Harmless convenience or a practice that might turn nasty?

The Internet as a product-delivery platform—seems straightforward, doesn't it? After all, many companies use Web-site downloads as a preferred way to deliver their products. Even large office suites, such as Sun Microsystems' 65MB StarOffice, are available for customers with a fat enough pipe. In this light, Microsoft's and other major vendors' discussions about future delivery mechanisms that are based on the Internet seem reasonable. Even as I write this column, I'm downloading a 20MB deployment tool from the Microsoft Web site. So why does the idea of relying on the Internet for product delivery worry me?

A Problem Is Born
My concern surfaced a couple of years ago, when I heard from systems administrators who were troubled about the Windows Update feature in Windows 9x. The messages I was receiving were from concerned administrators in smaller businesses and with many notebook users. These administrators faced a situation in which users began the Windows Update procedure over the Internet without knowing what they were doing. The users updated different parts of the OS on their systems and included applications that the hard-pressed administrators weren't expecting to have to support. Fortunately, a campaign of user education (and administrators removing the Windows Update shortcut from the Start menu) addressed the problem. The same problem occurs with Windows 2000, but I think administrators now have the solution well in hand. Even Micro-soft jumped into the fray by launching the Windows Update Corporate site (http://corporate.windowsupdate.microsoft .com), which lets administrators download components and set up network installations for individual systems so that users won't upgrade their systems over the Internet by using the standard Windows Update site.

Why am I worried now? You could say that my original worry never really went away, particularly with the advent of application service providers (ASPs) and Microsoft discussions about licensing software that requires Internet connectivity. At least with ASPs you don't have to worry about local copies of software, and you (or rather, your provider) can focus on the reliability of the Internet as a delivery mechanism. And Microsoft's new software releases (e.g., Win2K) and early announcements about future OS platforms (e.g., Whistler, Blackcomb) still seem to rely on traditional application deployment methods.

But I came across a news item ("Microsoft Releases Interim Whistler Build to Testers," 10/04/00) on Paul Thurrott's WinInfo Web site (http://www.win informant.com) that alarmed me. According to this news item, in an attempt to prevent unauthorized users from acquiring beta versions of Whistler, Microsoft is requiring beta testers to use the Microsoft Passport authentication mechanism to either download the OS or perform a live installation from the Web. (I barely have the patience to install Win2K or Windows NT from the CD-ROM, much less over an Internet connection—even a corporate T1—that isn't terribly fast in terms of network speed.) I know what you're thinking: This version is a beta-test program and not an actual end-user application. True, as far as the situation goes. But if enough users are satisfied with this delivery mechanism, why wouldn't Microsoft pursue using such a method extensively in the future?

An Ominous Experiment
The future of product delivery on the Internet isn't far away. One of the applications I've been playing with recently is the Preview 2 version of MSN Explorer. This program is a shell that lets Web surfers use MSN's resources through an all-in-one interface that is similar to the interface presentation of the AOL client. However, the MSN Explorer interface doesn't force changes to the UI that installing the AOL client does. All of your existing UI and Microsoft Internet Explorer (IE) configurations remain the same; you don't have to use the MSN Explorer to access the Internet or even the MSN Web site. I understand that the MSN Explorer isn't a corporate application, but I use MSN as an ISP when I'm traveling (just as I'm sure many road warriors do with a variety of ISP equivalents), so I've been curious as to what, if anything, using the MSN Explorer will buy me.

What strikes me the most is MSN Explorer's installation mechanism. When you install Preview 2, you receive explicit directions that you must run the application from the Internet site and can't select the download-to-local-storage option. Granted, this option is only a 5MB file (even though I wouldn't want to download an application that large over an analog connection), but what if I want to install the application on more than one computer? Do I absolutely have to download it each and every time? Doing so would get old fast. Although we frequently read about broadband network access, in reality, not even as much as 10 percent of Internet-connected users have anything faster than analog-modem dial-up connection speeds. And although that percentage increases every day, widespread availability of broadband access has been slow in coming.

In my opinion, Microsoft is using the programs I've mentioned (and probably others) to gauge how well users will accept the Internet as a primary applicationdelivery platform. I'm certain we'll be seeing more applications that require Internet connectivity to function, whether that connectivity is for application download, authentication, or licensing. The success of this Microsoft experiment will be a direct result of users' acceptance after the bandwidth problem is resolved. Personally, I've dealt with one too many computers that have dropped dead at inconvenient times to forgo having full copies of the applications I need available on CD-ROMs in my software library.

Since I started writing the Windows 2000 Pro UPDATE weekly email newsletter (http://www.win2000mag.net /email), I've been spending more time looking at and evaluating software for desktop power users and consumers. I've discovered that quite a few applications want to connect users to the vendor through the Internet. The results of such linkage over the Internet can include multiple downloads to install a complete application, forced registrations that disable applications that aren't electronically registered in a certain period of time, registration agents that pull SID-type information and key applications to specific computers, and the automatic addition of multiple links to vendors' pages on a user's desktop.

Many consumers aren't likely to realize how intrusive such linking is. And when full-time broadband connections are more available, consumers might not understand how insidious preconfigured connections are or how deeply such connections can be inserted into their systems. The possibility of widespread linkage over the Internet raises concerns about privacy, not to mention the danger inherent in uncontrolled updates transforming very stable systems into those that are less so.

Doom and gloom? Maybe. But I believe that promoting an awareness of these problems is the only way to start recognizing and resolving them.