Software Piracy in the Information Age




Index

1.      Introduction
2.      Software piracy methods
3.      Small scale piracy methods
4.      Large scale piracy methods
4.1.    BBS
4.2.    Internet
4.3.    IRC
       FTP offers
       Trading
       Offerbots
4.4.    Ftp sites
4.5.    Usenet
4.6.    Email
4.7.    WWW
5.      Commercial piracy
5.1.    CDR
6.      Copyprotection
6.1.    Hardware protection
6.2.    Software protection
       Serials
       CD-keys
       Manual check
       Registration
       Limiting installations
       Certificates
7.      Anti-piracy organizations
7.1.    Legal measures
7.2.    Corporate audits
7.3.    Contacting anti-piracy organizations
7.4.    Education
7.5.    Economics
8.      Conclusion








1.      Introduction

In today�s rapidly changing world of advanced technology, computers and the
software to run them have become integral parts of our society. The relative
leap in recent technology has contributed to a boom in the sales and general use
of computers. This is also due in no small part to the birth and growth of the
Internet. A virtual world of entertainment and technology is now available at
the fingertips of the average person. Once the domain of programmers and serious
users, the Internet has opened the door to anyone with the slightest interest.
The spread of home computing and the parallel growth in the business world has
resulted in booming software industry. However, along with the spread of
software has come a significant proliferation of software piracy. The issue of
software piracy, the illegal copying or duplication of software, is rapidly
growing in importance. As the software market continues to grow, so does the
demand for stolen software. The issue of software piracy can be described on two
levels, akin to the two stages of software: development and the end product. The
protection of software at the developmental level can be very complex with many
individual issues. Many of these issues are as yet unresolved and yet to be
decided in a court of law. We will concentrate on the latter stage of software
development, the end product. In order to gain a firm grasp on the subject, we
will first define piracy, including the legal, monetary and ethical issues. We
will then move on to the methods of software theft breaking them down into small
and large-scale components. From there we will examine the protection of
software through both industrial and legal means. Finally, we will deal with the
social and ethical implications of software piracy in our society.

Software piracy, precisely defined, is the unauthorized use, duplication or
theft of software. In the past decade software theft has become a very serious
problem. With the exponential increase in the consumer market for computers and
software, the demand for black market, or stolen software has skyrocketed.
Conservative analysis conducted by the Software Publisher�s Association
estimated lost revenue due to software piracy in the U.S. alone came to $1.05
billion in 1994. This was approximately 25% of a $4.2 billion market. These
figures only account for the business market. The size of the consumer market
reached 1.3 billion in that same year. While the exact size of consumer piracy
is unknown, we can safely assume that it constitutes a large portion of the
losses to the software industry. These domestic problems pale with comparison to
those present in international markets, where the estimated piracy rate is close
to 49% or $8 billion. This economic impact threatens to impede the development
of new software products and the availability of current ones. This problem
affects everyone, from the software publishers to the legitimate user. The
continued loss to the software industry could have harmful implications to the
future of software development. In order to protect the economic viability of
the software industry, laws have been enacted to protect software companies and
their products.

The protection of computer software under the law has gone through significant
changes in recent years. The first attempt to protect software and its
developers was made in the late 1960�s. Software was officially recognized by
the United States Copyright Office as a form of literary expression and hence
protected under copyright laws. The most comprehensive protection legislation in
this area was made in the Copyright Act of 1976. This act gave a sharper
definition of software and its development and provided more firm guidelines as
to its protection. Amendments in 1980 brought this act more in line with
advances in technology. According to Title 17 of the US code, it is illegal to
make or distribute copies of copyrighted material without authorization. The
only exception was made in the user�s right to make a single backup copy for
archival purposes. In 1990 Congress approved the Software Rental Amendments Act
which prohibits the commercial rental, leasing, or lending of software without
the express written permission of the copyright holder. Individuals are allowed
to possess the original software program and one backup copy for their personal
use. No other copies are to be made without specific authorization from the
copyright owner. In late 1992, Congress passed an amendment to Title 18 of US
code, instituting criminal penalties for copyright infringement of software. The
penalties include imprisonment of up to five years, fines up to $250,000, or
both, for unauthorized reproduction or distribution of 10 or more copies of
software with a total retail value exceeding $2500. As we�ll see below these
laws these laws, in practice, have relatively little power in the prevention of
software piracy.

In order to understand the ethical implications of software piracy, it is
necessary to outline the basic principles of ethics that apply to the
engineering industry. These principles can be separated into six categories: 1.
Loyalty, 2. Truth, honesty, and trustworthiness, 3. Respect for human life and
welfare (including posterity), 4. Fair Play, 5. Openness, and 6. Competence. Any
participation in the illegal duplication of software is in direct contradiction
to the principles of truth, honesty and trustworthiness. From there it becomes
more difficult to derive conflicts with the basic ethical principles. The theft
of software can be said to conflict with the fourth and fifth basic ethical
principle, fair play and openness, respectively. In purchasing a piece of
software, you are entering into a tacit agreement with the producer, that you
will respect the law and his rights. In duplicating that software, you are
breaking that contract and the confidence of the supplier. Thus, you are
violating the right of fair play with that person and in turn your openness to
comply with the agreement. Finally, a farther analogy can be drawn to the
engineer�s responsibility to respect the community around him. The act of
breaking the law is indicative of total disregard for the structure of the
society and the laws that bind it. This in turn shows little regard for the
individuals within that society. In summary, software piracy has serious ethical
implications for the engineer that in turn can be extended to the average user.



2.      Software piracy methods

The methods by which software is pirated can be small scale and large scale. The
small-scale methods include user-to-user sharing and user group sharing. The
large scale methods include software rental and compact disk manufacturing.



3.      Small scale piracy

Small-scale piracy can be defined as piracy without financial motives. The
people and organizations that are involved in small-scale piracy are usually
trying to get software for personal use, or are looking for fame by distributing
software faster than others. There are many methods involved in distributing
software without profit. These include user-to-user copying and user group
sharing, and each of those can be performed in a variety of ways.

Perhaps the most common way that people copy software is by sharing it with
those around them. A friend or coworker tells you "Oh, I got such a great
program yesterday". You�re intrigued, and ask for a copy. He then gives you the
floppy disks, you install the program and return it the next day. Simple, quick,
no harm done you don�t see a problem with this. What you don�t realize is that
what you�ve done was in fact copyright infringement, and the software company
can now sue you and your friend for damages.

Borrowing diskettes or CD-ROMs is not the only way that people can share
commercial software. Making copies and mailing it to your friend, posting a copy
of the disks on your private FTP site, emailing an archived file all are ways
that you can make that great program reach your friend, relative, coworker,
boss. Perhaps you are doing this as a personal favor, or perhaps you feel that
they won�t afford it, or you�re doing this to show off your assets. Either way,
you�re breaking the law.

User-to-user copying has some other implications, the most important of which is
economic. Say that you purchase some software and let five of your friends copy
it. Each of them, in turn, will let five of their friends copy the software as
well. After only three such cycles, over 125 people have this software. This is
incredible exponential growth. Consider the impact on the software developers of
only one such pirated program. In our scenario, the company receives only
1/125th of their expected profits.

An original software purchaser has to consider many issues. First, although
there was no intent to defraud the software company, it is an inevitable result.
Second, the copy that these other people now have on their computers usually has
the purchaser�s name and/or serial number. Thus, if any of those people are
caught pirating software, it will be traced back to the original purchaser.



4.      Large scale piracy

A much more serious type of piracy is called User Group Sharing. Here, there
exists an organized method for distributing commercial software to many people
at once. Some of these methods include Bulletin Board System Distribution, the
Internet, Internet Relay Chat, File Transfer Protocol, Newsgroups, electronic
mail, and the World Wide Web.



4.1.    BBS

A Bulletin Board System (BBS) is a small-scale electronic online service that is
run from a personal computer. Anyone with a Personal Computer and a modem can
connect to a BBS and participate in the services that it offers. Even though
BBSs were much more popular before the acceptance of the Internet as a mass
communication tool, there are still about 50,000 of them in operation. Most
software and hardware companies keep their own BBSs to permit people from around
the world to download software updates of fixes or to get the latest drivers.
The majority of Bulletin Boards are, however, user-run and located on someone�s
home personal computers.

The personal BBS are easy to setup and maintain, and are not financially
unbearable. Most of them require a dedicated computer system running special BBS
software, several modems, and a few phone lines. The person who operates a
Bulletin Board is often called the Sysop (short for System Operator). BBSs
differ in many areas. Some offer membership on a fee-based basis, others are
free for everyone, still others are by invitation only. The personal BBSs
usually pick a central theme around which they tailor most of their services.
Examples include music-oriented systems, systems dedicated to the Creation
theory of biological development, or systems computer programming. Some Sysops
decide to allow for, or center their BBSs around piracy.

The pirate BBSs (or "elite" systems, as they are often known as in the pirate
community) range from those that are casually "elite" to those that specialize
in pirated software. The casually "elite" systems are those where the Sysop is
(by negligence or on purpose) indifferent to the contents of files being
exchanged in the "file transfer" area of the system. These systems usually
specialize in other subjects, and piracy remains one of their unmentioned
features.

The specifically-pirate BBSs usually specialize even further. There are
general-purpose systems, where users are encouraged to upload any commercial
software that they might have access to. Other systems are more selective, and
require that the software has to be new (within three months of its release,
within a month, a week, two days, or sometimes even before release) or that the
software has to be of a certain type (games, application software, productivity
utilities, etc.). These BBSs usually require some sort of referral or
authentication before they will accept a user. This consists of new user
passwords (which must be received personally from current members), referrals
(where when applying for membership, one must tell the Sysop names of some other
current members who will vouch the new user), and payment of memberships. Most
of these safeguards are in place to serve two purposes to keep software
"quality" high, and to prevent detection.

People on these "elite" Bulletin Boards range from people looking for software
to download, to those who are seeking to promote their piracy group by uploading
the greatest number of files. Most of the people on these systems know well what
they�re doing is illegal, and most Sysops take great care to warn all users
about potential FBI crackdowns. These are always expected, even though they
happen very rarely. Most claims that "such-and-such BBS got shutdown" often
heard on elite BBSs are invalid. Over time, Sysops have come up with preventive
measures designed to clear the Sysop of responsibility in case of a crackdown.
These usually consist of short warnings stating that copying commercial software
is illegal, and that the user is breaking the law by downloading a file. Another
attempt is to masquerade as non-profit libraries and make use of special
exemptions that are allocated to these libraries. Carefully-worded notices warn
users that they may "rent" the software from a BBS for a period of 24 hours (or
some similar period of time), after which they must destroy the copy. This has
the appearance of a legal operation (to be discussed separately later), however
BBSs most often do not have a state-recognized non-profit operations license and
are thus not non-profit libraries. The checkout warnings are nothing but ways to
make users feel that they are participating in a legitimate activity and protect
the Sysops.

The law and pirate Bulletin Boards have rarely met. The combination of laws used
to persecute Sysops allows for loopholes for Sysops who do not charge for access
to the BBSs. The 1994 case of USA vs. David LaMacchia set a precedent, which has
not so far been challenged. In the case, an undergraduate student at the
Massachusetts Institute of Technology (MIT) set up and operated an open
Internet-based BBS for the period of over a month. The court ruled, however,
that under current laws, it was impossible to prosecute the defendant. The judge
stated that the government�s "interpretation of the wire fraud statute would
serve to criminalize the conduct of not only persons like LaMacchia, but also
the myriad of home computer users who succumb to the temptation to copy even a
single software program for private use"
[http://swissnet.ai.mit.edu/dldf/dismiss-order.html]. As a side note, the judge
noted that he hoped for stricter laws, which would permit persecution of
non-profit system operators. The decision for this case was based partially on
an earlier interstate mail fraud case, which was not connected to software in
any way.

In March of 1995, the US District Court for Massachusetts sentenced a BBS Sysop
Richard Kenadek to 24 months probation with 6 months home confinement. Kenadek
was an operator of the "Davy Jones Locker" bulletin board from his private
residence. After an FBI raid, he pleaded guilty to criminal copyright
infringement for using his BBS for the "unauthorized distribution of copyrighted
software for financial gain." The key in this plea is the phrase "for financial
gain". As soon as money changes hands, the activity can be considered criminal
and judged accordingly. This case was the first time that a bulletin board
operator was charged under the criminal statute of the copyright law, according
to Sandra A. Sellers, the SPA director of Litigation.

Bulletin Board Systems, though rapidly losing popularity, continue to be
significant sources of piracy. The relative inexpensiveness of running a BBS
combined with the ease of electronic software transport quickly breed piracy.
Anti-piracy efforts are hindered by the system operators� altruistic way of
running these bulletin boards. US laws currently only apply to for-profit
ventures. Still, efforts in curbing BBS piracy are expanding, and as new laws
are created more lawsuits will begin to appear where system operators become
responsible for their systems� contents.



4.2.    Internet

The Internet became a major channel for illegally distributing copyrighted
software only in the last decade. Five main methods for Internet distribution
that will be examined are the Internet Relay Chat (IRC), File Transfer Protocol
(FTP), Internet newsgroups (USENET), Electronic messaging (Email), and the World
Wide Web (WWW). Each of the four has different characteristics, and involves a
different method for transmitting the software from the distributor to the user.

Of all the methods for obtaining large amounts of pirated software, the Internet
Relay Chat is the most reliable and quickest; although it is harder to use.
Interestingly, this is one of the least-investigated sides of the Internet, and
is arguably the hardest medium for enforcing the rules.

Internet Relay Chat (IRC) is a computer teleconferencing system which has
recently gained widespread popularity. Designed in 1988 by Jarkko Oikarinen as a
replacement to the UNIX talk program, it allows for users from all over the
world to connect to a server that�s part of the IRC network and chat with anyone
on any other server on that network. On a typical night, there are anywhere from
5000 to 15000 people chatting with each other. Actual numbers depend on time of
the day, day of the week, and network stability.

As a chatting system, IRC has some alternatives. Using IRC, people may engage in
"private" chats, where they can send messages that only the intended recipient
can read. People can create and join special discussion channels, where their
messages will be shown to everybody. They may also use special DCC (Direct
Client-to-Client) capabilities that allow for chatting and file transfer. By
design the system is very flexible e.g. as upon not locating a certain
discussion channel, a user may just create one.

The IRC system also allows for control. The person who creates the channel is
considered its operator. The operator can invite other users to join this
channel, allow and disallow a user to join (on a temporary or even a permanent
basis), punt people from the channel if necessary, and can grant operator
privileges to others. On certain channels, operators play almost no role and
utilize their positions to control excessive flooding (which occurs when a user
sends so much information in a row that it, in the opinion of the operator,
seriously interferes with the conversation).

IRC uses a very simple system for differentiating between users who are
currently connected to it. Each user picks a nickname based on his or her own
preference, and logs into an IRC server. The IRC server either accepts the
nickname or tells the user that the nickname is already in use and waits for a
new one. The user can also optionally produce an email address that the server
keeps in the database of current users. Other IRC users can then look up
someone�s information based on their nickname.

The inherent problem is that a user is not bound to reveal his or her identity
in any way. The nickname can be unrelated, and the email address can be a fake.
In fact, the only knowledge that someone has about some other IRC user is where
this user is logging in from. This lack of information about users, coupled with
the extensible system and a live presence of other humans at the same time as
you�re there is an opportunity which pirates could not pass by. On the three
major IRC networks there are currently dozens of round-the-clock channels which
specialize in ways to illegally obtain software. The technical aspects of IRC
file exchange are even more inhibiting to investigations.

On one typical evening, there were over 11,000 people connected to EFnet (Eris
Free network, the largest of the three worldwide IRC networks). These people
were dispersed over a range of more than 3,000 different channels. Some of the
channels had up to 100 people while others had just one. (For a channel to
exist, at least one person must be in it.)

The piracy channels, most of which start with or contain the word "warez" (which
is pirate jargon for illegally obtained commercial copyrighted software), number
over 85. On the sample evening, there were 931 instances of people logged in to
the "warez" channels (note that a person may be on more than one channel at
once, but keeping track of more than four at the same time is a rare occurrence
on IRC).



4.3.    IRC

       FTP site offers

Piracy takes different forms on IRC. Some channels offer "FTP sites", others
advertise other people�s public offers, and yet others are discussion-style
channels where people request software that they need. The "FTP site" channels
usually have an automated moderator. Channel users find FTP sites that currently
carry pirated material and submit the Internet addresses to the automatic
moderator (also known on IRC as a "bot", from the word robot). The moderators
will then broadcast the site�s coordinate to others in the same channel. A
variation is a channel where people post Internet addresses themselves. These
addresses usually consist of the 4-digit Internet Protocol (IP) number, the
user-name and password that are needed for logging into the system. Sometimes,
the posters also mention a "ratio" of, for example, 4-to-1. This means that the
operators of this FTP site are requesting that users upload at least one fourth
of the megabytes that they download. This will be discussed a bit later. Below
are some of the messages that may be posted in FTP site channels:


RaiNMaNP9 Get da warez at 207.33.217.17 use the name warez and the password is
you email address ! this ftp sucks someone told me lastnight!and he's down by
the river!

trade_it has a site up at 205.219.156.88. Come get your warez here!
l/p: warez 1:3

<CryoFlame> Come to my FTP 199.69.76.123 l:warez p:warez 1:5 ratio

<Maximus> Go to 165.91.2.150 \ Login & Pass: warez \ Change port to
PORT:80 \ Upload:Download rate is 1:4 \ Most of yer warez files yer looking for
(i.e. MS Office Pro 97 \ Visual Basic 4.0 \ Hellbender \ MS Pub97 \ WinNT 4.0
and server \ Adobe Photoshop 4.0 Beta list goes on and on!!!

<Wronski> 206.29.242.29 l&p:warez 1:3

Another type of a channel is one where people simply type a message stating what
they�re looking for (or what software they have for others to pirate). Other IRC
users then read the messages, and can enter private chat with the person who
posted the message. These channels are usually the most popular ones, as anyone
who desires a certain software package can go and see what the other dozens of
people offer on the channel. Most pirates on these channels deal in trades (as
in, they only send software if the other user has some other software to send
back). Below are a few examples of messages from this type of a channel:



       Trading

[Gordon] will trade for Police Quest 1: vga.. msg me

_triax_ wonders if anyone know if Leisure Suit Larry 7 been released yet....

|StompeR| is looking for a site with the NEWEST Visual Basic /msg me

AoS is looking for Diskeeper, Mathematica, and Microsoft Assembler (MASM). /msg
me for trade

Blaspheri is looking for need 4 speed.../msg me

boy20co is looking for a aol acct, or generator, will give perm ftp site away.X)

butthead is looking for Speed Haste full, PLEAZ /MSG ME IF U HAVE IT!! PERM
ACCOUNT ON FTP SITE!!!

cf wonders is anyone knows if leisure suit larry 7 has been released yet...

Chia_Pet is looking for Marathon2...Ne1 have it?

Jeff just wants lemmings paintball

jussa looking for REalms of Arkania disks1,6-9 and Daggerfall disks47-53 pls
/msg for trade :)

Milo looking for reg number of discplay 3.3

Monte needs a ppp dailer for MSDOS. /msg me if you have one. Thanks.

NailBomb needs sites for: Uninstaller 4.0, and Adobe Type Manager Deluxe..../msg
me...thanks......

<KriS1> ne1 diablo site /msg 4 trade

<lizards> i need a photoshop site

<lucy4> i know how to crack eudora pro 3.0 upgrade but i didn't finish d/ling
the intall.exe file from qualcomms site and now they took it off... if anyone
has the file please let me know

<MaSTaWaR> SprWalker: I have flight sim 97

<Nelson> ne1 has osr3, any Koei games or settlers 2. Plz msg me.

<RaSun> looking for links386 can anyone help

<sector6> looking for death rally (for free) Help a newbie!!!

<Smallnuts> I needz Pixar's Renderman and Mesh Paint 3D, msg me.

<Spawn27> does ne1 know were I can get abuse

<Spawn27> I looking for abuse can ne help????

<SprWalker> anyone have Ms FlightSim 5.1? /msg for trade...

<Sraiser> how many more disk of office 97 to go? i need it all d/l by 9 am in
the morning

<Sraiser> ncognito your one in a million now is 20 disk all so i can d/l it for
work tomorrow and also have it on my new pc

<Sraiser> ne1 have wordperfect latest vers

<tanfold> i need crescent internet toolpak msg me 4 trade

<Tembler> Does anyone have MS flightsim 95!??! please msg me for trade!!!

<Tembler> I have some pretty good warez to trade for that game

<Tembler> make it msflightsim95

<True__> looking for Death Rally../msg



       Offerbots

Finally, the third major type of a "warez" channel on IRC is one where users
compile a special software listing, and send a message to the automatic channel
moderator notifying it of this software. The "bot" then automatically posts all
such listings in a similarly formatted way. Here is a short sample of output
from such a channel:

<EtC-ReLaY> ( EtC Offerer: KfZ-DcC ) _#4_ 39x [2.8M] [ETN]Arena Designer Pro
v2.5[10-27]

<EtC-ReLaY> ( EtC Offerer: NVC-AADCC ) _#1_ 79x [9.7M] Radin Fighter 2 [10/25]

<EtC-ReLaY> ( EtC Offerer: NvC-AADCC ) _#2_ 21x [6.2M] Hot Dog web editor - da
best one of am all [10/26]

<EtC-ReLaY> ( EtC Offerer: NvC-ZKDCC ) _#1_ 0x [4.8M] [10/24] MS Money 97 Retail
[RAGE]

<EtC-ReLaY> ( EtC Offerer: NvC-ZKDCC ) _#2_ 2x [9.7M] [10/24] Raiden Fighter 2
[EPI]

<EtC-ReLaY> ( EtC Offerer: NvC-ZKDCC ) _#3_ 0x [166k] [10/25] Diablo DEMO Hack
Pack [NVC]

<EtC-ReLaY> ( EtC Offerer: NvC-ZKDCC ) _#4_ 1x [7.4M] [10/25] Fighter Duel:
SPECIAL EDITION [PSG]

<EtC-ReLaY> ( EtC Offerer: NvC-ZKDCC ) _#5_ 1x [7.0M] [10/25] GemStorm c
Malachite Games [RFX]

<EtC-ReLaY> ( EtC Offerer: NvC-ZKDCC ) _#6_ 3x [6.5M] [10/27] Amok c GT
Interactive [RZR]

<EtC-ReLaY> ( EtC Offerer: NvC-ZKDCC ) _#7_ 1x [7.3M] [10/27] Gray Stone Saga 2
c Hwaei Co Chinese [KYL]

<EtC-ReLaY> ( EtC Offerer: NvC-ZKDCC ) _#8_ 1x [5.2M] [10/27] VocalTec4s IPhone
4.5.0.3 [MNC]

<EtC-ReLaY> ( EtC Offerer: NvC-ZKDCC ) _#9_ 1x [7.0M] [10/27] ULT Soccer Manager
2 c SIERRA [HYB]

<EtC-ReLaY> ( EtC Offerer: PMODE-DCC ) _#1_ 24x [142k] PMODE/W v1.30 - DOS
Extender For WATCOM C/C++

<EtC-ReLaY> ( EtC Offerer: Pro-DCC ) _#1_ 313x [ 29k] Key Gen. for Quake
Shareware CD

<EtC-ReLaY> ( EtC Offerer: Pro-DCC ) _#2_ 86x [1.0M] WinPGP ver 5.0

<EtC-ReLaY> ( EtC Offerer: Pro-DCC ) _#3_ 900x [5.3M] Eudora PRO ver 3.0 Final

<EtC-ReLaY> ( EtC Offerer: Pro-DCC ) _#4_ 50x [1.7M] Agent 99F 16 Bit cracked

<EtC-ReLaY> ( EtC Offerer: Pro-DCC ) _#5_ 301x [1.5M] Agent 99F 32 Bit cracked

<EtC-ReLaY> ( EtC Offerer: Pro-DCC ) _#6_ 279x [7.9M] CleanSweep ver 3 beta3

<EtC-ReLaY> ( EtC Offerer: Pro-DCC ) _#7_ 28x [1.1M] NetTerm 3.2.3 32Bit
*cracked*

<EtC-ReLaY> ( EtC Offerer: Pro-DCC ) _#8_ 15x [1.5M] WARFTPD ver 1.52 Final

<EtC-ReLaY> ( EtC Offerer: RnS|DcC1 ) _#1_ 47x [2.4M] Quake Track 2 by NiN

<EtC-ReLaY> ( EtC Offerer: RnS|DcC1 ) _#2_ 28x [4.4M] Fell on Black Days by
Soundgarden

<EtC-ReLaY> ( EtC Offerer: RnS|DcC1 ) _#3_ 38x [4.8M] Never Leave Me Alone by
Nate Dogg

<EtC-ReLaY> ( EtC Offerer: RnS|DcC1 ) _#4_ 24x [5.5M] Days of our livez by Bone

<EtC-ReLaY> ( EtC Offerer: RnS|DcC1 ) _#5_ 49x [2.3M] Mario 64 Main Theme

<EtC-ReLaY> ( EtC Offerer: sam-dcc ) _#1 _ 57x [539k] [SAM] [1021] The collector
v1.13

<EtC-ReLaY> ( EtC Offerer: sam-dcc ) _#10_ 82x [666k] [SAM] [1026] BookIt! PRO
Win 95/NT

<EtC-ReLaY> ( EtC Offerer: sam-dcc ) _#11_ 192x [267k] [SAM] [1026]
DomainSearcher Win 95/NT



During a sample one-hour period, over 289 megabytes of files were offered
through this "EtC-ReLaY" bot. Since a file may be downloaded by as many as 20
people at the same time, the total volume of files transferred with the help of
EtC-ReLaY is amazing. Moreover, EtC-ReLaY is not the only service that offers
this kind of a feature. On EFnet, one might find well over 10 such free offer
channels.

The mechanism for physically sending and receiving files through IRC is very
simple even for beginners to use. If a person wants send a file to another user,
all that needs to be typed by the sender in is a command, the name of the user,
and a filename. To receive a file that is listed in a channel by a bot like
EtC-ReLaY (see above), the target user executes a command, and the offerer�s
system will automatically initiate the transfer.



4.4.    FTP sites

A fourth form of user group sharing is File Transfer Protocol (FTP) is a method
to transfer files over the Internet. Created in the early 1970s at MIT, it has
become a standard feature of many operating systems. FTP is probably the most
convenient way to send files over the Internet. It is also very easy to detect
the location of an FTP site, which is a reason why many of these sites are
active for only a day or two. They are brought down by their operators to escape
detection.

The basics of FTP are simple. A server computer is chosen, and FTP server
software is set up on it. At that point, anyone on the Internet who has the
address of the computer and user information needed to log into the system can
access files in the server machine�s storage. The addresses and user information
can be distributed in person, or over the Internet via the World Wide Web, IRC
or USENET newsgroups.

Using FTP is very simple. There are many well-written FTP client programs that
will let a user get and put files using the FTP Internet protocol. Pirates have
also come up with their own FTP client called "WarezFTP" which has special
features that certain pirates might want to use. For example, WarezFTP will
detect and display names of hidden directories which are often created on FTP
sites. If you are not using a program like WarezFTP, you will not know that a
directory exists, but a pirate will be able to enter it and trade files.

The motive behind putting up FTP sites (which is a very risky enterprise, since
Internet Service Providers usually notify the SPA and sometimes even the FBI
when they suspect illegal activity) is not commercial gain. In fact, most
pirates lose money by paying excessive Internet connection fees. Sometimes a
pirate may spend even more money while paying a hacker for a cracking job the
hacker removes any copyright protection that might be embedded in the software.
Usually cracking is done for free, but on some occasions where the pirates
desire speed and accuracy, the cracker is paid large sums. The reasons why
pirates put up FTP sites are to distribute any software that they have in hopes
of getting something in return from other pirates, or to spread the popularity
of a piracy group of which they might be members.

Monitoring activity on FTP sites is harder than doing that on Bulletin Board
Systems. Whereas on a BBS one can usually see the list of last few users and one
usually has a full list of members; it is always easy to get in touch with
someone who has recently logged on to the system. With FTP sites, there is
almost no identification anywhere except for the FTP log file, which is usually
stored on the server computer. The FTP log contains Internet addresses of all
log-ins.



4.5.    Usenet

Another method of user group sharing is through Newsgroups. Newsgroups on the
Internet (USENET) are results of an early attempt to create a thread-based
virtual conversation medium. Not unlike a bulletin board system, users can post
messages to a specialized "forum". However, unlike a BBS, USENET is a network
consisting of many servers. A post made to one server is then sent across the
whole USENET network in hopes that it gets everywhere. There are over 20,000
different newsgroups, with topics ranging from Fans of Bill Gates to technical
discussions relating to the operation of a blender. Internet newsgroups are
distinguished by a specialized naming structure. For example, a newsgroup which
concerns itself with humorous posts is called rec.humor (rec. stands for
recreation), newsgroups with pornographic material start with
alt.binaries.pictures.erotica (alt. is short for alternative) and a computer
newsgroup announcing new products for Microsoft Windows may be called
comp.os.ms-windows.announce (comp. is short for computer). Not surprisingly,
also, the newsgroups that pirates frequent are called alt.binaries.warez and
alt.warez.ibm-pc.

Piracy on newsgroups is an option that many have considered and tried, but due
to technical problems that are now noticeable in the structure of USENET, is
very impractical. What some pirates do is they locate a service which will post
any message (including data information which could be an illegally obtained
piece of software) without specifying the poster�s name. The technical problems
surface when the post first occurs. Due to the nature of USENET, most messages
have to be encoded in a special way to be compatible with old USENET servers.
This scheme actually expands the size of the posted file. Also, if the posted
file is too big and has been split up into several parts (as is often the case),
not all parts are necessarily replicated to other servers. So for example,
someone may post a 5-megabyte software package to USENET. Due to encoding and
part size, it turns into 20 parts. Only 10 or 15 of those make it to most
servers, and since all parts are needed to re-assemble the program, the posting
was useless. Due to the relatively low volume of files being transferred over
USENET, it has not been even a minor focus in the software companies� recent
efforts to curtail piracy



4.6.    Email

Email, by far the most popular feature of the Internet, is also the first method
that was invented for Internet communications. A recent standard for Multimedia
Internet Mail Extensions (MIME), has indirectly aided the spread of email-based
piracy by permitting email software to correctly encode files for transmission
over global networks. Using email, a user may "attach" any file to an email
message. If the addressee�s email inbox will allow large messages, pirates will
trade huge files using this relatively private method. Fortunately, most
people�s inboxes have a set maximum size of 1 to 5 megabytes, which is barely
enough for even the smallest commercial application program. Thus, email has not
been a major method for pirate file exchange.



       WWW

The World Wide Web (WWW), an extremely popular Internet communications medium,
is one of the most recent advances in Internet technologies. Invented in 1991 by
a few scientists at the CERN physics laboratories in Switzerland, the World Wide
Web is a one-way TV-like medium where content providers may post any information
they desire.

In the beginnings of the World Wide Web, most pirates were very uncomfortable
with posting their file collections in such a public way. Anyone on the Internet
may access the publicly posted information, and there is virtually no way to
restrict investigation by proper authorities. Lately however, as the Web grew in
size and became less manageable, more and more pirates are putting up their
information online. They no longer feel threatened. The only way to take this
information down is to persuade the Internet Service Provider (ISP) to shut off
the pirate�s service. Since most ISPs realize that by cutting off someone�s
service they will be viewed as Internet censors which usually leads to loss of
customers they are reluctant to block anyone�s service.



5.      Commercial piracy

While the methods above involve an active pirating population, the profitable
distribution of stolen software defines another side of the market on a larger
scale. This market involves the sale of illegally duplicated software in large
quantities. These large-scale pirates work only for the profit involved in the
redistribution of illegal software. The two major components of large scale
piracy are software rental and compact disk manufacturing.

While it has always been illegal to rent unauthorized copies of software, until
1990 it was legal to rent the original versions. Loss of revenues that was
associated with these rentals prompted the US Congress to pass the Computer
Software Rental Amendments Act of 1990. This act makes it possible for software
publishers to explicitly prohibit rental in the license agreement.
Interestingly, an exception to the law was created specifically for non-profit
libraries. These could rent original software without express permission from
the publisher.



5.1.    CDR

The second major component of large scale piracy is the duplication of computer
compact disks. The advent of software distribution via compact disks offered
developers a level of protection unavailable with conventional floppy disks. The
ability to duplicate these disks was limited by the expense of CD-R�s, or
compact disk writers. However, with advances in technology, the prices of these
CD copiers have come down considerably. Current CD-R�s can be purchased for
around $500 dollars. This has lead to a considerable growth in the availability
of pirated software on CD�s. The large volume of storage available on a CD had
also previously limited copying by potential pirates. These limitations are no
longer an issue with the ability to copy directly to another CD. The production
of counterfeit CD�s has become a considerable part of illegal pirating of
software.

The distribution of counterfeit CD�s can take two forms. These CD�s can be
explicitly marked as illegal copies or can be cleverly disguised as the
original. The former is the most common form of distribution. With explicit
markings or simply no disguise at all, the purchaser is generally aware of the
illegal nature of the product. However, with duplicate packaging of the some
stolen software, the ability of the user to distinguish between the legitimate
and not becomes very difficult.

The volume of pirated software has also grown with the advent of CD copying.
With the large available storage on one CD, numerous programs can be copied and
stored on a single disk. This has significantly eased the difficulties of
distributing these stolen programs. The growth of CD duplication is evidenced by
the influx of counterfeit CD software from the foreign market. These copies are
distributed rapidly and efficiently to a large market. In summary, the
production of CD software has become a significant component of the pirating
industry.



6.      Copyprotection

In light of the many effective methods of software piracy, the protection of
software programs has become increasingly difficult. The battle to protect the
software industry is a never-ending struggle, as pirates continually find new
ways to illegally copy and distribute software. (With software piracy so
prevalent, what can software developers do to protect their intellectual
property?) The software industry has invested a serious amount of time into the
development of new forms of protection. Alongside the industry, many Anti-Piracy
Organizations and campaigns have arisen to combat the flood of illegal software.
The first and most important component of the software protection is that
engineered by the industry itself. We will explore what approaches have been
taken in the past, what approaches are currently being used and other methods
software developers have used to fight this growing problem. We will look in
depth at each of these approaches and see their successes and at what cost.



6.1.    Hardware protection

Let us first start with hardware solutions to the software piracy issue. The
best known methods are dongles. Dongles are hardware "keys" which allow
applications to be run on PCs and servers. This hardware "key" must be purchased
separately from the application. Therefore the software developers configure the
software to require the dongle. This is an extremely successful approach,
however, at great cost. It costs approximately $30 per dongle. This means that
for a $30 application the cost is now double. This fact has made this solution
very limited. It is used almost only on very high-end applications because of
its cost. Dongles have been the only real approach employed by software
developers that uses hardware to help fight piracy.



6.2.    Software protection

The most common approach for fighting software piracy has been with software.
Among the approaches used have been serial numbers, CD-keys, encryption, manual
references, registration requirements, and installation restrictions. We will
take a look at each of these in depth.



       Serials

The use of serial numbers requires that the user enter a serial number before
they can install application. Many applications use this method including such
prominent titles as Fauve Matisse, Janna Contact, Abode Photoshop, etc. When
installing one of these applications you are required to enter a serial number
usually found in the software manual before you can successfully complete the
installation. The idea behind this is that it requires the user not only to have
the software but also the manual.

However, this approach has been easily defeated. Many of the very popular
software titles have their serial numbers available on the World Wide Web. This
limits the effectiveness of serial numbers! Another problem with serial numbers
is that there are serial number crackers. These crackers are applications that
are designed to find the necessary serial number to get past the serial number
check.



       CD-keys

Microsoft offers a similar strategy with their software titles. It is called the
CD-Key. It is a "serial number" located on the back of the CD case. It is a
ten-digit number and is required to complete the installation of a Microsoft
software product.

As with serial numbers there are ways to defeat this check. First all of the
CD-KEYs uses the same scheme (xxx-xxxxxxx). If a person finds the scheme used to
create the CD-KEY then they can use all Microsoft products.

Another technique is a specialized form of a serial number check. It is called
the Certificate of Authenticity (COA) and is a way for end-users to be assured
that their OEM (Original Equipment Manufacturer) is authentic. The COA is a 20
digit alphanumeric number that must be entered before the end-user can use the
Microsoft operating system that came their OEM computer. With a large range of
possible combinations, the difficulty is relatively high for cracking these
serial numbers.



       Manual check

Manual references are another of the approaches that software developers employ
to fight software piracy. This is used mainly on games. Every time the game is
launched a code (usually in the form of a unique word) is required before the
game can be played. A prime example is the games Stunts by Br�derbund. Every
time you launch the game it specifies a page, paragraph, and word to enter from
the manual. The idea is that you must have the manual to play the game so that
you cannot just get a copy of the game and start playing.

This method has two major drawbacks. The first is that it is a hassle for paying
customer to go through every time he wants to play the game. The second is that
there are ways around this manual reference. You could photocopy the manual or
write down a few of the unique words and then just keep launching the game until
one of them shows up.



       Registration

A very different approach to software piracy protection has been to force
registration in various ways. Registration might require payment (most cases) or
simply just registering your name and address etc. Some software developers use
the method of encryption to protect their software. They lock the software with
a "software key" and the software will only work if the user gets the "key" from
software developer. The software developer can then force the user to register
before he releases the key. Using this approach, the developer can create a
unique key for every user. Some developers did not like the idea of forcing
registration and have instead shipped the software key with the application.
This second method is not as effective as the first. Both approaches have a
distinct use for applications that are distributed via electronic and on-line
distribution.

Other software developers force registration by creating some limit for the use
of an application prior to registration. For example, limiting the number of
launches before registration. This approach is used primarily in shareware,
freeware, and demos. An example of this approach is employed in Quicken SE by
Intuit.

Another common approach instead of the number of launches is to limit the number
of days that the application will run before registration is required. This is
used particularly in shareware, freeware, and demos. An example of this is
Netscape Navigator beta applications, which limit the use of the application to
30 days. Once again, when you register the application this limit is removed.



       Limiting installations

In a radical attempt at a new method Microsoft proposed limiting the number of
installations of Office 97 to a total of 3. This technique was soon abandoned as
many people complained to Microsoft. Obviously Public Relations have a priority
over piracy concerns.



       Certificates

All of the previous approaches are ways to protect the software from being
pirated after it is purchased. Some manufacturers like Microsoft have gone a
step further. Microsoft decided to fight software piracy from the retail store.
To do this they placed a Certificate of Authenticity (COA) on the side of the
box. This COA contains 3 hidden, and non-reproducible watermarks making it
nearly impossible for pirates to copy the box . Therefore, when a user sees a
box without this COA it is safe for him to assume that it is a pirated version
of the Microsoft software.



7.      Anti-Piracy Organizations

The second component of the protection of software comes from the numerous
organizations that have been formed to combat software piracy. These
organizations use advertisements and legal action to fight against the rising
tide in the illegal duplication of software.

Though there are many organizations which are fighting against software piracy,
the largest and most active of these are The Software Publishers Association
(SPA) and The Business Software Alliance (BSA). Both are international
organizations whose members include software developers, distributors,
retailers, consultants, and essentially any other groups which are concerned
with the industry�s growth. Through cooperative work with the government, the
SPA and BSA enforce anti-piracy laws through active measures such as filing
lawsuits, conducting raids, and undertaking audit programs.



7.1.    Legal measures

Over a thousand lawsuits, against both large groups and individuals, have been
filed by the SPA and BSA. The penalty for software piracy is high for the
violator - up to $100,000 per copyright infringement and a maximum 5-year prison
term. On March 1, of this year, SPA filed a lawsuit against a junior college
located in Florida for using illegal copies of software on its computers. The
settlement reached by the plaintiff and defendant resulted in a fine of $135,000
along with removal of the illegal copies and repurchase of new ones. On July 4,
1996, BSA successfully prosecuted two Hong Kong citizens with prison terms under
the new Copyright (Amendment) Ordinance. Yip Chi Hung, the owner of a software
shop in Hong Kong was sentenced to 6 months in jail plus a fine of HK$51,000.
Kwok Po, Yip�s supplier of wholesale pirated CD-ROMs, was sentenced a total of
16 months in jail and fined HK$308,000. Just recently, this past October 10, SPA
filed 5 civil lawsuits for software piracy on behalf of the software
corporations Adobe Systems, Inc., Claris Corp., Corel Corp., Datastorm
Technologies Inc., and Novel Inc. Three were against Internet service providers
(ISPs), and two were against individual violators. The three ISPs Community
ConneXion, Inc., GeoCities, Inc., and Tripod Inc. had pirated software,
unauthorized serial numbers, links to ftp "warez" sites, and cracker/hacker
utilities posted on their webpages. With the help of the ISPs, two individuals
were tracked down as the responsible posters of the copyright infringing
material. Though it is certain that software copyright laws are being violated
in this case, there is controversy over whether or not the ISPs, which offer
free space for individuals to design their own Web pages, should be responsible
for the material that is posted by their users. Internet analyst Chris Stevens
voiced his opinion, stating "They need to go after the people who post pirated
software, not the host. That�s like suing the phone company for receiving
obscene phone calls." As an illustration showing that nobody is above the laws
of copyright protection, a hospital in Chicago, Illinois was fined $161,000 for
using illicit copies of software. In fact, with the increase of computerization
in hospitals, these institutions should be given increased special scrutiny,
according to Bob Kruger, Vice President of Enforcement for BSA.



7.2.    Corporate audits

An alternative to litigation, is conducting what are called corporate audits. If
investigators report a corporation as having violated copyright laws, SPA will
often ask the corporation to allow an audit of its software in place of taking
the matter to court. During an audit, the contents of each computer are compared
with the company�s purchase receipts of software. If any illegal copies are
found, the company will agree to pay the retail price for each copy, destroy
these illegal copies, and replace them with legitimate ones. For the most part,
these audits have been met with cooperation by the company who would much rather
settle the issue in a confidential, private matter than dragging everything to
court. If the company does refuse to submit to an audit, SPA will then file a
lawsuit against them.



7.3.    Contacting anti-piracy organizations

To help them in their search for copyright criminals, the SPA, BSA and software
giant Microsoft have established a hot-line (1-800 toll free number) which
people can call in to report suspicions of software piracy. The numbers are
1-800-388-7478 for SPA, 1-800-688-BSA1 for BSA and 1-800-RULEGIT for Microsoft.
Most investigations start off with a tip through this hot-line. Everyday, 30 to
40 calls are received, mostly from employees and consultants for software firms.
Together with law enforcement officers from the government, the anti-piracy
organizations will pursue these leads and often arrest the violator through a
sting operation. Besides calling in to give tips on copyright violators, the
public can also call in to receive information about preventing software piracy.



7.4.    Education

In addition to playing cops and robbers with software pirates all over the
world, the SPA and BSA are also committed to teaching the public the degrading
effects of software piracy using propagandistic methods, and helping companies
prevent copyright violations through educational courses and software utilities.

Noticing the prevalence of software piracy everywhere, the anti-piracy
organizations are trying to change the cultural view that copying and buying
illegal versions of software is okay. The SPA, especially, has undergone
extensive efforts to make the public aware of the illegality of software piracy.
Free brochures for the general public with titles such as "Software Use and the
Law" and "Is it Okay to Copy My Colleague�s Software?" contain information about
copyright laws and demonstrate the legal extent of using software. "It Could
Have Been So Easy" is a seven minute video intended for companies, showing what
can happen if one is found guilty of copyright infringement, and also giving
advice on maintaining an efficient software management program. Another video
called "Don�t Copy That Floppy" is a rap/hip-hop music video attracting the
younger generation that educates them in ethical problems with pirating
software. Both these videos can be purchased for $20 and $15 dollars
respectively.

In addition to distributing brochures and videos which educate the public on the
legal and ethical ramifications of software piracy, the SPA offers a free
software tool called the Self-Audit Kit that allows companies to maintain an
inventory of all the software on their systems. This way any accidental use of
pirated software can be detected and quickly remedied. The software comes in 6
different languages and is also available for the Macintosh. A more effective
tool of education is the SPA Certified Software Manager Course (CSM). This
course gives computer professionals the skills needed to organize a software
management program for their company. They are also taught the legal aspects of
software use and how to "optimize the legal use of software." This course is
currently taught in the USA, England, France, Germany and Singapore and will
soon extend to China, India and several Latin American countries.


7.5.    Economics

Software piracy is an economic and legal problem that impacts every community.
Software piracy is something very new to many people. A lot people don�t know
about it and others don�t think it is illegal when they copy software from the
floppy disk. "Many people don�t see a harm in it," says Robert Holleyman,
president of the Business Software Alliance (BSA). "Business owners would never
think of asking their employees to steal computers, but many of those same
business people don�t think twice about buying one or two programs and
duplicating them for all the PCs in their office." Many people convicted of
copyright violations are simply naive or ignorant of the law. For example, "A
misguided computer technician had take an application intended for five bean
counters and install it every where in the operation department." Another
example is a mother, "Miki Casalino, in whose house Novell found the �Planet
Gallifrey BBS� which she admitted was run by her son, though she only learned of
the alleged illegal software after it was too late." The problem is that all of
them are "innocent" but on the other hand, they are violating the copyright of
the software. We must concede that copying software, like drinking and driving,
is something that everybody disapproves of, yet most people do at least one. "Of
300 PC-using managers questioned earlier this year by MORI, a market-research
group, 55% admitted to copying software illegally."

A contribution to the seduction of computer users is the fact that using the
pirated software is as good as using the legal software but the prices are
better. In addition, it has been said that " From the user�s standpoint there�s
virtually no risk to using pirated software." And it is not hard to copy
software. All that is needed is a computer, the empty diskettes, and of course
the software program you want to have.

Finally, the fact is that few people are actually prosecuted each year for
software copyright infringement, and most offenses don�t warrant maximum fines
or jail time. Human nature being what it is, software piracy persists.

Most people know that copying the software is illegal, but they still do it. The
reason is very simple. They can make a lot of money from doing it and the
consequences are nil or avoidable. According to Iritani "It was a check forgery
case that led deputies to the quiet Rowland Heights cull-de-sac. But they found
at the home of Ming Chin Jin and his wife, Pifen Lo, was $400,000 worth of
counterfeit copies of Microsoft�s Encarta�s 95 CD-ROM encyclopedia and 48,000
fake holograms from China." Indeed, high profits and minimal penalties make this
form of high-tech crime a criminal�s dream and a police officer�s nightmare.
Iritani wrote, "most cases are not prosecuted for the lack of evidence or end up
in civil court, where monetary penalties have proven to be ineffective." The
making of a counterfeiting lab are very easy to acquire and relative
inexpensive. According to Iritani, all they need are "a computer, a disk or
CD-ROM duplication machine, a laser printer, a shrink-wrap machine and someone
willing to produce the labels and packaging."



8.      Conclusion

Software piracy exists. We covered the basic definition of software piracy, the
methods involved, the potential solutions, and the social implications. In
conclusion, let us address two questions

The first question is "What can you do avoid piracy and pirated software?" Your
options as a user are to purchase authentic software and to report violations.
In this way you protect yourself and the software industry from the damages of
software piracy. As mentioned before there are numerous ways to assure you are
purchasing authentic software. Be aware of words and warnings, such as "warez"
that are "red flags" of pirated software. Remember that there are hotlines
available to report software piracy and report any suspicious sites.

The second question one should address is "Why shouldn�t you pirate?" Reasons
for not pirating software include the legal consequences as well as ethical and
moral issues. The legal consequences can include fines or jail time while the
ethical issues can effect your reputation and standing in the professional and
personal community. Piracy won�t be eliminated until users determine as a
community that it is wrong and take a united stand to eliminate it.

  --Original author: Ilya
  --Reformatting, Subtitles, Index: Mr.F

You are viewing proxied material from gopher.altexxanet.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.