Independent Developers Fight Piracy & Lose

An anonymous reader writes "The author of the Echelon decided to take his fight against software piracy to the next level and then threw in the towel. After someone began posting new serial numbers on a well known hacking site, the author took matters into his own hands. With version 1.0, entering a hacked serial number causes the software deleted the user's Home directory. Yes, you read it right, the software completely erases it (aka rm -rf ~). A variety of people have voiced some some strong opinions on this. While some argue that piracy is good for established companies, a few large companies are battling piracy and having limited success. Small, independent developers, however, are recognising this is a serious problem and are generally stumped by what to do about it."

Oh dear...

Imagine the developers face when he realizes that he forgot a ! in his if statement, while testing that piece of code.

A Better Idea

Instead of deleting the files, they should encrypt the files.

The decryption key will be provided when the product is registered. :-)))))))

-Mike

Re:A Better Idea

Instead of deleting the files, they should encrypt the files.
The decryption key will be provided when the product is registered. :-)))))))

This is likely to be only slightly less illegal than deleting someone's files.
Effectivly you'd be holding someone's data to ransom.

Not portable

Deleting a user's home directory is a bad idea. It's not portable. How about those poor folks running Windows 9x. They don't have proper home directories. Even the ones in WinXP are half-baked. You'd have to build in a routine that'll erase the C:\ drive for those poor saps.

A few things...

First, at least he didn't start emailing parts of the user's mailspool to address book entries!

I always thought it was kind of ironic when the small people back the groups like SPA / BSA. Those "industry" groups represent those who fund them, and AFAIK will do nothing for the little guy. They are funded by the big players.

There have been a few other similiar cases. I believe one of the popular Windows CD recording packages would burn garbage CDs if you entered the wrong serial number, or entered one of the popular serial numbers found on google.

While I sympathize, this is going to far.

I too have been stung by rampant piracy, however I would never do what these authors did for fear of the potential legal and ethical problems it could cause to knowingly sabotage someone's system. In my case the software in question is Net Weasel, a small HTML editor that has had millions of downloads, has several thousand active users bugging me for support and zero registrations (that's right, not a single person willing to pony up any money). Yet people still email me claiming to have a legitimate copy and demanding that I fix bugs or release a new version. As it happens I do have an updated version I use myself and I'm working on a 2.0, but until I come up with a way to stop people from writing cracks its just not worth my time to release. I'm already compressing and encrypting the executable, there's a point when the copy protection gets to be a bigger project then the application itself.

Typo in the headline!

Should read;

"Independent Developers Fight Piracy & Lose

Your Data".

The original version said "...Lose Your Pr0n Collection" but it was too long. The new shorter version is too terse.

Wow, what was his clickthru license like?

I'd love to read his license agreement.

A New Slogan

Echelon - Redifining the Meaning of BOFH (or perhaps BDFH?)

What the h*ll?

I'm a professional software developer myself and while the software I work on isn't piracy prone, I'd never go this far.
Disable your own software, do bad encodes, draw goatse/tubgirl images on the encodings, but dont, DONT mess with files that doesn't belong to your program.

This is just plain immature, not to mention very wrong.
And yes, it seems like the author already removed it, but putting it there in the first place is bad.

Mixed feelings about piracy

I have some mixed feelings about piracy. I believe that, at the core, software piracy is morally reprehensible (sorry about using the term piracy for those of you that quibble about that, but it is the term used in the summary).

As a software developer, I feel that I ought to get paid for the work I do. I do work for a company that pays me to develop, so it's really their responsibility to make sure their software isn't pirated (if they want to protect their business).

Nevertheless, I feel that piracy can be benefically to any company, regardless of size. I think that it may even help smaller companies more than larger companies, because piracy may be the vehicle in which a particual software package becomes very popular. However, one has to realize that 100% of software can't be pirated, otherwise nobody would develop anything meaningful (excepting the free software movement, but that's something pretty special [and I do wholeheartedly support it, even with LOC when I can]--I am speaking in a manner of business). Like most things in economics, it probably requires the right critical mass (you need to have the right number/ratio of people buying your software to make you profitable, but you need to have a certian number/ratio of people pirating it to make it popular).

I never think that software should ever use measures that destroy your property (digital or otherwise) as a means to prevent piracy. I am glad that the author of the software mentioned above took out the folder deleting technique--I cannot believe he did that in the first place.

Completely Unacceptable

If the author of the software had simply deleted the software itself, or disabled it in some way, this could be acceptable, but deleting a user's home directory goes WAAAAY over the line.

A good general guideline for ethical behavior in CS is theACM Code of ethics. This violates several points, including: [acm.org]

1.2 Avoid harm to others.

1.3 Be honest and trustworthy.

1.7 Respect the privacy of others.

(1.2 is the most applicable here, I think)

Good for him

I'm a big supporter of free software, and am totally against software piracy. A contradiction? No SIR!

Free software depends on adherence by users to an agreement with the developers not to illegally use the software in a proprietary manner. If we expect people to abide by free software licenses, we have to abide by commercial software licenses too.

In my opinion, the only thing he did wrong was to not put a clause into his license that when the user clicks on it specifically authorizes the code to delete the home directory if it chooses to.

Stop stealing music, software, etc. while at the same time expecting free software to remain free. It's hypocrisy.

hitting back is illegal all the same

No matter if they killed your dog first, if you kill theirs back in revenge you'll just as culpable as they are.

On the other hand, I can understand the difficult situation of small companies defending theirselves (we've also had to deal with similar situations lately).

I just don't accept this course of action. It just doesn't make him any different. Acting like this just proves his ignorance and inability to come up with a suitable defense (has not to be perfect, just enough to generate some reasonable income).

Developers still don't get it

Pirates *aren't* your customer base. They don't buy software. They may use your program without paying, but they aren't a lost sale.

Spending time trying to convert them into customers is completely wasted. Stop them from using your program with a perfect protection scheme, and all they'll do is use a different program.

Do it in a rediculous manner like this joker, and all you're going to do is drive away your legitimate customers. I wouldn't pay for this thing in a million years. Who knows what crap this thing could pull in the future? All it takes is one bug, and suddenly it thinks legit users are pirates...

This stunt he pulled has caused far more loss of sales for him than any software piracy.

Re:Too Far?

Well, go ahead and do that, if the software is running with access to those things. If, for example, the software is running with only write access to the user's home directory, then what?

Re:Too Far?

Perhaps grabbing files from the home directory and encrypting them. Contact the author for resolution.

Tools like these should also have a built-in sunset date. If, in fifteen years, someone is using this ancient copy of your software b/c they can't purchase it... just let it go.

Re:Too Far?

Or how about something reasonable like deleting the software that the user was trying to pirate?

I don't think he'd have faced a lot of criticism if the software's reaction was that mild. However, he might have caught a lot of heat if it happened accidentally with a legit user.

Illegal?

I've read that adding timebombs to commercial binaries was potentially illegal. Wouldn't willful destruction of property (rm -rf ~) be even worse as victims would have an easier claim for damages?

Re:Too Far?

At first glance, you might think, "Yeah! Serves 'em right! Delete their home dir!" The thing is, it's akin to setting up a trap in your car or home for burglars that hurts or kills them (although deleting ~user shouldn't be physically harmful, at least directly). In short, going on the offensive in an equally or more sinister way doesn't always make it the right thing to do.

Re:Too Far?

I think even deleting system programs is way too far. Suppose you have a user (an eye dee ten tee) who has his only copy of his master's thesis in his home directory... you can imagine what happens next. You can make the argument that he deserved it, but it doesn't justify wiping out his thesis.

If the program instead followed your suggestion (never minding the permission issues - it would have to be run as root) and deleted system software, what would happen if the program was run on a production server? Sure, it really ticks off the user, but a lot of things on the server for all users would grind to a halt until the deleted files are replaced. You just can't justify doing something this drastic.

Re:Too Far?

Have a look in Black's Law Dictionary for "extortion".

-jcr

Re:Too Far?

Well, to begin with, it's completely unreasonable, as the amount of damage is pretty much random. A *long* time ago, the idea of "eye for an eye" was established as reasonable punishment. Yes, reasonable, since before people would do things like "You break my arm, I set your house fire with your family inside". Eye for an eye set a reasonable upper bound which wasn't that bad in those times. Trying to go back to before that by this kind of completely unreasonable revenge is ridiculous.

Besides that you have a legal problem. I'm fairly sure that somebody could argue that even though they caused you a $100 of loss (or whatever it costs), the nuked home directory caused $10K of loss. That kind of thing could turn out *really* ugly.

Re:Check the EULA

This may be a troll, but I'll bite. Just because something is in writing, doesn't mean it's legit or legal! I could put a clause in my EULA saying "If you read this, I can take all your money and all your children's money", but that doesn't make it legal or enforceable.

Re:Check the EULA

No, that is not true. A license cannot violate the laws of your country, and in the U.S. a license cannot take away any of your constitutional rights.

A provision in a license does not give someone superpowers over you. The only remedy legally available to software distributors/makers/developers that have users who are breaking the terms of the license is: termination of the license. There is no way to legally destroy files on a user's machine no matter what they have done to you.

-Jem