What “LLL” — the adopted screen name of a US freelance media worker — really wanted was the latest master collection of Adobe’s design and publishing package, Creative Suite 4 (CS4). What he didn’t want was to pay the full US$2,499 retail price for it. Equally, he didn’t want what was included in the latest pirated version of CS4: malicious software added by pirates that would try to silently take over his computer if he installed it.
Having been a “casual” software pirate (for his own use) for almost 30 years, LLL knows that, whichever channel pirated software is distributed through, by the time it reaches the broad base of casual pirates it is often riddled with malware designed to turn the victim’s computer into a bot controlled by a remote user. The cracked version of CS4 was no exception.
As with much modern software, Adobe contacts an “activation server” online to check that the license key isn’t already in use, and then activates the software, tying that specific key to that computer (Windows uses a similar system). To fool the activation system, cracked software often comes with a key generator program — or “keygen” — written by the professional pirates. It generates a new license key that the software will accept, allowing casual software copiers to continue using the application as a fully licensed version.
In keeping with many pirated applications, it wasn’t the CS4 rip-off that was infected, but the key generator. So LLL avoided the keygen by taking his computer offline and using someone else’s existing key, which he says persuaded the software to install as a fully licensed version. The trouble was that, as soon as the software tried to activate itself online, Adobe’s servers would tell it that the license key was already in use. To stop the software from activating, he found a list of the activation servers that CS4 visits, compiled by someone who had watched the software at work on his own computer.
By editing his computer’s hosts file — a crucial file on a PC or Mac that tells the computer which IP addresses to contact when visiting certain sites — he was able to prevent the software from visiting the activation server. When your computer is trying to connect to a site, it first checks the hosts file to see if the IP address is stored there. The edit would send any request for the Adobe activation servers into limbo, typically to 127.0.0.1, which points back to your own computer.
“If [the software is] trying to visit this server to activate this product, I can just block that with the host files,” LLL says. “The Adobe product is set up so that if it can’t get there, it’ll keep working and try again later.”
But some think that this method of piracy isn’t effective. Guy Bunker, chief scientist at the online security company Symantec, says the hosts method “is good for the grace period” — the period most online-activated software gives you to register it after installation — but that the software will generally stop working if it hasn’t been able to activate after 30 days.
Nevertheless, LLL, and multiple commenters in online forums, attest that it works long after the grace period ends.
LLL claims he can’t afford to buy the software outright.
“In my day-to-day business, I’m so diverse in what I do,” he argues.
He has to perform a plethora of tasks, but none of them very often. He may only use one facet of Apple’s professional video-editing package, Final Cut Pro, for example.
RSS