The perils of software activation

In our modern internet connected era, most people who use computers probably don’t even think much about software activation anymore. Generally speaking, things just work and as long as you don’t try to exceed your license limit, there aren’t usually any issues to worry about. Yet I can remember a time 20 years ago when the idea of software activation raised a huge ruckus, especially as the world was a lot less internet connected back then.

Microsoft Office XP wasn’t the first Microsoft or any software product to require activation over the internet, but it was the most high profile at the time by a mile. Microsoft instituted activation mainly due to rampant software piracy of its products – keys may have been unique on packaging or the certificate of authenticity on a computer, but those keys could be used anywhere else that used the same software versions. This made piracy stupidly simple and easy. Next up was Windows XP. Whilst the later leaking of corporate activation keys did enable piracy, for many casual users Windows became a lot harder to suddenly pirate at will.

Of course, the open source movement and the Electronic Frontier Foundation decried what they saw as intrusive, monopolistic and unethical practices in limiting users that way. Much internet ink was spilled predicting doom and gloom and the end of all freedoms that we had known until that point. Next, your computer would be spying on you and all the rest of the melodrama. Despite this, many more companies followed suit with online activation of software to help cut down on piracy. It became the norm eventually.

If you are a big company like Microsoft or Adobe, you can keep licensing servers running almost indefinitely and even if you’ve discontinued products, you can usually still keep the licensing servers running for users who need to reactivate the old products. However, if you are a smaller company, you may not have that luxury and this is where things get tricky. Take the following screenshot as evidence:

This is a screenshot of the SMART Notebook 15.2 activation checker, built into the activation process itself. About a month ago, I wanted to reinstall this version of Notebook onto a laptop for a teacher. I have a valid license key for this software and though the premium features have expired, the key is still valid for this version of Notebook which includes the basic core functionality of the product.

Since none of those activation servers are available, I was unable to activate the product. These values are hard coded into the software and cannot be changed by us as end users. SMART have long since moved on to more modern versions of Notebook and have heavily pushed their subscription service for licensing. They have not issued any patches for older versions of Notebook rectifying the change in licensing servers or procedures, with the end result being that I am no longer able to reuse a validly purchased piece of software that is only 5 years old…

Hit with a situation like this, I understand why open source folk and the EFF decry this kind of activation and licensing, as I’ve been locked out of my purchased software with no means of fixing the issue. Contacting SMART will only result in a case of being told to upgrade to version 19 and that they are sorry for the problem, but that is the only remedy.

I do actually have another piece of software that also appears to be broken by the shutdown of licensing servers. Luckily I do have a newer version of that software that was made freely available, but it was still another nasty surprise.

Protecting your software from piracy is a valid and good thing to do, but if you can’t keep licensing servers up forever, consider releasing a patch that either removes activation for older software or find a way to clearly notify all users that the old version X will no longer be able to activate after XYZ date. But I guess in today’s non stop world, such courtesies are maybe too much to ask for.

Buggy Ruckus firmware

We’ve had Ruckus Wireless equipment in our school for almost a full 5 years now. 1 ZoneDirector 1200, 21 R500 and 9 R510 units power the Wi-Fi in our school. From day 1, I have never had any hardware issues with the equipment and software wise, the system has largely just worked. I’ve updated the firmware on the ZoneDirector a number of times and it’s always been smooth sailing, until the 10.4.0.70 update I applied a few months back.

All of a sudden, the access points were randomly rebooting with no discernible pattern. Whether it was 2AM or during the middle of the day, the AP’s would just spontaneously reboot, taking the whole wireless network down with them. During this time the ZoneDirector itself remained functional however.

After doing what little debugging I could on my own, I opened a support ticket with Ruckus. My users were not happy with the reboots, as due to the random nature of the reboots, it could strike at any time. I also had one user vociferously complaining about poor signal, which despite my assurances had not changed, she remained convinced that signal was weaker after the update – this is very much a case of correlation and causation getting mixed up in her head.

My assigned engineer first asked me for logs, then had me downgrade from 10.4.0.96 to 0.70, which didn’t help the reboots much. After that I had to verify my network layout for no reason I could understand. Lastly, I provided SSH and web access to the ZoneDirector as well as just SSH to 2 access points, one powered by PoE, one by an injector. The engineer pulled whatever he needed, but then went quiet for a bit with no promised update.

At this point the reboots were untenable, so I informed him I would be downgrading back to the 10.2 firmware branch. I performed the downgrade on a Friday afternoon, which took about 10 minutes and thankfully kept all my settings – I was worried about having to set the controller back up from scratch or needing to use a backup of the config file. The AP’s pulled in the downgraded firmware and rebooted themselves.

3 plus weeks later, the wireless network is behaving itself 100% with the kind of Ruckus stability I have grown to love. After informing my engineer to close the ticket as the problem was resolved, he came back to me to inform me that they are admitting there is a bug in the 10.4 branch, as other customers had ended up reporting the same issue. Their coders would be working towards getting that resolved and patched for a future release.

I suppose this just goes to show that no vendor has such thing as a perfect firmware record – the room for bugs is always present. I could have ended our user misery by downgrading a lot sooner than I did, but having opened a ticket, I wanted to hold off as long as possible so that I could hopefully get a positive result. Failing that, I wanted to be able to help provide Ruckus with enough info so that they could use that for a fix which would benefit all their clients, not just us.

Still, this was the first time that I can recall that I’ve had firmware cause such a visible impact on a service offered on the network. The only other incident I can even remotely think of is when I updated the firmware on one of our servers years ago, only to have the system fans spin up to full blast, as it turned out that they hadn’t been plugged into the correct fan headers – the actual firmware however did not prevent the server itself from running normally in any other way. No other firmware update I’ve ever performed otherwise has had an impact the way this one from Ruckus did. I am just glad that the issue is resolved and I will perhaps wait a bit longer in the future before I semi-rush into deploying firmware updates.

Samsung Pay is awesome

Samsung Pay very recently turned 2 here in South Africa and in celebration, I thought I’d write this post detailing my experience using the service. First, some background.

Samsung Pay is a payment platform developed by Samsung that enables you to use select Samsung Android phones and Galaxy Watches to pay for goods at a Point of Sale terminal that takes tap ‘n go credit/debit cards, aka contactless payments. Your modern credit/debit card has a NFC chip embedded inside itself to provide this feature, whereas Samsung Pay uses the NFC chip inside your phone/watch to do so. On some phones you can also use Magnetic Secure Transmission (MST) in case the terminal is an older device that doesn’t support tap ‘n go (these are getting rarer as banks have been on a mission to get shops to upgrade their terminals)

Worldwide, Samsung Pay is one of a number of competitors in this field, the most well known probably being Apple Pay which does the same thing but is limited to Apple hardware only and doesn’t offer MST for older terminals. Huawei have Huawei Pay, but this is currently very region limited. LG have LG Pay, similar region limitations. Google’s own Android Pay will work with any compatible Android Phone, but again is also region limited. So as far as I can tell, the 2 best options world wide are Apple and Samsung Pay. Here in South Africa, only Samsung Pay has launched successfully and has been running for these past 2 years, beating Apple to the punch.

Banks have the ability to code their own payment solution into Android based phone apps so that they too can support tap ‘n go payments, but the problem with that method is that you lose out on the Apple market, as Apple doesn’t permit any other NFC wallet solution on their phones – it’s Apple Pay or nothing for tap ‘n go.

Anyway, back to Samsung Pay. I initially installed it on my Galaxy S9+ when my bank’s cards were supported by the app – it took about 6 months before my bank worked with SP. I performed about 3 or 4 payments with my phone, feeling very impressed with myself. Once I used MST to make a payment at a restaurant and the waiter was super surprised to see that work. However, the bliss did not last. About a month or so after signing up, SP suddenly wouldn’t work with my cards. I tried removing and adding, updating the app and more, but my payments failed rather miserably, which was not only embarrassing in store, it also meant I had to have my card on me and held up queues as the teller now had to repeat the transaction.

What I wasn’t aware of at the time is that there was an issue with SP and First National Bank, some tech issue on the backend that prevented FNB credit cards from working properly. Unfortunately as I didn’t know this, I gave up on SP and went back to fully using my card, hoping to come back to it another time down the line. Time passed by and I simply never did try again later with the S9+.

Earlier this year I upgraded to a Galaxy S10+ on a new contract. I installed SP and connected my cards again, but didn’t make use of the app simply out of a lack of urgency. However, I finally got around to testing it about 3 weeks ago and to my great joy, it worked again like it should. Open the app, prepare for payment, tap phone, payment done. I am starting to feel the confidence to not bring my wallet with me for outings or trips, which is one less things to worry about and carry around. It also increases my safety somewhat as the card on the phone is more secure than the plastic kind.

Here’s some screenshots of SP in action:

Figure 1: Main screen of Samsung Pay after opening

Getting ready to pay after verification with fingerprint

Tap the card to see a purchase history

In addition to payment cards, you can also load up loyalty cards. I think these can only be cards with barcodes on them that a teller scans, not the kind of card that requires a magnetic stripe read or has a gold chip (not a NFC chip). I still need to experiment with adding something of mine to the app.

As mentioned earlier, SP is the only payment solution of it’s kind here in South Africa. Huawei Pay was mentioned as being close to launch, but after Huawei’s strangling by the US Government, I can’t see their Pay solution surviving. LG Pay is currently only available in the USA and South Korea. Google Pay is more widespread but doesn’t exist in SA. Apple Pay again also doesn’t exist here. I wish all of the payment options were available here in SA, which would just help spread the word and ease of use of using your phone to pay instead of having your cards on you. Admittedly the situation has gotten a lot better over the last 2-3 years as merchants have upgraded their terminals to support tap ‘n go cards and it’s now probably quite rare to find a non NFC enabled terminal.

I would like to get a Galaxy Watch at some point soon so that I can make life even easier for myself and maybe blow some more minds at the till, since I don’t think paying by watch is yet a very common sight.