Things that make you go hmmmm - Final Thoughts on the ESX/ESXi 3.5 Update 2 Bug

Some VM /ETC readers may remember a weekly series of posts I was doing earlier this year - “things that make you go hmmm“. Well, the August 12 ESX/ESXi 3.5 Update 2 BUG definitely deserves a resurrection of that series and a post all to itself. Although this topic is still a little too sensitive to be humorous today, I’ve included a mix of comic and serious links. Hopefully we can all look back and at least chuckle about these events sometime in the future. So, here is a sampling of of the various reactions and opinions on the VMware time bomb bug from around the internet. Laugh if you can. After all, it’s Friday …

Eric Siebert’s post Is VMware’s apology enough? — Server Virtualization Blog

“One area that many users were critical of was VMware’s communication on the matter. They were initially slow to issue public communications and proactively contact customers to let them know about the issue. The thread in the VMware Technology Network (VMTN) forums that was started on this issue became the rallying point for many of the users who were experiencing problems as a result of the bug. VMware employees did provide some updates to the thread which let users know they were aware of the bug but did not provide much other information until much later in the day. Another breakdown was that VMware’s knowledgebase that had information on the bug and is often the first place users go to when experiencing a problem becamse so overwhelmed by the number of requests that it was unavailable for over 6 hours.”

Scott Wilson’s article VMware Bug Cramps Style:

“Virtualization, after all, is very much about putting all of ones eggs in one basket, and if the basket has been woven by stoned hippies who have missed a few loops, then enterprises are going to start thinking twice about something which is an already disconcerting concept.”

Bob Planker’s post Why This VMware Time Bomb Issue is a Big Deal:

“It all comes down to trust, and there’s a lot of us out here that just got hung out to dry. Doesn’t matter whether Paul Maritz is sorry. We’re sorry, too.”

Bridget Botelho’s News of the week: VMware’s ESX 3.5 bug causes VM failure:

“And I imagine that VMware co-founder and ex-CEO Diane Greene, who was ousted by VMware’s board of directors July 8, might feel at least somewhat vindicated.”

Scott Lowe linked me to Dominic Rivera’s ESXlolcat:

Chad Sakac’s ESX 3.5 Update 2 Bug, Express Patch, and Quick Thoughts:

“Many of the comments on VMTN just break your spirit a bit until you harden yourself. Anger/frustration are reasonable, but anonymous posters and fan-boys, I have little patience or respect for you (though I doubt you care) Strong feelings are good - passion is good, but don’t hide if you feel strongly about your position, and you think it’s reasonable.”

Tags: august 12, esx3.5, esxi, issues, patch, things that make you go hmmmm, upgrade

This entry was posted on Friday, August 15th, 2008 at 9:42 am and is filed under esx 3i, esx3.5, vmware. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Ben Pottinger

What I noticed about this whole ordeal is that it all started as a licensing issue. You also posted about another licensing bug recently:
http://vmetc.com/2008/01/25/esx-35-4-socket-hos...

Both of these issues I think underscore a major problem in the PC industry and its the near psychotic need to implement draconian protection schemes. The pirates have proven what a waste of time such schemes are (you often see popular software on torrent before its available in the store, all pre-cracked and ready to use). It doesn't even seem to slow them down most of the time. Instead all it does is inconvenience and sometimes severely damage the paying customer!

VMware's comment about "no licensing backdoor" shows they are more concerned with protecting their (faulty) licensing scheme then protecting their enterprise customers. Its even more baffling when you consider the niche this product fills. It's not exactly a mass market piece of software that needs to fend off the causal pirate. How many organizations would really be running a pirate copy of a 5,000$ piece of software?

I'm just waiting for the evidential shift to microsoft/adobe style "activation".

rbrambley

Ben,

You bring up some good points about how the damage can be done to the one's that need to be protected. However, I can't blame VMware, Microsoft, or any company for wanting it's customers to buy licenses and pay for support, and then enforcing it. Do you work for free?

Your argument that it's an inconvenience for paying customers and it's easy for a pirate to crack anyways won't exactly protect your "booty" in court!

Ben Pottinger

I'm not sure I follow your disagreement. I never suggested working for free. Just use a simple license key setup without a "kill switch" or activation. If you need to sue a company/user for theft of your software, the difficultly of stealing it is immaterial. Its stolen regardless if all you had to do was copy the DVD using nero or if you had to spend 500 hours cracking the protection scheme.

the problem happens when you attempt to actually "stop" the pirating by making the copy protection scheme really complex and difficult. #1 you don't actually slow the pirates down (like I said, just check torrent, heck they already hacked bluray and HDDVD) and #2, the harder the protection scheme is the bigger a problem it becomes for your PAYING customer.

Adobe and Microsoft's activation schemes have gotten so bad its forcing some people to look at different products.

Basically, all I'm saying is a bug that causes the kind of problem sucks. A bug that causes this kind of problem related to the licensing of the product is unacceptable.

rbrambley

Ben,

I guess I misunderstood your point the first time. Your logic makes sense, and like I said before I understand your points about how the paying customer suffers. But after re-reading both your comments now I'm not sure how you even came to the idea that VMware's time bomb was implemented to protect from piracy. Paul Maritz explained in his blog post:

"This piece of code was left over from the pre-release versions of Update 2 and was designed to ensure that customers are running on the supported generally available version of Update 2."

I don't take that to mean they were focused on stopping theft, but instead wanted to guarantee a bug free version was generally available and in use. That's more about VMware having to support their customers and making sure their help desk infrastructure gets calls about the correct builds. It makes the whole issue more ironic, I know, but in my mind it is an acceptable development and product release process. It's definitely unacceptable QA testing to leave it enabled, however.