Cloud Security Fraud from Solid Works, Dassault, Autodesk and the Rest

I thought a bit about this title while writing this post today.  I ended up with this title because I felt that it most accurately describes the actions of companies that want to deliberately endanger their customers  in order to turn their customers  into monthly subscription cash cows who have to forever pay to work. This is the primary underlying reason for this whole cloud thing as far as I am  concerned. Read this article and tell me I am wrong with a straight face and no fingers crossed behind your back.

http://www.zdnet.com/blog/gardner/overlapping-criminal-and-state-threats-pose-growing-cyber-security-threat-to-global-internet-commerce-says-open-group-speaker/4454?tag=content;selector-blogs

So we have SW world coming up soon and I am sitting here today thinking once again about how a major cad company deliberately intends to place the lifeblood of it’s customers IP on the web and then turn around and refuse to indemnify users from the inevitable results of this.  Add to the mix now the latest cloud ninja Autodesk. I asked forty plus questions on the cloud a year ago and very few have been answered by any cloud touting outfit to this day. It is proof as far as I am concerned of deliberate corporate deceit or at the very least outright disregard for their customers well being and bottom line.

http://worldcadaccess.typepad.com/blog/2011/01/41questionsaboutthecloud.html

By the way all you software companies pushing this cloud junk are invited to prove my stance wrong here by showing, in writing, your legal protection and reinbursement and indemnification language meant to protect your customers from the danger you have deliberately placed them in. While your at it why don’t you show us the performance guarantees to hmmm? Do you guys honestly think by ignoring these thorny issues they will go away? Yeah just don’t answer the questions, it’s safer that way and hopefully we can BS enough people to buy into this so OUR bottom lines can look good.

The problem is that while these ninjas from DS, SW, Autodesk or indeed any other company that pushes this for whatever reason are jumping up and down and twirling round the stage with their IPOD ninja swords the bad guys are wearing ghille suits and laying on the ground patiently waiting 300 yards away with their sniper scopes and .50 caliber rifles. What is that old saying about bringing a knife to a gun fight?  Lets get real here for a second. We users all see corners cut, deficiencies or problems/bugs remain in the software we buy because the company that writes this stuff has a projected budget to stay within. They are not going to spend the time and money to make it completely right before release cycle time and this is why every company  has updates. Do we agree on this? Now if we agree here on this is it unreasonable to project this same poor attitude to be existant with all this cloud junk they want us to buy into? Bugs in cad software can ruin your day but bugs in the cloud can ruin your whole business.

All you cloud loving cutting edge uber geek tech guys who just love this stuff go there. Neanderthal Dave who is stupid enough to think the time he has spent creating things should be accompanied with enough common sense to protect these same things is not.

15 responses to “Cloud Security Fraud from Solid Works, Dassault, Autodesk and the Rest

  1. Dave, I think introducing of the cloud solution is a balanced act of cost vs. risks going in parallel with technological, legal and insurance-related activities. Time ago we didn’t use credit cards online – now we do. The same was about banking, emails, etc. It will not happen overnight, but it will change. Just my thoughts… Oleg

    • Hi Oleg, Yes the famous banking online argument. The problem with that is that the banks guarantee you will be made whole if problems arise and the amount of actual data needed to do what they do is trivial compared to cad on the cloud. Not one cad or software company has laid out in clear terms liabilities and responsibilities for any of this cad on the cloud stuff to indemnify users from damages. The banks do, cad companies don’t. Not a trivial thing here. I received a credit card application today and it stated that as a company card any fraudulent charges against any card issued whether held by me or an employee would be covered 100%. I can trust that kind of language. I am hardly likely to trust the cad on the cloud industry however when all they offer is smokescreens. I am asking you point blank Oleg to point out to me just one company that will stand behind their cloud product with a copy of the EULA that says so. Here is your chance to make a case for them.

  2. Dave, It took few good years for industry to figure out how to protect online bank transactions. The dividends are obvious now. The same will happen to enterprise software. It will take some time, and it is still early. We are in the beginning of the hype cycle…

    • Oleg, I can agree with that. They may well get the security problems ironed out along with the myriad of other problems to but for now I just can’t take any of these guys seriously until they get to the point where they will solidly stand behind it and have proven a product in real world user conditions. At this current time though do you see anything that disproves the article on security problems?

      Security is just one aspect of current cloud fail and if we are just having an academic discussion of what might be possible twenty years from now I don’t care as I will be long retired. Starship Enterprise will be here one day to for real but I won’t see it and I need tools that work today.

    • Oleg, the comparison to online banking is a VERY POOR argument.
      The TRUTH is that online banking and retail shopping is notoriously INSECURE.
      All anyone has to do is follow the news.
      There is an entire industry built upon reactive protection to identity theft.
      To claim that they are secure as a justification of the Cloud business model for CAD is entirely wishful thinking.

      What I’m waiting for is to see how long it will take the hacking & pirate community to have cracked Dassault’s and AutoDesk’s cloud interface.
      It is NOT a question of IF they will do it but WHEN they will do it.

      Will all due respect, your view of the cloud is decidedly naive.
      I suggest you read the book “Ghost in the Wires.”
      http://tinyurl.com/65vxuyj

      As someone who has been the victim of both online credit card theft as well as attempted identity theft, reading that book scared the hell out of me and firmly convinced me that online security is an illusion.

      The infrastructure of every ISP on planet earth is relatively easy to penetrate.The idea that Dassault or AutoDesk give a rat’s rear about securing any customer’s IP on a public pipeline is laughable on its face.

      • Yes, in my experience most of those who like the idea of the cloud are those involved in some fashion, or expect to be, in earning money from it. The other group seems to be kids (employees) who don’t have to foot the bills when the doo-doo hits the fan.

  3. Dave, Don’t take cloud vendors seriously until cloud software gives you what you need. It is a free market. At the same time, you can figure out that more and more CIOs considering cloud as a potential. So, it is okay not to buy “digital phone” until “analog phone” is still available :). I think, last message by SolidWorks CEO, Bertrand Sicot was – “We will continue to support and develop existing SolidWorks”. Let see what will happen during SWW 2012. During past AU11, Carl Bass stated that cloud PLM will be an addition to existing CAD and design data management solution. I think, for the next 10 years (at least) the balance of cloud and on-premise solutions will be mostly controlled by customers and not by vendors. Just my thoughts…

    • Oleg, I don’t take the vendors seriously as much as I worry about people jumping into this cloud stuff. If one of these companies succeeds in a big way others will follow because the temptation of the forced monthly income will be to big to resist. Even if they do get security worked out that still leaves a ton of things not to like. You did read the 40 questions didn’t you? How many of these are not answered? I think the real message by Dassault and Betrand is that we are going to do a lot of things our customers don’t want us to do because we are changing the direction of our company away from pure geometry at your desktop. Jeff Ray who still works for Dassault said that they were going to make the pain to great for users not to go to the new paradigm and so far all it seems that most that is new and shiny is related to the cloud and gamification and just stuff people making parts never wanted. What is there to believe in anymore for the future of SW since actions speak louder than words. You are right about knowing more of SW’s direction very soon. Personally speaking I think SWW2012 is going to be the event that is not an event and will mark the year that attendance by actual paying 100% out of their own pocket users will start to decline.

      Thinking of your comment on on premise solutions. Aren’t these also called LAN’s? Different story there and that is not the cloud where you have dumb terminals and operate off a remote server. We already have LAN’s so are you saying a lot of this cloud stuff is really just LAN’s repackaged by mercenary sales gurus to be different and exciting just to generate more sales?

      • Dave,

        Cloud is not “repackaged LAN”. There is a big confusion about that. Significant difference of “public cloud” comes with the opportunity of multi-tenancy and web architecture. Have you had a chance to read my post – Cloud, Heads down drafters and technological analogies? –> http://beyondplm.com/2011/10/27/cloud-heads-down-cad-drafters-and-technological-analogies/

        In my view, public cloud can bring lower TCO will benefit customers. Who knows, maybe vendors will crack down how to provide PLM solutions much cheaper (similar to how Google is providing most of the applications for free). Also, global availability will create an additional benefits for efficient data sharing between multiple locations and increased mobility. As I mentioned before, it will not happen overnight. Some of the customers will jump into the cloud bandwagon. More conservative customers will wait. You are free to stay or free to go :). YMMV.

        Best, Oleg

      • Oleg,
        With all the hype floating around out there I kind of figured the line between cloud and LAN was being blurred. To me the cloud implied remote server and really poor pc or dumb terminal at the workers end and yes you don’t need an IT staff anymore:). I think TCO at this current time with current technology, if it was even capable of reliably working which it isn’t, is far more expensive and that is one of the reasons why there is no major cad on the cloud yet. How do you convince someone they will save money if you can’t prove it? How do you convince someone the cloud is faster/better for cad if you can’t prove it? You can safely bet your last dollar that if Dassault for instance really thought they could do it today it would be done.

        Some customer Lemmings will cloud jump because it’s what lemmings do. JOABC. More conservative customers will put cheap and powerfull workstations on their desk and find they have quicker better cad creation AND more money in their pocket. PMITP. They will also have the added benefit of keeping workers offline eliminating all the social media garbage kids today seem to think they have a right to for two or three hours a work day.

        Have a good weekend Oleg.

  4. Cloud IP insurance is only $99 per part per year. You can get it from your reseller. Notice the convenient checkbox is the save dialog…

    • Blake, I don’t see the checkbox and what reseller?
      Insurance, I never thought of that. If I have an assembly with 1,000 parts is that $100,000.00? I would be interested in reading the fine print to see how they would guarantee my customers integrity too. If proprietary information were to be hacked into are we all covered or does every single person involved in the manufacturing and creation chain have to buy forever every year coverage for the same parts? Still though is it not revealing that these cloud for cad companies have so little faith in what they propose that they are unwilling to stand behind it as part of the purchase price of their cloud software. I am saying this without having seen the links you refer to. If it is a cad company who is offering this as a “service” it still gets back to the cash bottom line of the cad companies and not the end user.
      It’s better than nothing I suppose but still leaves a ton of questions unanswered about many other aspects of the cloud for cad. Have any answers for about 35 or so of the other questions? I like new technology and that is why I knew I was going to buy into direct editing within a half hour of seeing it for the first time. This cloud stuff has so many unanswered problems with no vendors addressing much of any user concerns and no clear proven benefits over existing infrastructure for serious cad that I figure it’s one of two things. They have no good answers yet and don’t want to admit it or they have answers people aren’t going to want to hear so they attempt to push buyers into it sight unseen with a PR blitz.

  5. R. Paul Waddington

    All the best for a great 2012 Dave,

    A point potentially missed by industry is the reaction of some individuals may have to their inability to control their IP destiny as it were.

    Oleg, and others, make the point, “you are free to choose”. You can, in their belief, choose to stay off the cloud even if the “masses” move to it and or your CAD software vendor chooses to forge ahead leaving you (your choice) using “outdated software”.

    The statement is correct but it has ramifications: one being those who choose to “stay behind” may find their customers are encouraged – by CAD vendors – to see them as being of less value. It being thought, incorrectly, having CAD software (or the most recent version), is necessary to design and document cost effectively.

    This also has another down side – I have witnessed, as a result of some of Autodesk’s policies and actions, the loss of some very valuable skill to several industries. The cases I refer to are fellows who have objected to the policies of Autodesk in such a way as to leave their chosen industries prematurely. Understandably, their withdrawal has had a no effect on Autodesk (loss of a handful of active licences) but the effect on the industries concerned has been significant and costly in both financial and human terms. The companies involved were warned and management chose to ignore the warnings believing the CAD technology was their protection? The companies now realise the error they have made but once a design guy changes direction, or retires from “the system”, s/he is gone along with the knowledge and experience; something CAD vendors and their products can NEVER replace and the guys themselves have chosen to STAY away.

    The flow-on effects, of CAD software should never be underestimated; nor should the future (potential) loss of control.

    Yes we have the freedom Oleg speaks of and yes we can do what he suggests but, is that in the best interest of the individuals and industries we serve? Business is built on trust and reinforced contractually as deemed necessary. As a number of us have stated CAD vendors are not a regulated industry, as are others like banks, and it is highly unlikely they will become so; so, in reality, Oleg and those like him are naive if they believe CAD in the cloud will have the same protective tools applied, in the future*, as does money (credit card etc.).

    *The exception here is will be very large companies using CAD who will have both the resources and the clout to deal directly with CAD vendors. This I have also seen in action and bring us to another point not discussed very widely. Just who are CAD vendors interested in? As an example am I of any importance to Autodesk. The answer is, when I was writing considerable business for them Yes; when I challenged their direction with licencing NO. As I have previously said CAD vendors don’t care about individuals but they underestimate individuals’ roles within the industries they work. Contractors and small companies, using CAD, make up a considerable part if some industry sectors; but they are seen as “costly” to deal with contractually. Better to just lay down the law (EULA) and rely on ignorance or the (perceived) minimal loss to protect at the small end. A large organization, however, is different (even if it involves only a small number of licences) and I have experienced this first hand. It matters if you can match a CAD vendor’s legal team with one of your own and, a larger one.

    I believe the same will apply with cloud use; large companies will do the dealings directly with CAD vendors and the small guys will be expected to fall into line – albeit with differing rules being applied, to the small CAD users, by both the CAD vendor and the major companies contracting out and using small suppliers. Licencing in the cloud will be, for the same software/services, different for large and small: dependent entirely on your financial/legal clout and your ability to inflict pain on a CAD vendors!

    That said, whilst guys like you, Matt Lombard, I and others, have been having our say about “CAD in the cloud”, I would have to admit I do believe CAD vendor management must have been in some fairly deep and frank discussions with major customers/users of their products and be working toward being able to satisfy their “cloud” criteria. In know I would have been had I been in their positions(s). Global companies will be seen as important clients to placate and they will be expected (by CAD vendors) to pull, we little guys, into line. How we deal/cope with that (pressure) is of some importance to us.

    As you are aware I have very publicly (and directly) rejected Autodesk’s terms and conditions. Whilst they continue to tell me I cannot “impose” my terms and conditions, in preference to their own, reality is somewhat different for a number of reasons. Now this leads to an interesting area of discussion in relation to CAD in the cloud. For me (and maybe you) the problem(s) of CAD in the cloud can be resolved contractually? ie If “losses” occur, as a result of the service, restitution is available. Not ideal cover for IP loses but something is needed to show a vendors’ faith in their product/deliverables.

    Now the/a EULA is an obvious (and for many an appropriate) tool for the purpose but, and this is the biggy, CAD EULA (as I have shown, if your small,) are non-negotiable. This is why and where Autodesk and I face off and have ground to a halt. I apply my purchasing terms and conditions which are negotiable; Autodesk says I MUST abide by their terms and they are not negotiable.

    The reason CAD EULA remain non-negotiable is more to do with users than vendors. I no longer try and rally people to work with me because much of my effort, while verbally appreciated, did not draw others into committing as I set out to do and have done. Individuals’ fear of consequences forced me to stand on my own and I have done so. However just think, if a large group had chosen to stand up and do what I have done at least Autodesk’s EULA and terms would be considerably different today and long before they could have been used as they can today. Evolving history, for me, but it is also one of the answers to what pains you and those who see CAD in the cloud as considerable (potential) problem.

    Users (mostly small guys) are going to need to work collectively not just gripe and snipe but actually band together in such a way as to be able to make it understood what is acceptable and what is not. In this day and age of communications it is very interesting to watch how, some of us, can publicly berate CAD companies’ management and they do not defend themselves. I ask, and work hard to determine why, do you ask yourself the same question and look for the answers by placing yourself (as best you can) in their shoes. This is important to do.

    If your 40 questions (if also posed directly to CAD CEO’s) remain un-answered there are reasons and they will remain un-answered until there is a collective request for them to be answered. Solidworks World is just a stones throw away do you know a (press) person who will to raise yours questions in bulk at a key presentation with the aim, and request, to have them answered?

  6. I see this move to the cloud as a huge mistake and a step backward.
    It sure seems like what Dassault, AutoDesk ,etc. want to do is essentially return all users to the time of dumb terminals running CAD & CAM applications from a server. Look at all the money Dassault has saved by going this route. How else could they afford to build that affront to human decency they call their new campus?

    At least in the old days companies controlled their own pipeline. The idea that my intellectual property would be at the mercy of a company that never cared about my customer complaints in the past is downright scary.

    • “At least in the old days companies controlled their own pipeline. The idea that my intellectual property would be at the mercy of a company that never cared about my customer complaints in the past is downright scary.”

      One of the best comments on how this whole cloud is wrong for users that I have read. Trust me says the cloud guy with one hand extended in friendship and the other hidden behind his back with the shiv!!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s