Defunct install code usage claims, seems fishy

Thanks for the reply. I’m not worried about losing in court, because this would be a slam dunk if “we have word that…” is all they have. Just not interested in being harassed and/or lied to by a company that has never done this to us in all these years. Also not interested in paying lots of money to win in court, but it won’t come to that.

I think the answer to may post will be that nobody else has had this problem yet, but it serves as fair warming it may be coming to them soon. FMI (or at least one senior employee) has decided that it is worth the alienation of one of their oldest clients to see if anyone is gaming the system. We not only host from six servers, we manage a whole lot more. Some of those solutions could be moved to other platforms, some not. We’re stuck with FMI, warts and all.

Can FMI get reports on whether their servers with code are in use? Possibly. But of what value is that if they only receive notice that it is in use? So if they are not lying, they may be holding back on the server location.

Assuming FMI knows about the server location, they missed a great opportunity to work with us on solving the mystery of the rogue server, and this post would have been about that success story. Too bad.

We’ll see if others faced similar problems or not - hopefully not.

Lock-in is a serious problem for businesses who entrusted a platform provider with supplying infrastructure. Many ERP customers made that painful experience.

This seems like a hoax to me. I am extremely dubious about it. I would bypass that person and go directly to the senior representative of FileMaker in your region - or go directly to the US office and discuss it with them.

@jormond, is this credible?

I understand it could be possible if FMS is loaded with a backdoor. But, if FMS is loaded with a backdoor that they actively used to test and enforce compliance that raises so many issues around security and privacy that I can’t imagine that FMI would ever want to do that.

@Malcolm - FMS absolutely reports back to Claris. I don’t know how much information is actually transmitted. I imagine it’s only install codes and some non-identifiable usage statistics. None of which is uncommon for any proprietary server product.

@scooter - my questions were about understanding the scenario with the Claris employee that made contact. I have seen similar scenarios with rogue server installs. At the time, FileMaker, Inc. graciously handled it. This behavior you are describing is out of character for the company. I would not attribute this the company but instead possibly a single employee. And Claris isn’t prone to legal action for reasonable use, which you are clearly describing with your client’s usage.

If I have your permission, and if you can private message me your contact email, I would like to forward this info on to Claris to investigate. In the private message, you don’t need to provide me with any details unless you want to. They will likely contact you in the next week or two ( I am assuming some people are still on vacation after DevCon ).

I’d take a deep breath and try to relax. There is too much that is fishy about this situation. As @Torsten has said, words are cheap. If it is serious it would be put in writing.

I suggest that you record all the details of what has happened while it is fresh in your mind. I’d take backups of emails, and if possible, telephone call records, text messages, etc.

Having a good record of events can be very useful to you.

@jormond, I’m surprised that that much information is sent.

Of course, the licence agreement should describe whether information is transmitted or not.

I believe it does, it's been a while since I had the enthusiasm to read that much legalese. We have a wide and deep tech stack, roughly 35-45 servers running in our internal cluster, and they send way more data than FMS does.

1 Like

The EULA does state that the server ‘phones’ home from time to time. Evidence is that FMS reverts to trial mode after 4 weeks or so without Internet connection.
It does not state in detail what information is transmitted.

we got a couple of customers with site licenses. We had calling us once, FMI was checking the website of a customer and found 2 externals (a hospital had a sports-teacher and an artist for some treatments…)
But all very nice, no problem. FileMaker sales was very courteous

One of the reasons that I normally do not sell licenses (although I’m FBA) - I do the sales via the FileMaker-Magazin, Hamburg. They are perfect in licensing and they also develop with FileMaker

2 Likes

INITIAL IDEA -- Set up a firewall rule to keep FMS from phoning home.

UPDATE: Later I read that keeping FMS from phoning home could make it stop working or, worse yet, getting a call from FMI sales. Therefore, the idea of using a firewall to stop phoning home ... evolved over time to appear to not be workable from that new information.

I can not find where FMI states, in writing, what it uploads and states how I can OPT OUT of that data collection.


Windows 10 is another prime example you can't disable phoning home (except Enterprise version) where the first part of any Windows install is a registry hack and firewall rules creation.

Just re-read the AVLA that is handed out to Swiss customers. It is in German language. Complicated legal lingo, makes it a challenge to know whether one is compliant or not, even when all individual users have their own license.

It does not inform that FMS submits information to FMI. It only states that FMI retains the right to audit the customer’s books in order to verify if use of FM has been in accordance with the license.

The AVLA states that it is subject to English jurisdiction, though written in German legalese. With Brexit looming and UK leaving the EU rights umbrella, we need to keep an eye on it.

(removed.)

Thank you all for the responses, help, info. I think the approach from the account manager was a bit aggressive, but the part that bothers us the most (and should bother all of you) is that it appears Claris can tell if a server is active, will call you on it, but will not tell you where it is running.

I'm not overjoyed that FMS phones home, but if so then that's their legal prerogative. The bigger issue for us is that Claris can come back to us at any time and tell us that we signed a compliance paper but a sever is still reporting, and "here's your bill." They will not help us find the server, so the owner of the contract is screwed.

I have attached the link to terminate your contract# xxxx per our conversation today.
Please complete the doc on this link and submit it. Once the Server and user licenses have been removed it will be terminated and no additional fees will apply. This contract and key will be audited at a later date.

When I responded that we are doing what we can on our side to ask around to see if someone in the company has somehow installed server (not that hard to figure out how to so once they have the code for client) they gave me this response:

It turns out that we can not turn off the use of that key at this time and we do not have access to the IP address of the server or users. Your termination will be expectable and no fees will issued.

Great. They can return with a charge, with absolutely zero proof to us that the server is running. Our termination is "expectable" but that odd wording leaves us thinking they expect us to handle the rogue server. Again, I really do not think there is a server running this code because their original stats on the server use were too contrived.

Claris is auditing you. Worse, they may be vague about their audit and may begin the conversation with threats rather than questions.

1 Like

How were the server found? Did FMI know the IPs of the servers so they were found, or did the client admit their extra use?

I don’t believe they do have access to the IP address. Do what you reasonably can, and move on from it, or escalate it and let Claris handle the account manager’s behavior.

Without your permission, or info, I can’t provide any more help.

they did a google search for the company and checked for portraits of ‘employees’ - since the teacher and the painter/artist were mentioned on the homepage…

Thanks, already found what I was asking, which is that they do snoop and all they can do is say they believe a server is online. No help needed, I’m simply waiting to see what Claris’ next move is.

1 Like

Thank you everyone who contributed to this thread.

To briefly summarize, scooter shared his questions and concerns regarding some communication he received possibly from Claris about a potential violation of EULA. He asked peers their opinion on what he recounted.

People considered the info presented and asked clarifying questions and indicated their interpretation of the situation as it was brought up.

scooter confirmed he felt that the feedback he got reasonably addressed his questions, which was whether the situation he described had happened to others.

From then on, the conversation is starting to derail in speculation, which I recommend against. While expressing ones’ concerns or questions about something is legitimate, unless, someone has a factual accurate and reliable information to share with the group, I will ask everyone to refrain from expressing their “guess” about what is happening as if they were in the know.

It does a great disservice to the community to create noise and ambiguities about any subject.

So, if you want to express an opinion, make sure that you present it as such, an opinion. And be prepared to defend it with accurate facts.

Since nobody seems to have accurate information on some elements that were being debated and confronted such as whether Claris harvest info from fms installs, what and to what extent, this discussion must be adjourn indefinitely or until reliable and accurate info can be offered to support a healthy discussion.

I will now close this thread.
Thank you again to all participants.