Firstly, I wish to define abandonware as "software that is ostensibly still protected by copyright, but is no longer being supported or marketed" provided by Technopedia1. As such, my article will focus on the possible ethical issues companies and consumers might face when products are transiting from software to abandonware. I will provide examples of a few real life cases and evaluate if these actions are ethical and what considerations they might have taken into account when making these decisions.
In order to evaluate the transition from software to abandonware, we must first examine a typical product lifecycle and determine which stage in its lifecycle is the transition most likely to fall in. As shown in the graph above by Perrault, William D. Jr2,the decline stage is where sales and profits reaped from a particular product plummets. It is also likely to be the stage where the transition occurs since the company is only earning minimal profits from the product, however, maintenance cost for the product is likely to have remained and thus continuing support for the product would be a loss making decision. Although the company might not have discontinued support for the product, they might choose to allocate less of their budget to maintaining the product and instead focus on the development of a new product.
Windows 7 from Microsoft is an example of such a product that has entered this transition phase. As Microsoft focuses more on development of Windows 8, it is scaling down on maintenance of Windows 7. This is especially evident in the case of the bug that allows IPv6 Router Advertisement flooding to cause denial of service (DoS) in Windows 7 client. The severity of the bug is described here3.In short, a simple tool used to spam ICMPv6 Router Advertisement requests would cause all clients running Windows 7, Vista, XP, Windows server 2003 and 2008 in the same subnet to be inundated with requests, resulting a drastic increase in CPU usage and even causing the PC to crash. This issue was highlighted to Microsoft on the 10 July 2010 and Microsoft responded on 12 August 2010 that although they acknowledged the vulnerability, they had no intention of providing any fix to the problem4, despite the fact that support for Windows XP is slated to end only in 2014 and Windows 7 only in 2020.
Looking at the issue from an act utilitarian standpoint, fixing the bug will entail minimal costs to Microsoft as it requires only a few lines of code to modify the behaviour of the operating system to ignore all remaining router advertisements for a period of time when dealt with a flood of router advertisements. Costs would also be incurred due to the usage of bandwidth to push down the updates to all clients. The negligible costs will definitely be dwarfed by the benefits due to the severity of the bug, in which one malicious user could crash more than 200 clients on the same subnet, resulting in loss of productivity and profits as entire web servers might be taken down.
Taking a Kantian approach, if we apply the first formulation, we would try to analyse what would occur if all software companies decided not to provide support for their products once they transit toward abandonware. Consumers will no longer have any trust in companies and may start turning towards open source software as these are maintained by people who are driven by passion instead of monetary incentives. As a result, commercial software would cease to exist as there is no longer any demand for it. Using the second formulation, we can deduce that the companies are simply using consumers as a means to an end, once the bulk of the profit has been made, the company ceases to care about the consumers who made that profit possible in the first place. Therefore, using both utilitarian and Kantian approaches to analyse the issue, I have come to the conclusion that such an action is unethical.
However, one might argue that according to virtue ethics, Microsoft's actions are ethical as long as the organization itself is ethical. Microsoft was awarded the 'Most Ethical' award by ethisphere for the year 20115. This was largely due to the millions in donations to non-profit organisations and infrastructural investments in less developed countries. Assuming that the motives behind these contributions are indeed ethical, it is still a fallacy to conclude that since some of its actions are ethical, therefore it as an entity must be ethical and therefore all its actions are ethical.
In addition to being unethical, such an action is also unprofessional. Using the ACM code of conduct as a guideline6, this action violates clause 2.6 and 1.2 to name a few. By refusing to provide a fix for a bug that has serious ramifications on current software that is purportedly still supported, Microsoft has not honoured its assigned responsibilities. Before buying a product, a consumer takes into consideration the fact that Microsoft would continue to update its product to patch security and functional flaws until the end of its shelf life. The consumer is not expecting new features or functions but merely to fix problems that may have been undetected during the test phase. IPv6 was a feature included during the launch of Windows 7 and thus, Microsoft's refusal to fix a bug of an included feature is unprofessional. Microsoft also has to responsibility to prevent harm to users of its software to the best of its ability. Despite having been warned and acknowledging the vulnerability, Microsoft chose not to take any action that could potentially prevent harm to users of its software, therefore violating clause 1.2.
So why has Microsoft chosen not to fix the bug even though it is unethical and unprofessional? One of the major reasons is due to profit motive, although the cost of fixing the bug is minimal, fixing the bug will reduce the incentive for customers to upgrade to Windows 8. This is because their current version of Windows is secure and functional, thus there is less need to upgrade. However, if there are major issues with security and functionality, a customer might be left with no choice but to upgrade. However, this strategy might backfire as customers might instead switch to different operating system such as Linux as they might see the same issue affecting Windows 8 when Microsoft releases Windows 9.
Fortunately, NUS DHCP servers distribute IPv4 addresses as shown by the screenshot below. Nevertheless, the computers below were all connected to the same subnet and thus could potentially be vulnerable to the abovementioned exploit if they are running Windows 7 or XP, if NUS upgrades to IPv6.
With that, I wish to move on to the second ethical concern regarding the transition from software to abandonware. Is it ethical to pirate abandonware? For this argument, I wish to focus on abandonware for which the manufacturing company is still in business today and has not decided to make the software freely available to the public. The reason being, if the company is out of business, the case becomes very clear that the pirating the software would only bring about benefits as there are simply no costs to consider using a utilitarianism approach. Using a Kantian approach, we are not using anyone as a means to an end since the entity which owns the copyright has ceased to exist. Lastly, if the software is made freely available to the public, it is now classified as freeware and is thus out of the scope specified. Back to the topic, the ethicality of pirating abandonware which is still owned by a company is interesting as the software is still under copyright protection and thus it is illegal in most cases. Nevertheless, I wish to explore if the law in this instance reflects the ethicality of the situation.
The software I would like to examine is Windows 2000. Windows 2000 was released at the turn of the millennium and support for the product ceased in 20107.Therefore, as of now, Microsoft provides no service to anyone that is currently using Windows 2000 and incurs no cost in further development or maintenance of the software. However, the software is still under copyright in most countries with copyright only expiring only in 2070 to 2120 depending on individual countries.
Using the utilitarian method to approach this issue, the benefits of pirating the product are that it allows many poorer countries access to computers and the internet at a cheaper price as a greater proportion of the budget can now be channelled into provision of the hardware. While it lacks many features, it is still able to handle basic tasks such as web browsing and data entry and storage which would be invaluable to these users. It also benefits computing students who can now obtain a copy to learn more about how an operating system is written through reverse engineering. However, detractors might argue that Microsoft is a losing party as it has spent a lot on the development of the software and thus it needs to recoup those losses. It is worth pointing out though that Microsoft has stopped offering these products for sale many years ago, therefore, it has no means to recoup any costs even if the software was not pirated. Since support for the product has also ceased, Microsoft also does not face additional costs if one additional person were to use the software. In short, the benefits outweigh the cost because even if there was cost involved, Microsoft is making no attempts to recover it.
Using the second formulation of Kantian ethics however, it is unethical because we are using Microsoft as a means to an end. In order to get access to their software without paying, we are pirating a copy. However, the limitation to using Kantian ethics is that such a statement might not fully represent the various aspects of the situation. It does not take into the account the fact that the piracy is meant for educational purposes, nor does it take into account the fact that the company is not in any way harmed by such an action. Nevertheless some might argue that a certain group of users might find that Windows 2000 might be able to completely satisfy their computing requirements and therefore see no purpose in buying the current version of Windows. My response to that is the group of users is very small at best, and the effect is marginal. In fact, Microsoft might even benefit from such an action because it increases its market share and awareness, quite possibly, it might even influence these users to purchase Microsoft products in the future.
In summary, although piracy of abandonware is largely illegal in most countries, I believe that the practice is not unethical due to the arguments presented above. In fact, the "victim" of such a piracy might even benefit in certain cases. Fortunately, most companies do realise that and even though they have the right to prosecute users who pirate abandonware, they seldom do so in reality.
Abandonware picture from http://devilsworkshop.org/2-best-places-to-find-abandonware-ie-abandoned-softwares-games-tools-etc/
- What is Abandonware? - Definition from Technopedia.com
Retrieved from http://www.techopedia.com/definition/10396/abandonware
2. Perrault, William D. Jr. & E. Jerome McCarthy, Essentials of Marketing, 7th Edition, 1997. Chicago: Richard D. Irwin Company
3. Microsoft Haven't Fixed Year Old IPv6 DoS Vulnerability in Windows | LIVE HACKING
Retrieved from http://www.livehacking.com/2011/05/04/microsoft-havent-fixed-year-old-ipv6-dos-vulnerability-in-windows/
4. http://www.mh-sec.de/downloads/mh-RA_flooding_CVE-2010-multiple.txt - marc heuse - it-security consulting
Retrieved from http://www.mh-sec.de/downloads/mh-RA_flooding_CVE-2010-multiple.txt
5. Microsoft Wins 'Most Ethical' Award -- Google, Facebook, Apple Don't Make The List
Retrieved from http://www.huffingtonpost.com/2011/03/17/microsoft-most-ethical-company_n_837003.html
- Code of ethics - Association for Computing Machinery
Retrieved from http://www.acm.org/about/code-of-ethics
- Microsoft Product Lifecycle Search
Retrieved from http://support.microsoft.com/lifecycle/search/?alpha=windows+2000