Ask Slashdot: What Is a Reasonable Way To Deter Piracy?

An anonymous reader writes "I'm an indie developer about to release a small ($5 — $10 range) utility for graphic designers. I'd like to employ at least a basic deterrent to pirates, but with the recent SimCity disaster, I'm wondering: what is a reasonable way to deter piracy without ruining things for legitimate users? A simple serial number? Online activation? Encrypted binaries? Please share your thoughts."

life-long updates

You could choose to provide life-long updates for those that buy the tool. At least that made me pay for several programs.

Re:life-long updates

[Stormy+Dragon]

On a similar note, I once saw a utility that, if unregistered, would let you use everything in it, the only catch being that all of the fonts in the tool switched to Comic Sans.

Re:life-long updates

[stephanruby]

The guy is asking the wrong question. He should be asking questions like "How can I maximize profits?" or "How can people find out about my utility?" not "What is a reasonable way to deter piracy?". One doesn't necessarily follow from the other.

In any case, coming back to his original question. Perhaps his utility could help his customers deter the piracy of the graphics they create with it (may be some kind of self-signing/watermarking/registration system for their own graphics). A customer who tries to protect his own assets will probably not want to try doing it with a pirated copy of the software. It would be too high a risk that whoever pirated that software also crippled/modified the functionality that would deter piracy of the images as well.

Re:life-long updates

[Kaenneth]

If you cripple the product in ways that could be mistaken for a bug, then they will think your products are shit, and never buy them even after they get a real job and move out of their parent house.

Re:life-long updates

[TapeCutter]

Who doesn't save up at least a tiny bit of money (say 3 months salary) in case of a fucking emergency?

Your living in a bit of a bubble on that one, sure I personally have a years worth of salary in my rainy day account but I'm in my 50's and have been earning good money for the last 20yrs. My daughter is married with 3 kids, they are a typical middle class couple, her hubby is a qualified mechanic and has a decent job with plenty of overtime. Like millions of other families just like them they live for the next paycheck, they have no other choice, they simply cannot afford the luxury of a 3 week cash buffer, let alone 3 months. And all this is in Australia which has a much better social "safety net" than the US.

Unless you are either extraordinarily lucky or talented, it will take you a good 10-15yrs after leaving school before you have more assets than debts, especially if you decide to have children while your still young enough to enjoy them. Some people never get there, others experience some disaster that puts them back to square one after a lifetime of hard work. I personally know more than a few people over 40 who through no fault of their own are still living from paycheck to paycheck.

You and I are lucky to be in our current financial situations, I know this because I started my working life as a HS drop out and for a few months in my 20's found myself homeless while at the same time being employed full time on a fishing trawler working the southern ocean. Your post is lacking the requisite humility and empathy for the vast majority of people who are in a less comfortable financial position, many of whom have worked themselves to a level of physical and mental exhaustion that, judging by your comments, I very much doubt you have ever experienced.

Professional Piracy: 3rd-Party, Paid Obfuscator

[Neuroelectronic]

The biggest thing you should worry about is not customers ripping off your product, but shovelware firms rebadging your product and stealing your market with their superior ability to reach the customer.

Advice from a service technician

Whatever you do, man, make it easy for people doing reinstalls to preserve the install key. A lot of times we redo a computer for a customer and we can't put back some software because there's no way to get the key. Something like an online system where you enter your e-mail address or something to re-register could be nice in those cases, assuming the worst case that whatever stored the registration was deleted.

Don't require online connectivity to run once registered though, that's just asking for trouble.

Don't

[nitehawk214]

Seriously. Don't. If your program is any good, people will pirate it. Actually even if your program is terrible people will pirate it, just because they can. And they can, no matter what steps you take. However people are vastly more likely to give money to a indie developer. Pirates can be classified people that are either compulsive/hoarder pirates and wouldn't pay for it anyhow, genuinely need your program but cannot afford it, and people that will pay for it after a "trial run" when the realize you are an indie developer and your program is reasonably priced.

Think of your paying customers foremost

[Gaygirlie]

You have seemingly already decided that you're going to implement DRM, so the next question you should ask yourself is: "How much am I willing to inconvenience my paying customers?" Also in similar vein is the question: "How much time am I willing to spend on a protection scheme that will be circumvented anyways?" The problem with DRM is that it doesn't stop dedicated people at all, it merely stops the "let me borrow the CD and I'll install it, too" - crowd, nothing else, and therefore it's waste of both your and your customers' resources to use much time or effort on it.

A simple install-time-only online activation is probably the best of both worlds as long as you can ensure that your activation servers are always accessible. Anything else is just a losing game.

Price it reasonably

[Todd+Knarr]

That's probably the easiest way to deter piracy: price it reasonably for it's job. Most people would rather get it legitimately than pirate it. Make it easy to download without going to shady download sites like CNet (I say shady because there's no way of telling where what they're hosting came from or who put it there, and I do not trust software where I can't trace it's provenance). Hosting downloads from your own domain will help, and leads into the next item: mark each copy you sell. Encode a serial number and buyer identity into each copy, making each one unique to the buyer. Make it clear when they buy that the copy's been stamped with their identity, and do the same on the initial splash screen if any and in the About dialog. This won't be seen by most people as anything particularly objectionable in itself, at the same time it'll make them skittish about just handing it out willy-nilly knowing that if someone they give it to uploads it to a torrent site or something it'll be them clearly identified as the source. It won't stop the hard-code pirates, but then very little will. It won't stop people from installing an extra copy for family. But it should be enough to convince the majority of people to tell their friends to just shell out the $15 for their own copy.

Re:Sigh

[lgw]

I like simple one-time online activation (if it's an open download), or put it up on app stores with a price but no other measures. It's not much of a barrier to a pirate, any more than the lock on my front door is a barrier to a thief, but it sends a clear message: "this isn't free software, you're supposed to pay for this". That message will deter almost anyone who can be deterred.

Re:No need to go overboard

[Immerman]

Well, since after decades of trying nobody has ever managed to do more than delay the pirates for more than a few months I think groups 2 and 3 can be assumed to be permanent characteristics. And I seriously doubt your 1% figure, unless you're talking so far back that people didn't really think of software so much as the product as the reason people bought your hardware. Certainly in the late 80s I remember piracy being pretty rampant - software, music tapes, VHS, you name it. It just wasn't the sort of thing you would notice unless you actually saw somebody making a copy. It's more convenient now that you can copy stuff from people you've never met, but I think the bigger change is just that now the content creators can watch it happening.

And frankly group 3 is almost irrelevant. It doesn't matter if they're responsible for 99.99% of the copies in existence, nothing you do will make them buy it, so any attempt to stop them from copying is 100% wasted effort. In fact it probably *reduces* your sales because sometimes people from group 1 or 2 will learn about it through them and then pay you. So in a rational world the goal is then:
1) Don't seriously inconvenience goup 1 - these people are your bread and butter, you should be doing everything you can to make them happy.
2) Do everything you can to convince group 2 that they should pay rather than pirate. Just keep in mind that you're competing against your own product stripped of all copy protection, so more secure and annoying copy protection actually works against you. Possible strategies include leveraging guilt and/or minor inconvenience during install (serial numbers, please don't copy screens, etc), or providing incentives for legitimate customers. Major or ongoing inconveniences just provide large-scale pirates incentive to strip out your copy protection in exchange for some geek cred, while providing potential customer incentive to choose the pirated version over the legitimate one. Moreover a poorly or maliciously implemented copy protection bypass can compromise the integrity and stability of your software in ways that aren't obviously due to the bypass, damaging your brand image.