy their products.

All that is is negative feedback. If you want to create a system capable of optimizing itself to changing conditions without a very complicated model and detailed control system (with attendant long, involved tuning process), be it an economy or a simple industrial pr

Re:

[khallow]

What is termed "contradictions" here is merely conflicting interests. One of the nice properties of a market system is the ability to resolve these conflicts of interest via the market.

Re:

[Shadowmist]

What is termed "contradictions" here is merely conflicting interests. One of the nice properties of a market system is the ability to resolve these conflicts of interest via the market.

Capitalism doesn't really solve the "low wage" vs "high consumer spending" contradiction it usually tries to defer the problem (much like the way US communities defer maintennce) by outsourcing the "low wage" to a country where everyone is poor and not counted on to spend the company's products and assuming that thier will be "high wage" buyers from somewhere else to be it's market. The inevitable problems arise when everyone has outsourced the same way and there simply isn't anyone left in the "high

Re:

[moderatorrater]

Really? Because the biggest reasons I can't move away from Microsoft are the drivers, IE, all my software, flash, and lack of support from any other company. Want to use Western Digitals tools to format a hard drive? Boot disk or Windows. Want to play any major video game from the past 10 years? If it's one of the five that support linux, you'll only have to download a new binary. More likely, you're fucked. Want to play WoW on linux? Fine, but one of their updates may break support because it thinks you're