Is software piracy always bad? Is there any amount of piracy that you should tolerate, or even embrace? What determines how much, if any?
First of all, no one can deny that by the very nature of software being a binary set of bits, at some point, given enough effort and CPU cycles, a determined hacker can figure out a way to circumvent and/or disable even the most ingenious protection schemes. OK, I said it. It’s out there.
Piracy vs. Overuse
But, piracy is not the same as “overuse.” Most people would define software piracy as the deliberate attempt to use or resell software without paying the legitimate software publisher for a license. With piracy, there are usually two offending parties in the transaction: the hacker (seller) and user (buyer).
Overuse, on the other hand, can be inadvertent or unintentional. It represents software usage in excess of what’s allowed in the user’s license agreement. So, although the software was paid for, it was used in an unauthorized way. These two scenarios (overuse and piracy) are really very different, and can be addressed by publishers and users in a variety of ways.
What determines a software publisher’s approach?
How software publishers view and handle piracy and overuse varies widely. The diversity of viewpoints and approaches reflects various factors, including:
- per-license prices,
- product complexity and deployment model,
- customers’ expectations and technical capabilities,
- copyright laws in target markets,
- presence of an in-house legal staff,
- product maturity,
- market share, and many others.
Companies who write small inexpensive applications like iPhone apps and PC utility programs often tolerate and sometimes embrace overuse as a way to increase market share and product awareness. Once the product is well established, these same vendors may later release a less-than-fully-featured version with a licensing technology, and enable the full-blown version with a license key.
Business applications like CRM, ERP, etc. are often licensed with integrated technology that counts users and controls where the software can deployed (locked to a hostid). But, many of these vendors have consultative relationships with their customers, so overuse is tolerated, but it is later measured via an agreed-upon auditing mechanism. Most recently, these same companies are beginning to deploy their applications as Software As A Service (“SaaS”) or cloud-based, hosting the software and controlling access via an authenticated user login process. Software licensing can still play a role here as a mechanism to encode license rights into tamper-proof keys.
For the truly trusting types, licensing can still merely play a compliance role for customers who prefer a self-policing model, ie. a kinder and gentler licensing model.
Making Use of Hacked Versions
Recently, “phone-home” systems have been developed by Reprise Software partners, VI Labs and Arxan. These vendors offer software hardening technology that can detect if a software product has been hacked. This technology has been adapted to report back the coordinates of the users of hacked software to the publisher, thereby helping them to uncover new potential revenue opportunities.
The take-away point is that by using electronic or embedded software licensing technology, software vendors can optimally address an undeniable truth – software overuse and piracy.