Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

How Do BSA Raids Work? 20

The Alchemist asks: "So I'm reading the Newsforge commentary on the newest Microsoft and Business Software Alliance (BSA) threat letters here, and I'm wondering: 'Has anyone been through these things?' How do they (the BSA officials) conduct themselves? Are the local authorities involved? Do they even bother with a warrant? Has anyone been found in compliance with this private Microsoft police force, other than the Mexican Firm that's suing them?" For a software licensing organization how does the BSA pull off things like this? Do they have any ties with law enforcement? Of course, the more you know about how the BSA works, the better off you will be in preventing your company from receiving an unexpected visit. It's 2001: do you know where all of your software licenses are?
This discussion has been archived. No new comments can be posted.

How Do BSA Raids Work?

Comments Filter:
  • by Anonymous Coward on Saturday July 07, 2001 @11:13AM (#101373)
    My wife's company was raided a few months before she started working there 10 years ago, so things may have changed, but at that time

    First you got the letter offering the software audit - you know the one, "20% off any licenses we find you need"

    Next level - same sort of letter, DEMANDING an audit - if you comply, it's full cost licenses

    The last level? They typically walk in the front door with your local sheriff (or whoever it is in your jurisdiction that serves civil warrants), with a warrant, and announces the raid. You now have a big problem.

    The first thing they do is have EVERYONE step away from any PC/terminal in the building (aka, line up against the wall), and THEY go around shutting down the PCs, and SEAL them with evidence tapes - this includes ALL servers. Then they inspect each PC with a software inventory tool - this can take days to weeks. When they are done with the whole area of your company they have a warrant for, they tell you how much you owe, and after you pay up, you get to turn your PCs back on and get back to work

    Yes, this can put you out of business
  • by Anonymous Coward on Sunday July 08, 2001 @05:57PM (#101374)
    I worked in an industrial park last year, and company next door got raided. That was a small chemical and mechanical engineering firm that specializes in sensors. Their biggest money maker is sensors for airport bomb-detection machines. They just make the sensors, and have tiny 1 microgram samples of many kinds of explosives for testing, as well as small radioactive sources for calibrating sensors, and a few other hazmat materials on the premises. All legal and above board, and all the companies in the park handle similar materials. Except for a handful of windoze machines, this company was almost all *nix and specialty boxes. Almost all of their software was written in house, or was licensed copies of mathematica or some chemical modeling software. There was a custom grown database for tracking customers, because the company had been "computerized" since the 1960's. There was also a handful of BSD machines for internet services, but most of their 400 machines are not connected to the internet. All the engineers are *nix or big-iron bigots.

    They had received a total of three letters in advance of the raid. The first was a demand from microsoft for an audit and a per-user license for all 300 employees of the company, despite there only being 17 windoze machines. You may have only one NT server, and 16 machines in sales and accounting, but you still have to pay for everyone, even the janitor, and you can have a 20% discount if you pay immediately.

    The company sent the sysadmin around the building, checking each computer for any "unauthorized" software. He may have removed a few packages and some cute screen savers, but for the most part every machine was still running the original OS installed by the OEM, and they had the original hologram booklets for proof. They wrote back a letter telling microsoft that all was in order, and needed no more licenses. Two weeks after that, the BSA sent a letter asking for an audit. A letter was sent in reply that no audit was needed, as one had just been completed.

    The third letter was a demand for an original copy of a licensed auditors report, to be delivered in 48 hours, but was sent the same day the BSA had received a court ruling asking for police action to assist in raiding a software piracy firm. There was no time to reply to the third letter.

    They were raided with a full gang of police, since the complaint officially filed with the court was that they were an arms manufacturer (they were, when founded in 1943, but not since 1953), and held explosives onsite. The "informant" was supposed to be a disgruntled ex-employee, who quoted exactly from public county records for hazmat storage and building permits. The "informant" is certainly fictitious. The company hadn't lost an employee in over three years, they're a pretty loyal bunch. The BSA couldn't produce a name, or any detailed records, when law enforcement turned against them a while later. The BSA had gone to the court asking for a civil injunction against the company, based on this known "anonymous" informant and they have this routine well oiled, and structure the court dates to ensure the defendant can't possibly be represented in the courtroom.

    The BSA had told the court that the company was an unlicensed arms manufacturer, had literally tons of explosives stocked inside, and that the entire staff were survivalists who had pirated millions of dollars worth of software and had brazenly ignored several audit demands and a bill from microsoft for the per-seat licenses. None of it was true, but the police noticed this description and instead of sending just 2 officers, decided to send most of the department when nobody would be in the building, thus the raid was delayed until the next morning. The raid started at 6:45 AM, with the police storming the building after getting the night security guard to open the doors for them and luring him outside. After searching the entire premises for about 45 minutes, and not finding a single weapon or explosive, they let the BSA auditors take over the building. The cops were pretty relieved to find nothing but a bunch of computers, and scientific instruments like spectrometers. When the boss finally did show them the collection of "explosives", 50 or 100 tiny vials locked in a safe, along with all the records of working with the FBI crime lab, the cops were very pissed at the BSA. But they had to obey the court order and let the BSA shut down the company for a few days for the audit. I think the local fire department was called in by the boss later in the morning, to make sure the software idiots didn't release a cloud of poisonous gas or start a fire.

    By 7:30AM, some of the employees had called in the boss. But the BSA court order allowed them exclusive access to the building for up to 30 days. The company lawyer only got a modification to the court order on the second day of the raid, allowing company reps to observe the audit and for hazmat professionals to get in and ensure the dangerous stuff was still in the safes and fireproof cabinets. But by the second day, most of the damage had been done.

    The morning of the raid no work got done here, we were all watching the commotion going on next door. Everyone standing around watching the cops, and the fire department, and all the employees sitting in their cars waiting for a word from their boss.

    During the raid, the phones went unanswered, leading to some worried customers. The BSA actually cut the T1 line where it entered the PABX, and the telco repairman said they do the exact same thing in every raid, about once per week in the area. The sales people had to work from home, they weren't allowed into the building to retrieve customer lists in order to contact important customers, but the most important they knew by heart, so no great loss. The company slipped a number of contracted dates, causing them to lose at least one bonus for on-time delivery of an order, but the other customers were rather understanding.

    After the raid, the place was a shambles. The first thing the boss did was call in the police from outside, and got a photographer from the insurance company to document all the damage. Although the physical damage was less than $10000, none of the *nix machines were functional afterwards. All the disks had been wiped, many were pulled out of machines and left sitting on desks, and some of the machines had been opened and left with their guts hanging out. The BSA auditors were not a very professional lot, since they only know about microsoft machines. None of the windoze machines was hurt during the raid, but every one of them had some unknown software installed, possibly a keystroke logger.

    The BSA auditors were upset when the fire department showed up the morning of the raid, and apparently when they were ordered to stay away from the chemical storage areas and the mainframe, they became very childish and vindictive. One of the BSA people made a specific threat against the children of the boss, while a plainclothes police detective was sitting in the next cubicle filling out paperwork. He was arrested for verbal assault and resisting arrest, everyone resists arrest around here, and recently served 30 days. Ooops. Apparently the BSA completely abandoned him to the courts, by telling him they would defend him, and then the lawyer never showed up on the court date. The guy had to defend himself since he didn't have any money for a lawyer, but he had already waved his rights to a public defender. Hahahahahaha.

    The BSA techies after the raid started to help the sysadmin by explaining what they did to each machine, but they clammed up as soon as their lawyers got wind of yet another claims lawsuit as the result of yet another raid gone wrong. They all just got up and left the building on the third morning of the raid, instead of finishing the audit or helping reassemble the systems. It took the sysadmin, plus some contractors, about 2 weeks to get most of the machines back to functioning and with various amounts of data restored. The company has never got back to normal since the raid, there is a lot of historical data that can never be recovered. The only positive note is that the sysadmin had the luxury of partitioning every disk correctly before re-installing.

    After the raid, the BSA refused to say if there was any pirated software on the premises.

    There is now a civil suit going against the BSA. The BSA lawyers have tried every stalling tactic in the book, knowing that it is costing the small engineering firm a fortune to keep the suit going. But the owner is not going to allow the arrogant microsoft cock-suckers to destroy his business just because he refused to upgrade to the latest microsoft everything for every person in the company. The last I heard, the judge has ordered the trial to go ahead at the end of the summer, whether the BSA is ready or not. It sounds like the company will only be able to reclaim about 40% of what they lost. The civil courts do not take into account lost business, just the total amount spent to restore the systems. The several months of complete disruption and near bankruptcy of a once very profitable company aren't admissable to this judge, but a second trial might get them punitive money out of the BSA. The BSA tried to settle out of court by offering $200000 worth of microsoft licenses for one year, and it was of course rejected.

    The BSA has claimed that it is a not-for-profit benevolent organization that does its raids for the good of american industry, and it has no money to pay if it loses the court case. The court case may take 6 months before a judgement against the BSA, and court records show that the BSA hasn't once paid on a judgement in this state, instead they lodge appeal after appeal.

    I've agreed to post anonymously, because the sysadmin is a drinking friend of mine, and they are under court order not to publicize the case in any way. Their lawyer thinks that the BSA will break this ruling the moment it becomes clear they will lose, and will spin the case as one of an incompetent bunch of lusers blaming their computer problems on an innocent BSA raid. They have done this in other cases, but mostly the media doesn't report these cases because microsoft is such a big advertiser.

    This is what happens to companies that don't run 100% microsoft products, and pay the microsoft tax. It doesn't matter if you are a 100% linux shop, an audit can ruin you if you rely on your computers for earning money.
  • Sounds like the BEST thing to do is not have a central office.
  • If that story is true, the BSA should be shut down for good. Destroying the computer resources of a 400 employee company is a terribly criminal offense. What could people do to get this story more well-known?
  • ... I have gotten a letter, despite the fact that there is no company.

    Let me explain:

    A couple of years ago I was asked by my mother to create a game for the classes she teaches at a local university. Nothing fancy, you understand; just a standard quiz-show format (similar, I suppose, to "Jeopardy!") which she could use in class to test students' knowledge. The students loved it, but she didn't want to have to use a poster-board, since it wasn't easily visible in the back of the room.

    The university informed her that it would not pay me, and that it only dealt with companies, despite the fact that all I asked was $1000.00 for the whole shebang.

    So I filed incorporation papers with the state of NY to create a company so that I could get paid for my work. The same day that I sent in the papers, the university called to say that they could, in fact, pay me personally. So I did it and got paid personally. The company never went any further. I never purchased a single thing for it. That was four years ago.

    So imagine my surprise when last week I got a letter from Microsoft, addressed to this defunct company, letting me know that I might have pirated products in use right under my nose, by my own employees!

    "Egads!" I shrieked. I quickly raced down to the basement and found that no, I did not, in fact, have any employees or pirated software.

    What Microsoft appears to be doing, IMHO, is trying to bully every small business (and many large ones, too) it can find, since they know that most can't afford to go to court against them. Shameful.

  • What if its a Sun box?
    What if its a Linux box?
    What about laptops - say you're a consultant onsite and they quarrantine *your* laptop?
    They can quarrantine all computers?

    Sounds like the only solution is to have ZERO MS software installed.
  • "Most investigations begin with a call to BSA's hotline, 1-888-NOPIRACY, or with a report to BSA's Online Reporting Form, at www.bsa.org. In this case, BSA contacted Dayton Granger through its
    attorneys, although in some cases BSA pursues a *software raid*."

    btw, this was an attempt at humor.
  • Actually, the WORST thing you can do is kick off that remote format!

    What you have just done is subject the company to an obstruction of justice charge. Much better to take your civil lumps

  • They typically walk in the front door with your local sheriff (or whoever it is in your jurisdiction that serves civil warrants), with a warrant, and announces the raid. You now have a big problem.

    To get a warrant issued there would have to be some sort of evidence presented to a judge. What form does this evidence take, how convincing does it have to be, and, perhaps most importantly, how would Microsoft/BSA obtain it?
  • This old Baltimore City Paper "Cyberpunk" [citypaper.com] column (a now defunct feature) says that the BSA stormtroopers get a court order (often on the word of a disgruntled former employee) and show up with federal marshals. Government and industry, working togther for a better world. Blech.

    Tom Swiss | the infamous tms | http://www.infamous.net/

  • Sounds like the only solution is to have ZERO MS software installed.

    My solution of choice would be an encrypted file system combined with a remote 'format' key in the server room -- sure, it won't get finished on each & every desktop, but it (or something like that) could very well write enough random data to really mess up the software inventories.

    Another question -- how does the software inventory work exactly? What does it check for?

  • Often it winds up being an 'anonymous' tip off from a 'disgrunted former employee,' and sometimes there really is a tip off from a former employee. But because of the way the American judicial system thinks, if the BSA sends a letter saying 'please let us audit you,' and you quite rightly say 'bugger off, we're in compliance,' then the BSA simply wonders aloud in the presence of a judge "Hmm...if they're in compliance, why won't they let us double check for them? It's almost as if they have something to hide......"
  • Sounds like the only solution is to have ZERO MS software installed.

    Or to actually pay for your software, and then agree to the audit. Presumably, the audit will be at their expense. Otherwise, yeah, let them raid and sue for damages I guess. Be sure to send them a letter before they raid saying that you are in complete compliance but object to the audit unless they pay for it. I bet you could win the case.

  • This is an amazing story! I can understand that you might want to post anonymously. Like another Slashdotter, though, I would like some independent evidence. Could you supply a link to the court site, or the company's web site?
  • The last level? They typically walk in the front door with your local sheriff (or whoever it is in your jurisdiction that serves civil warrants), with a warrant, and announces the raid.

    Is this actually POSSIBLE? With a warrant for what? Has this happened to anybody?

  • What gives the BSA the right to just come onto private property and start giving orders? How would they get a warrant, and for what?

    Even if they somehow got a warrant, aren't the police/sheriff the ones that would conduct any search?

    If I tell the police that "joe" stole something of mine, and I have some kind of proof that it's on his property, I imagine a judge could issue a search warrant. But the police would take the warrant and search his property. I don't take it myself and then go ransack his place, that's ridiculous.

  • What I wouldn't give for a mod-point right now.

  • by Quizme2000 ( 323961 ) on Saturday July 07, 2001 @11:14AM (#101390) Homepage Journal
    My company has been notified by the BSA or else. I ordered to do an internal audit of a small office and correct all violantions before the BSA ground troops begin their assualt. So after uninstalling pirated or unlicensed software(apparently someone got install happy with MS office). We actually had about 10 more license for OS'es than we needed. But then I noticed all the Dibert, Farside and various other abuses of the copy machine plastered in cubicles. What about all those mp3 CDs laying around. I began to panic, Between MS, united comics, RIAA, and the copyright office, we could technically be sued by just about anyone who wanted too. So to protect us I burned the office to the ground, erased all employess, and triggered the doomsday device.....feeling much better knowing that we can't be sued for Licence Disputes. I hope I'll get a raise.

  • The charges will not be able to include lost worker time and product sales. You are ignoring the obvious threat the BSA presents to small companies. The obvious answer is to remove MS products from the premises.
  • For a software licensing organization how does the BSA pull off things like this? Do they have any ties with law enforcement?

    Do they have any ties with the government?

    Of course they do. They have lots of money to feed to the government, and in return, the government 'feeds' them by allowing things like this. It's the same kind of thing that got the DMCA passed, for instance.

    MSFT merges with AOLTW:

When you don't know what to do, walk fast and look worried.