Several days ago, I got one call from my under-classmate in Notre Dame. Now he worked as the sales director in one famous design software company. He asked me about the electronic design industry in China. He told me that everyone knows that China is a huge market but most company hesitates to enter China market due to piracy.
Everyone knows that piracy has a significant impact on the high-tech industry, resulting in lost jobs, decreased innovation and higher costs. As a Chinese who has been working in USA for more than 10 yrs, I understand his worry and I also believe Chinese government has realized this. But it seems a mission impossible to stop piracy in a country like China. But could anyone tell me what's the best way to solve the piracy problem?
Any advice will be greatly appreciated!
Thank you in advance!
Seeking for a customer centered PCB fabricator with high-quality and most cost-effective service? SynKore is your perfect option! Send email to snipped-for-privacy@synkore.com or visit
If it is a stand alone 'single user' app then anything you do can be beaten if the hackers have enough skill. Somewhere the sub routines are being called and they will NOP them out. I have spent considerable time deliberatly making some boot code no call any subroutines by having insane branch strings all branching without any sort of far jumps and filling in all the code room inbetween. This makes it much harder to crack, but eventually they bring out a exe with completely recoded boot code.
The absolute best way is to make part of the program dependant on an online server. For example we might have a super expensive compiler for a processor, we know everyone is going to pirate it and not obey the licensce restrictions), so we make it so that their source code is transmitted to us and we compile and return the binary to them. This means they need internet access and we need a powerful computer to keep up with all the users wanting to compile. Not only that but in many cases our servers compile much faster than the users, who can normally take a few minutes, we do it in a second and transmit it straight back, everyone is happy (except the priates or when the internet drops out!)
This can be incorporated into video games as well. When you play a single player game against AI non player characters - have a central server computer doing the calculations for the AI, thus you can't play the game in single player mode without the connection to the internet server, which you can only do through a unqiue login. That login comes from the CD key on the cover of the game and once it used once thats it, it cant be used again. This system is next to impossible to beat (people can share accounts if they play at different times to each other), but this system requires enermous CPU power. With the speed of the internet these days lag isn't a problem but we are still a fair way off people accepting 'lag' in a single player game!
Many games already imploy this to a lesser degree. If the game is multiplayer and features a server then its next to impossible to pirate the software (for example Counter Strike Source is very hard to pirate because everytime you play you must login to servers).
Of course if your software gets to popular then they just somehow rig up their own servers (never give out any server apps). This is hard to do for games. For example with counter strike you can download the server and simply turn off authentification... then pirates can come and play, infact there are whole networks of 'priate' servers for that game souly for that purpose.
It is easy to decent this however. Just limit the account to say 3 addresses in 24 hours or something like that, and always have the new connection given preference over the old connection, this way the priates keep having fights and bumping each other off, then you get in realtime multi users trying to use the same account and you can ban it :-)
Here is one of my favorite techniques. I try to hide the password or registration-checking code as well as I can. And then I create a chain of cause-and-effect through global variables that leads ultimately to the message box or other user notification that this program is not licensed. Of course the user message is easy to find in a debugger, so the pirates can perhaps no-op out the message box and it's subsequent behavior. But, going back to that chain of cause-and-effect, I also spawn an seperate chain of cause-and-effect that leads to something much more subtle - a gradual corruption of the way the application works. This corruption will only be invoked in the case where the pirates have patched out the most visible response to the lack of a license. But the corruption is so subtle that it would take a thorough understanding of the workings of the application to trace it back to it's source. That is almost as hard as writing the application from scratch. For example, I've got a piece of software that runs a test machine that measures angles of louvers on heat exchanger fins. If the program exit for no license has been patched out, then the angle reported by the program will be off by a small pseudorandom amount.
I certainly wouldn't want to apply this 'gradual degradation' approach to any life-critical software. If a end-user unknowingly purchased a cracked copy in good faith, you might support a number of lawyers for a number of years.
On Tue, 18 Apr 2006 13:42:56 GMT, Robert Scott wrote in Msg.
[...]
Depending on the application, this may come back and bite you. I myself have on occasion (two times, IIRC) used illegal copies of some software as "trial versions", but ended up buying them good and proper. Had the programs appeared buggy I wouldn't have done that.
It is a win because, in the case of the louver angle tester, they fudged output will cause the tests to fail, and the pirating company will eventually realize that they can't use the pirated copy and so they may decide to buy the real thing.
Of course. This only works if the fudged output is merely inconvenient. Besides, who tries to use pirated software in a life-critical application anyway?
Or they will have shipped dodgy product to their customers, who suffer for their supplier's behaviour. If an app is going to fail deliberately make sure you know know the knock-on effects.
I could think of projects which would forbid such a compiler. What if you must ensure service and updates for a long time or very fast response times ? Not to mention making last minute changes when you are at the site with no useful communication possible.
You can't rely on getting access 24/24 or after 10years. And then there is the version problem. You would need to provide your compiler in all published versions, because someone might need it.
In embedded projects you often have to think about a longer period. Therefore I want a development system I can store for some years and then use to correct a bug without any new software/keys etc. which might not be available anymore.
At least in the UK that kind of thing can get you done under the computer misuse act.
The trouble is that if the "fudge the output" code activates when you do have a valid license then it's tantamount to sabotage.
There was a case of a graphics company which slowly corrupted DXF files if unlicensed software was being used. The code activated inadvertently and receivers of the company who's business was bankrupted as a result sued the graphics company. The graphics company then proceeded to go out of business due to all their clients running away, terribly fast.
-p
--
Gotch, n. A corpulent beer-jug of some strong ware.
Gotch, v. To surprise with a remark that negates or usurps a remark
that has just been made.
--------------------------------------------------------------------
Wow! I thought I knew some rampant gamblers, but this really takes the platinum biscuit. I hope the guys writing heart monitor software don't decide to fudge any outputs when they detect unlicensed probes being used. Does your liability insurance carrier know about this?
Somewhere, a lawyer is feeling warm and fuzzy right now. Maybe reaching for his Rolodex.
Actually these things are debatable. I would convince you that intellectual property laws, inherently anti-free market, have resulted in decreased innovation and higher costs, as well as gross mismanagement of resources. But that isn't your question..
In fact it is mission impossible everywhere, to enforce intellectual property laws in any kind of consistent manner.
The so-called "piracy problem" is easily solved, and the answer is to not rely on paying an armed group to enforce a monopoly for you. That has made a lot of money for some, but it shouldn't be that way.
You need to include in your business model that any code or product released to the public domain (read: market) becomes free thereafter. There are several ways work with this to make big bucks without relying on intellectual property laws:
1) Go to the customer directly, to commission writing of the software. If your customers are big businesses, or governments, with custom demands, this is how it is always done. You tell them how much it will cost, they pay you, you do it. End of story.
2) Software as service. If your customers are individuals, or you wish to sell the same product to many after you have made it, you need to work with them to make their lives, tasks, whatever it is your software does, easier. Sell manuals, CDs, website access, server access, updates, help, etc. There's no need to rely on intellectual property laws to do this profitably. Some will copy your material and redistribute it, but if they can do the job better than you - they deserve to put you out of business. That's the free market.
3) Advertisements. I don't think this one needs much explanation. Big money here, and no need to rely on intellectual property laws.
4) Managed release to markets (public domain). This is a bit trickier.. here you release some of the software or information to the public domain, either for commission from customers, or for some initial profit as a shrinkwrap. Then, when a base of interested customers is established, you repeat the process with little bits of product. This is basically the "upgrade" model, probably should have been included with software as a service.
5) System maintenance. Skilled programmers will always be paid a lot to keep systems running as they need to.
6,7.. the list goes on and on.
ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.