doug@mathel.ncsu.edu (Doug James) (02/28/90)
Someone I know has a pirated copy of an expensive piece of commercial
software. Today this person received a letter from the company
producing the software. It was a form letter -- very polite and
understated. But the main point was clear: "we have reason to believe
you have a copy of our product. Send us a photocopy of your original
diskette and prove that you are entitled to have it."
I strongly disapprove of pirating software, and am quite vocal about
it. As a result, I found myself in the uncomfortable position of
feeling like I was suspected of having turned this person's name in
to the company. I most certainly did not do so.
My question: what mechanism is likely to have triggered such a letter?
--doug james
doug%mathel@ncsuvx.ncsu.edudoug@mathel.ncsu.edu (Doug James) (02/28/90)
My apologies to readers of other than comp.misc: I editted another article to post this one, and accidentally sent this to many inappropriate newsgroups. I also failed to edit the references field; 1378@Terra.cc.brunel.ac.uk has nothing to do with this posting. If anyone cares to continue this thread, PLEASE correct my error and post only to comp.misc. I'm so embarrassed... --doug james
cpcahil@virtech.uucp (Conor P. Cahill) (02/28/90)
In article <1990Feb28.003201.10614@ncsuvx.ncsu.edu> doug%mathel@ncsuvx.ncsu.edu (Doug James) writes: [discussion of someone whom got a letter from a company that said something like "we think you are pirating our software" deleted] >My question: what mechanism is likely to have triggered such a letter? Most likely your friend posted something on the net saying "I have this problem when I try to do such-and-such with this program". The company saw it, checked thier registered user's list and found the name missing. Note that net may be usenet, bitnet, compuserv, etc. -- +-----------------------------------------------------------------------+ | Conor P. Cahill uunet!virtech!cpcahil 703-430-9247 ! | Virtual Technologies Inc., P. O. Box 876, Sterling, VA 22170 | +-----------------------------------------------------------------------+
dlow@hpspcoi.HP.COM (Danny Low) (03/01/90)
>I strongly disapprove of pirating software, and am quite vocal about >it. As a result, I found myself in the uncomfortable position of >feeling like I was suspected of having turned this person's name in >to the company. I most certainly did not do so. > >My question: what mechanism is likely to have triggered such a letter? > > --doug james The Software Publishing Association has an phone number that people can call to expose pirates. It's all anonymous but there is some evidence as to who calls. When the piracy is wide spread within the company, the call is usually made by an employee with more honesty than the company or a disgruntle employee or ex-employee. This type of piracy results in a formal letter to the company that usually requests an on site audit by the SFA. When an individual pirate is singled out it is usually a tip from another employee with a grudge against the pirate. Most people resolve a conflict between honesty and people they know and like by remaining silent. Danny Low "Question Authority and the Authorities will question You" Valley of Hearts Delight, Silicon Valley HP SPCD dlow%hpspcoi@hplabs.hp.com ...!hplabs!hpspcoi!dlow
ray@philmtl.philips.ca (Ray Dunn) (03/01/90)
In referenced article, doug%mathel@ncsuvx.ncsu.edu (Doug James) writes: >Someone I know has a pirated copy of an expensive piece of commercial >software. Today this person received a letter from the company >producing the software. >.... >My question: what mechanism is likely to have triggered such a letter? Auto-reporting mechanisms have been around on shrink-wrap software for some time now. Their availability was really the only reason that the software industry was willing to stop copy protecting their software. This is a good reason to avoid running pirated software on machines with internal modems, or even too close to a touch-tone phone.... -- Ray Dunn. | UUCP: ray@philmtl.philips.ca Philips Electronics Ltd. | ..!{uunet|philapd|philabs}!philmtl!ray 600 Dr Frederik Philips Blvd | TEL : (514) 744-8200 Ext : 2347 (Phonemail) St Laurent. Quebec. H4M 2S9 | FAX : (514) 744-6455 TLX : 05-824090
roy@phri.nyu.edu (Roy Smith) (03/01/90)
In article <1088@philmtl.philips.ca> ray@philmtl.philips.ca (Ray Dunn) writes: > Auto-reporting mechanisms have been around on shrink-wrap software for some > time now [...] This is a good reason to avoid running pirated software on > machines with internal modems, or even too close to a touch-tone phone.... I didn't see a smiley face, but I have to assume you're not serious. You're not, are you? There are technical problems to be considered, but I suppose it would be fairly straight-forward to have a program peek around and discover what your system configuration is (i.e. if you have a modem, and if so, what type). The same goes for figuring out what phone number you have to dial (might have to dial 9 for an outside line, etc). If it called an 800 number, you would never see a record on your phone bill, but you might just happen to be around watching while it tried to do it. Figuring out what information to pass might be more difficult. It doesn't do much good to call up and say "I'm a copy of program X running on some PC somewhere" if you can't somehow identify who owns the PC or where it is. On some machines, mostly networked timesharing systems, it would be a lot easier. On the Sun on my desk, for example, it would be trivial for a program to send email to pirate_spy@evil_company.com (although they might pick a less obvious name, knowing my mail log would have a record of it) and let my MTA worry about how to get it there. It would also be trivial to figure out that it was running on a 3/50 with such-and-such serial number, IP address, domain name, etc, that it was run by user "roy" (with my full name, phone, and room number kindly supplied by finger), etc. So lets assume that it is within the realm of technical possibility that such a thing could be done. Are there actually companies that do that!? Please note, I'm a rabid anti-pirating type. Don't let my choice of meta company name above delude you into thinking otherwise. On the other hand, if companies really do create auto-reporting software as described by Ray Dunn, I think that's despicable vigilantism. One interesting approach to copyright protection of shrink-wrap software is used by Interactive Data Design. When you buy a copy of IDD's Dreams (a reasonably good CAD-type program for the Macintosh), you get two disks. The Dreams executable comes in two halves, one on each disk (possibly because it's too big to fit one one?) You need to use their custom installer program to copy the two pieces to your disk and reassemble them. Along the way, it customizes the copy *on the original distribution disk*, so when you start it up, you get a banner saying "Dreams version XX, copyright IDD, customized for Roy Smith, Public Health Research Institute". You can then freely pirate the customized version, but at least there is a note staring you in the face every time you start it up telling you that it's stolen. Also lets people like me (who do tech support) know what's what. When sombody asks me for help, I watch what happens on startup and can (if nothing else) make snide comments like "Oh, you're name is Joe Jones too? Funny, there seem to be so many people with that name around here!" Microsoft does a similar thing with Word, but not quite the same. With Word, the first time it runs, it asks you to customize it. However, you can just copy the virgin program off the disk and run it first on your hard disk. With Dreams, there is no virgin copy left -- you original distribution copy gets customized. The only hitch with this is that it requires you to put your distribution disk in the drive without being write protected, and thus exposed to virus infection. One only hopes that the Dreams installer is very very careful about (for example) checksumming the resource fork (or even the whole disk) to avoid contamination, although I doubt it actually is. -- Roy Smith, Public Health Research Institute 455 First Avenue, New York, NY 10016 roy@alanine.phri.nyu.edu -OR- {att,philabs,cmcl2,rutgers,hombre}!phri!roy "My karma ran over my dogma"
ray@philmtl.philips.ca (Ray Dunn) (03/03/90)
In referenced article, roy@phri.nyu.edu (Roy Smith) writes: >In other article, ray@philmtl.philips.ca (Ray Dunn) writes: >> Auto-reporting mechanisms have been around on shrink-wrap software for some >> time now [...] This is a good reason to avoid running pirated software on >> machines with internal modems, or even too close to a touch-tone phone.... > > I didn't see a smiley face, but I have to assume you're not serious. >You're not, are you? Amn't I? -- Ray Dunn. | UUCP: ray@philmtl.philips.ca Philips Electronics Ltd. | ..!{uunet|philapd|philabs}!philmtl!ray 600 Dr Frederik Philips Blvd | TEL : (514) 744-8200 Ext : 2347 (Phonemail) St Laurent. Quebec. H4M 2S9 | FAX : (514) 744-6455 TLX : 05-824090
clear@actrix.co.nz (Charlie Lear) (03/03/90)
In article <1990Mar1.84@phri.nyu.edu> roy@phri.nyu.edu (Roy Smith) writes: > So lets assume that it is within the realm of technical possibility >that such a thing could be done. Are there actually companies that do that!? The Australian company who produces the D'Bridge Fidonet enhancement software for BBS's does just that. You run the package's registration option, and it dials the Australian support BBS, logs in, and sends a packet of information you provided it with when you installed the software. D'Bridge BBS sends a temporary registration number, valid for a month, to allow setup and testing of the Fidonet links. This enables various extra features required to xmit and rx files, but as stated self destructs in a month unless you make a further call with your credit card number handy to fully register the software. I think it is an excellent system, for this type of product, as anyone using it just HAS to have a modem and phone line. I don't see it being applicable to a non-communications environment - how can you be sure someone running the package has a modem or is on some sort of net? You can't - unless your program is specifically designed to communicate with other computers as its main application. -- ======================================================================== Charlie "The Bear" Lear: Call The Cave BBS, 64(4)643429 157MB Online! Snail: P.O. Box 12-175, Thorndon, Wellington, New Zealand All mail and flames to clear@actrix.co.nz please: csnz.co.nz is no more!
pcg@odin.cs.aber.ac.uk (Piercarlo Grandi) (03/05/90)
In article <1088@philmtl.philips.ca> ray@philmtl.philips.ca (Ray Dunn) writes:
Auto-reporting mechanisms have been around on shrink-wrap software for some
time now. Their availability was really the only reason that the software
industry was willing to stop copy protecting their software.
I am all for respecting the rights of authors, as I am FSF supporter.
On the other hand, probably any such scheme, if really operational, is
illicit, or at least very dangerous. Let me be more precise: it is not
probably illegal, because after all when you license/buy software no
representation is ever made as to the what the program functionality is,
so you have (in the supplier's intentions) no ground to complain if
among the program's functions is one that rings up the Pentagon and asks
for a nuclear strike on your coordinates with valid codes :-).
This is a good reason to avoid running pirated software on machines with
internal modems, or even too close to a touch-tone phone....
I think that it is unlikely that any publishing house would be that
prepared to risk trouble. On the other hand some publishers of
networking software seem to use copy protection schemes (random
broadcast of packets) that can cause big trouble on a net.
--
Piercarlo "Peter" Grandi | ARPA: pcg%cs.aber.ac.uk@nsfnet-relay.ac.uk
Dept of CS, UCW Aberystwyth | UUCP: ...!mcvax!ukc!aber-cs!pcg
Penglais, Aberystwyth SY23 3BZ, UK | INET: pcg@cs.aber.ac.uk