back to article Sysadmin and spouse admit to part in 'massive' pirated Avaya licenses scam

A sysadmin and his partner pleaded guilty this week to being part of a "massive" international ring that sold software licenses worth $88 million for "significantly below the wholesale price." Brad and Dusti Pearce admitted one count of conspiracy to commit wire fraud and each face a maximum penalty of 20 years in prison. …

  1. TrevorH

    The infamous Tuttle!

    Previously known only for making the headlines for https://www.theregister.com/2006/03/27/tuttle_email/

  2. Long John Silver
    Pirate

    Similarity to "BMW's pay-as-you-toast subscription failure" article in The Register?

    This account of a "pirated Avaya licenses scam" appears to concern providing means to unlock features in software already in a customer's possession. The underlying issue seems similar to that reported in the article linked to below.

    https://www.theregister.com/2023/09/18/opinion_column/?td=rt-3a

    The matter generalises further into vendor attempts to restrict access to controlling software in agricultural machinery, and yet more into the territory of repairing or reconfiguring devices such as mobile phones.

    With respect to software, it may be argued that any bundled with a device (or telephony system) falls in its entirety into the customer's hands to use with the device as he wishes. If full functionality requires 'unlocking' with a code, rather than installation of additional software, then a customer devising means to unlock or paying somebody else to do so is responding sensibly to a rigged market.

    1. Lee D Silver badge

      Re: Similarity to "BMW's pay-as-you-toast subscription failure" article in The Register?

      Then vote with your feet and go to a manufacturer that doesn't play that game, don't just break the law anyway.

      We're talking about telephony, something you need ZERO licences for, can host entirely in-house, can use pretty much any handset you like, etc.

      The providers at my previous employer are still annoyed from years back that I moved everything to VoIP and denied their annual demand for payment for physical lines. (They were also singularly unable to demonstrate a single working SIP line to us, after much faffing and blaming our firewall, whereas a competitor did so almost immediately with no firewall changes required).

      Then they started getting shirty about internal telephony, so I put in Asterisk on cheaper, better handsets, no ties, and joined to the same SIP trunk provider. Cut them out of the picture enormously.

      I've also seen people RENTING telephony including cloud control and Yealink handsets... yes, renting a £25 handset. With monthly charge, minimum terms, completely reliant on their platform (which provides no way to export any of the setup, etc.) and without significant control without having to get someone else to make changes for you. The first monthly charge alone would have paid for the handset outright.

      Like the BMW story of selling "heated-seats unlock codes" - if you don't want that to happen, don't GIVE THEM MONEY and then illegal unlock your BMW and risk further problems down the line.... just don't buy one, don't buy that add-on, or complain to BMW and let it be known. Because people did exactly that and now... BMW have backtracked, as reported only the other day on The Reg.

      1. usbac

        Re: Similarity to "BMW's pay-as-you-toast subscription failure" article in The Register?

        Same thing at my previous employer. We were leasing a non-VOIP phone system for just under $2000 per month. Add to that, we had several PRI's coming into that system.

        I set up a new VOIP system based on asterisk. We purchased our phones outright (Grandstream - big mistake buying Grandstream). For an initial outlay of about $4500, we had our new system. Our monthly usage costs went from about $2300 to $150. So, all of this combined, we paid for the new system in one month's time. That's one hell of an ROI.

        The previous phone system provider, and our former service providers were not very happy, but they couldn't come close. They thought we would be running back to them, they even told us so. Three years later, everyone still liked the new system much better. The cost savings were huge!

      2. Anonymous Coward
        Anonymous Coward

        Re: Similarity to "BMW's pay-as-you-toast subscription failure" article in The Register?

        The situation where there is let's say some moral justification for cracking something is if you have purchased a license for the software and it works fine and reliably... except for the licensing checks which are an absolute pain in the ass to keep working, contain a rootkit or a critical vulnerability, or similar.

        Not talking about this case, obviously.

        1. Lee D Silver badge

          Re: Similarity to "BMW's pay-as-you-toast subscription failure" article in The Register?

          Here, I would agree.

          Sadly, it turns out that the ones who do this the most, are the ones who deploy the strongest protections and who get the shirtiest if you bypass it.

          It's 2023 and I still have a machine that has to have a USB key plugged in in order for some software to work.

        2. Anonymous Coward
          Anonymous Coward

          Re: Similarity to "BMW's pay-as-you-toast subscription failure" article in The Register?

          At a previous employer, we had a piece of software with a very annoying licensing mechanism.

          It required a "license server" to be running on one of our servers at all times. When you installed the software, it would go and claim a license from the license server. If you ever un-installed the software, it would credit the license back to the license server. God help you if the drive died in that PC, or you had a virus, and had to wipe the drive. You had to call the software company, and have them remote into the server running their license server to recover the license. This, after spending time on the phone to convince them that you couldn't avoid the situation. We owned more per-seat licenses than we would ever use, so it was never an issue of use exceeding our licensing.

          At one point I had enough of this BS. I started looking closely at the application. It had a cleverly hidden file named gdlicense.dll. That dll exported only three functions GdInstallLicense(), GdRemoveLicense(), and GdCheckLicense(). After a little testing, I found that these functions only returned True or False.

          So, it didn't take much effort to create a simple dll to replace the original that just always returned True for any of the functions. I replaced the dll in their installer pack, and no more license problems.

    2. Mishak Silver badge

      Unlike hardware

      There is no physical difference* with license-enabled features in software, and I am happy to pay less for a package when I don't need the more advanced features that the IP-holder has paid to develop and needs to maintain and support - especially when I can just buy an upgrade if I later find I need those features.

      * apart from it using a bit more disk space.

    3. DS999 Silver badge

      Re: Similarity to "BMW's pay-as-you-toast subscription failure" article in The Register?

      If full functionality requires 'unlocking' with a code, rather than installation of additional software, then a customer devising means to unlock or paying somebody else to do so is responding sensibly to a rigged market

      What is the difference from "input code to enable feature X" and "install additional software to enable feature X"? Your argument is that if the software to operate the feature is already present, theft is justified?

      How many software products are there which are licensed and require licenses to support additional users or additional features? You think stealing is justified in all those cases? Or is it only if someone sells HARDWARE that contains software (i.e. every hardware product sold today except for hammers and forks, pretty much)

      1. doublelayer Silver badge

        Re: Similarity to "BMW's pay-as-you-toast subscription failure" article in The Register?

        Yes, that's exactly what they think. Not that it would help them very much; if by some miracle they made the law agree with them, anyone with software that had different license levels would produce licensing libraries which had to be installed with the license for the new feature to work. I'm sure they'd find a reason why not paying for that license was justified as well.

        Comparing this to the right to repair movement is silly. As a strong supporter of that, I want to indicate that my right to the stuff I bought does not mean, in my mind or those of many others, a right to that which I have not bought. The last thing I want to do is hand the hardware manufacturers another argument to use while locking me out of my hardware.

    4. Andy Tunnah

      What a horrible argument

      It's easier to bundle software as one, and have features unlocked as needed.

      Getting into any sort of argument that even mentions real world elements is asinine - there is no analogue.

      Software is a product easier built as 1 thing with everything that can be done worked on as development goes along. If from day 1 some of those features were always planned to be DLC or whatever thten so what

      1. Bebu
        Windows

        Re: What a horrible argument

        《It's easier to bundle software as one, and have features unlocked as needed.》

        My concern is that the unused/locked code is still there leaving a much larger potential target for exploitation.

        If the code weren't there it couldn't be exploited.

        Given the very low quality of embedded software generally and worse security this is a valid concern. This is undeniably the case for consumer devices but also arguably with business/industrial grade devices.

        Bit like buying the same portable computer which is sold to the consumer and the military markets but with the thermite charge only enabled by a software key in the MIL spec device. :)

        From the article's headline I would have suspected the BOFH but for the facts a) he was caught b) has a spouse. :)

      2. Anonymous Coward
        Anonymous Coward

        Re: What a horrible argument

        So one day (about 20 years ago) the head of Avaya's UK operation held an employee meeting to discuss the imminent launch of the new IP Office platform but started bemoaning the lack of ongoing revenue from it and now they couldn't charge extra for its (then) advanced features. After an awkward silence, a junior developer piped up and suggested a dongle/license.

        Seemed a staggeringly obvious solution but with hindsight, I'd say the short term profit gains ultimately cost them their market share ( product it replaced was #1 in a lot of countries).

    5. Stuart Castle Silver badge

      Re: Similarity to "BMW's pay-as-you-toast subscription failure" article in The Register?

      In fairness, this isn't new. Microsoft have been providing different facilities with different Windows licences, but bundling all the code into one ISO or disk since the early 2000s..

    6. katrinab Silver badge
      Megaphone

      Re: Similarity to "BMW's pay-as-you-toast subscription failure" article in The Register?

      There is a big difference between advanced features in a VOIP system, and paying £20 per month for a power switch. The hardware version of a heater switch costs pennies. To buy, not rent.

  3. Mishak Silver badge

    "popular telephone system"

    Maybe with users (I have no evidence either way), but as someone who developed against the API, I hated its poor documentation, design, and being tied to Windows.

    1. Nick Ryan

      Re: "popular telephone system"

      It's a case of the usual misuse of the word "popular" and equating it to "common".

      Avaya was a steaming pile of rubbish, but it was used by a lot of people. This doesn't make it "popular".

  4. RAMChYLD Bronze badge
    Boffin

    This story doesn't add up.

    I read in the story "The Biggest Boon-Dongle in the World" that Avaya uses Sentinel HASP USB or Parallel Port keys (or an equivalent) in addition to serial numbers. So surely the keys alone doesn't do much and needs a complementary HASP dongle to work?

    1. doublelayer Silver badge

      Re: This story doesn't add up.

      I don't know how this system works, but many dongles I've seen just identify the computer. If the dongle is tied to the key during registration, then a user can either add a key to it or doesn't need to, with the dongle still identifying that this computer has a base product license and the key activating a feature in it. However, when I get software that requires a dongle, I start thinking about finding some software that doesn't, because my experience has been that some part of a licensing system that intense is going to stop working at an inconvenient time.

  5. JimmyPage

    They may be the wrong pair ?

    Tuttle ... or Buttle ?

  6. Anonymous Coward
    Anonymous Coward

    So - just for argument

    "significantly below the wholesale price."

    Is what a sales person will offer most of the time.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like