Oh No!!! People Will Love It!

Please tell me this is a bad joke.  We ship a piece of software that allows people to encrypt their own personal files.  Some enterprises realize that users might actually use the software, and they cry foul.  So we kill the product.

That is completely insane.  Clearly people are fiending for this functionality.  Unless this is software that would be impossible for any competitor to ship, we are shooting ourselves in the foot to not ship it.  This is “strategy tax” at it’s worst.  Some vocal enterprise customers tell us not to ship a product, and then we sit back while Google ships it.  I agree that we should enable a group policy option to allow enterprise admins to disable it, but that’s it.  And even that is pandering — it is already possible for enterprise admins to prevent arbitrary software from being installed on managed PCs, and this software is no different.

11 thoughts on “Oh No!!! People Will Love It!”

  1. In poker this is called a “tell”.

    Whatever “enterprise” implies (it clearly has nothing to do with the word’s meaning as innovation) is proved not to exist as the money changers continue to play absurd semantic games involving the inordinate attention to “intellectual property rights” and “security”.

    The enormous stored wealth in what Bucky calls “metaphysics” cannot even be calculated and continuing to play pointless games of maintaining control of the wage slaves while babies starve is a drag. Kudos to the Gates couple.


  2. When you say ‘kill’ it, do you mean stop development on it? If you mean ‘kill’ as in take it off the website, I think they may have changed their minds because I just downloaded and installed it. The article was published July 14th and stated that it would be removed “shortly”. Perhaps it was forgotten about over the weekend. Regardless, I will use it now that I have it.

  3. No.

    You have our management programed well. They won’t install something from Google (“I heard something about that Google Desktop sending your data back to Google”), but if it’s a click from MS then it must be OK.

    And, of course, all their data is so very important. So the valuable data from that quarter-million-dollar contract gets moved into that encrypter folder.

    And five minutes later, when the password has leaked from their short-term memory… “Can’t you IT guys get at it?”

    You shipped an effing loaded gun pointed directly at the pointy-haired bosses that already make IT’s life hell. Deal.

  4. Well, the only thing that seems absurd to me is that Microsoft is shipping free software. What was their strategy?

    If they are worried that corporations will flock to linux because Fred in accounting can’t encrypt his picture collection, then it makes sense to ship this tool as a free add-in for windows. Or does it?

    If Microsoft just wants to give away free utilities with not return on the investment, then why not let third party companies publish the utilility and leave the Microsoft name off of it?

    Frankly, I just don’t see how giving away free software utilities like this can help Microsoft’s bottom line. This utility would actually hurt the bottom line, if corporate customers feel like they will are losing control of their customers.

  5. Jim,

    I spent several years working directly with MSFT’s enterprise customers, so I understand the environment. But I would take issue with the characterization that enterprise admins will blindly install stuff “just because it’s from MSFT”. In fact, enterprises are usually the last to install our new products, since it takes so long to go through full test and signoff passes for compat with exisiting sorporrate apps. I view the reaction to this product as an example of the same (well-founded) conservatism.

    There is nothing wrong with enterprises saying “we need to analyze how well this product integrates with our existing security infrastructure before approving for deployment”. Enterprises do this all the time. But saying, “Microsoft cannot make it available to *anyone*, because my enterprise doesn’t plan to deploy it ever” is just wrong.

  6. Honestas,

    I think there are a couple of issues here. First is that shipping every 5 years, and charging a big licensing fee for a monolithic hunk of software, no longer works. Enterprises, for example, are basically paying for a subscription anyway. We need to be able to continue moving the product forward incrementally; there are lots of reasons why this results in a better product, that people are willing to pay more money for ultimately. Note that apps like IE7, which ship for free with lots of additional functionality, still require Windows Genuine Advantage, so it’s not as if they are “free” — they are just part of the package you paid for when you bought windows. I am not saying that we shouldn’t have exclusive features to motivate purchase of v.Next; just that we need to be developing those features for free and incrementally before “baking” into the product.

    The other big thing is the mass move of people putting their personal info online. The IT admins are lying to themselves if they think they have any control left — we all know people who use the various online folderdrive systems to transfer stuff with their partners; people who mirror their corporate e-mail to gmail so they can get fulltext search, and the list goes on. To compete with this leaky sieve that has become the enterprise, MSFT needs to stress what we do best — keep end users in control of their own data; allow decentralized, P2P techniques that are secure, etc. In the meantime, we are shipping our own foldershare analogues and feasting on the arms race of centralized storage. But my point is that the IT admins need to be worried more about the centralized storage trends, and things like private folders are the best chance to blunt some of the irrational behavior of users leaking all their secrets to gmail.

  7. Craig, yeah meant “pull from website”. If it’s still there, download away! (with permission from your IT admin, of course)

  8. It makes no difference if Microsoft ship it or not, free or other wise. There are already several products out there which do this.

    Free open-source disk encryption software for Windows XP/2000/2003 and Linux

    I think that say’s enough.

  9. Pink, MSFT has been shippong encrypted filesystem baked into the OS for several years. That has nothing to do with the “private folders” feature. Enough said.

  10. Aren’t “private folders” specific folders tied to each user account, rather than encrypting the entire volume? In that case, it’s more analogous to Filevault, which has been a standard feature on Macs for almost three years. Filevault encrypts an entire user directory, including the documents, music and pictures folders, plus any other folders you might decide to create there. Access is as simple as signing into your account and protection as simple as signing out. Admins worried about users losing passwords or hiding illicit files can set a master password for each computer. The only drawback is you can’t share the contents of the folder without having to give out your account password. Trust Microsoft to make a big stink about something Mac owners have used with few problems since 2003.

  11. Yeah; you can encrypt on per-folder level since Windows 2000 as well. In Windows 2000+, the key is tied to user account, but can be configured to be recoverable by the domain admin. I think the issue is that the encryption we’ve been shipping for so long is tied to active directory, which is a corporate thing. I saw private folders as a first step toward providing similar services tied to a windows live ID (or CardSpace, or some othe “personal” ID).

    And even though Windows has had the functionality for nearly 6 years, I wouldn’t exactly claim that it was innovative. There were freeware tools that did the same on Windows 95 and NT (and Unix). As it is, there are lots of freeware utilities that will do pretty much the same as private folders, available TODAY.

Leave a Reply

Your email address will not be published. Required fields are marked *