What “LLL” — the adopted screen name of a US freelance media worker — really wanted was the latest master collection of Adobe’s design and publishing package, Creative Suite 4 (CS4). What he didn’t want was to pay the full US$2,499 retail price for it. Equally, he didn’t want what was included in the latest pirated version of CS4: malicious software added by pirates that would try to silently take over his computer if he installed it.
Having been a “casual” software pirate (for his own use) for almost 30 years, LLL knows that, whichever channel pirated software is distributed through, by the time it reaches the broad base of casual pirates it is often riddled with malware designed to turn the victim’s computer into a bot controlled by a remote user. The cracked version of CS4 was no exception.
As with much modern software, Adobe contacts an “activation server” online to check that the license key isn’t already in use, and then activates the software, tying that specific key to that computer (Windows uses a similar system). To fool the activation system, cracked software often comes with a key generator program — or “keygen” — written by the professional pirates. It generates a new license key that the software will accept, allowing casual software copiers to continue using the application as a fully licensed version.
In keeping with many pirated applications, it wasn’t the CS4 rip-off that was infected, but the key generator. So LLL avoided the keygen by taking his computer offline and using someone else’s existing key, which he says persuaded the software to install as a fully licensed version. The trouble was that, as soon as the software tried to activate itself online, Adobe’s servers would tell it that the license key was already in use. To stop the software from activating, he found a list of the activation servers that CS4 visits, compiled by someone who had watched the software at work on his own computer.
By editing his computer’s hosts file — a crucial file on a PC or Mac that tells the computer which IP addresses to contact when visiting certain sites — he was able to prevent the software from visiting the activation server. When your computer is trying to connect to a site, it first checks the hosts file to see if the IP address is stored there. The edit would send any request for the Adobe activation servers into limbo, typically to 127.0.0.1, which points back to your own computer.
“If [the software is] trying to visit this server to activate this product, I can just block that with the host files,” LLL says. “The Adobe product is set up so that if it can’t get there, it’ll keep working and try again later.”
But some think that this method of piracy isn’t effective. Guy Bunker, chief scientist at the online security company Symantec, says the hosts method “is good for the grace period” — the period most online-activated software gives you to register it after installation — but that the software will generally stop working if it hasn’t been able to activate after 30 days.
Nevertheless, LLL, and multiple commenters in online forums, attest that it works long after the grace period ends.
LLL claims he can’t afford to buy the software outright.
“In my day-to-day business, I’m so diverse in what I do,” he argues.
He has to perform a plethora of tasks, but none of them very often. He may only use one facet of Apple’s professional video-editing package, Final Cut Pro, for example.
“Here’s something I have to get done, but the downside is that I only use it for five days out of the year. So going and buying a full version of Final Cut Pro for US$1,400? I don’t think so,” he says.
The problem for anti-piracy groups is loners such as LLL: a hired gun who uses the software on occasion. John Lovelock, chief executive for the anti-piracy non-profit group FAST IiS, is more focused on the 40,000 or so businesses in the UK with 30 or more PCs.
“If you go below 30 PCs, there are millions of casual piracy candidates. How do you control that? Very, very difficult,” he says.
“But the consumers are very much the problem, because those consumers will go to work. If you’ve got 50 people in the office and someone brings in a cracked copy, and it’s a struggling business and they can convince the owners to distribute it to those that need it and save money, that’s where we get interested,” he says.
Why are these anti-piracy measures so arcane in the first place? Many tie activation to a particular machine and require deactivation before that machine is reformatted. Otherwise, the next installation is counted as a new machine, and eventually you run out of lives; the only recourse then is to phone a company helpline.
Making customers feel like criminals edges them toward criminal behavior, warns Victor DeMarines, vice president of products for the US-based anti-piracy technology company V.I Labs.
“As soon as you have to pick up the phone to call someone, you could just as easily have gone to Rapidshare or Usenet or somewhere to download the crack,” he points out. “When a vendor creates resistance like that to relicense that software, you’ll see the curve of casual piracy increase.”
But that raises the obvious question: How could software be offered in a way that stops piracy, or at the very least discourages people like LLL? Haven’t we reached the point where people like LLL could download a basic foundation application with minimal functions, and pay for more specific functions when required — instead of having to pay for 100 percent functionality of which he will only ever use 5 percent?
“If I’m just using software to render a file, I don’t care — that’s free,” posits DeMarines, describing a possible model. “As you step into it and use more intellectual property, then you pay for what you use.”
The other option lies in the cloud. Why not put this software online and rent it on a pay-per-use basis? For example, Nivio.com provides virtual online Windows XP desktops; renting out MS Office for £2.38 (US$3.57) in the UK a month, after consumers invest in a basic plan for £3.60 a month.
While Adobe may be playing with such models, it isn’t interested in using them as a tool to stop piracy.
“The business rationale for developing and launching these services and offering our traditional desktop products in the cloud are multifold, including market acceptance, purchase methods, and use models,” said Suresh Balasubramanian, director of worldwide anti-piracy for Adobe, in a written statement, adding that the company is conducting an online CS4 trial in Australia. “While reducing piracy will certainly be a key side effect of such business models, we typically do not consider it to be the key driver or motivator for developing and launching new business models.”
It should be noted that LLL isn’t your typical non-technical user. His cavalier attitude toward intellectual property is mirrored by an astute technical awareness of what is happening on his machine. He watches how it interacts with his network and takes a measured approach on the frequent occasions when he finds malware running.
Those frequent occasions should give the less experienced pause, but the number of pirated pieces of software circulating online, and the millions of PCs — and more recently the small number of Macs — enlisted without their owner’s knowledge into botnets, suggest the lure of “cheap” cracked software overcomes caution.
LLL shrugs.
“If someone wants to open up port 25 and use my machine to hack the Pentagon then I’d be concerned,” he says, adding that he has the infrastructure set up to wipe his machine and reinstall everything while keeping all of his data. “But if someone opens up port 25 just to spoof an email, then I don’t really give a rat’s ass. I’m going to block it if I find it, of course. It all depends on the level of risk.”
In short, alongside the ethical considerations surrounding casual piracy, there are also very good technical reasons why people wouldn’t want to try this at home.
Recently, China launched another diplomatic offensive against Taiwan, improperly linking its “one China principle” with UN General Assembly Resolution 2758 to constrain Taiwan’s diplomatic space. After Taiwan’s presidential election on Jan. 13, China persuaded Nauru to sever diplomatic ties with Taiwan. Nauru cited Resolution 2758 in its declaration of the diplomatic break. Subsequently, during the WHO Executive Board meeting that month, Beijing rallied countries including Venezuela, Zimbabwe, Belarus, Egypt, Nicaragua, Sri Lanka, Laos, Russia, Syria and Pakistan to reiterate the “one China principle” in their statements, and assert that “Resolution 2758 has settled the status of Taiwan” to hinder Taiwan’s
Can US dialogue and cooperation with the communist dictatorship in Beijing help avert a Taiwan Strait crisis? Or is US President Joe Biden playing into Chinese President Xi Jinping’s (習近平) hands? With America preoccupied with the wars in Europe and the Middle East, Biden is seeking better relations with Xi’s regime. The goal is to responsibly manage US-China competition and prevent unintended conflict, thereby hoping to create greater space for the two countries to work together in areas where their interests align. The existing wars have already stretched US military resources thin, and the last thing Biden wants is yet another war.
As Maldivian President Mohamed Muizzu’s party won by a landslide in Sunday’s parliamentary election, it is a good time to take another look at recent developments in the Maldivian foreign policy. While Muizzu has been promoting his “Maldives First” policy, the agenda seems to have lost sight of a number of factors. Contemporary Maldivian policy serves as a stark illustration of how a blend of missteps in public posturing, populist agendas and inattentive leadership can lead to diplomatic setbacks and damage a country’s long-term foreign policy priorities. Over the past few months, Maldivian foreign policy has entangled itself in playing
A group of Chinese Nationalist Party (KMT) lawmakers led by the party’s legislative caucus whip Fu Kun-chi (?) are to visit Beijing for four days this week, but some have questioned the timing and purpose of the visit, which demonstrates the KMT caucus’ increasing arrogance. Fu on Wednesday last week confirmed that following an invitation by Beijing, he would lead a group of lawmakers to China from Thursday to Sunday to discuss tourism and agricultural exports, but he refused to say whether they would meet with Chinese officials. That the visit is taking place during the legislative session and in the aftermath