Slashdot Mirror
Independent Developers Fight Piracy & Lose
An anonymous reader writes "The author of the Echelon decided to take his fight against software piracy to the next level and then threw in the towel. After someone began posting new serial numbers on a well known hacking site, the author took matters into his own hands. With version 1.0, entering a hacked serial number causes the software deleted the user's Home directory. Yes, you read it right, the software completely erases it (aka rm -rf ~). A variety of people have voiced some some strong opinions on this. While some argue that piracy is good for established companies, a few large companies are battling piracy and having limited success. Small, independent developers, however, are recognising this is a serious problem and are generally stumped by what to do about it."
Imagine the developers face when he realizes that he forgot a ! in his if statement, while testing that piece of code.
Instead of deleting the files, they should encrypt the files.
:-)))))))
The decryption key will be provided when the product is registered.
-Mike
Deleting a user's home directory is a bad idea. It's not portable. How about those poor folks running Windows 9x. They don't have proper home directories. Even the ones in WinXP are half-baked. You'd have to build in a routine that'll erase the C:\ drive for those poor saps.
I too have been stung by rampant piracy, however I would never do what these authors did for fear of the potential legal and ethical problems it could cause to knowingly sabotage someone's system. In my case the software in question is Net Weasel, a small HTML editor that has had millions of downloads, has several thousand active users bugging me for support and zero registrations (that's right, not a single person willing to pony up any money). Yet people still email me claiming to have a legitimate copy and demanding that I fix bugs or release a new version. As it happens I do have an updated version I use myself and I'm working on a 2.0, but until I come up with a way to stop people from writing cracks its just not worth my time to release. I'm already compressing and encrypting the executable, there's a point when the copy protection gets to be a bigger project then the application itself.
"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
Curmudgeon Gamer: Not happy
Or how about something reasonable like deleting the software that the user was trying to pirate?
I don't think he'd have faced a lot of criticism if the software's reaction was that mild. However, he might have caught a lot of heat if it happened accidentally with a legit user.
I'm a professional software developer myself and while the software I work on isn't piracy prone, I'd never go this far.
Disable your own software, do bad encodes, draw goatse/tubgirl images on the encodings, but dont, DONT mess with files that doesn't belong to your program.
This is just plain immature, not to mention very wrong.
And yes, it seems like the author already removed it, but putting it there in the first place is bad.
I've read that adding timebombs to commercial binaries was potentially illegal. Wouldn't willful destruction of property (rm -rf ~) be even worse as victims would have an easier claim for damages?
I have some mixed feelings about piracy. I believe that, at the core, software piracy is morally reprehensible (sorry about using the term piracy for those of you that quibble about that, but it is the term used in the summary).
As a software developer, I feel that I ought to get paid for the work I do. I do work for a company that pays me to develop, so it's really their responsibility to make sure their software isn't pirated (if they want to protect their business).
Nevertheless, I feel that piracy can be benefically to any company, regardless of size. I think that it may even help smaller companies more than larger companies, because piracy may be the vehicle in which a particual software package becomes very popular. However, one has to realize that 100% of software can't be pirated, otherwise nobody would develop anything meaningful (excepting the free software movement, but that's something pretty special [and I do wholeheartedly support it, even with LOC when I can]--I am speaking in a manner of business). Like most things in economics, it probably requires the right critical mass (you need to have the right number/ratio of people buying your software to make you profitable, but you need to have a certian number/ratio of people pirating it to make it popular).
I never think that software should ever use measures that destroy your property (digital or otherwise) as a means to prevent piracy. I am glad that the author of the software mentioned above took out the folder deleting technique--I cannot believe he did that in the first place.
I think even deleting system programs is way too far. Suppose you have a user (an eye dee ten tee) who has his only copy of his master's thesis in his home directory... you can imagine what happens next. You can make the argument that he deserved it, but it doesn't justify wiping out his thesis.
If the program instead followed your suggestion (never minding the permission issues - it would have to be run as root) and deleted system software, what would happen if the program was run on a production server? Sure, it really ticks off the user, but a lot of things on the server for all users would grind to a halt until the deleted files are replaced. You just can't justify doing something this drastic.
perl -e 'print $i=pack(c5, (41*2), sqrt(7056), (unpack(c,H)-2), oct(115), 10);'
Have a look in Black's Law Dictionary for "extortion".
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
What's the point? The user's system is vandalized without reason. The loss of revenue does not equate to the destruction of the user's data. There is always the possibility that the user mistyped the serial number, or has a legitimate serial number which has unwittingly fallen into a pirate's hands.
Gamingmuseum.com: Give your 3D accelerator a rest.
In a civilized society, consequences are doled out by a court of law, not by vigilantes their software.
Comment removed based on user account deletion
then you know that the user is attempting to steal from you
Untrue
It's not common, but when I lose my key to a software product I have paid for, I don't bother with the (sometimes) huge hassle of trying to get it again. Over the past 7-8 years I'm sure I've registered many different software packages with many different email addresses so I usually have no idea what one goes with what software package.
I am in no way stealing. This guy is out of line. Removing the home directory of a user is ridiculous. Just delete the f'en product directory.
I've just signed legislation that'll outlaw Russia forever. We'll begin bombing in five minutes.
This actually isn't a new idea. I remember an early version of Lotus 1-2-3 (for DOS) that did something like this. If the program thought it had been pirated, it deleted its main .exe files. This forced you to have to re-install it (assuming you were the legal owner), but didn't damage any of your data or other programs.
At the time, they weren't using serial numbers as copy control. The floppy had some kind of copy protection on it (a "diskcopy" wouldn't work), and it wrote some files in the install directory that were marked system and read-only. You couldn't touch these files. If they got moved by a defrag program (for example), the program would zap itself. (I found that out the hard way. It was not mentioned anywhere in the manual.)
Doing this is probably the only legally defendable kind of destructive copy-protection. If the user pirates your software, he has done something illegal. That does not give you the right to do something illegal back to him. If he has no right to run your software in the first place, then there's nothing wrong with your software deleting itself, since he shouldn't have it in the first place.
As with my example above, when implementing destructive copy-protection, you must be very careful to make sure it won't backfire on legitimate users. I did own a legal copy of Lotus 1-2-3, which I had installed from the original disks. I didn't know that allowing the file to be moved by my defragger would cause the program to think it was pirated. Suppose Lotus had decided to delete my data files (no "home directory" on DOS) instead of just the 123 program? Then I would have lost my data even though I was a legitimate owner of the program and I was doing nothing wrong, according to the software manual. As it was, instead of losing my data, I only lost about half an hour of time performing a re-install.