software piracy (was "Interactive and me")

Martin Weitzel martin at mwtech.UUCP
Wed Jul 18 02:01:52 AEST 1990


In article <1990Jul16.161613.11171 at pcrat.uucp> rick at pcrat.UUCP (Rick Richardson) writes:
[estimations concerning number of illegal copies deleted]

>Alternatively, and I think something that could work, could be
>a common authorization center used and funded by all software
>vendors.  Open 24 hours, with an 800 number that is rarely busy.

SMALL FLAME ON
Again and again: Do all you US folks think civilized countries
and people which might like to use your products can not be found
overseas?
Can you imagine the cost for such an "authorization call" from
europe. From all experiences I've made there would of course be
*no* toll free number for anyone outside the USA!
SMALL FLAME OFF

Nevertheless, your idea looks interresting ... let's see.

>When the User installs the software, he gets an authorization
>request number based on the serial number, but permuted randomly.
>A quick (< 5 minute) call to the center gets you the authorization
>reply.  You give them the request number, name, address, and phone.
>They give you the reply number (possibly by a return call to
>the phone number given).  The center *never* refuses an
>authorization request.

>Cost to the vendor, maybe $1 per authorization.  You may still
>get illegal authorizations, but at least now there's an audit
>trail.  The vendor gets a periodic report for his authorizations.
>Seing that serial number 143265 has been authorized an abnormal
>number of times to a number of different people, he may want to
>initiate an investigation.

Really? It's not uncommon for a small company like mine to run
several systems. Furthermore it's not uncommon to have several (say
five to ten) installations for a single system, especially if it turns
out that you have some defective piece of hardware (as one of my
harddisks about six months ago) or until you have found a satisfactory
disk partitioning. On the other hand: with a second, third etc. system
I am experienced enough to get the installation right at the first try.

But most important: How do you "tie in" the hardware on which the
system is installed? Eg. can I copy and move around an allready
installed version of the programs? I hate software which notes
its inode number or directory slot on installation time and
refurses to work if I decide to move (eg. onto some other disk)
or restore it (from the backup copies). Which parts of my hardware
can I no longer simply exchange without doing a new installation?
But if there is no reference to the hardware noted somewhere in
the installed software, I can simpy copy it after installation.

>The vendor is in complete control of how to use authorization
>replies.  For example, he might allow the reply to work only
>with a specific request number, or for any request number
>generated in a one-day period.  This second alternative is
>useful in case the user is having trouble getting the package
>installed.

How does the software read the date? I simply can set the  hardware
clock of some other system to this value, before I do an illegal second
install? After installation the time *must* be changable.

[estimations about costs deleted]
I would surely appreciate everything that saves some Dollars (or DM
in my case), but nothing that gives me an additional uncertainity when
the system installation doesn't work:

	- Is my hardware defective?
	- Did the authorization center give me a wrong number?
	- Was it because I advanced the hardware clock too far?
	- Is there some "state"-info on the masterdisk which
	  just got "out of sync", because I had to abort an
	  installation?

Surely no company which uses such a scheme would uncover the details
about it, so every wierd hack might have been used and bring me into
difficulties. But some lost working hours are much more expensive to
me as the savings you calculated above. So I would strongly consider
to choose some other product, if one without such an authorization
scheme were available.

>[ Long-Posting-Obligatory-Humor follows for those that read this far ]
[humor deleted, some psychology inserted - you
may hit "n" now if you are not interrested]

Normally, I'm in the role of a customer, but if I put me into the
role of a vendor, I see things as follows:

Software piracy is some kind of betrayal. If I want my customers
to be honest to me I should be honest to them *and* give them the
feeling that piracy is a bad thing, especially concerning the product
I give to them. One factor is the ratio of the price for my product
with respect to the value of the product for my customers. If the cost
is low compared to the value (eg. Turbo-C) there may still be piracy
but there would certainly be much more if the customer thinks that
my product is priced too high or not what I promised.

A second psychological factor is how easy I make it to steel my
product. If I try to make it complicated, the customer hast to
work more or less hard to find out how it could be used illegaly.
Anyway, if he manages to get arround the barriers I've built to protect
my product, he has "done some work", and from a psychological point
of view he has "paid something" for the illegal use. So the illegal
copy is not so much "stolen" as it would have been if it could simply
be copied when I have used no authorization scheme.

Lastly, if my customer receives a buggy product (which software has no
bugs?) for which he had to pay much and again would have to pay much only
to get a version with the bugs fixed, he may feel more tempted to try
software piracy as if there were a friendly policy for upgrades: Bugs
are often fixed together with upgrades and in most cases one can not
get the bug fixed without upgrading (... which often introduces new bugs
and keeps the wheel turning 1/2:-)). Given the case someone has honestly
bought several licences for product which turns out to have bugs, I could
imagine that this someone would buy only *one* update but replace the
buggy software of *all* licensed systems from this one upgrade, because
he or she feels to have the right to do so, if there's no other way to
get the bugs fixed.
-- 
Martin Weitzel, email: martin at mwtech.UUCP, voice: 49-(0)6151-6 56 83



More information about the Comp.unix.i386 mailing list