Slashdot Mirror
More On Policing Shareware
RHW22 writes "Washington Post's Rob Pegoraro looks at shareware, focusing on the question of whether or not this industry can survive if people never actually cough up $$ for the product. He mentions Ambrosia Software, 'a developer of Macintosh games and utilities in Rochester, N.Y., could stop guessing after it revised its payment system last year. The new system aims to stop people from using pirated registration codes in two ways.' Read his column here." We mentioned this several weeks ago, with a link to Ambrosia's description of their system and what led to its adoption.
IMHO, most stuff marketed as shareware is really demoware.
If it can't save - It's a demo
If it pops up excessive nag screens - It's a demo
If major functionality is locked - It's a demo
TODO: Something witty here...
The way I see it, shareware authors shouldn't expect to turn a profit. They should just see being profitable as a nice perk. The majority of people out there won't pay for what they can get for free. If that involves running a serial number generator or a simple crack, then that's what people will do. The only reasonable way to get people to register is to do like Doom and offer a sample that can be expanded upon once the cash is coughed up. Most importantly, it can't be an unlock code, it must be an entirely different program. Of course that doesn't prevent people from giving their buddies copies of the registered version, but that's an unwinnable war.
You want to make money on shareware? Charge less. Make it very convenient to pay. And don't annoy the end user.
Headlight Software has made lots of money from Getright registrations, despite some people having pirated it. I've registered it myself. (I think it was $20, not $25, when I did, though.)
If a software company wants too much money for a piece of shareware, users will get a patch or key generator rather than pay. If the software nags the hell out of the user when he installs it, he'll get mad. I know I do.
This stuff is easy to defeat. If you wanted to pirate this stuff you would not try to do it with a shared registration code. That is just 5tup1d. It would be done in one of 2 ways:
:oP
1) A key generator: Create your own personalized registration key. This was my favorite way to pirate and it usually doesnt take the professionals long to create a keygen either.
2) A crack: completely disables the 'time checking' on the shareware by altering the binaries in some way
The piracy prevention methods outlined in the article won't have any effect on key generators or cracks.
P.S. This is such old stuff. I remember shareware companies keeping blacklists and time stamping keys in 1997. It did not slow me down at all
Why is this news?
When I purchase software, I own the product. The problem with expiring registration codes is that you only own the software as long as the company is in business.
What happens when Ambrosia goes out of business and the software code expires? Your product that you PAID FOR stops working.
Can you imagine the impact of GM going out of business and then finding your car doesn't start the next morning? You paid for that car, and you expect it to function correctly for the expected life of that car.
Expiring codes, WPA, and all the other software piracy/protection schemes out there remove control of the software from the end user and shift it to the software vendor. It is only a small step to software as a subscription service after that.
I'm really glad my Linux machine is totally free and if Microsoft, or Ambrosia goes out of business it will still keep working.
-ted
The way I see it, shareware authors shouldn't expect to turn a profit. They should just see being profitable as a nice perk.
Why shouldn't shareware authors expect to make a profit? Because you say so?
Shareware is a distribution model - you like it so you register it, recommend it to your friends, etc - nothing more, nothing less.
Too many people equate shareware with free, and those that resort to password cracks are the worst kind as they can't even use the "I just wanted to see if it was what I wanted" defence.
Sure, most people will take advantage of the situation and never register software that they decide to use beyond the trial period, but some people are more honest and will happily pony up $20 for a package that does the job they want done.
But saying that the authors, the people who invested their time and effort into code that other people benefit from, shouldn't expect to see a return on their work is downright unbelievable.
"Accept that some days you are the pigeon, and some days you are the statue." - David Brent, Wernham Hogg
It can be very secure.
I don't know what they mean by "polynomials", but a public key algorithm would avoid any realistic possibility of a key generator. You would have to crack the codes a different way.
I find it disturbing that so many people continually show such complete ignorance of the history of this industry.
Shareware is fully-functional software for which you are *encouraged* to pay the developer (if you find it useful). You are also encouraged to share it with your friends, hence the name shareware. It is not time limited. It is not missing any functionality necessary for normal operation. It may have annoying messages nagging you to please pay, but if it is hampered in any way in which you must pay to get the fully-functional version, it is a commercial demo.
It's offensive that so many people these days seem to be freeloading off the good will and generosity of the shareware community in order to sell their commercial products!
maybe they shouldn't be so GULLIBLE to expect that someone would want to fork over money for something if they dont have to. if a business model relies on honesty, it's not gonna work in the year 2002.
Show me (and the authors) a distribution model that gets as much potential exposure with next to no marketing spend and perhaps I'll consider your argument.
Relying on the honesty of others might not be as profitable in 2002 as it was in 1952 but to say that it can't work at all is foolish. Ever heard of WinZip?
"Accept that some days you are the pigeon, and some days you are the statue." - David Brent, Wernham Hogg
Actually, I'll just quote Linus: " In my opinion, shareware tends to combine the worst of commercial software (no sources) with the worst of free software (no finishing touches). I simply do not believe in the shareware market at all. "
Perhaps I've been spoiled by Linux, but I'm getting into Mac OS X now, and there are tons of little apps that on Linux would be free, but some chump wants $9 for on OS X. Yeah, part of it is me being cheap, but I keep going back to Linus's quote and end up not buying it.
"Shareware + source" might be interesting, even with a non-RMS-compliant license, but I haven't seen it. (And of course, I'd prefer full GPL if possible.)
it's been said earlier, but if you compare the ratio of sales of a product like CuteFTP to pirated / trial versions, it's ridiculous.
let's examine it in depth.
What are 94% of FTP client users doing? WAREZING
now that we know that, we can assume, that most people won't pay $35 or whatever.
So the solution would be to make it ultra cheap, say in the neighborhood of $5 a license. That would greatly expand the user base, and if they implemented payment via paypal as well as credit cards, people would be more likely to impulse buy.
$5 is nothing, i'll spend that impulsively. Even $10, after that, we move into the area where we stop caring about the company (think of how many sharware progs you use, (wellyou linux people dont')). If they were that cheap, i'd by each one that I use.
Photos.
I fail to see how this amounts to theft. It is a violation of a modern law, but theft is almost so obvious one has to think about it to even define it. Theft is the act of depriving someone of some 'thing' that they have exclusive rights to, either by earning it, or having been given it by someone who themselves earned it.
In this way, it's obvious that if you take a Ferrari from the dealer without paying, there is one less Ferrari the dealer can sell. This is not the case with 'intellectual property'. What's more, it is concievable, that were the authors so inclined, every single computer on the planet might have this shareware. The cost would be negligible. No matter how generous the exotic car dealer is though, there are a finite number of Ferraris. These are too completely seperate things.
I'm not sure that there are any moral rights to what modern law calls intellectual property. Certainly, someone has the right to take credit for software that they have written, and those attempting to infringe that right are in the wrong. Do they have a right to make certain no one is playing the shareware game, unless they have paid an arbitrary sum? Should the exotic car dealer be allowed to forbid you from loaning your Ferrari to a friend (not that he would have to, it would have to be a damn good friend) ? If the exotic car dealer has no rights once the car has left his possession, how can a software author? Can the author be certain, that the pirated copy they are trying to prevent, isn't just a legit copy that was loaned to another person? Lots of questions.
You could claim that I'm comparing apples and oranges, and that these are new laws for new problems. Except that I don't see a real problem. People with vested interests have decided they want to make a profit this way, and when normal human *non-pathological* nature gets in their way, they buy a bunch of laws. I think that deep down, most people can see how twisted this is... as I'm sure that shareware titles vs. open source titles statistics will show.
You don't need to auth with a server to prevent keygens from being possible.
;)).
You can't write a keygen if the key system uses public key encryption to sign the timestamp (a few implementation details ignored here as you get the idea). You'd have to crack the software instead then - and who knows what that software crack will install on your system.
This kind of 'strong' key isn't appropriate in all situations due to its length - for instance where the user has to type it out (eg a key printed on the softwares CD), but in the case of shareware where it is emailed to you (or supplied on a web page) and the user can just cut it and paste it, it's fine.
I thought the idea of only accepting keys less than 30 days old was quite a good one actually (one of those really damn obvious in hindsight things), sure the determined user can roll back their clock (if the key was provided with a date) but it adds two more hoops a pirating user has to jump through without affecting a legitimate user - calling up the server to auth the key is a Very Bad Idea, you get a tonne of paranoid users telling their friends and posting everywhere that you are spyware because their zonealarms went off (found that one out the hard way too
What's really needed are more people learning how to port some of the freeware utilities from Linux and other *nixes over to OSX binaries, using Cocoa. I sure as hell can't do these things, but there're a ton of other developers out there that can.
Mostly what needs to be ported, IMHO, are small things. Network and system monitoring tools that can go in the dock, or other little things like that. Sure, the big stuff would be nice too, but I'm certain there are a ton of little apps that might even only take a few days to port for someone who can get used to Cocoa.
My own pointless vanity vintage computing page
I would expect Ambrosia to put out a fix for this when they went under.
According to a moderator on an Ambrosia board, if Ambrosia Software goes out of business, it will release source code for all its software, essentially turning it into free(beer)ware, if not free software.
Will I retire or break 10K?
I had a shareware program that did the "registered to" name hard-coding that the article talks about. I hated it. See, I used this particular program to print out pretty pieces of source code side-by-side with output. At the top I had a header. In the header was my name. Or actually, the name from the email headers at the time of registration, which was something no one actually ever calls me. They could have just asked what name I wanted to use, but instead every time I used the software I saw that wrong name.
Ok, strange that slashdot posts something like this just as I am in the process of writing some copy protection (due in the morning!). I just read the Ambrosia Software story while searching google for some tips and techniques for writing copy protection. I am trying to avoid the very problems they had. All I hear is that the key is "use polynomials!," wherever I go. If you can't tell yet, I'm a complete newbie to this, I've been programming a while but haven't had to protect my applications before. So how about some helpful advice on how to write a decently secure registration system. Some links with mathematical explanations would be nice.
... + 2^N * charN), with a 31 char limit to keep the number 32 bits. I'm wondering if there are ways to check parts of such a hash without actually regenerating it, so that I don't give away the key generation algorithm in the software. I know it can't be bulletproof, I just need something that's not so simple it'll be breakable by a casual cracker.
Right now I am just creating a 32-bit value from a random 32-bit number the application gives the user and a name. The name is hashed using something like (2^0 * char0 + 2^1 * char1 +
It seems most "shareware" these days has forgot the true meaning of the word. True shareware just used to have a screen at the beginning that says (basically) "Hey, if you like this program, how about send some $$$ the developer's way for his troubles... and pass this on to a friend if you'd think they'd like it!" and let you go on your merry way... If you didn't want to send them money, then you didn't have to, unless the program expired after X days, or X uses and you wanted to continue using it.
One of my friends is the co-developer of Cover Your Tracks and I joked with him once that he made it to the "big time" when there were cracks published for his program's licensing code algorithm.
There are only 10 kinds of people in this world... those who understand binary and those who don't
If they go out of business, their assets belong to their creditors. (Unless they shut down gracefully, but how often do you see that happening?) So, even if everyone wants to release the source code, the likelyhood that a judge would let them make their most valuble asset worthless is minimal.
Okay, you want to write your own key generator.
My advice:
1) Use RECOGNIZED encryption & hashing algorithms. Do NOT invent your own!
2) Don't shorten the result from a hash. I recommend at least 128 bits of entropy in the key (if you use Base64 to represent your key, you need 22 characters)
3) Use public key encryption to prevent giving away your secrets.
An example protocol:
User sends his name (case sensitive) and the current timestamp (both of which the client stores to use in future validation) to the "authentication server" which also takes his credit card number. After receiving payment and validating the timestamp, it generates the registration code as follows:
1) Take the username, timestamp, and a secret symetric string (which will be embedded into the client, but, thus, vulnerable to attack). Concatenate them together with some sort of seperator (like a NUL character).
2) Take this new concatenated string and do some bit scrambling if needed. Take the MD5 hash of this new string and use for the next step.
3) Using RSA and a PRIVATE KEY (*NOT* embedded in your application!), encrypt this hash. Send the encrypted hash value in Base64 to the user. Remember he may need the timestamp as well to re-enter this value. The timestamp can be simply a day/month/year string.
To VALIDATE a registration string,
1) Decrypt the encrypted hash string using the PUBLIC KEY (embedded in your application). Because it is a public key, it doesn't matter if anyone knows it.
2) Verify that that hash equals the value of a hash constructed on a client using the user's name, his registration timestamp, and the shared secret embedded in the application.
Really, this isn't a secret science. But every game designer seems to think he is more creative then hundreds of experts on encryption. This is basically no different then a FFI (Friend or Foe Identification) system used on a military aircraft.
True shareware has absolutely no limitations whatsoever. I would still consider software with nag screens shareware, but I suppose that might be something of a grey area.
"The question of whether a computer can think is no more interesting than that of whether a submarine can swim" -EWD
Of course if you find where in the code this all happens, you just patch the binary to jump right around it and that's the end of that story.
A quick run on Dict.org to check shareware.. well, according to this, I was somewhat right. Again, there is not a definition that will be accepted by everyone.
/sheir'weir/ {Freeware} for which the author
From The Free On-line Dictionary of Computing (13 Mar 01):
shareware
requests some payment, usually in the accompanying
documentation files or in an announcement made by the software
itself. Such payment may buy additional support,
documentation or functionality.
See also {careware}, {charityware}, {crippleware},
{guiltware}, {nagware}, {postcardware}, and {-ware}; compare
{payware}.
{The Conception of Shareware
(http://www.halcyon.com/knopf/history.htm)}.
[{Jargon File}]
(1997-10-11)
geek page at KY speaks
Unless you subscribed to a magazine that was really grainy black and white, that listed about 10,000 program descriptions... you put a check by the ones you liked.. than filled out a small form and paid about $1 for each 5.25 media floppy to have it mailed to your house to operate on your Pc Jr... You don't know crap about shareware ;)
The internet defeats the purpose of shareware. Back in the day shareware was distributed by one person sharing his collection of shareware floppies with another friend. If someone liked the program, they could mail a check to the author.
The only limitation ever put on shareware back then was like... a game that had maybe 1 episode. You could mail money to the author and get 10 extra episodes.
Ok, I follow you through most of that except one part. Where can I learn a little more about implementing public/private key encryption? The thought occured to me to use this, but I'm not certain how it works or where to find the algorithms to implement it. It would seem that it is impossible with current technology to create a keygen for such a system.
I realize as another poster noted that some assembly work to skip the check routine could be done, but that is another problem. Maybe by varying releases with different checks in different places I can minimize that effect.
On a side note - yeesh, why do I feel like I'm treating my users like criminals here? I've done a bit of pirating myself in the past, particularly as a student. I don't really blame them, since their not exactly rolling in the dough. I just want to thwart all but the most determined users, typically the students who have the time to search all over IRC for the right crack. In some strange way I can relate to them, and consider it an acceptable loss. People earning money usually don't care enough or have the time to do that, the cost is too high to find the right crack so they'll buy it.
So, even if everyone wants to release the source code, the likelyhood that a judge would let them make their most valuble asset worthless is minimal.
...unless the code is already in escrow (as the link discusses), in which it's too late to do anything about it.
Blithering idiocy (that doesn't impress me in the slightest) deleted
Translation: "Please stop using copy protection so I don't have to go to all this trouble."
That's like asking the attendant at the gas station "Please, can you do me a favor and allow me to rob you WITHOUT a gun this time?"
If you're going to be a thief, then you're going to be made to jump through hoops. Tough luck for you, you thieving loser.
I can crack this protection (and have done so many times) in my sleep. How? Just NOP the comparison function and ret 1 (or whatever).
Support T(H)GSB Apr 21-27, 2002
In case you are wondering who the often-referenced Captain Hector is, he is a character that would appear in Escape Velocity: Overrride.
You would be cruising along the galaxy when a ship buzzed by and a Captain Hector would send you a message reminding you to register if you liked the game.
If you waited too long to register, or just never bothered, Captain Hector wouldn't just buzz by anymore. He would stop, and train his guns on you and blast away at your ship.
He proved to be quite effective, to say the least.
Shareware can exists but the secret recipe is Quality of Service. I've got some shareware I have been using and buying from time to time. If I feel that the product is neat, but misses something I want, contact the author and then get an answer in a timely fashion with either explanation or some comments, then my next move is to buy the software. The last time I did that it was on Sunday at 8pm and the guy replied to me half an hour after I hit SEND.
On the other hand, I found most of the time that the people behind the shareware I was using just unreliable. The kind of programmers who worked on some quick home project and didn't feel like finishing it, but still expect a ROI. It is this kind of people who are putting a bad image on the word "shareware". So, the end of the story is I guess, no pain, no gain.
PPA, the girl next door.
-- I feel better now. Thanks for asking.
Comment removed based on user account deletion
"But in the shareware industry, which can't function without Internet distribution, this freedom of theft can be much worse."
Hmm... Sharware worked fine on BBS's and through mail order in the late 80's and early 90's. In fact, at least 75% of the software my family used when we started in the computer world was mail order shareware through regular old snail mail. WE didn't even have a modem until we had the PC for about 3 and a half years.
In fact, it was truly shareware... These days, whats called shareware is little more than functional demos. If it dies after a period of time, lacks critical abilities, etc... it isn't shareware.
Shareware registration normally wasn't required to use the program. REgistration generally got you nice things like automatically mailed upgrades, clip art collections(in the case of programs that used such things) printed manuals, document templates, level editors, stuff like that... Cool stuff that made the program more useful, but the program still did all that it was advertised to do even without registration.
These days, it may do all its advertised to do... For 30 days.
The software industry is basicly driven by two factors. Enlightened self interest or greed. It doesn't matter if it's closed source or open source, both sides have enough people within their camps that are there for one reason or the other.
It's rare that you see someone complaining about anything whose price ranges from free to cheap, but yet the two highest rated posts in this thread as I write this do exactly that. They complain about software whose full functionality isn't available for free and about the greed involved with liscenses that expire over time.
But the real case of greed is simple. The industry and the open source movement is filled with it. From software pirates to the people who support but fail to contribute to the open source movement, the goal seems to be to watch out for person number one.
If you're a geek there are two simple rules of life you should know by now. Writing software takes time and food and shelter costs money. Unless you have someone else to support you, the best way to provide food and shelter for your family is to sell your software.
But people don't pay. And if you charge for your efforts, people complain and attempt to enforce their will upon your creation.
Let's be honest. When Microsoft commits and act of pure greed we scream bloody murder. Why then do we not scream bloody murder at every software pirate out there? Why are we outraged at the actions of a large company but not at the actions of a band of warez distributors? Is it because we have become so selfish that we only care about people stealing from us and we're willing to turn a blind eye to people stealing from other programmers?
"Software wants to be free"
Bull. It's software. It doesn't care one way or the other. Greedy people want it to be free for them. The software is too dumb to care.
In my opinion, the biggest problem facing the open source movement is that someone has to figure out how, in a world where people are unwilling to pay for a good product, we're going to feed our families. Because if there's anything I've seen in the past year it's the fact that the Open Source movement has definatly attracted a large number of people interested in Free Software.
Free as in beer that is.
No Zen is good zen
The developer tools CD ships with every copy of OS X and is also freely available from developer.apple.com. How much cheaper can you get (the compiler is gcc so it's even RMS compliant). In fact most of the tools you'd use for developing on OS X is the same stuff you'd use on Linux.
This is an interesting debate.
/dev/null..
..
I think shareware authors should be paid for their work. Shareware is cheap, shareware is great..
But...
In fact, I tried on 3 instances to buy/register shareware.. and this is what happened.. I think this is part of the problem...
1)Trumpet (a TCP IP stack from several years ago).
Buy the program, registration never shows up in m ail.. wait.. email back and forth..wait some more.. in meantime, trial expires, re-install wait somemore. Client I am billing hours for is getting unhappy.. Calling to Australia to get it sorted out was not fun either.
2)DFX (an sound effects addin for winamp)
Liked it, and tried to buy a copy with their VISA card purchase screen... then.. nothing happens.. no registration comes.. nothing..wait days... nothing happens, no reply, no program... nothing.. I write email to them.. nothing happens..no reply..
Finally I *CALLED* the company, to ask them what is going on. They said that my visa transaction was rejected (but they never bothered to inform me of this, even though they collected my email address (just to send me spam I guess?). When I asked the sales rep at DFX what is wrong, they told me that my destination address and billing address were different, (I am an expat overseas) so.. transaction just gets automatically rejected, bin'ed.. period. No mail, no reply, no followup, nothing.. rejects just goes to
They didn't email me when the Visa was rejected (or ask where I live.. or anything), nor did they even bother to reply my original emails.
The answer the DFX rep gave me on the phone to all this was... "well, it is just a $15 program, so we can't spend too much effort (ie any!) to deal with things that might come up".
3)NJstar
It is a great program. But they wanted me to send checks to Australia or something in AUS dollars.. gee.. how to I do that.. the bank will charge me $50 in processing fees (after waiting in 3 lines at 20 minutes a pop because no one would know how to draw up a foreign denominated check), for a $25 program..
Those are my stories..
..and people wonder why they don't register their shareware...?!.
...because it is too complicated
to pay for it, thats why.. fix that, and then
I am ready to buy lots of great stuff.. but
right now it is just too much hassle I discovered,
so I just stay away from it..
Answer this one for me: if no one ever paid the programmers for their products, who would write the programs you are so keen on stealing?
Shareware is perhaps the largest abuse of the legal system. Not only does the software developer retain most rights to the software, they forbid their customer the right to use the software for any purpose. Whether by locking out certain functionality ("crippleware") or by having a legal clause saying that the user must delete the software after a certain amount of time.
Shareware authors must have a distorted belief that software users deserve no rights at all without direct compensation. Then they might allow their customers the right to use the software and thats all. They still forbid rights to modify and distribute the software. This seems to me to be rather a large breach of ethics.
Good thing we have free software and can avoid all this crap.
I frequently downloads share-/demoware and I have a practice of always cracking the software before I even run it.
This is not because I'm a cheap lousy bastard, I'am but it is not becaus of that.
I want to give the program a fair trial and get the most out of it before I decide if its good or not. If I cant find a crack I won't even bother, I just find another program.
Then I face another problem, if I like the program I'm to lazy to get around paying for it.
Windows Commander is such a program. I've been using it for years and it is well worth the $20,
but I'm a lazy bastard...
Here are my tips:
Popups, banners and other anoying things, are just that: anoying. This will lower the score on the program.
Crippeling of the porgram won't even let me test it.
Skip all those. Just give me some friendly reminders in a few descreet places.
Paying should be a one click thing.
Windows has this Add/Remove program feature, how about extending this to Add/Remove/Pay.
I just fire upp that app, check the programs I like to pay for and click apply. The rest is automatic.
The only copyprotection needed is that the program refuses to install without this kind of payment handling app.
As copyprotections will be cracked anyway, it's enough with one app handling the protection.
Come to think about it, that would be a killer app to write, a copyprotection/paymeny handler.
Time to fire upp those C skills.
-
I agree that factoring a timestamp into the key is a good idea from an anti-piracy stand point, however what I don't understand is why they let people upgrade the odes they KNOW are pirated.
If a code has been previously updated they should not allow the automatic process to update it again surely this is obvious? So in the majority of cases people will have to remember the latest code they recieve and all will be well. In the case where they genuinly forgot OR some pirate has already used that code then they need to make a phone call. Generally people that actually bought the software will think this is a hassle, but then again it should only be a few of them and it's their fault for losing the code. I'm betting the mojority of pirates won't be making phonecalls to get codes.
He who defends everything, defends nothing. -- Fredrick The Great
is that our country was founded on liberalism, a belief in a transcendetal natural law. Liberal notions of rights mean that you cannot use your rights in a way that is detrimental to another's rights. Therefore she has no right to tell me how I can use it anymore than I have a right to tell her how she can use the hardware I sold her which she used to develop it on. The only exception to this is open source because open source contracts require both parties to respect each other's rights.
While an attempt at a troll, I actually think that is a remarkably concise statement on the software industry. However, I fail to see the "communist" relation but I suppose you needed that there to be called a troll.
Regards.
1. Make a demo/free version that is actually useful instead of annoying.
2. Don't make the demo time limited.
3. Let the full product have extended functionality.
4. Give registered users a key to always download the latest version.
5. Make the registration process a breeze.
(1) You need the goodwill of your customers - unless they really depend on your product.
(2) They'd feel annoyed that something was taken away, and look for countermeasures.
(3) People don't pay for what they already got.
(4) A clean and simple way. Doesn't prevent piracy, see 1.
(5) How often did you turn away from complex or insecure registration forms?
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.
There is a variant of this system that would be virtually impossible to crack... Intel & AMD would have to embed a private key in the CPU core. When buying software, you would present the public key that corresponds to your CPU. The software vendor would check this against a list of valid keys published by Intel (to prevent people from making their own key pairs), encrypt the software using your public key, and then send it to you. Your CPU would decrypt the code as it executes using the private key embedded in it. The binary would not work on any other CPU.
A hardware-based system like this is many orders of magnitude more secure than a software-based system, because the software remains encrypted all the way up to the CPU. The only way to break it would be to find one of the embedded private keys ($$$ equipment)... Or to convince a software vendor to encrypt with a made-up key that you know both public & private parts of...
BTW, this is also the basic framework for audio/video copy-prevention systems. (CSS works like this, except there are only a handful of private keys, and the CSS encryption algorithm is flawed)
That may prevent unauthorised use of a program, however it will keep me from registering. I don't buy any software that can't be restored and function after a hard drive failure. I travel and anything that makes me spend hours on hold for consumer support after a crash is lost field production time. Stuff I use must be able to be loaded from it's instalation program and run without any internet connection or phone call after a system crash. That is one of my non-negotiable requirements. That is like a remote dongle that the software must phone home. I don't do dongles real or virtual.
I get software that is above most shareware in quality and features off the 9.95 rack in the office supply store. Why pay more for less?
Lables Unlimited II by softkey ($12) is far better than any shareware I checked. Any halfway decent shareware wanted over double the price to support half as many barcodes. None of the overpriced shareware would support photos and clipart. Why is a bargan rack title generaly a much better product at a much lower price? I'm serious, not trolling even if it may look like a troll. It's just my experiance with shareware features verses price (value) compared to off the rack software.
The truth shall set you free!
I would venture a guess that your experiences have been atypical. I'm pretty sure that Ambrosia has done what they can to ensure that people will have an easy path to registration.
I've only registered two shareware programs, both times it was a snap.
Since I started using Linux there isn't much that I want to do that isn't solved by Free/Open Source software. But, when I was doing the Windows thing I found a few shareware proggys that I liked and I registered them when they became programs that I relied on. However, I never would have mailed in a check -- if I wouldn't have been able to pay online I wouldn't have registered.
Now that there are several easy ways for merchants to collect money online (Yahoo!, PayPal -- even though PayPal seems a little sleezy these days...) there should be no reason why it should be difficult.
Has any shareware author tried to encode the payee's VISA card details inside the registration code? That is to say, the payment details are just dressed up in a particular algorithm, with the date and whatever other security details? If users know this is the case, it makes the leaking of legit registration codes rather less likely. Yes, crackers can still generate their own codes but it's another idea to raise the bar to pirates without incoveniencing paying customers.
Matthew @ Bytemark Hosting
Probably the last thing a shareware developer wants is a really decent piece of software he's written selling wildy for $5 a copy. At only $5 a copy, if you had 60 new registrants a week, after a year you'd have 3000 users to support while only making a McDonalds salary. (Factor in the cost of the PC and IDE you used to write the software and it's less). One thing about warezed copies is, you dont have to support them. I personally would rather have 500 users paying $30 each. Honest users that rely on my software and need tech support, and realize $30 or $5 doesnt really matter because they "use" my software theyll pay either, than having thousands of people emailing me ignorant questions and requests and complaints when they paid less than burger and fries for my months of coding work. Something to think about anyway.
I'm Rick James with mod points biatch!
I can definately understand that people get a very strange idea of the Shareware market. Originally, Shareware was fully functional and often complex software packages that the author asked $10 or so for. Today it's often nagware or crippleware (i.e. not at all fully functional software), and the price is often set way to high.
Of course people get the idea that Shareware is (somewhat exaggerated) "expensive crap".
I think that if the Shareware market cleaned itself up, by making sure that crap software, or very simple software, is released as PD (or Open Source) as it "should", and also making sure that the prices asked are, in fact, cheap, things could be very different.
I personally am glad to pay $10 for a better datebook for my Palm, but I won't pay $15 for a program that edits one entry in the Windows registry. And the very fact that so many people release shareware waaay to expensively puts me off the entire market.
There are many people who will use "cracked" software (take cracked to mean made available by means other than as the author intended). And yes many of those people will try and use the channels of "legitimate" users to get upgrades, new keys, whatever.
What is important is that most of these people will not pay for the software if it is made inaccessible to them. This is the reason why the software industry has been pretty soft on places like China. If they force compliance they will just lose users because the people in question find the price (whatever it's level) a barrier to entry.
Look at a given game. You like it, you install it and you find the "crack" to make it forever playable. Play it lots and then find that the software stops working, you are miffed, (since no new crack can be found) but because its just a game, you move on to the next crackable game, or better yet an 80% as good freeware version. This _is_ the way a lot of software consumers work. A specific piece of software is worth nothing to them whilst "accessable" alternatives exist.
So there are two alternatives. Make all variants inaccessible (and oh how the media industry is burning cash to do that) or change the pricing model so that until you have a viable paying user base the software does not exist.
Oh and in case you didn't notice, Free Software falls into the latter category (really. It does).
"The first thing to do when you find yourself in a hole is stop digging."
Create your own (variously) broken keys and flood the market so that people will need to second guess any \/\/4R3z they find.
Xix.
"Everything is adjustable, provided you have the right tools"
Actually, Ambrosia themselves admit they have a flawed design. They admit they have inconvenienced paying customers. The fact that I should ever have to interact with them after the initial purchase of their product, just to use the product is absurd. Their prices for their products are more than reasonable (except SnapzPro X, I can create an AppleScript that does everything it does with only a default install of Mac OS X), but if any time I go to run an application, and it won't run because of something the author has programmed, that sounds like a bug.
The story on their website is fascinating in terms of a study of human nature, but they have twisted the reality that they tried to base a business around their hobby (which is exactly what they said), then throw in the "baby factor" (which sounds suspiciously like stories you hear from welfare queens: "I need money for my baby I made without thinking about the fact I had to have money to support it.").
Their editorial would have been more effective if they had left out all of the starving artist ridiculousness, it only sells their talent short. I wish more shareware authors would just say, "I am a talented programmer that makes worthwhile applications, and I made them with the intent of being paid for it. Stop ripping me off." Instead you always hear, "You should pay me for my program so I can eat and put diapers on my baby."
The truth of it is that shareware is a sketchy business model, and if you're going into it without realising that, you're going to get burned. I also don't see any difference between these new shareware registration schemes and Windows XP's Activation.
Sorry if I sound like I'm downing shareware, I'm just downing shareware authors attitudes. It's just in my mind Shareware = Application one or a couple talented programmers have worked on, Open/Free (as in speech) = Application tens to hundreds of talented programmers have worked on, and you don't hear OpenSource or collaborative programmers spouting the "will program for food" mantra.
Not since Marie-Antoinette played milkmaid has looking simple and honest been so fake and complicated.
Really, Ambrosia's products are by and large worth the asking price. As shareware companies go, they're a good example.
And the brethren went away edified.
NJStar is an unseemly pile of crap. I tried to install the WinCE version and it fucked my palmtop to shit. You can get a nice integrated IME from M$ from 9x, and NT/2000 (and XP I guess) just need the install CD.
autopr0n is like, down and stuff.
If these people want money, they should just sell their software like all the rest of the shrink-wrapped crap out there.
I mean, I donno their system seems well designed, but the whole point of 'shareware' is to share it... It's extremely disingenuous to bitch about piracy.
autopr0n is like, down and stuff.
I agree with that point. I see in the Open Source community two camps. Those that actually have the know how to finish the application. And those that say "Finish it yourself".
The reason why I know this quite well is because I use a PowerPC Notebook with Linux. And in 95% of the cases there is no BINARY. Hence I am forced to build everything. And when building from scratch I see which projects actually take the time to do things professionally.
For example most Java projects are pretty professional. I can usually get a Java application to work. Apache is very professional. Apache builds everywhere without problems. Redhat is very professional since I can get basically everything to build.
But many other projects are not. Often I get problems of things not building because of dependency problems. Especially bad are GNOME projects. They seem to forget that the rest of world may not have all of the GNOME libs installed. KDE projects seem to be pretty good and I can get them to compile in most cases.
"You can't make a race horse of a pig"
"No," said Samuel, "but you can make very fast pig"
Way Way back, I used to run a small two line BBS running VBBS, mostly for carrying fido...and a whack of door games like BRE,LORD,The Pit etc. All of which including the bbs system was shareware, and all of which I registered without hassal, some via phone with a cc and others with a money order, the service was always great and shortly after I would recive my validation codes. Mind you this was 1990ish, perhaps the levels of service have gone way down, or the shareware vendors are so unused to people paying for stuff these days that they lack the skills to process a order.
...few people ever actually ever see a profit from shareware.
Forget ethics, this is business.
What bugs me most is when people go on about legistlating this stuff into working, or demanding multi-billion dollar crackdowns because of flawed business models.
I think I read the same article in PC magazine in 1985.
I have never registered a shareware program in my life. If some fool is going to give me something for free, and then expect me to pay $30 to remove some annoyance window, god bless them.
Shareware really existed because compilers are expensive and people wanted to recoup the costs of purchasing expensive development software. Now that free compilers and development environments are available, I think shareware is obsolete.
But then again, I suppose there is always a market for one-off utilities and WinZip.
Conformity is the jailer of freedom and enemy of growth. -JFK
A few points:
Doing everything mentioned in the third bullet is obviously a significant amount of work, probably more than you put into the software to begin with. You decide how much effort is enough. If your software is both very good and very expensive, you'll need a lot of protection. If your software is really cheap, you don't need much protection at all. If your software sucks, find another hobby, because chances are you aren't a good enough programmer to implement a good and bug-free registration system. Also keep in mind that this sort of registration checking may prevent some amount of infringement, but it's also likely to piss off some customers who would have paid a reasonable fee if you'd just asked nicely and made it easy to do so.
IMO, however much effort you spend on making it hard to crack, you should spend ten times that much on making payment easy.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
So you're telling me, that what should be the greatest quality of intellectual property, is what software authors complain about?
Really, think about it. If you could make a car, that any number of people could share simultaneously... wouldn't that be cool as hell? Or would you be up here trying to defend Detroit, saying that these cars are bad in some way?
Or would it be time for an end of the automotive industry, freeing hundreds of thousands of workers to do something more productive?
...(communism): The state gets the hell out
I think you are seriously confused about the whole idea behind communism.
Certainly they were available in the UK. IIRC PD-Sig was one of the bigger shareware libraries over here. Catalogue used to list the formats they could support - you had to send in your own formatted disks though.
BUT, those rights include the rights of each of us to make whatever private agreements between each other that we want. Let me ask you: do you have a right to rent your car to someone? Do you have the right to lend someone your car for a limited time and with conditions that they agree to? When you "buy" most software you are actually licensing something that belongs to someone else. You are renting the software and have VOLUNTARILY agreed to their terms. If you don't like the terms don't license that software! If you want to really own the software either truly buy it (rather than license the right from the owner to use it), find someone who is giving it away (GPL doesn't count - see the note below), or write it yourself.
Note: you do not OWN GPL software either - The "L" stands for license, exactly like commercial software - he owns to software which he licenses to you and you voluntarily agree to HIS CONDITIONS. You do NOT own it, he retains all the rights of owning his intellectual property and if you do not abide by the terms of your agreement he will attempt to compel you to do so through the governments recognition of his rights of his ownership of his intellectual property.
The problem is that those of us who aren't thieves, who purchase a great deal of software, also get to jump through hoops. I purchase about a dozen computer games per year. There is nothing quite as frustrating as entering a stupid 12 or more digit registration code into the software I paid for. I chose to keep my CD-ROMs in a binder to save space, so I need to carefully make a copy of the stupid code printed on the jewel case that I'm planning on discarding. Oops, made a mistake in copying, well, sucks to be me. Now that I've paid my $60, used 500MB of disc space or more, and entered the registration code, I'm also forced to keep the CD-ROM easily accessable so the software can perform a check that is from my point of view completely unnecessary. If I'm using my laptop, I have to remember to pack the original disks for any games I'd like to play on the trip.
Shareware? Most things called shareware are crippleware. I upgraded my Palm and a game I registered no longer functions because it depended upon my Palm's ID code which changed. I needed to hard-wipe to Palm because of some corruption, now I get to hunt down the many registration codes and reenter them all. (Nothing quite like entering 12 meaningless characters of registration code using Palm's input system.) Apparently because I'm not the best organized person and I occasionally misplace my copies of registration codes, my punishment is to be denied access to software I've paid for.
Not everyone who dislikes these "copy protection" systems are thieves. Some of us are legitimate customers, perfectly happy to pay for good product, who are tired of being treated like thieves.
Note to overzealous protectors of GPL: OpenSSL is distributed under a BSD-style license.
Yes it is a BSD-license, but it contains the nasty adevrtising clause as well, which makes it GPL incompatible.
Worse yet the LICENSE ITSELF contains and anti-GPL screed, specifically forbidding combination with the GPL.
After reading this license that pretty much ended the "BSD in more free" argument in my mind. (I was interested in reusing bits in code I planned to GPL)
Your going to send your CPU's public key over the network? Good for you. Others will send some other public key, specifically one which they know the private key for. Then theyll have a cleartext binary- which compresses well and makes it onto the p2p nets.
Its no problem to reencrypt the binary, say if you have a CPU that only runs encrypted binaries.
They say you can never trust a third party's hardware/software. True, but you can trust their network traffic even less.
A while ago, I was using an audio editing program with a nagware system that would lock the program for a minute at a time while displaying its please-pay message. Eventually, I decided I wanted to get rid of the nag, but as it turned out, the program required you to print out and snail-mail an order form to get your precious registration number.
I decided that if I were going to pay for the program, I might as well get the latest version. But while searching VersionTracker, I found another editor with more features, more frequent upgrades -- and an online registration account. I had the program and an unlock code within a few hours.
--- Work, worry, consume, die. It's a wonderful life. -- Bill Griffith
No, it wouldn't satisfy them at all. I proposed something like this several years ago to help speed the development of my VRML software. IIRC, I was going to let it go after I made $50,000. I got two responses. One said my proposal was "disturbing" and was "not what it was all about" and the other asked "why I was holding the software hostage". (I briefly considered using the ransom note font in an ad campaign as a humorous take on the whole affair).
I learned a few things from this: Regular shareware customers don't care about Free Software. Free Software advocates care about nothing else, and get royally pissed if you suggest anything else. Also, there is a hard core group of people that I like to call "the insatiables". By definition, doing business with an insatiable will always cost you money. If you have an insatiable customer, the best thing to do is terminate his services and/or recall your sales people. The insatiables are relatively rare (I worked in CR for a year and I think I dealth with 2 of them) but the Free Software community naturally attracts more insatiables. They think they have found Nirvanna when they get Free Software, but then they complain that it doesn't get released fast enough or compete well enough with payware product-X. It's because they're insatiables. There is absolutely no point in ever trying to satisfy them.
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
> In fact, I tried on 3 instances to buy/register shareware.. and this is what happened.. I think this is part of the problem...
Shareware for Palm OS devices have a nice solution for this: they have agreements with various online sites to take payment for them, & apparently have ways to accept foreign currencies. (For an example of this see http://www.tealpoint.com/register.htm.)
Is there an equivalent service for Windows & Mac customers?
Geoff
I think I see a trend here. Maybe for them it really would be easier to muzzle the entire internet than to produce p
It's that everybody shares for the good of the people or the community. Hence communism.
Um yes... But again the state is not "getting the hell out" but making sure that everybody shares for the good of the community. Hence communism.
The ideal communism is closer to some of the highly socialized democracies found in northern europe, than to the Cold War communisms.
For the sake of argument I'll grant this (for now). You again underline the original posters confusion on the nature of communism. Northern European states are NOT characterised by states that "get the hell out" but by states that are very active in regulating commerce and individual resources. They have a high percentage of state ownership of resources, high tax rates, and a high degree of regulation over private commercial activity. BUT although these countries are socialist to a significant degree they are not actually communist.
In both of these statements of yours you are either confused about communism yourself or soft-pedaling it's distinctive characteristics. It is not a merely a matter of sharing but of outright public ownership: "In this sense, the theory of the Communists may be summed up in the single sentence: Abolition of private property." and state control (which is what we are talking about): "The proletariat will use its political supremacy top wrest, by degrees, all capital from the bourgeoisie, to centralise all instruments of production in the hands of the State, i.e., of the proletariat organised as the ruling class; and to increase the total of productive forces as rapidly as possible. Of course, in the beginning, this cannot be effected except by means of despotic inroads on the rights of property, and on the conditions of bourgeois production..." Nothing about the "state getting the hell out" to be found here. The northern european states exhibit SOME communist distinctives they fail to exhibit others: They still have private land ownership. have rights of inheritance, private banks & financial institutions. I would imagine that Marx would label them examples of Bourgeois Socialsim rather than explicitly communist.
The thing to do is generate a number that passes about twenty tests. Check two-three (all the similar tests) at code entry. Check other ones later and trigger delayed problems.
For instance (a very basic instance), generate keys that, are evenly divisble by 7, 13, and 23, and 29.
At the time of key entry check if the key is divisible by 7 and 29. If it is, pass it. Later on, when the user does something like "cut", check if it's divisible by 13. If not, set a flag to do something later, like crash, scramble output, etc.
When the next version comes out, check if the keys (for upgrading) are divisible by 23. If they are, it's a valid key. If not, it was a key for the old version.
With some checks causing later delayed issues you make the key generation a nightmare simple because most crackers won't spend as much time in the program as a user and won't notice subtle errors.
By saving a few checks for later versions (If you allow upgrades withing 2.x for example) you force people to use a new crack for new versions.
This way there are tons of cracks floating around for your program, most for old versions which aren't on your website anymore. And half of them miss something and the program doesn't work well.
Now, picking a number composed of certain primes isn't terribly secure, so use your own method. But really, the two points above (1: checks not just at startup, 2: new checks with each version) are more important than the specific key strength. (Really though, no reason to skimp.)
There are other important issues too. Ease of use is an important one. Instead of Base64, I'd recommend using alpha/num in pairs, storing 9 bits per two characters. Avoid 0/O and 1/I/l issues.
Print the key with a few check digits. Don't use simple addition (or digital root, or any other commutative idea) for it, otherwise you'll miss transposed digits. (One idea is multiple the first character by 3, the next by 5, etc. Then take the lowest five bits, compress a little (get rid of 0/1, etc) and use it as a check character.
This measure will save you a *ton* of support email. I can't count the number of issues that relate to keys being case sensitive, to '1's being 'L's, and the like.
(Horror story: My company ordered Perfect Keyboard licenses. They were to be tied to the workstations, not users, so we didn't give a name. Now, PK requires you enter ALL your info exactly or it won't work. The issue is that the name field must be left blank, though a blank name field is usually a prompt to enter your name. I think everyone who used it ran into this issue a few times.)
Adding this security to the key does make it longer. From using 6 to 4.8 bits, you go from 22 chars to 26. Not a bad tradeoff. Then add a three or four check characters. Still below thirty.
--
As for the later checks, you could introduce some subtle "bugs" into the code. If you were keeping track of the number of characters in an editor (for display) you could use an intentionally awkward piece of code. In some circumstances (deleting a character to from from 10,000 to 9,999 perhaps) it'd drop through a loop and perform a key check before updating the display properly. If the check fails then the key settings are corrupted when quitting, or the edit menu stops working (Make it look accidental, set the high bit on a few characters, remap "copy" to SaveAs, etc...)
You need to make sure that you inline your key checks, otherwise the cracker only need patch the main routine to always return true.
It's funny you mention "bulletproof" in your post, because BulletProofFTP uses a complex scheme like this and there are a ton of non-working cracks for it.
This isn't an unbreakable scheme. It's basically a dongle, but built into the CPU.
.5% are expert enough to code self modifying code that won't thrash the cache, yet doesn't keep much of itself in memory. It requires interleaving the decryption code, a few bytes at a time, in the execution code. And either decrypting the code like this, or storing decryption code for the next segment in all code segments you write.) Stuff much more complex than this has been hacked.
You let the software call the built-in decrypt function and then once it's decrypted itself you suspend operation and write it out to file. Fix up the loader and you've got a working application.
So never have it decrypt the whole app you say. So you have to save it in smaller chunks.
So it checks file integrity. So you edit that out.
You can make it a pain, but never more than that. Plus this requires assembly programming which few people can do these days. (Seriously, ask any group of programmers. Maybe 20% have done it, and 5% are capable of it. Perhaps
I remember an old game that used diagonal tracks on the Apple 2. You read a sector, after having given a head movement command. If your code isn't cycle for cycle identical you'll start to get dropped bits. But that's part of the trick, their code took a little too long in a storage loop and eventually got a bit out of sync, which was intentional. Ugh. Nasty stuff.
But those protection methods took a lot of programmer time and meant that they had to write the disks themselves in modified drives, instead of paying a duplication company. It's just not feasible.
It's almost never feasible, especially these days, to muck with hardware protection schemes. (Look at how useful it is with CDs. There are point-and-click cracker programs for all the common laser-burn protections.)
I think you missed my point - by embedding the encryption into the CPU, you would *never* expose the decrypted code, not even in RAM. (the CPU could decrypt the instruction stream on the way from the L1 cache into the execution pipeline). With any software-based encryption scheme your method works fine - just use a debugger to dump the decrypted bytes. But a hardware scheme like this is not vulnerable to these attacks. (you'd literally have to open up the CPU core and probe the circuits to find the decrypted code or better yet the private key... I'm not sure that's even possible; at the very least you'd need some mega-expensive equipment)
Several people have pointed out that encrypted binaries would only be valid for one CPU. Yep... Since when do software companies care? I once got delayed by several days on a real project because my Ethernet card died, and I was using an expensive program that locks itself to your MAC address... (anyone know how to spoof a MAC address in Windows?)
This is one of the most insightful articles posted to /. ever! Mod parent appropriately!
Contrary to popular belief, coding is not all free blow-jobs and beer. Those things cost MONEY!
GameSpy (Which used to be QuakeSpy before it got popular), Eudora Lite, FreeAgent Lite, etc, I think demonstrate where shareware is heading.
These shareware programs have basic working functionality, but with ads. When you register, the ads are gone. What I liked about GameSpy was that lifetime membership is $20 -- "free upgrades!" It's not nickling and diming me to death, say like Microsoft does with Windows.
Policing shareware is futile --- there will always be people who use keygens, etc, no matter what. The *only* effective way to reduce piracy is to teach people the results of their actions: i.e. By not paying for shareware, developers have a harder time paying bills, less incentive to produce it the future, etc.
Paying a license fee to tie your shoes, because somebody else invented the algorithm.
Paying to have a conversation, because you're taking in somebody's "intellectual property".
Bullshit.
Did you ever stop to consider how much better the software world would be today if all software was free? Alot of people, including me, would be out of work, and alot of companies would be out of business, but that wouldn't matter. All those people and dollars could go towards making better hardware and buying more of it.
So, who would make the software? Well, it would be a combination of people making it because they wanted functionality, and companies making it to utilize the hardware they wanted to sell.
Some software would be proprietary to a specific piece of hardware, but most of it would be designed to be open ended and compatible. If it was all free, everything we have now would be much better. Think about it.
Don't let these sad stories cloud your head. I think it's nice that this guy would love to make lots of money off of his software, but that doesn't mean it is his inherent right to do so.
"I am a cipher, a cipher, wrapped in an enigma, smothered in secret sauce" -Jimmy James
The fact is there are a lot of software places that aren't huge corporations with infinite money. There are a total of 19 (20 now?) people who I work with, and we work our asses off to produce the best product possible. And we expect to be paid for our efforts, not because we're economic rapists but because we have lives (and many of us have families) that depend on income. The president of the company probably makes less than a low-level manager at some of the megacorps you refer to. Yes, we are the little guy, just like you, trying to make a living.
I see your point now. I think it's infeasible, but at least it makes sense.
Yeah, companies in general can be asses. I'm in the middle of RMAing my IBM HD right now. They won't ship me a different model until this fails twice, and then it'll only be a 120GXP which isn't great either.
I think there's a way to change the MAC address on most cards, but you have to have a working card. Google could help more than I could.
The real question is, if you have spent so much effort on the program, and so few people give you cash, is it worth spending more effort writing a keygen and trying to make sure it's not easily crackable?
Chances are, if it's crackable, you've just wasted more effort for nil.
If it's not, if people didn't love you before, will this make them love you?
"Did if ever enter your mind that frequently the suits are actually smarter than the geeks because the suits are the one's giving the orders?"
There is no apostrophe in the word "ones" in this context, Mr. Oh-so-smart Suit.
graspee
Tao Master Graspee says:
"The sarcasm of a man with 2 identical sigs falls on deaf ears."
graspee
"one day it will be possible to easily download full movies without paying for them and then there will be a problem."
Are you on such a slow net connection that you hit "Submit" in 1997 ?
Hmmm. divx.
Hmmm.
graspee
I just run a p2p software client in the background all the time with a lot of stuff queued up on it and leave my computer on all the time, like most people. It may take a few days or even a week to download a film if it isn't widely-shared, or if all the people sharing it are on modems, but it gets there. If I put things on the list every so often then every day *something* finishes downloading.
Yes, if I had to sit there and watch it download, I wouldn't bother, but you don't have to do that.
graspee
Ah, a patient thief.
TWW
"Encyclopedia" is to "Wikipedia" what "Library" is to "Some people at a bus stop"
If I own the VHS video of a film I download, am I still a thief ?
If I own the dvd of a film I download, but the dvd got damaged and won't play, am I still a thief?
If the film I am downloading is not available to buy in my country, then am I still a thief ?
graspee
"I'm broadband and I still wouldn't bother waiting for a movie to download; if it was 10 times faster I might."
;)
So does that make you an impatient thief ?
graspee
No
If I own the dvd of a film I download, but the dvd got damaged and won't play, am I still a thief?
No
If the film I am downloading is not available to buy in my country, then am I still a thief ?
Yes.
Very simple system: you paid, you not thief; You not pay, you thief.
The last case you gave is certainly borderline since no one is harmed. From a legal point there is no issue, it's theft, but from an ethical point of view the issue is what do you do once the film is available?
TWW
"Encyclopedia" is to "Wikipedia" what "Library" is to "Some people at a bus stop"
I was talking about the question of whether downloading is a problem for the film industry now as they claim. It isn't because people (the "I" in my comment) don't generally have the patience to download films. I personally might, given 10xbroadband, download items which I can't get any other way (and, yes, that would often technically be theft) but I would buy such things if I could. As an example, I would be very keen to get a copy of Max Fleischer's version of "Snow White and the Seven Dwarves" and I would download it but I'd be keen to pay for it to reward those whose work would have gone to preserving it.
The reality, however, is that most people would quite happily download the current cinema releases if it was quick, free, and good quality. Our problem is how to cope with this without selling our souls and our rights to the MPAA and their like. Pretending that movies would be made for free will not help.
TWW
"Encyclopedia" is to "Wikipedia" what "Library" is to "Some people at a bus stop"
Well- it's been nice chatting with you in this ignored forum, since we can have a discussion without constantly getting modded down for being offtopic.
By the way, I think that in my example of owning the vhs and then downloading the divx, this is still borderline, since they expect you to buy the dvd if you own the vhs, they don't give it away free, or allow you to copy it...
graspee
Yes, makes a nice change.
I think that in my example of owning the vhs and then downloading the divx, this is still borderline, since they expect you to buy the dvd if you own the vhs, they don't give it away free, or allow you to copy it...
An argument there is that the DVD is such better quality than the VHS that it's reasonable to ask for more payment. I hate VHS so I'd go along with that myself.
TWW
"Encyclopedia" is to "Wikipedia" what "Library" is to "Some people at a bus stop"
I didn't say it was shareware -- I said it was a small company. Our product starts at $250 and is most certainly not shareware.
I think many companies go out of their way to make their unlocking process as painless as possible. Other people on this thread posted very true stories about losing their license keys, upgrading and having to re-register, etc. It's unfortunate that people have to go through this, but I don't feel you can blame the software house for wanting to protect their interests. Many smaller companies just barely edge by, because they refuse to charge their customers ridiculous prices. To protect what little profit they do turn, they have to implement these systems to stop the few dishonest ones from taking advantage.
The fact is, if the copy protection is hard enough to break, people will opt to pay for the product rather than steal it -- maybe not in the gaming or shareware industries, but certainly in my industry.