Slashdot Log In
The Downsides of Software as Service
Journal written by JustinBrock (1099447) and posted by
Zonk
on Tue Aug 28, 2007 10:32 AM
from the with-a-little-ranting-to-boot dept.
from the with-a-little-ranting-to-boot dept.
JustinBrock writes "Dvorak's article yesterday, entitled Don't Trust the Servers, argues that the danger of software as a service was highlighted when 'the WGA [Windows Genuine Advantage] server outage hit on Friday evening and was finally repaired on Saturday. It was down for 19 long hours.' The whole fiasco raises an interesting perspective on the software as a service 'fetish'. Dvorak highlights it hypothetically: What if the timeline were reversed, and we were moving from online apps to the desktop. Hear his prophecy of the marketing: 'You can image the advertising push. "Now control your own data!" "Faster processing power now." "Cheaper!" "Everything at your fingertips." "No need to worry about network outages." "Faster, cheaper, more reliable." On and on. I can almost hear the marketing types brag about how much better "shrink wrap" software is than the flaky online apps. The best line for the emergence of the desktop computer in a reverse timeline would be "It's about time!"'"
Related Stories
[+]
IT: Dvorak on Windows Genuine Advantage 236 comments
PadRacerExtreme writes "Vista includes the much maligned 'Genuine Advantage' layer inside, which ensures that your copy of the OS is legit. If you're running a non-validated copy you get no upgrades, no security protection, nothing. That's all well and good, but what happens if a cracker tweaks that Genuine Advantage layer for its own good? Dvorak sees a huge problem, just waiting to happen. What's the vulnerability?" From the article: "I suspect the policeman [WGA] will actually be hacked before the OS. It might actually be easier for the pirates to create a fake cop that constantly authenticates fake versions of Vista than it will be to create a Vista imitation that can pretend to be a legitimate version. There is some irony to that idea. But that's none of my concern. I'm more worried about some joker creating a virus or exploit that turns the good cop into a bad cop, and I can only imagine the destruction and hassle that will ensue."
[+]
Windows Genuine Advantage Gets More Lenient 228 comments
Troglodyte writes in with word that Microsoft is revamping its Windows Genuine Advantage program so that it labels fewer users pirates. WGA now has a third category besides "genuine and "not genuine," called "not sure." Quoting: "[I]t's quite obvious what is going on here: Microsoft has added 'not sure' as a way of cutting down on the number of false positives associated with WGA. As many as one in five PCs were failing WGA checks, but this new setting should both reduce this and give Microsoft the chance to investigate further the kinds of things that are landing folks in the 'not sure' category."
[+]
IT: Windows Genuine Advantage Servers Out 300 comments
krewemaynard writes to let us know that Microsoft has been having major problems with its WGA servers since at least Friday evening. Quoting Ars: "Users of both Windows XP and Windows Vista were writing to say that they could not validate their installations using WGA, and one user even said that his installation was invalidated by the service... The Microsoft WGA Forums are full of problem reports, and Microsoft WGA Program Manager Phil Liu has acknowledged that there is a problem, and that MS is investigating." Update: 07/25 22:10 GMT by KD :Microsoft has identified and fixed the problem and posted instructions for anyone whose system mistakenly failed a WGA check. (The link posted earlier was to a 2006 article.)
This discussion has been archived.
No new comments can be posted.
The Downsides of Software as Service
|
Log In/Create an Account
| Top
| 326 comments
(Spill at 50!) | Index Only
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
When is the last time Dvorak... (Score:5, Insightful)
(http://www.productrecallwatch.com/ | Last Journal: Tuesday October 09, @10:26PM)
Re:When is the last time Dvorak... (Score:5, Funny)
(http://zulupad.gersic.com/)
Re:When is the last time Dvorak... (Score:5, Interesting)
The upside to the customer is not so easy to find, unless you consider the possibility that with all this hypothetical easy money flowing in, Microsoft would be able to make a better product.
Re:When is the last time Dvorak... (Score:5, Interesting)
(http://127.0.0.1/ | Last Journal: Monday May 09 2005, @04:20PM)
1) Software provider has an 'incentive' to ensure the product is bug free or that the bugs get fixed quickly. With shrink-wrap software, they have your money and are providing fixes for free.
2) This is an accounting style advantage. Say, you have the option to pay $300 for a software suite up front, or $5/month for as long as you use it. Most of us would go with the $300. Except, what if the $5 gives you free upgrades forever? Now, what if it was $1.50/month? Here we start getting into a grayer area about it being cheaper to pay per month than up front, due to about how much money you could make off of the base cost in interest on investments.
Re:Here's a few more - readable this time... (Score:5, Informative)
4) IT maintenance - while not a big issue for most of us that post here, for all those mere mortals keeping the software up to date, or upgrading to a new version can be a major headache. With software as a service, its done for you.
5) Accessibility - what if you're outside the firewall and can't get thru the VPN? Again, a bigger deal for mere mortals that
6) less start up risk. If I can start with a couple of seats a month for $50/seat versus having to kick out hundreds or thousands of dollars per desktop copy, it's a better deal (well, legally anyways).
7) Generally the Software as a service providers have better backup/recovery processes than the average SMB (think law firm, not software house).
There's lots more reasons of varying importance. I think the parent's point #1 is probably the most relevant of all tho.
Re:Here's a few more - readable this time... (Score:5, Insightful)
(http://127.0.0.1/)
If I buy a copy of Office today, I know that I can always get access to the files I create with it. Even if it's a hassle--having to reinstall every X days because their product activation server was dismantled years ago--I can always do it. Can the same be said of Google Apps? Of whatever Microsoft offering you're discussing? In 10 years, if I need access to my financial documents, will they still be around? Maybe, maybe not, but it's a pretty huge uncertainty right now. And that's the rub--that's the thing that, if left unaddressed, will prevent me from ever subscribing to software-as-a-service for anything important.
Re:When is the last time Dvorak... (Score:5, Interesting)
(Last Journal: Monday April 30 2007, @10:21PM)
Software as a service can be run locally by a company, rather than on the web. There are several (provided the server is maintained on site).
Single point of failure should a catastrophe happen.
User's can't go in and break the system.
There is one system to maintain, one anti-virus package, one system to back up and so on.
Files are much easier to share and keep updated. It is a nightmare to have a single spreadsheet that is updated by several people when they are updated on the own personal systems.
When the server is remote, there are still advantages, just not as many:
My step-dad uses quickbooks for his small business. He has architects and accountants that need access to the books. Originally, he had purchased a copy for each of them to run on their personal computers. Unfortunately, when one made a change, he had to call everyone else to tell them, or email a backup copy of the DB and everyone would have to manually update their own DB's. It was a nightmare and this was only with four or five employees. With Quickbooks Online, each user logs into the website, enters their data and everything is updated almost in real time. He's a roofer and does not have the knowledge, nor the time to keep up with the application. He only cares about the reports, not how they are created. This works very well for him.
However, with all these advantages, I agree that it sux for the most part.
It's slow... much slower than running apps locally.
In the event of a failure, you're at the mercy of the tech folks that you do not employ and have not control over.
You are not in control of your own destiny.
Re:When is the last time Dvorak... (Score:4, Insightful)
(Last Journal: Monday April 03 2006, @07:23PM)
User's can't go in and break the system.
There is one system to maintain, one anti-virus package, one system to back up and so on.
All of the benefits you mention depend on all software running as a service, not just MS Office and a few other "enterprise" apps. That simply won't ever happen, even if everyone buys into this scam-of-a-revenue-model, because something absolutely critical won't play well with others.
You are not in control of your own destiny.
And it all comes down to that one point. Every other fact or opinion aside, what does it mean when Microsoft EOL'ing a product means you no longer have any program with which to review the last ten years' worth of customer transactions or tax records? "Sorry, you'll have to cancel that audit, Microsoft cut us off. But no doubt the IRS understands completely and trusts that we filed accurately, right?"
Re:When is the last time Dvorak... (Score:4, Insightful)
(Last Journal: Monday April 30 2007, @10:21PM)
I can see why it is a good idea to remove critical applications from the control of the end user, but the drop in performance does not justify the increased level of maintainability. And no matter how much we hate it, there are some applications that are required to have some or all of it run at a centralized location. Examples would be your Exchange server, your database server and any web based applications that simply can not be run on local PC's.
Re:When is the last time Dvorak... (Score:5, Interesting)
(http://www.demaagd.com/ | Last Journal: Sunday October 27 2002, @06:53PM)
Re:When is the last time Dvorak... (Score:5, Insightful)
"Software as a service" should be viewed with the same suspicion as "Trusted Computing." Something so bundled in Marketing, with no particular benefits to the consumer, has to be a money/power grab.
Re:When is the last time Dvorak... (Score:5, Insightful)
"This time." Centralization and decentralization has always been a pendulum sort of affair, varying with the relative costs of bandwidth, CPU, and storage.
Once upon a time, there was the mainframe. Nobody ever got fired for buying (or more accurately, leasing) IBM!
Then came the microcomputer. Decentralize! Applications run right on your desk! Buy Apple! No more monthly payments to IBM! (At 9600 baud, dumb terminal bandwidth is expensive. 8-bit micros are cheap!)
Then came the dickless workstation. Oops, "diskless". Centralize! It's a client/server world! Buy Oracle, and run it on your Sun! No more huge capital outlays for PCs that become obsolete the day they're purchased! (Workstations are expensive, but this new ethernet stuff is cheap!)
Then the PC-as-workstation. Decentralize! Don't rely on that expensive server! (Doesn't matter how much cable you run, if you have 100 users trying to render the Sistine Chapel on X Terminals, bandwidth and server-side processing power are shockingly expensive again, local storage and processing power are suddenly cheap again.)
We're currently on our way back to the server. This time, the excuse is DRM. An application that doesn't exist locally can never be used locally once the vendor decides to kill it.
But ultimately, the root cause is that bandwidth is relatively cheap again. Doesn't matter whether the application is Windows (which needs to call the mothership for patches every few days) or Steam (for the same reason).
This time it's extra stupid (Score:4, Insightful)
With Vista, the user has to buy a computer that provides all the ressources and is still depending on some server being available / working correctly.
In this case the WGA server, which does not give any advantage to the user. The only one who has an advantage is Microsoft (from disallowing pirated Windows versions), and that is questionable as I doubt Vista will stay uncracked
Let's imagine another hypothetical (Score:5, Funny)
Of course, this is just a hypothetical, and like the one in the article itself has little to do with reality.
Why not both? (Score:3, Insightful)
We'll have both, need both, but will still have a lot of cases where people try to the wrong one and get burnt.
Written without reading TFA (and boy, did it feel good!). I'll read it now.
Dvorak? (Score:5, Funny)
This is cyclical in the computer industry (Score:5, Insightful)
(http://dan.tobias.name/)
Reasons for Service Software (Score:5, Insightful)
Damnit, Dvorak (Score:5, Funny)
Next thing you know he'll declare how much he likes pizza, completely undermining my fondness of it.
The downsides of software NOT as a service (Score:3, Insightful)
(http://phydeauxpets.com/)
At this point in time, software is as complicated and as important to some businesses as say, vehicles are. Only the very largest of companies have their own in-house garage and mechanics to take care of their own vehicles.
There are Many Busses (Score:4, Interesting)
(http://thelazysci-fiauthor.blogspot.com/)
Even if you are off the internet at large, we are getting into an age where a personal area network will become ubiquitous. Served-software would still be available from, say, your phone as the server (always keep the gears software on your phone ready for load) or maybe your bluetooth watch could maintain local copies of frequently used software.
While at some remote location you might be lucky to find that a colleague has a local copy of a certain, rarely used software on their wristwatch.
Then again, it is something to think about that within 20 years will it be as unusual to find oneself without internet access as it is to find oneself without electricity...perhaps it will be even more unusual than that (what with satellite communication).
Just thoughts.
It is interesting to note how much more bandwidth my internet connection has as compared to my first computer's bus speed.
Depends on the situation (Score:3, Insightful)
For Once I Agree with Dvorak (Score:4, Insightful)
(http://slashdot.org/)
SAAS has worse problems than server availability. It creates nasty integration problems since your critical enterprise data is not only crossing an interface, but the other side of that interface is not in your control. That's not just an integration problem: I'm waiting for a security breach against one of the big SAAS vendors. And not only is it closed-source, it's closed-source managed by a third party that doesn't have the same priorities that you have. So if you need to fix or customize anything on the SAAS side, you're well and truly screwed.
The only reason SAAS emerged at all was as a response to the poor performance of most in-house corporate IT departments. Why wait for your own geeks to implement something badly in a year when you can go to an ASP who will give it to you in a couple of months? And of course there are the perverse incentives in how capital expenditure is accounted for versus externalized services. But the main motivation is that business managers just don't trust their own IT people. And based on the performance of most IT management, no wonder.
Dvorak's Ignorance and WGA... (Score:4, Insightful)
(http://www.icsi.berkeley.edu/~nweaver/)
The first one I got: WGA can't "fail closed", otherwise pirates would just filter the communication to the WGA servers.
Rather, what WGA needs is a signed "check back later" message, where Microsoft's public key is used to sign a "check back by day X" message, so that a server outage can be handled in the future. And I'd bet that there is, by next Patch Tuesday, an upgrade to WGA to support such functionality.
And its not like people's home/office computers are so reliable, making this segque ridiculous.
I can't give Dvorak much credit... (Score:3, Insightful)
(Last Journal: Wednesday February 07 2007, @10:52AM)
for startling insights into marketing. (Ok, duh, this is John Dvorak, but still...)
Truly, marketing is designed to convince you that what they've got is much better than what you've got. If you have independent, localized computing, marketing will try to sell you distributed service-based computing. When you've had your fill of service-based computing, well, that's just an opportunity for marketing to sell you independent localized computing.
It's like samsara [wikipedia.org] except that the marketers consider the cycle of rebirth to be good. (They are marketers, after all; enlightenment means that they no longer have anything to sell you!)
I'd have to mod TFA "-1, Obvious".
Right tool for the job ... (Score:3, Insightful)
(http://www.edholden.com/ | Last Journal: Tuesday January 20 2004, @11:15PM)
His points are good, and they underscore why I rarely use the latest web apps, but nevertheless am amused by them (Flash-based image editing online!). Still, while we should show his level of skepticism toward many of these apps, the fact is that network-based app delivery still has many advantages. The main one is that you can update software for all your users in one place, and not care as much about the state of the client machines. As a recent Mac convert you'd think Dvorak would particularly like this, since he can do the same things as a web client on a Mac as on Windows or Linux.
Despite the stupidity of some online apps, I can think of a lot of examples of software I would definitely rather have on the web - e-mail (think Gmail or other webmail, which almost everyone uses to some extent), a trouble ticketing system for a helpdesk, a custom database used within a company (most of these are centralized), etc. Onlime apps particularly make sense where the data is centralized as well. That's worth emphasizing: Google Docs and Spreadsheets may be nifty, as well as cheaper than MS Office, but they won't catch on until people see the value in storing the actual files centrally as well, just as they store e-mail centrally when using a service like Hotmail.
It's already here, in "Higher" Education (Score:4, Insightful)
The obvious problem arises when the network goes down,
But there are other "gotchas":
Again, I'm sure there are more that will come up as time goes on.
IMO, any time there's a move to vendor control, let alone remote, removed, vendor control, the end user will lose.
software as a service is successful (Score:3, Insightful)
(http://thedevilsadvocate.org/)
Good webhosts have 99.99999% up time. The entire hosting industry measures success by uptime. If it didn't, the industry would collapse.
Dvorak attacks the WGA server that went down, rightfully so. However, he then goes into hyperbole mode and subtly lumps googles offerings in the same category. After using google.com for years, and google maps almost since it was launched, I can tell you I can remember only once significant outage, and it was some kind of DoS attack, I think, which was quickly dealt with. I can remember no minor outages in my experience, nor am I aware of any other outages reported in any major online media.
Yes, you have to be worried about losing your documents. The best ASPs should provide some kind of user data backup (I don't know if Google does this but if they don't they need to) or some kind of contractual obligation to users in case of data loss (more appropriate for Business to business apps). However, if someone provides you with excellent up time and reliability, why can't you trust them?
Microsoft has a lousy track record of reliability. Also, tying hundreds of ASP apps into a single WGA server is ludicrous.
Trust is about experience. Anyone using Microsoft based ASP apps is asking for trouble because the experience of most users is that MS is not reliable. If you want reliability, you need to look elsewhere, and there are plenty of options.
That's what this outage is really telling us. As usual, Dvorak has completely missed the point.
Dvorak's a little confused (Score:5, Insightful)
It isn't.
WGA is a service which Microsoft provides to themselves, in order to protect themselves from said Windows users (AKA thieves).
If the main purpose is to protect your profit center, a 19 hour (or 72, or 30 day) outtage where the failure mode is "more protection" strikes me as perfectly reasonable. It's not like "pissing off customers" has ever been considered a liability in Redmond.
Sucks to be a Windows user, though. Should have got some sort of service agreement, I guess.
c.
One Word - Skype (Score:5, Insightful)
(http://www.fundraw.com/ | Last Journal: Friday October 26, @03:42AM)
Software as a Service (SaaS) creates all sorts of ripe opportunities for hackers, crackers, and other cyber criminals. It's been a cottage industry to blackmail online casinos, threatening DDOS attacks if you're not paid off. Since a half-day DDOS could cost the casino in the high five figures (or more), they pay the blackmail.
What if a large SaaS company had a 100,000 business customers... just 100,000? That's a ripe DDOS blackmail target if I ever saw one. And if you could hack the systems and gain access to the tax and banking spreadsheets of 100,000 clients? Can you say "low-hanging fruit" boys and girls? I knew you could.
And what if the company is being run by idiots who fake their numbers to make it seem like a sinking ship is just "settling in the water" until the ship suddenly capsizes without warning, going belly-up in the space of hours. All your docs and spreadsheets are offline... indefinitely. And if by some graceful foresight, you backed up your docs, if you can't find a piece of software that can both run locally and work with the proprietary formats the SaaS vendor used for their docs, you're still SOL.
Those are worst case scenarios, but you get the drift.
I have to agree (Score:3, Informative)
Right now, dealing with company's oversubscribed servers and under subscribed bandwidth makes response time as bad as it used to be when green screen terminals were attached to mainframes.
The rule used to be response time should be no longer than two to four seconds. How often do you wait for considerably more than four seconds for a Web server to respond?
Granted, the four second rule was more or less intended for more "interactive" activities (like data entry) than mere Web browsing. But the whole SaaS and Web 2.0 stuff is intended for exactly that - interaction with applications over the Web.
And right now, Web response time just doesn't cut it.
When the telcos get their head out of their butts - or someone does it for them - and we get 100Mbps or more speed to the desktop AND the people who offer SaaS learn what the words "load balancing" mean, maybe then it will be viable.
Right now, every time I go to Superiorpics.com for my babe picture downloads, I click on a link to Shareavenue, I'm lucky they respond in less than thirty seconds to a minute. And twice this week they've been completely down. Not to mention the WGA outage which started this discussion.
It's ridiculous.
Add to that the mysterious ability of data transmitted over the Net to literally CRASH an application such as a browser. I've never understood that. Most desktop applications read files and other data and have mechanisms in place to treat that data AS data, no matter how malformed it may be. If it's wrong, they complain without crashing (usually - there are numerous exceptions, of course.) But when we go to network apps, somehow all that goes out the window - and crashes are regular. Maybe it's because network protocols have states and when data is lost, the states get corrupted and the network apps aren't coded to deal with that because of the rigidity of the protocol. There's the simple issue of knowing when the next network data packet just isn't coming and how to recover from that. But most network apps seem as fragile as glass to bad data. Firefox just grinds to a halt or bombs immediately when multimedia data coming in isn't as expected.
The reliability just isn't there.
Re:tech (Score:4, Funny)
Wow, an assembly programmer who builds his own chips? Where do you find the time to /.?