I ran actual server windows for a while, and one single program refused that (Backblaze).
It seems like this makes things easier for everyone?
(And yeah, I know. That's a whole lot of software to never trust.)
What MDM is priced to make this scale reasonable?
But yeah generally it is better if you can do it.
I was curious so I checked, it uses CPProfileManager and CP_GetManagementStatus, a private undocumented MacOS API. That's one hostile OS, at least Microsoft was forced by court to open its APIs
If you want to collect this information you should be clear about it and know and understand your edge cases before you start attempting enforcement actions based on it if that is the intent.
In general in my experience, personal tools are a VERY hard market to sell into for corporate environments (I took a peek at what the software on OPs site requires a commercial license to use). I would bet most if not all of what you're catching here is unauthorized installs in a corporate environment and you're more likely to loose interested users than sell more commercial licenses.
Corporations cannot require you to have your personal devices be managed by them. If you're surrendering your own gear to a company, it stops being your own device.
Absolutely, it's their own network.
>being brought to their premises
Depends on the local laws. Where I live, they can either deal with it, or provide a secured storage space for the duration of the visit.
Either way, if a corporation wants their employees to use a device, they are obliged to make one available. Surrendering your private equipment to their management makes it not yours anymore.
Most employees tend to not care about the why and are happy to just do it making "you" (the one bucking the trend) the oddball. The one not being the team player. It's not legally required, and you won't be fired for it, but its strongly socially encouraged and that makes it mandatory for anyone not willing to put up that fight.
This does not look like a technical or business decision, but rather a malicious function used to identify users (and/or their employers) for arbitrary reasons, under the guise of "licensing compliance."
[1] https://github.com/LGUG2Z/komorebi-license?tab=readme-ov-fil...
The next step wouldn't be anything crazy like "MDM detected, send invoice to corporate"; there are too many false positives. It's better to use the MDM profile information to filter out the larger corporate MDM providers (InTune etc.) and filter out school MDMs before taking any action.
Most software isn't important enough to pirate if the company in question needs to comply with certain standards (ISO etc.) where an auditor might catch such a popup and make it a problem. Plus, IT probably wants you to stop downloading freeware onto corporate devices anyway. Risking being slightly annoying to people with corporate devices may very well help more people than it hurts.
Most software license violations I've spotted were purely accidental, at least at the start. An (occasional?) popup saying "hey, you need a corporate license to use this product for business use" may be enough to scare people away from your software (ending the violation). Convincing someone with financial power to buy your software is harder than making people seek out an alternative, but at least your software is less likely to be used by freebooters.
Yet his own license also has no such prohibition. You are free to commit genocide using his tiling window manager, provided that your genocide is strictly non-commercial.
acuozzo•3mo ago
thewebguyd•3mo ago
People that run an AD domain for their home lab, people that use apple configurator to create profiles for their own devices (can enable some settings/features that are otherwise gated behind using an MDM profile - like shared iPads), etc.
On the flip side, you are also missing all of the solopreneurs using your software for commercial use but obviously aren't spinning up a whole endpoint IT infrastructure to manage their own single device. Or contractors doing BYOD without MDM enrollment. Or small businesses/startups that are mostly BYOD, or don't do any kind of endpoint/device management...
So who are you going to catch, really?
radicaldreamer•3mo ago
SoftTalker•3mo ago
Just joking, but seriously, I've never heard of anyone doing this, and I think maybe 1 in 100 people would even know that it's possible.
radicaldreamer•3mo ago
jeroenhd•3mo ago
Schools also tend to use MDMs, but often in combination with Chromebooks which don't typically run third party software anyway.
thewebguyd•3mo ago
For certain types of apps from the mac app store vs installed directly (mostly VPNs), they also have to use the MDM APIs and install profiles on the device to function.
So if a home user, for example, uses Tailscale and installed it via the mac app store, they'd flag as being MDM managed if the software used the code in the article.
Fonts on iPad work the same way, the font apps install an MDM profile to install the fonts on the device because Apple gates this behind that for some stupid reason.
Like you said, I suspect doing things through configuration/MDM profiles is going to become more and more common on desktop like it has on mobile.
groby_b•3mo ago
That's a tiny minority of your user base. You'll live. They'll live.
> So who are you going to catch, really?
Enterprises that are big enough to manage their fleet, but small enough to not enforce rules. Which is a good chunk of money.
layer8•3mo ago
bootlooped•3mo ago
layer8•3mo ago
groby_b•3mo ago
__jonas•3mo ago
I'd always assume the worst of corporations but I think it's a little far fetched, probably doesn't affect their bottom line to just pay for the software.
ryandrake•3mo ago
Software should not be in the business of trying to (badly) guess whether the user is the right sort of user, based on inexact signals from the operating system. As others pointed out, the false positives will be annoyed, and the true positives will sidestep your efforts.
p1necone•3mo ago
thewebguyd•3mo ago
And chances are, that company's IT department would love to know when that's happening so they can put a stop to it.
I work in ops, that's called "shadow IT" and it's a huge problem. It's really prevalent now because most SaaS is marketed toward individuals/small teams rather than marketing toward the business itself, so you get people within an org spinning up trials and free versions, putting company data into it with zero oversight, and often IT doesn't know about it until the quarterly budget review when they find out from accounting that it's been blown on software purchased outside of the IT org, now it's "critical" to operations and we're forced to onboard/support it.
Obviously these code snippets won't work for SaaS, but a notification pop-up along the lines of "We see you're on a company device. Please contact your IT administrator to proceed with your free trial" would be great, but would kill a big sales avenue.
TZubiri•3mo ago
Instead of convincing the guys with the wallets to shell something out. Just convince the devs to npm install solution, and then send an invoice.
Win/win
immibis•3mo ago
Woe betide thee who doesn't notice the difference between Oracle Java and OpenJDK.
thewebguyd•3mo ago
TZubiri•3mo ago
Dylan16807•3mo ago
TZubiri•3mo ago
The proposal is simple, if you ever need a service and you request it of me, I will send you an invoice. It is implied in the request of my service that I would get paid, absent any negotiation for payment, I will send my best estimation.
Similarly if you download my software, absent any license, I have the right to send you an invoice. The fact that there's a license that explicitly mentions this is a nail on the coffin on the part of Oracle, but even without it there's quantum meruit.
Dylan16807•3mo ago
They are not charging based on benefit or use, or triple that.
immibis•3mo ago
Obviously this is sarcasm. But what if it wasn't - would you think it was sensible? Comment writers need to get paid, so it's reasonable, yeah?
Part of Oracle's business model is tricking you into thinking you don't need to pay to use stuff, then extracting a much bigger payment in the resulting lawsuit.
immibis•3mo ago
IshKebab•3mo ago
Depending on what action you take with this, I'd say it has a pretty good chance of tipping people into emailing IT to get a license.
whalesalad•3mo ago
You certainly can observe a correlation between a "corporate customer" and MDM/GPO and use that as a heuristic. But it's like relying on the color of the sky to determine temperature: "Is it grey? Well then it's obviously cold." It's a leaky abstraction.