Comment by SOLAR_FIELDS
17 hours ago
This is a valuable lesson I learned when I worked with someone, not at Elastic, but who had previously worked at Elastic. Elastic was one of the original companies who made FOSS but with enterprise licensing work well. We were discussing in a meeting at this place we worked how to design license checking into the product.
What the guy said I found very insightful: he said that you don’t really need to spend a bunch of time and effort creating sophisticated license checks, you just need perhaps a single phone call to a server or something else that can be trivially defeated for anyone with a reasonable amount of technical knowledge. Why? Because the people who would defeat it are the kind of people who make horrible enterprise customers anyway. So in a way it’s just like a cheap lock. Won’t defeat anyone determined, because it’s not designed to. It’s designed to keep already honest people honest
I did something that was almost the same. Used to work for an educational software company that almost solely sold to schools, universities, and government institutions. Sometimes to corporate learning centers. Every sale was on a per-seat basis.
Every single customer we had wanted to be legal. Didn't want to exceed their seats or do anything which would violate their sales agreement. In the case of our government clients, such violations could lead them into legal penalties from their employer.
Despite having an unusually honest customer base, the company insisted on horridly strict and intrusive DRM. Even to the point of using dongles for a time. It frequently broke. Sometimes we had to send techs out to the schools to fix it.
I ended up just ripping all of that out and replacing it with a simple DLL on the Windows client. It talked to an tiny app server side. Used a barely encrypted tiny database which held the two numbers: seats in use & total seats available. If for some reason the DLL couldn't make contact with the server, it would just launch the software anyways. No one would be locked out due to the DRM failing or because the creaky school networks were on the blink again.
This system could have been cracked in five seconds by just about anyone. But it didn't matter since we knew everyone involved was trying to be honest.
Saved a massive amount of time and money. Support calls dropped enormously. Customers were much happier. It's probably my weakest technical accomplishment but it's still one of my proudest accomplishments.
Totally understandable and even reasonable position, but the paying customer gets the worse treatment, which does not sit right.