Subject says it all: how should software vendors handle and cope with software piracy in general.

Postings regarding individual software users, other boards, and not being general of nature will be deleted.

regards.

paul

Since vendors can already identify illegal copies of their software, there certainly is a mechanism by which in the case of AV's and AT's they could simply deny updates which everyone knows would render these types of software useless in very short matter of time. * And should this be the case of an error, it wouldn't leave a legal user without complete protection until the matter got resolved. *A *"we're terribly sorry for the inconvenience" *wouldn't cut it.
In the case of p2p's, again a downloaded file could refuse to play after a certain number of times played.

But to access someone's system without authorization and start deleting entries and files is simply break and entry. *2 wrongs don't make it right !

I hope I'm not being too philosophical here, but, suppose I have a version of XYZ software and my neighbor has a version of XYZ software. Both of us "have" it, but I bought mine by downloading and registering the program with the vendor. My neighbor has his by downloading it from a warez site. The vendor has profited from the sale of his software from me. However, did the vendor lose anything by my neighbor stealing his from the warez site? The answer is - NO! The reason the vendor hasn't "lost' money from my neighbor is he has told me on numerous ocassions that he wouldn't ever pay for that software, but since he saw a free copy, he got it to check it out.

Two things here. 1) Each time there is a download of the product from the official site, it's money in the bank. When my neighbor downloaded the same thing, the vendor didn't "lose" money because the software itself is a series of digits and has no tangible value. No money left the vendor's bank or inventory left his shelf. It's like the warez downloader never existed. It's going to cost the vendor the same in capital outlay whether 50 download the software or 500 download the software from his site (assuming he breaks even). So the neighbor didn't actually "cost" the vendor anything.

2) As I have been saying in another thread, the hypocrisy of calling warez downloaders awful names while having even one Napster downloaded song on your hard drive is glaring. The music artists are not getting their cut of the song had it been purchased at the store. Same scenario for the software vendor.

The point being that intangibles are always going to be copied, traded, and make the rounds. Look at movies and VHS tapes. If I tape a movie off of HBO to keep, have I "cost" the Hollwood makers? No. Because there is a 99.95% chance I wouldn't have ever actually bought it anyway. They are not having to put a capital outlay out into MY version that I videotaped. The same can be said of music and mp3s. Before that, taping songs off the radio on cassette. There IS no way to stop it and software vendors have to focus on the honest buyer and the profit they are receiving and forget about the few that will download illegal copies. If they wouldn't have actually bought it anyway, no money is actually LOST.

This doesn't work with things we all have to have. Say you drive away without paying for gas. That COST the gas station because there is now less gas to sell and the guy who stole it is going to HAVE to purchase gas as long as he drives that car. So, he DID lose money. But the software vendor? He would never miss anything from inventory and is not "out" anything!

I'm not saying do nothing to try to stop it, I'm just saying it is futile and not worth messing with. You would be no less for the wear if somebody was using a pirated piece of your software, because it's just a bunch of zeroes and ones and whatever else, you would never know about it AND the bottom line here is that most warez downloaders aren't going to shell out the fifty bucks for the program anyway. But if they use the illegal copy - you are not OUT the fifty dollars either.

It's like watching the Cubs games in Wrigley field from the roof tops. Are the Cubs "losing" money off of them? No! Because they know most of those people wouldn't buy a ticket anyway and there is no servicing costs to them, so whether they are there and can see the game or are not there, it doesn't mean anything to the Cubs. They focus on their paying fans and go on.

It will always be with us. And the economics of the intangible loss is nothing to be concerned about as long as the product is of such quality that sufficient numbers of people BUY the product and you make a profit. *How many times do we have to go through this? Cassette tapes. VHS tapes. Illegal downloads and CD-R's, and yes, SOFTWARE. It comes with the landscape of selling something this is intangible (in that there are no production costs for *each* copy you sell). Naturally, I am speaking of shareware products here.

I'm still sick with the flu, so I am going back to bed.

John

Luv2bsecure, you are forgetting one thing.
Who do you think pays for the number of stolen copies ?
Registered users of course as these costs have to be absorbed by someone. *Wouldn't it be nice if you could pay say half of what your paying now for your software ?

Warez sites are another matter. *Laws don't seem to go fast enough to follow dev in that area. *But surely there could be crack downs on these by special task forces.

I certainly could do without the .mp3, but if i had no way but to get a legal copy of an AT, i doubt i would do without for very long, and if i made the comment i would never pay for it, well then let me be without access to an illegal copy, and see if my attitude would change, and i bet in a lot of cases it would.

I don't have too much to say, except that if the Codemaster's FADE technology that I wormed into the "Morpheus' New Anti-Piracy Move" thread in "privacy general" is a reality, I think that it is the ideal manner in which to deal with piracy. It keeps someone from stealing the software, yet allows a pirated copy to work long enough to be a demo...

-{ Quote: "Two things here. 1) Each time there is a download of the product from the official site, it's money in the bank. When my neighbor downloaded the same thing, the vendor didn't "lose" money because the software itself is a series of digits and has no tangible value. No money left the vendor's bank or inventory left his shelf. It's like the warez downloader never existed. It's going to cost the vendor the same in capital outlay whether 50 download the software or 500 download the software from his site (assuming he breaks even). So the neighbor didn't actually "cost" the vendor anything." }-
Scenario: *I develop a product, over a considerable period of time and at personal cost, a product which solves a particular problem and is popular.

Within weeks, even hours, of its launch, it's cracked and posted on warez sites. *What have I lost? *Everything. I cannot recover my development expenses. *I cannot look forward to a reasonable or even modest income from my labour.

I suggest to you that it is impossible to prevent reverse engineering. *However, the deterrent is to make it too much time and trouble to do so.

Consequently, if every downloaded copy of a licensed program were in some way unique - say, code shuffled about - then there would be no generic key able to defeat built-in copyright protection.

I have this one thought I like to share, Being from Connecticut,a small state in the USA, I am amaze how many non US citizens(spelling???) are in these forums.
* * * * * *But yet I keep hearing "you're breaking the law. So my thought is; Is there a world like law governing the Internet? It always seems to be people from my country who keep bringing up laws made in the USA and applying them to the rest of the World.
* * * * * * * * * * * * *Just a thought ???
* * * * * * * * * * * * * * * * * * * * * * * * * * *Regards
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * Tim

luv2bsecure has offered some astute observations about the psychological numbers game - LOST. Hmm... Some are crying "lost billions!". IMO one must HAVE something before one can LOSE it.

Oh yes, the hypocrisy of crying FOUL about cracked software while having cracked tunes, movies, etc. on ones HD.

Well, how about this possible hypocrisy:

Suppose a professional coder was vigorously fighting piracy and someone asked "Hey coder! Have you ever cracked a proggy or used warez?" I wonder what would be the truthful answer?

Piracy is a serious issue and in effect is stealing one's labor. But, countermeasures that trample privacy rights and break laws are unacceptable. Any business has a LOSS factor. It is unavoidable.

MickeyTheMan,

Heyus Mickey! ;D Got a question for ya; If all piracy were eliminated do you think the price of software would be reduced? For example would one be able to buy M$ OS at a cheaper price? :)

Well OK, back to the topic - Piracy.

(BTW Pete, I wasn't agreeing to the "dumb" part.:))

Seems to me the biggest sources of cracks/warez are Russia and Asia. So, one could plead to the governments but, IMO the response would probably be nada - no help.

The effective piracy countermeasure would need to be in the software. To be acceptable to all but the warez user, and probably be legal in all countries, the countermeasures should be benign - do not phone home, do not remove files, and do not require prog to have Internet access in order to function. Now this is a technical problem for the coder. How to do it?

Hello, I am new here but have been interested in the many & varied opinions.

Since this debate started I have been trying to think of a sure fire way of protecting the developers & users property,
Shareware is what it says not freeware or possibly not even a fully working product,

IMO the shareware vendors should ensure their product is firstly time coded with a warning that is either disabled or removed from the users machine after the expiry date & secondly that certain functions are crippled using one part of a keyfile (in the case of AV or AT updates come to mind) *so that, even if they do manage to break the time code, they do not have a proper working product and cannot activate it. I'm not a programmer but I am sure that a split encrypted keyfile is possible. (bicrypted?)

In the case of programmes requiring regular updates the encrypted keyfile (encryption proces?) may require changing or updating from time to time but this should be noted to the user via the EULA & stipulated on the vendors site

When & if the user registers the product a keyfile + any additional corrective code is sent to the user allowing activation & full use of the product.

The vendor would state this on their download site with appropriate links to both the EULA & Privacy statements which should both be unambiguous & in plain language.

Unfortunately, as with any system, in time, someone will crack it. Then, I guess, the only thing that limits usage is the need for updates which could be "caught" by the above method.

As I am not a programmer I would be interested in any caveats that such a system may encounter.


Alan M

Paul has posed a valid challenge to us with this thread, " How to handle software piracy?"

The following are some thoughts and ideas

I think my earlier post belongs in this thread as food for thought, but assuming there is something we MUST do to stop piracy, I offer a few ideas in the spirit of Paul's question.

First though to Mickey: I still believe the loss in warez, cracks, etc. is mostly "lost" to people who wouldn't buy the program anyway. You asked the question,
-{ Quote: "Who do you think pays for the number of stolen copies ? *Registered users of course as these costs have to be absorbed by someone." }-
Again, there are no "costs" to be absorbed! If it were something tangible like gasoline, where you took off and ran without paying, yes, that would mean less gas to sell and a need to absorb the costs. But my point is that if a cracked version is being used by X number of people and the vendor never knew it, there would be no "costs" to absorb. There's no inventory of tangible goods to "lose!" Or, as I think Blacksheep said it, "You have to HAVE something to LOSE it."

With that out of the way, what CAN be done? I think there are several steps a developer can take to minimize illegal software cracks, downloads, etc.

1. Eliminate username and serials to register the program. The serial racket is rampant. Why still produce software that relies on emailing a username and password after payment?

Technically, this is a violation of Paul's fair rules I suppose, but I am using this in a positive way so I hope it is OK. WebRoot Software (makers of Window Washer and others) was one of the first in the business to take a stand against piracy. They stopped emailing username and passwords and went to a system of the "trial" version being just that, and only that. Once it times out, it's timed out. There's no inserting of numbers to "activate" the program to "registered" status. If you want to own a copy of one of their products, you must order from the company and you will receive a URL which goes to a direct download of their fully licensed software. They change that URL sometimes daily so nobody can pass around the URL for downloading of the full version. This makes a lot of sense. So, why not eliminate a BIG problem (the passing of serials) by bringing a halt to the practice of serial numbers activating the product after a trial?

2. Target the distributors. *I would argue this is somewhat like our "war on drugs." Instead of the insane and extremely expensive practice of going after users, why not divert those resources into stopping the distributors? This could take the form of a consortium of software developers banding together to seek, find, and destroy those who are using the Internet to offer free access to their programs. This is a tricky area because of international laws, but just what goes on in the USA would put a big dent into the illegal software trade.

3. Much like music and movies, include software in the "conventions" of countries that are signators that allow for prosecution in one country for violations of copyright in another. This again would take the form of targeting the distributors and not the users. We currently have this to some extent, but not *recognized by nearly as many countries that recognize music/movie copyright laws.

4. Be prepared for the halt of SOME of this illegal activity, but not all. The problem will always be with us, just as it is in the music and motion picture industry. Realize that we are dealing with a global problem that requires the cooperation of many, many countries. A good example to look at with the problems with international enforcement is Child Pornography. Countries around the world all define it differently, they have different opinions as to what is and is not pornographic. Then there is the question if mere possession is a crime. In the US it is. In most countries, it's not enforced at all -- the focus is all on the distributors. Then the age question. In the United States we have the "under 18" law which means that if you have ONE picture on your drive and she turns out to be 17 -- you go to jail. Most other countries think this is extreme. Some say if the girl is under 16, some 14, in several it's still 12. See the problem? We are dealing with an international problem that requires much broader solutions. Trying to enforce things internationally is very difficult.

Which brings me back around to the ONE THING software developers should begin doing today, and that is stopping the serial number as being the activator. Instead of looking outside for protection, look at how the software is being distributed and offered for sale in the first place. Sure, there will be keygens and cracks to deal with, but the serial racket is rampant and will stop a lot of the piracy cold if software developers stopped the serial number method. It's too easy and spreads much faster than cracks and keygens.

In the spirit of Paul's question, I offer these things for discussion.

Regards,

John
Luv2bSecure

Vendor should realize there are different sorts of piracy:

The very common 'refuse to pay for anything' software pirate. If you disable your product they will find a better key generator or start using other software.

Warez hobbyist/collectors that like to try everything they can lay their hands on just for the fun it. If they like something, they might be tempted to buy it.

Potential customers that would like to evaluate the software for a longer period then the 30 days before they decide to buy it.

Potential customers that don't have the money to buy the product, but would like to in future.

Customers that share their products with friends or family.

So called 'consultants' or people that help friends or family maintain their PC and install software to manage the PC, but know their 'customer' is not going to buy the product, because they find it's too expensive.

IT professionals that don't have the funding to buy all the software they use or would like to try it for longer period.

People that 'forget' to order more license then they are already using. This is very common.

People who only buy software they use regularly, but don't buy software that they use only very occassionally.


The first type of software pirate will never be your customer unless you force them or they run out of alternatives. The same goes for people that install your product on other their friends or familie's PC to remedy a problem or people that find any software that didn't come with their PC too expensive.

It's the other types of customers you need to target. If you handle them too rough you run the risk they might not buy your product anymore or start to dislike your company. If you handle them too soft, they might 'forget' to buy the product or think they can get away with it.

It's up to the vendor how he would like to handle these customers and how large this potential customer base is.

I would like to offer luv2bsecure's Avatar as being germane to the piracy countermeasure issue:

http://www.privacy.org/themes/NewsForge/button_5sec.gif

Can update ability be tied to your network address? Or does that change all the time? (I've never really paid that much attention to whether it stays the same or not).

Or, could update ability be tied to something else that's specific to each individuals computer?

Either option with complete disclosure of what's being used? Pete

-{ Quote: "Can update ability be tied to your network address? Or does that change all the time? (I've never really paid that much attention to whether it stays the same or not).

Or, could update ability be tied to something else that's specific to each individuals computer?

Either option with complete disclosure of what's being used? Pete" }-
IMO auto-update must be user option. Manual update also user option.

Update ability can be tied to number of licenses and you're required to use a username/password to be able to update. If a certain username/password is used simultaneously you can mail the owner about a possible violation and reset their password.

The problem left is how you handle multiple user licenses.

It is a pleasure to see serious thought applied to a serious issue. ;D

-{ Quote: "Or, could update ability be tied to something else that's specific to each individuals computer?" }-

Pete, obviously it CAN be done. The question is should it be done? I tend to agree with Blacksheep on this as freedom and privacy comes before all else.

Micr.....(sorry)....... that BIG company up in Redmond, Washington has tied product activation to things that are specific and unique about the user's computer. Should everyone you buy software from know that you own a Brand X 60gig HD with a serial number of 10653M56X78, and a Brand X motherboard with....????

I say NO! There are things that can be done NOW (like my earlier post that included the idea of stopping the emailing of usernames and passwords to stop the serial number racket.)

We can ALL be safe and secure if we allow a corporate/government/elite axis to follow our every move, check all of our fingerprints and iris patterns, know the serial numbers of parts in our computers, eavesdrop without a court order, throw out probable cause and "profile" everybody into little boxes that they can keep an eye on us with. Do YOU want to lose your freedoms and rights for security? Now, it sounds like maybe you are proposing shareware software developers be allowed to have their software snoop around until they can find a unique identifier inside my computer? *

Would SOMEONE please send a copy of Orwell's 1984 to a few folks on this forum so they can see the eerie resemblance to everything going on today? Let's not continue down the road of killing privacy in order to protect software vendors!

John

"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety."
- Benjamin Franklin, Historical Review of Pennsylvania, 1759.

-{ Quote: "

Let's not continue down the road of killing privacy in order to protect software vendors!

John
" }-

This has been my point all along, I have made the same suggestions made in this thread already, but the only response I got was that I couldn't spell, and I was a thief. I have been surfing today and two people already claim to have gotten around, this one product, and are passing out the method, in all honesty, I would have sent this information to the vender. As I have sent it to other venders, from time to time. But after being called a thief, and so on, I just don't remember when I was out when I read, what I thought I read, hell I am just a moron, and didn't understand what they were talking about anyway.

Anyway, I have suggested, that two version be made, and the first version could not be registered this would just be for a demo, a stripped down version, then another version a full version could be bought. This suggestion was strapped cause it would require to much work, on the coders part to make two programs and maintain two or more download sites.

Every suggestion was knocked down that asked the to coder to do anything, it seems the coders only want to take the easy route, and break into pc, this is not now nor will it ever be acceptable.

Here in this thread you can find some suggestions made by me and others, plus perhaps get answers to other questions. It's a long thread but a good read for anyone, that truly wants to help.

http://www.morelerbe.com/cgi-bin/ubb-cgi/ultimatebb.cgi?ubb=get_topic;f=14;t=001217

I am writing from the United States. In the USA we worship at the shrine of the "free market." Until developers do all THEY can do to stop thievery of their own product, they should look nowhere else. The "too much work" line is bogus. If it's "too much work" to do what needs to be done to protect your product, then don't complain when it is stolen. Simple. As for maintaining two download sites, that is really very lame. They could only HOPE they could keep both download sites busy! Another download site would cost per month what ONE piece of registered software would cost. So that one doesn't wash. I am in full agreement with the tossing of the old serial number route and offering a timed-out demo and if you want to purchase the product you are, after payment, given a unique URL which could change daily, to download the licensed version. Or, would that be too much trouble too? It seems many want to wave the flag and worship free enterprise, but they don't want to have to accept any of the responsibilities that go along with it. If all of the ideas we have mentioned, to help protect THEIR product, is dismissed as "too much work" maybe they should hang up their digits and find an 8-5 job and forget about having to "work so hard."

John

http://www.washingtonpost.com/wp-dyn/washtech/columns/fastforward/A36516-2002Mar16.html

I agree - Two different programs (from different servers) should be the way it's done.

The trial program would automatically, irrevocably stop working after the trial period (is there a way to encrypt the code that would cause it to do so to prevent tampering/cracking?) and would have to be un-installed prior to d/l'ing/installing the full-featured, registered copy.

Couple of points to ponder: (a) Bandwidth isn't free - the developer has to pay for it, and the larger (the program itself) or the more frequent its' use (the updates), the more expensive it becomes. What I wish we had were real-life examples from some of the independent smaller software developers stating their actual costs in that area. Therefor, in my opinion, the argument that 'they're not losing anything' due to piracy doesn't hold even a drop of water - they're losing money every single time someone d/l's from their server that hasn't paid for the license to cover that bandwidth cost.

(b) We also seem to be sluffing off the cost of the initial purchase of a server itself - they are not cheap (pick up your favorite computer mag and check the prices on the ones they evaluated last and you'll see what i mean). They also require upkeep/maintenance/updating to stay secure and reliable (the developers time spent doing that costs him time [read money ] that could have been spent doing other, more program-oriented things that would more directly benefit the programs' users' ).

So let's not try to pretend that money isn't being lost or not being spent by the developer to keep his program on the Internet, okay?

As far as the possible 'identifier' I mentioned (network address, or something similarly unique to each individuals computer), I think that the use of such a process should be left up to the purchasers of the program itself . Just about every developer today has either a newsletter, an online forum, or both - they should use those resources to discuss those kinds of options with their users. Personally, I wouldn't have a problem being uniquely identified by any of the software makers I've chosen to trust by using their programs ( not referring to OS providers, here! ).

If they at any point would ever abuse that trust, the remedy would be quite simple - you un-install their program, find something else to use and broadcast their betrayal all over the internet to warn others!

Another thing I think they may need to do is quit pushing updates ! If you want to see if there's an update to a program, go to the providers main site and check and, if need be, manually d/l and install the update yourself ! Yes, it's slightly more inconvenient for the user to do it that way, but ultimately, it's more secure (c'mon guys, you know you should at least be together enough to check for updates yourself every day) , and probably would help the developer out, too (from the standpoint of not automatically offering the updates to all the people who don't legally use the program).

As a side-note, I'm definitely not convinced at all that people that don't actually use a given program should be given a voice in what the developer does with (as far as protecting it from theft/misuse goes) it.
Sure, everyone should have input on suggestions as to how they think the issue should be handled, but people that don't purchase a given program (and definitely the thieves) do not have the 'right' to dictate what the softwares' programmer must or must not do. (Some seem to be conveniently forgetting that the programmer has rights, too).

As long as the developer clearly, in plain English, on his site, on his forum, in his newsletter and as part of the installation routine itself spells out what he's going to do to protect his copy-writed material, then only the people who use/purchase the program have the right to make decisions on it. You either accept what the programmer wants to do with his property - or you buy something else!

BTW, why wouldn't someone use their primary email addy to initiate getting/paying for the program from? I think that should be an up-front requirement as well!

Isn't this what freedom of choice and free enterprise are all about ? Pete

I would think that in the case Av's and At's which need to be updated regularly to have and keep any value, it's much more the updates themselves rather than the programs that developers should seek to protect. *Surely there could be ways there where one would need to show clean hands to obtain such updates.

-{ Quote: "As a side-note, I'm definitely not convinced at all that people that don't actually use a given program should be given a voice in what the developer does with (as far as protecting it from theft/misuse goes) it.
Sure, everyone should have input on suggestions as to how they think the issue should be handled, but people that don't purchase a given program (and definitely the thieves) do not have the 'right' to dictate what the softwares' programmer must or must not do." }-

Absolutely correct. It's a free country! A software developer can do whatever they want. They can make their program easy for piracy or they can make it difficult and not worth the trouble. I don't think anybody that's posted here so far has suggested that software developers have to do things one way or another. I think the posts have all been in the spirit of Paul's challenge and question: "How to handle software piracy?"

John

Here's an idea (yeah, here we go again!):

One of the good (by that,I mean useful, in terms of anti-piracy) features of anti-virus and anti-trojan programs is that they are self-obsoleting. *Without updates, they might as well not be used.

Suppose: *I want to update TDS (or WormGuard, or whatever) so I must either logon or be logged on to the Net. *Let's say I click a button marked "Update". *Next thing, I send an email to DCS (or whoever) requesting a tailored update. *The email identifies me as a registered user. *The reply is a one-time key pinged directly to my sofware. *The update takes place. *No unregistered users can update a copy.

Any holes in this, folks? *:)

Re-reading this, I don't think I made it very clear. *So:
User installs TDS User visits DCS to register During registration, TDS checksums the install disk's major software components - which makes a fairly unique signature of that disk The signature is uploaded to DCS during the registration The keyfile is sent to the user user begins normal, registered TDS operation
Then, as time passes:
User wants TDS update User logs on to Net TDS automatically sends an email using the email address used when registering DCS sends a message to TDS uniquely identifying an update for it TDS retrieves and installs the update along with the previous signature
No other user can use this update since the signature (checksums) would not match anyone else's hard disk, and TDS would throw up loads of error messages. *No other person can get a copy of the update from DCS since they won't have the same email address, and even if they did, no second copy will be issued except by DCS administration authority.

There, does that read better?

More thoughts: *suppose the keyfile was more than just a keyfile! *Let's suppose that TDS's checksum feature was permanently engaged, and the data produced from it was stored in the keyfile. *Copy that to someone else's machine, and it would create havoc!

This does imply that, when a user registers TDS, that at least some checksum info is gathered during the registration process, and a customised keyfile is sent to the newly-registered user. *And that TDS will not operate on a 'blank' keyfile.

Ho hum. *Back to offline mode.

will i actualy know how to stop software piracy for good but im wont say how untill i patent it lol=)

unfoutunitly my way can be a little expensive and its only god for as long as you owen your computer meaning you cant install it on another system.

youed have to send 10 bucks and the cd back to get a new one for your new computer lol.

id only recomend it for expensive programs like photo shop and animation master 600$ to 800$ dollar software

Hi Checkout,

I'm not sure whether I understand this right:

-{ Quote: "
During registration, TDS checksums the install disk's major software components - which makes a fairly unique signature of that disk" }-

You can of course change "the install disk's major software components", or do I understand you wrong?

Same as you, I too was thinking about some checksum algorithm, but alas, my brain doesn't seem to work very well the last days, so I have not come up with some solution....

BTW: if a checksum algorithm will be used for these kind of things, let it please not be CRC32: much too unsecure!!!

-{ Quote: "Hi Checkout,

I'm not sure whether I understand this right:


You can of course change "the install disk's major software components", or do I understand you wrong?

Same as you, I too was thinking about some checksum algorithm, but alas, my brain doesn't seem to work very well the last days, so I have not come up with some solution....

BTW: if a checksum algorithm will be used for these kind of things, let it please not be CRC32: much too unsecure!!! " }-
I wasn't thinking of any particular programs - whatever the user has installed, such as an AV or firewall, as well as (perhaps) the Windows (or whatever) directory. * Maybe files chosen randomly.

It'd be nice to hear a developer's take on this.

With the increasing size of updates (KB-wise), I don't know whether (a) ISP's would appreciate the increased traffic on their mail servers or (b) whether I'd like having to wait wait my dial-up mail service takes forever to get it into my inbox.

How about this - Every time you do a scan, the program automatically notes all keygen programs found on your computer.

The presence of any that have displayed the ability to crack this particular program get flagged.

The next time you request an update (or one is automatically initiated), the update server checks for the presence of any flagged keygen programs on the requesting computer - if it finds any, the update aborts with a message to contact the software maker (period).

Sound familiar? Pete

-{ Quote: "With the increasing size of updates (KB-wise), I don't know whether (a) ISP's would appreciate the increased traffic on their mail servers or (b) whether I'd like having to wait wait my dial-up mail service takes forever to get it into my inbox.

How about this - Every time you do a scan, the program automatically notes all keygen programs found on your computer.

The presence of any that have displayed the ability to crack this particular program get flagged.

The next time you request an update (or one is automatically initiated), the update server checks for the presence of any flagged keygen programs on the requesting computer - if it finds any, the update aborts with a message to contact the software maker (period).

Sound familiar? Pete" }-

That would be considered Spyware and profiling, not an ideal, that's going to get off the ground. One program has no right to scan a computer for keygens, unless the users knows what it's doing, a keygen is not a Trojan, a Trojan scanner needs to stick to it's job and scan for Trojans.

Same with any program, it should only do, what it was designed to do nothing more.

The last method used by the vendor, that basically caused all of this, is the correct way of dealing with piracy.

If an illegal key is found in the same directory/folder as the program being used illegally, deleting the key is acceptable, but if the key is in say, another folder, or in an e-mail as an attachment, then it can not be touched, possession is not necessarily a crime, only when the key is being used, or it is in the same directory/folder.

Since this issue does no longer affect TDS in particular, but instead is covering a general question after DCS has handled this in specific, this thread has been moved to "other security"

regards.

paul

-{ Quote: "The last method used by the vendor, that basically caused all of this, is the correct way of dealing with piracy." }-

Ah! *You're back! *I wondered where you'd gone, *Vampirefo Spy!

-{ Quote: "If an illegal key is found in the same directory/folder as the program being used illegally, deleting the key is acceptable, but if the key is in say, another folder, or in an e-mail as an attachment, then it can not be touched, possession is not necessarily a crime, only when the key is being used, or it is in the same directory/folder." }-
You're on shaky ground here, Vampirefo Spy. *The law decides what's acceptable and what isn't, not individuals like you. *Whether you like it or not.

-{ Quote: "vendor" }-
Hey! *Cunning disguise! * ;D

-{ Quote: "

You're on shaky ground here, Vampirefo Spy. *The law decides what's acceptable and what isn't, not individuals" }-

I like this comment, seeing that is exactly, what the whole thing was over one company thinking it was up to them to decide whom was guilty or innocent, LOL, however, a good public smacking, and they got right back in line.

Now can you stay on topic?

Hi Checkout,

I LOVE your idea with the comparison table. I saw some of the posts about smileys and all that, but if you just kept it a "this is what this program does and that program does this" kind of thing I think many, many people would find that extremely useful. For one thing, so many people seem overwhelmed with the whole idea of computer security. It just sounds complicated and they don't know where to start. Your simple to use table could be a real ice breaker for newbies especially. I think it's a great idea. Good job!

John

FYI: after consulting parties involved, possible offending posts/part of posts have been removed, and referrers to it as well.

This thread has been opened once more.

regards,

paul