What “LLL” — the adopted screen name of a US freelance media worker — really wanted was the latest master collection of Adobe’s design and publishing package, Creative Suite 4 (CS4). What he didn’t want was to pay the full US$2,499 retail price for it. Equally, he didn’t want what was included in the latest pirated version of CS4: malicious software added by pirates that would try to silently take over his computer if he installed it.
Having been a “casual” software pirate (for his own use) for almost 30 years, LLL knows that, whichever channel pirated software is distributed through, by the time it reaches the broad base of casual pirates it is often riddled with malware designed to turn the victim’s computer into a bot controlled by a remote user. The cracked version of CS4 was no exception.
As with much modern software, Adobe contacts an “activation server” online to check that the license key isn’t already in use, and then activates the software, tying that specific key to that computer (Windows uses a similar system). To fool the activation system, cracked software often comes with a key generator program — or “keygen” — written by the professional pirates. It generates a new license key that the software will accept, allowing casual software copiers to continue using the application as a fully licensed version.
In keeping with many pirated applications, it wasn’t the CS4 rip-off that was infected, but the key generator. So LLL avoided the keygen by taking his computer offline and using someone else’s existing key, which he says persuaded the software to install as a fully licensed version. The trouble was that, as soon as the software tried to activate itself online, Adobe’s servers would tell it that the license key was already in use. To stop the software from activating, he found a list of the activation servers that CS4 visits, compiled by someone who had watched the software at work on his own computer.
By editing his computer’s hosts file — a crucial file on a PC or Mac that tells the computer which IP addresses to contact when visiting certain sites — he was able to prevent the software from visiting the activation server. When your computer is trying to connect to a site, it first checks the hosts file to see if the IP address is stored there. The edit would send any request for the Adobe activation servers into limbo, typically to 127.0.0.1, which points back to your own computer.
“If [the software is] trying to visit this server to activate this product, I can just block that with the host files,” LLL says. “The Adobe product is set up so that if it can’t get there, it’ll keep working and try again later.”
But some think that this method of piracy isn’t effective. Guy Bunker, chief scientist at the online security company Symantec, says the hosts method “is good for the grace period” — the period most online-activated software gives you to register it after installation — but that the software will generally stop working if it hasn’t been able to activate after 30 days.
Nevertheless, LLL, and multiple commenters in online forums, attest that it works long after the grace period ends.
LLL claims he can’t afford to buy the software outright.
“In my day-to-day business, I’m so diverse in what I do,” he argues.
He has to perform a plethora of tasks, but none of them very often. He may only use one facet of Apple’s professional video-editing package, Final Cut Pro, for example.
“Here’s something I have to get done, but the downside is that I only use it for five days out of the year. So going and buying a full version of Final Cut Pro for US$1,400? I don’t think so,” he says.
The problem for anti-piracy groups is loners such as LLL: a hired gun who uses the software on occasion. John Lovelock, chief executive for the anti-piracy non-profit group FAST IiS, is more focused on the 40,000 or so businesses in the UK with 30 or more PCs.
“If you go below 30 PCs, there are millions of casual piracy candidates. How do you control that? Very, very difficult,” he says.
“But the consumers are very much the problem, because those consumers will go to work. If you’ve got 50 people in the office and someone brings in a cracked copy, and it’s a struggling business and they can convince the owners to distribute it to those that need it and save money, that’s where we get interested,” he says.
Why are these anti-piracy measures so arcane in the first place? Many tie activation to a particular machine and require deactivation before that machine is reformatted. Otherwise, the next installation is counted as a new machine, and eventually you run out of lives; the only recourse then is to phone a company helpline.
Making customers feel like criminals edges them toward criminal behavior, warns Victor DeMarines, vice president of products for the US-based anti-piracy technology company V.I Labs.
“As soon as you have to pick up the phone to call someone, you could just as easily have gone to Rapidshare or Usenet or somewhere to download the crack,” he points out. “When a vendor creates resistance like that to relicense that software, you’ll see the curve of casual piracy increase.”
But that raises the obvious question: How could software be offered in a way that stops piracy, or at the very least discourages people like LLL? Haven’t we reached the point where people like LLL could download a basic foundation application with minimal functions, and pay for more specific functions when required — instead of having to pay for 100 percent functionality of which he will only ever use 5 percent?
“If I’m just using software to render a file, I don’t care — that’s free,” posits DeMarines, describing a possible model. “As you step into it and use more intellectual property, then you pay for what you use.”
The other option lies in the cloud. Why not put this software online and rent it on a pay-per-use basis? For example, Nivio.com provides virtual online Windows XP desktops; renting out MS Office for £2.38 (US$3.57) in the UK a month, after consumers invest in a basic plan for £3.60 a month.
While Adobe may be playing with such models, it isn’t interested in using them as a tool to stop piracy.
“The business rationale for developing and launching these services and offering our traditional desktop products in the cloud are multifold, including market acceptance, purchase methods, and use models,” said Suresh Balasubramanian, director of worldwide anti-piracy for Adobe, in a written statement, adding that the company is conducting an online CS4 trial in Australia. “While reducing piracy will certainly be a key side effect of such business models, we typically do not consider it to be the key driver or motivator for developing and launching new business models.”
It should be noted that LLL isn’t your typical non-technical user. His cavalier attitude toward intellectual property is mirrored by an astute technical awareness of what is happening on his machine. He watches how it interacts with his network and takes a measured approach on the frequent occasions when he finds malware running.
Those frequent occasions should give the less experienced pause, but the number of pirated pieces of software circulating online, and the millions of PCs — and more recently the small number of Macs — enlisted without their owner’s knowledge into botnets, suggest the lure of “cheap” cracked software overcomes caution.
LLL shrugs.
“If someone wants to open up port 25 and use my machine to hack the Pentagon then I’d be concerned,” he says, adding that he has the infrastructure set up to wipe his machine and reinstall everything while keeping all of his data. “But if someone opens up port 25 just to spoof an email, then I don’t really give a rat’s ass. I’m going to block it if I find it, of course. It all depends on the level of risk.”
In short, alongside the ethical considerations surrounding casual piracy, there are also very good technical reasons why people wouldn’t want to try this at home.
As strategic tensions escalate across the vast Indo-Pacific region, Taiwan has emerged as more than a potential flashpoint. It is the fulcrum upon which the credibility of the evolving American-led strategy of integrated deterrence now rests. How the US and regional powers like Japan respond to Taiwan’s defense, and how credible the deterrent against Chinese aggression proves to be, will profoundly shape the Indo-Pacific security architecture for years to come. A successful defense of Taiwan through strengthened deterrence in the Indo-Pacific would enhance the credibility of the US-led alliance system and underpin America’s global preeminence, while a failure of integrated deterrence would
The Executive Yuan recently revised a page of its Web site on ethnic groups in Taiwan, replacing the term “Han” (漢族) with “the rest of the population.” The page, which was updated on March 24, describes the composition of Taiwan’s registered households as indigenous (2.5 percent), foreign origin (1.2 percent) and the rest of the population (96.2 percent). The change was picked up by a social media user and amplified by local media, sparking heated discussion over the weekend. The pan-blue and pro-China camp called it a politically motivated desinicization attempt to obscure the Han Chinese ethnicity of most Taiwanese.
On Wednesday last week, the Rossiyskaya Gazeta published an article by Chinese President Xi Jinping (習近平) asserting the People’s Republic of China’s (PRC) territorial claim over Taiwan effective 1945, predicated upon instruments such as the 1943 Cairo Declaration and the 1945 Potsdam Proclamation. The article further contended that this de jure and de facto status was subsequently reaffirmed by UN General Assembly Resolution 2758 of 1971. The Ministry of Foreign Affairs promptly issued a statement categorically repudiating these assertions. In addition to the reasons put forward by the ministry, I believe that China’s assertions are open to questions in international
The Legislative Yuan passed an amendment on Friday last week to add four national holidays and make Workers’ Day a national holiday for all sectors — a move referred to as “four plus one.” The Chinese Nationalist Party (KMT) and the Taiwan People’s Party (TPP), who used their combined legislative majority to push the bill through its third reading, claim the holidays were chosen based on their inherent significance and social relevance. However, in passing the amendment, they have stuck to the traditional mindset of taking a holiday just for the sake of it, failing to make good use of
RSS