Have they not heard of "default to secure" ?

"SonicWALL has apologised"

Not good enough. Will never use.

Another example of a company so concerned that someone might be getting something for free that they are willing to put their entire customer base at risk.

If that had affected my business, I would unhesitatingly reverse engineer the software involved and *rip out* the function that disables the software.

1. If you don't control your software, your software supplier controls YOU.

2. If a 'glitch' could cause this to happen, how long before blackhats have an exploit that lets them spoof the firewall into dropping?

Imbeciles.

Prepare to see more and more of this as a result of the "you don't own it, you just buy the rights to use it" mentality. I wonder if a used car dealer could set up something similar, unlicensed driving, speeding tickets, all a violation of our TOS, please return the vehicle, "oh no, you are mistaken, you didnt BUY the car, just the right to use it, as WE see fit".

If you have to renew a key for something you already paid for, you are being screwed in a most impolite way.

Seems another case where the companies desire to protect their cash flow is more important than the customer's who actually purchased the software. None of the companies that have systems like this seems to have even conceived, or maybe just don't care, that their anti piracy practices might effect their customers, and therefore "forget" to factor in if the system that check licenses fails or is compromised. But what else is new, maybe at some point they'll be put to task, but I doubt it.

It wouldn't surprise me at all if these license servers were often targets of attack, and/or run on MS server operating systems without adequate redundancy. For example, like so many large companies with too few active directory servers for the amount of things they make authenticate to it, which is something I've seen at companies such as Bausch and Lomb, and Globalcrossing, after they have been MCSE'd to insane levels. Apparently, creating a tool allowing the user to go in and unlock their own account is the obvious solution, NOT! But they do, makes the social-engineering/hackers job a LOT easier.

But what do I know... sigh... Wish I'd never worked at corporate help desks, there is NO security except through obscurity anymore, except you can't secure an obscure system at all cause most admins don't even know how they work anymore with the turnover rate being so high in IT. (before anyone takes offense, I know a lot of admins know what they are doing, they're just the minority nowadays, or are not allowed to use the tools they know work)

On a good note, at least it keeps the hackers focusing on the corporations more than the average users :P

...Greed.

The way they implemented their Intellectual Property protection system simply just want to punish, regarless of whether it is intentional (ie, piracy) or unintentional (as in this case, downed license server). I guess having the software keep running for 24hours, just in case, is to them too much of a leeway for pirates or loophole for pirates to exploite.

Stupid.

Take note Micro$haft & flApple, software phoning home is never a good idea.

Any sysadmin who uses SonicWall products is a joke in my book, if any of my guys came to me suggesting a SonicWall solution for a client I would send them to the naughty step while I prepare their P45. Don't put your trust in UTM on a single piece of kit as it's a misnomer, just ask yourself, who watches the watcher?

The one with the 'back in my day' badge.

i last heard of sonicwall in 2001 aND THEN POOF.the companies should use kasperksy