The post doesn't say what you should do with this information. You could just remind the user that they're supposed to buy a license for commercial use.

I disagree, corporate systems will try to be transparent about being a corporate device. And they will not particularly be avoidant of software licensing, they may refuse to use the software, but they'd rather have that than use unlicensed software.

It seems like this makes things easier for everyone?

Given that paying for WinRAR is still a popular meme, these percentages look inaccurate.

I’m curious to know how you use this on your kids devices. Which mdm do you use?

>Many corporations require personal devices be managed to support remote wiping.

Corporations cannot require you to have your personal devices be managed by them. If you're surrendering your own gear to a company, it stops being your own device.

much like https://sso.tax/ , if you need enterprisey features... someone thinks you can pay for it.

That's fine, there's no enforcement suggested though, maybe they get a popup asking about licenses, not necessarily a brick.

This happens in a lot of software in the Windows world, too. As soon as you run it on a non-Home SKU you’re suddenly The Enterprise, even as a home-gamer.

I tried to find the correct API for getting the current MDM enrollment status on macOS but I can't find anything other than people suggesting command line tools. Unless you're an MDM application yourself, I don't think there is an official API.

It's a lot harder, and for these sort of things maybe not even possible.

But yeah generally it is better if you can do it.

While the whole genocide thing is a bit of an odd angle (though hardly a new one, the author themselves links to the FSF statement on free software used for evil), I get the idea of checking for corporate installs.

The next step wouldn't be anything crazy like "MDM detected, send invoice to corporate"; there are too many false positives. It's better to use the MDM profile information to filter out the larger corporate MDM providers (InTune etc.) and filter out school MDMs before taking any action.

Most software isn't important enough to pirate if the company in question needs to comply with certain standards (ISO etc.) where an auditor might catch such a popup and make it a problem. Plus, IT probably wants you to stop downloading freeware onto corporate devices anyway. Risking being slightly annoying to people with corporate devices may very well help more people than it hurts.

Most software license violations I've spotted were purely accidental, at least at the start. An (occasional?) popup saying "hey, you need a corporate license to use this product for business use" may be enough to scare people away from your software (ending the violation). Convincing someone with financial power to buy your software is harder than making people seek out an alternative, but at least your software is less likely to be used by freebooters.

He describes OSI licenses as “genocide-friendly”, and links to the OSI page about how their licenses don’t prohibit the software being used for “evil”.

Yet his own license also has no such prohibition. You are free to commit genocide using his tiling window manager, provided that your genocide is strictly non-commercial.

That, and a lot of false positives.

People that run an AD domain for their home lab, people that use apple configurator to create profiles for their own devices (can enable some settings/features that are otherwise gated behind using an MDM profile - like shared iPads), etc.

On the flip side, you are also missing all of the solopreneurs using your software for commercial use but obviously aren't spinning up a whole endpoint IT infrastructure to manage their own single device. Or contractors doing BYOD without MDM enrollment. Or small businesses/startups that are mostly BYOD, or don't do any kind of endpoint/device management...

So who are you going to catch, really?

(Anecdotally) I don't think most big corps using commercial software without a license are doing it intentionally/maliciously at an organizational level. Most of the time it's just individual employees downloading supposedly "free" software without reading the license and not realizing it isn't free for commercial use.

Yea, this seems to be sort of analogous to companies who check whether you have a rooted device in order to take some kind of action (usually preventing the software from running). If that's a shitty thing to do, then this is, too.

Software should not be in the business of trying to (badly) guess whether the user is the right sort of user, based on inexact signals from the operating system. As others pointed out, the false positives will be annoyed, and the true positives will sidestep your efforts.

I don't think you will ever see this normalized, because it's a really dumb idea.

You certainly can observe a correlation between a "corporate customer" and MDM/GPO and use that as a heuristic. But it's like relying on the color of the sky to determine temperature: "Is it grey? Well then it's obviously cold." It's a leaky abstraction.

How so? You think big corps would pressure corporate device management providers into making their services stealthier in order to avoid paying appropriate license fees for software that does this detection?

I'd always assume the worst of corporations but I think it's a little far fetched, probably doesn't affect their bottom line to just pay for the software.

I don't think so - most organisations and employees don't actively try to violate licenses, but if the path of least resistance is "eh" then individual employees definitely aren't going to bother. I bet there are thousands of people using the free version of MSVC commercially for example.

Depending on what action you take with this, I'd say it has a pretty good chance of tipping people into emailing IT to get a license.

You can already easily pirate the software by running it on your personal device for free, and the software would never know you were also working for a corporation that was supposed to buy a license.