Dear Mr. Ballmer and Mr. Ozzie:

On August 31, 2007, in Security, by

I’ve written open letters to Mr. Ballmer before, I’ve never done one to Mr. Ozzie.  Here’s one to both:

It’s about Vista.  I like it.  I really do.  But you really need to do something about Windows Genuine Advantage.  Because I see comments from SBS consultants who are being personally impacted by WGA’s false positive flagging of genuine machines as degenuine and they don’t want that near their business clients.  And quite frankly I don’t blame them.

From a VAP/VAR who is dealing with a machine that has a WGA that won’t flag as genuine.  While he hasn’t lost functionality, the fact that he cannot get it fixed using reasonable measures is unreasonable

“It’s been most of this week – I followed the official route from the WGA site, submitting a support request with the tests/documentation. I was contacted in 24hours by email (as promised), to be told a support engineer will contact me within the next 24 hours ;-/. And that happened  – so the first 48 hours were ‘as designed’. Now that I’ve tried the suggestions without resolution and submitted the results, I guess it’s a wait of another 24 hours? The newsgroups are full of folks with ‘invalid license’. Shame on MS. I’m off for the weekend now, but I’ll be danged if I’ll willingly recommend my business customers risk this (or my ‘home’ friends, for that matter).  Long live XP, and have a great weekend everyone.”

The risk of Vista is too great.  You are impacting future sales with the inability to see that the risk of WGA to your valid business customers is too great.  And all that stuff that Mr. Ozzie is working on, the Software as a Service is going to nail the coffin into Vista that much more in the business world.  We won’t care what operating system we run. It’s just a shell.  It doesn’t matter.  The applications matter.  And Office 2007 is priced in a retail manner to outprice it from most folks if they don’t buy it via OEM channels.  So the more you tighten the grip on WGA on Vista, the more we will realize that the operating system doesn’t matter as much anymore, and that we’ll push our vendors to provide Software as a Service. 

As someone said… you willing to roll the dice again on WGA?  Run mission critical machines with the possibility that WGA servers will be working like they should?  Can you guarantee… GUARANTEE that this will never ever happen again? 

The more I read about Vista in the various books and blogs I read, the more I’m getting excited about when I can match up the Server and the Workstations security level.  I don’t get the UAC prompt and to me the folks that complain about it, it just showcases that we don’t understand user rights and permissions. 

I can deFUD User Account Control. I can explain people about turning off UAC turns off IE in protected mode. I can tell people to tweak the setting if they insist that it’s so annoying to them.  And, quite frankly, I’m beginning to think that humans that compute have lost all ability to deal with change.

But here’s the deal.  What I can’t deFUD is WGA.

Sure you can say that you will put in place policies and procedures to ensure that you are monitoring it better but you cannot reassure this consultant when he says:

I won’t tolerate a business interruption because of WGA, not for one second.  I don’t intend to give it an opportunity to do so, anytime soon”

You can’t guarantee that not for one second.

And neither can Nick with the current system in place.

So here’s your action plan:

Ensure that there will never again be a possibility of business interruption due to Vista’s WGA servers.  Ever.  And not just monitoring to ensure that you can roll back.  Flat out never a possibility.  Never a risk.  Never.

That’s your goal and your mantra.  And until you ensure that Vista will not and cannot be impacted by failed WGA servers, the risk to business is too great for many to accept.

It’s that simple.

Fix it.


P.S. For those of you looking to write your own certified mailed letter to Mr. Steve Ballmer and Mr. Ray Ozzie, you can send those to One Microsoft Way, Redmond, WA 98052-6399 USA.  More information on contacting the Board of Directors can be found on the “Contact the Board” site.


3 Responses to Dear Mr. Ballmer and Mr. Ozzie:

  1. indy says:

    We held off on rolling Vista out due to during testing WGA prompts came up randomly…. They’ve since released several patches to supposedly address the issue, but the failure of the activation servers is the achilles heel of Microsoft’s platform.

    We are taking a serious double-take look at the MS platform. As showcased on the Network World website, what if someone had failed WGA and went on a trip where they had no access to the net for the next week or so?

  2. Nathan Williams says:

    Amen to all that bradley said.

    I’m not sure that I would do this as an open letter. A few months back I had my heart stop when the postman brought me a Certified, Receipt required, letter from Microsoft. I’m thinking that I’m about to be falsely accused of piracy when in fact it was just one more notice about M$ Vista’s WGA system and how we might need to explain to clients what was happening.

    I wondered then what I wonder now. If WGA is so good for Microsoft then why is this a problem that they have to make sure that I know about. After all honest customers shouldn’t ever see this, correct? Obviously Microsoft knows this isn’t the case or they wouldn’t have carpet bombed the Microsoft Partner mailing list with Certified Letters, flyers, emails, and postcards. I got nearly 30 different items letting me know about the wonderful WGA system.

    As a business owner myself who is running Vista I know that I am seriously looking to make sure that at least some of my machines always run Xp. I can’t afford to have my own business crippled while simultaneously having to aid clients in the same boat. For one thing it looks bad. End users expect that the techs they hire are able to run their own computers worry free. Using that same logic I can’t recommend Windows Vista to any client. And I don’t.

    Now who do I address my Certified Letter to?