Search This Blog

Sunday, September 30, 2012

Yo-Ho-Help Yourself: Software Piracy

From the Tech Vault Dept.: In the antediluvian pre-internet days, files were swapped online through BBSes, Bulletin Board Systems, generally hosted by an enterprising gearhead who offered a forum for discussions and data. Which was alarming enough to the software industry that I was commissioned to write this piece for long-gone PC/Computing magazine. I amused myself with the pseudonyms I invented for the buccaneers I interviewed.

                                                                                              

POPULAR BONDING RITUALS usually aren’t criminal. Admire a friend’s new car and you’re likely to swap a few stories and a can of STP. You may be invited to take the car for a spin. You can pass recipes back and forth or lend your copy of the latest best-seller to a fellow fan.

Sharing computer programs is another common practice among friends. It’s great to help someone who’s daunted by the challenge of learning to use a new machine, and sometimes that includes a gift of some of your favorite software.  “Here. Why don’t you get started with WordPerfect? “ And, later, inevitably,  “The Norton Utilities will get that file back for you.”

Copying a set of disks is so simple and such a private action that you’d hardly think it’s also illegal. The legality part is easy to overlook. The copyright notice is a complicated critter, often printed on the seal of the software package that is torn away as you dig for those floppy disks. You may not even be the one who ripped the original package open (in which case, you’re yet another who’s ripped the program off).

But whether or not you’re aware of it, unless you either broke the shrink-wrap or received the package with all disks, documentation, and licensing information intact, you’re breaking the law. The good news is that if you’re an individual with pirated software on your home computer, you probably won’t get caught. But if you’re a boss with an angry employee, the Software Publishers Association (SPA) may get tipped off. When the SPA comes to call on your business, it’s with U.S. marshals and lots of official paperwork. And the association has an annoyingly good history of winning its copyright-infringement cases.

Perspectives on Piracy 

“Computers give us a kind of technical sophistication that never used to exist, “ says Ken Wasch, the voluble head of the SPA. “In the old days, if you wanted to make your own copy of something like a pencil, you’d need a complicated manufacturing center. But the very fact that you can run a computer program means that you can make a flawless copy of it. This is the only industry in the world that empowers every customer to be a manufacturing subsidiary.”

The regulations are spelled out again and again in the software manuals: You’re allowed to make one or two copies of the program for backup purposes. Other rules vary slightly from company to company. Some license agreements demand that the software package be used only with a single machine; others, most notably Borland’s, let you use the program on as many computers as you wish, provided no two copies of the program are run concurrently, just as a book can be read by only one person at a time.

“If all software developers took the same approach as Borland International, people wouldn’t steal so much,” says avowed pirate Ed Teach. (Note: The names and locations of all interviewed pirates have been changed.)  “Borland gives you that book license. Of course, they’ll drive you insane with upgrades. They wholesale the software, then make their money on all the subsequent releases.” Teach is the systems administrator for a residential health-care company in the Southeast.  “I believe in piracy,” he says.  “I like to borrow something to play with it. If I like it, I’ll buy it.”

He dismisses demos and limited versions of programs as inadequate for the testing he prefers; similarly, he considers the typical 30-day return agreement too restrictive. “It’s not a realistic time period for an evaluation,” Teach says. “I just got a copy of FormTool Pro, and it’s a powerful program with a very steep learning curve. I can’t devote myself to it and learn what I’d need to know in 30 days.”

Teach has spent six years recommending and configuring programs for his company. He does not fit the image of a lawbreaker, and he believes that what he does is morally justified. “I buy the software eventually. My company bought licenses to use WordPerfect 5.1 after starting with a pirated copy of the program. Everything on the company machines is legit.”

Copying wasn’t always so easy. Old-timers remember the copy-protection schemes that pervaded the computer industry, requiring key disks or special initialization procedures. But users unanimously demanded an end to it, and when Lotus, the last significant holdout, gave in, that era was over. Today you find protection only on games and niche-market programs.

How much has the end of copy protection cost software companies? It’s impossible to figure accurately. In August 1991, the indefatigable Software Publishers Association released figures on corporate-use losses that suggest both a staggering financial loss and a possible decline in piracy. In 1987, 1.31 DOS-based software programs were sold for every office computer. The expected proportion is three packages per computer, meaning that more than half of the programs in use were probably pirated. In 1990, the number of legitimate packages jumped to 1.78. But prices have gone up, too, so that the dollar losses haven’t changed much: The 1987 liability was $2.3 billion, and the number rose to $2.4 billion in 1990.

The numbers for private-use piracy, on the other hand, can’t be calculated. If all the computer users who have never pirated software got together, they wouldn’t need a very large hall. Wasch concedes that it’s difficult to actually catch and prosecute the individual pirate. “Nobody is actually doing time for piracy,” he says, citing the exception of a retailer who was caught running what amounted to a pirated-software storefront.

The Software Police

Although the SPA is targeting home abuse in a current study, Wasch believes that the greatest financial losses are due to corporate piracy. And corporate pirates are easier to apprehend because an angry employee is frequently willing to turn in the boss. “We get about 20 calls a day,” says Wasch, who set up a special number (800-388-7478) for reporting piracy. “Ninety percent of the calls we follow up on come from disgruntled employees.”

It’s the kind of visit most of us have only seen in the movies, and it’s usually an unexpected one. A receptionist with one targeted company was so shocked by the arrival of the SPA posse that she asked if it was a “Candid Camera” stunt.

Founded in 1984 as an educational and promotional group, the SPA evolved into a software police force five years ago as more and more software vendors joined. Now almost 800 are in the fold. The SPA began to woo whistle-blowers in earnest about two years ago, after a tip led to the successful bust of a large corporation in the Midwest. “Business is too good,” Wasch says. “We’re doing far more lawsuits and far more audits than ever before, and the numbers are continuing to grow.”

If your corporation is busted by the SPA, hope that it’s done by mail. “What happens then is that we write the CEO a letter explaining that we want to do an audit,” Wasch says. “If we find illegal software, the company pays twice: once for the pirated copy, once for a new one.

“That’s a lot better for the company. The fine is much lower, and they don’t face the adverse publicity that results from a lawsuit. Still, 60 percent of them promise they won’t destroy software before they report it, and then they go and do it anyway.”

That was the case with a recent SPA visit to a medium-sized defense contractor in Washington, DC. “They agreed to an audit, and then they tried to wipe pirated programs off all the hard disks,” Wasch says. “But we knew. Why do they think we called them in the first place? Someone on the inside was talking. I couldn’t believe they’d sit there and lie to us about it – we had them over a barrel!”

The increasingly ominous specter of the SPA breaking down the door is making more companies go legit, but some continue to spout excuses. “I don’t want to break the law, but I also don’t want to go out of business,” says Howell Davis, the CEO of an accounting firm in a New England capital. “We can’t afford to work without computers, but I can’t pay the high price of registering every copy of every program we use. I had to borrow a lot of money to get this business off the ground, and I think of this as just another form of borrowing. It’s another loan I’ll repay when I can afford to.”

Some corporate pirates operate with a sense of entitlement. “Nobody’s going to catch us,” says Charles Vane, the managing director of a nonprofit theater company in the Northwest, “and nobody should even be trying to. We’re on the brink of bankruptcy. Companies should be giving us software packages as a gesture of support for the arts.” He admits that almost all of the software his theater uses is pirated. “We have some nice programs, including an accounting package developed for Ernst & Young that we swiped and a copy of SuperCalc with a bunch of extra modules. And WordPerfect, of course,” Vane says.

Where do the packages originate?  “Our board members get them for us,” Vane says. “Of course, that means we can’t be choosy. We have to wait until a particular program comes our way. And what they like to give us the most are games. We have a kazillion games.”

Games and piracy are natural partners. Games themselves encourage piracy. Unlike business-oriented programs, they engender intense, short-lived relationships. Or as pirate-BBS operator John Rackam puts it, “Games get boring. That’s why you see so many of them on the pirate boards.”

Online Piracy

Rackam runs a BBS straight out of  “The Man from U.N.C.L.E.” It looks like any other medium-sized board in the country, with a standard collection of shareware and message bases. Gain special access – which only takes $50 and a friend’s recommendation – and you pass through the secret door into a 600MB collection of the latest applications, including 10 zipped files of the complete dBASE W, 11 of AutoCAD, and six of MS-DOS 5.0.

“Most of the people who use my board are collectors,” he says. “They have to have the latest copy of everything.” Rackam isn’t deterred by the threat of getting caught. “I don’t think it’s going to happen to me. I’m not doing anything that’s really terrible. I mean, I’m not hacking up bodies or anything. I make no money off this. The fee is just for keeping up my equipment. I consider myself a librarian.”

Novell takes a dim view of that attitude, as evidenced by an August 1991 raid of two California bulletin board systems accused of distributing Novell NetWare files. Such systems are another target the SPA would like to hit, and Wasch is looking for FBI cooperation.

That makes the Humble Guys Network ripe for the picking. Study the high-resolution GIF file of these buccaneers, and you see a collection of ordinary-looking folks who happen to traffic in pirated game software. The founder, a hacker who called himself Candy Man, has since skipped the country; now The Slave Lord, a student at a southern college, is at the helm.

“The whole point of the network is to get games before the stores have them,” says Bill Kidd, a computer consultant in Manhattan. “This is like proof of manhood, how fast you can get them.” Kidd professes little personal involvement with piracy, but he knows where the bodies are buried.

“First there are the suppliers who can get a program from a manufacturer well before it’s released,” Kidd says. “Often the supplier works for the manufacturer. The game goes to the head person, who delivers it to the crackers. They’re the ones who remove the copy protection. From there it goes to the couriers, and each has a list of pirate BBS’s. The program then makes it all over the country in minutes.”

Speed is an obsession. These pirates are armed with 9,600-bit-per-second modems and a must-have-it-now mentality. “The week before MS-DOS 5.0 hit the stores,” says Kidd, “most of the pirate boards had already deleted it because they had been offering beta versions six months before.”

As far as revenues are concerned, pirate bulletin boards may be more of a nuisance than a threat. “Those people are never really going to buy that software,” says John Richards, a product manager with Lotus. “Nominally, it’s bad, but it’s not as if they’re buying one copy of 1-2-3 to put on the office workstation for ten users.”

Pirates at Home

While an office environment allows for regular, rigorous audits, the home user gets away with pirating software. Peer under the hoods of a few hard disks, and you’re liable to find something illicit.

“It can happen innocently enough,” says Symantec’s Rod Turner. As general manager of the Peter Norton Group, Turner has the distinction of overseeing one of the most frequently pirated pieces of software: The Norton Utilities. “Someone puts a copy of the software on someone else’s machine to test it out and leaves it behind. The other user assumes it’s there legitimately,” Turner says.

“Often, someone gets software from a friend who got it at work,” says Tony Geer, service manager at Computer Directions, a retail outlet in Albany, New York. Geer looks at hundreds of user-configured hard disks every month. “Someone buys a machine from us, then turns around and calls us to say that he’s got all this software now, could we tell him how to run it,” Geer says. “What am I supposed to do? The customer wants me to spend hours on the phone teaching him or he gets mad. When I tell him he has to buy the program, too, he gets annoyed.” Geer also receives a huge number of requests for pirated software. “A lot of users think that we can load up their hard disks with programs, even though they know they ought to be paying for them and just want to duck the fee.”

A few requests come from the truly naive, Geer says. “I’ll get a call for software support and I’ll ask, ‘What did the manual say?’ ‘I didn’t get a manual,’ the person tells me. ‘A friend gave this to me.’ And then I have to explain that software isn’t free.”

High software prices are a common user complaint. Former WordPerfect executive vice president W. E. “Pete” Peterson thinks the $495 list price of WordPerfect’s best-selling word processing program is justified, however. “WordPerfect sells about 150,000 copies a month at that price, so quite a few users think the price is justified, too,” says Peterson. “A computer costs anywhere from a few hundred to a few thousand dollars. Without the software, the computer is worthless. WordPerfect goes to a lot of work to write and support the software.”

The latter includes a costly policy of toll-free phone support, handled by operators who would just as soon not ask for a registration number. It’s an expensive way of showing trust, but it has paid off in excellent public relations. “We try to sympathize with people,” says Jeff Clark, public relations director at XyQuest, the company that publishes XyWrite, a word processing program popular among journalists. ‘We sell replacement manuals as a service to registered users, but there’s a call at least once a week from someone who’s obviously trying to get manuals to go with a pirated copy.”

The challenge then is to educate the caller, who may not even know that a law has been broken. “All we ask of a registered user is to run the program on one machine at a time,” Clark explains. “If you’re using it at work, yes, you can use it at home. But don’t buy one copy to use in an office of eight people.” 

“A lot of people seem to think copying disks is OK because it’s easy to do,” says Turner, who is also chairman of the SPA’s companion organization, the Business Software Alliance, which fights international piracy. “Then they call our tech line, and we’re in the delicate position of telling them they’re using a product illegally.”

Microsoft is even more benevolent. “We like to know where the pirated copy originated,” says Bill Pope, associate general counsel for the company. “It’s not always possible to learn over the phone who’s pirating something, because we don’t require that registration cards be returned. But if we do identify a pirated copy, we’ll help the user get it legally, and we may even supply a free copy of the program if we can learn where it came from.”

A highly publicized amnesty program was launched by the XTree Company in July of 1982. For $20, anyone with a pirated copy of an XTree program was allowed to buy a license for the entry-level version of the program, thus getting access to the upgrade path. Response was enthusiastic during the 90-day period, but the offer won’t be repeated. “You can’t offer amnesty over and over,” says Michael Cahlin, who markets the XTree products. “You lose the respect of dealers and users who paid full price for it.”

Turner is more blunt about it. “Amnesty encourages piracy. I don’t think it’s been successful.”

While the SPA will continue to make headlines with Untouchables-style raids of corporate offices, Wasch also acknowledges that education is the key to fighting piracy. A 12-minute, SPA-produced videotape titled “It’s Just Not Worth the Risk” spells out the message as a congenial corporate manager is made wise to the ways of the company pirate.

“That tape has been a huge success,” says Wasch. “American Express bought 300 copies, and Kimberly-Clark just ordered 100. We’ve distributed about 10,000 of them so far.”

A self-audit kit, also available from the SPA, includes a program that determines what software is in use on your PC as well as sample corporate memos and employee agreement forms to promote piracy awareness.

Seeing the Light

Fear of being caught keeps many people honest, but some pirates will wait until they’re forced to walk the plank before giving up.

John Rackam says his BBS users are innocent. “They can’t afford the software, and they shouldn’t have to pay,” he says. “They’re downloaders. They un-ARC it and say, ‘This is nice!’ Then they never use it again.”

Charles Vane believes that software companies should give nonprofit organizations like his theater a break  “If they give us packages, we’ll give them publicity. We’ll print it in the program, we’ll post it in the lobby. It’s an upscale crowd that comes through here. We just don’t have the luxury of money. I bought one program, ReportWriter, because it was cheap and good.”

For casual users, piracy may simply be a phase. “I own 90 percent of the programs I use,” says systems administrator Ed Teach. “That’s a big reverse from about four years ago, when 90 percent of them were bootlegs.”

And there’s always the problem of well-meaning friends. Henry Every, a journalist at a Florida newspaper, received pirated programs from friends when he bought his first computer five years ago. “I had all these programs and no idea how to use them,” Every says. “Fortunately, the bookstore had guides that were even better than the manuals, and I became something of a power user. Then I became the guy that a friend of a friend would call for help with his machine. Next thing I know, I’m the one giving away pirate copies.

“But I won’t do it anymore. I’m sick and tired of getting those calls all hours of the day and night asking me how to use the damn things.”   

Sidebar: It’s in the Packaging

IMITATION IS FLATTERING only when you don’t lose money over it. Many software packages are copied by clever pirates who duplicate disks, manuals, even packaging. Microsoft has been hit often enough by counterfeiters that recent software releases, including the Windows 3.1 and MS-DOS 5.0 upgrade packages, were specially designed to be bootleg-proof.

“Every component part was carefully designed or handpicked for that reason,” says Kristi Bankhead, who works with Microsoft’s general counsel on piracy issues. “To the user, it should just look like an attractive box, but it allows us to tell at once if it’s legitimate or not.”

That strategy paid off in March when FBI agents raided a quartet of Silicon Valley companies that were pulling in up to $600,000 a month distributing bogus copies of MS-DOS and Windows.

Key components of the official, bootleg-proof box designs are colorful artwork and the use of holograms. On the MS-DOS 5.0 upgrade box, a silver circle on the side offers an iridescent image of the logo. A second hologram – a small rectangle on the side of the program manual – shows through an expensive die-cut hole on the other side of the box. The interlocked letters D-O-S are printed in a four-color process that results in complicated mixtures that defy reproduction. Even the way the box is folded and the flaps are glued and tucked is unique – it’s not a common style, and counterfeiters must either spend time and money to copy it or risk quick discovery.

Even as the DOS upgrade package was being readied for market last year, police detectives uncovered a Los Angeles-based pirate ring that was already working on full-scale knockoffs of it. “We got them while they were in the process of completing the DOS 5.0 artwork,” said Bankhead,  “but we could tell how bad it would look. For instance, they were using a piece of foil for the hologram, and it had no three-dimensional image.”

Sidebar: Statistics


IT LOOKS FAMILIAR. It’s very close to a recent Top 10 list of legitimate programs. That’s not surprising, since popular programs are also the most-often swiped. The list above was compiled from a survey of pirate BBS’s, with help from John Rackam. He explains that activity is so brisk the profile changes from week to week, with games being the most transitory items (which is why they’re impossible to track). Because nondisclosure doesn’t exist in the pirate world and exchanging beta copies of software is a pirate tradition, Windows 3.1 won a strong position even before its official release. By the way, there’s only a cursory interest in OS/2 2.0, which is ominous news for IBM if pirate interest is any barometer of sales.

PC/Computing, July 1992

No comments: