Blu-Ray AND HD-DVD broken

This blog http://www.boingboing.net/2007/02/13/bluray_and_hddvd_bro.html provides a really good review of the AACS hack. It illustrates a common weakness with previous copy protection mechanisms in handling of encryption keys. There needs to be an active software protection component that deters memory scraping. Without this, a class break attack is possible. Of course nothing is fool proof in these scenarios, but you can make the reverse engineering process much more difficult and harder to reproduce on a per title basis.

Henry

eBay Software Piracy Case

SIIA reported that on February 6th, Gad Zamir, 64, was arrested for software piracy. Zamir had been selling copies of Microsoft SQL Server Enterprise for $7,750 (the program retails for $25,000) and copies of Adobe Photoshop Creative Suite 2 for less than $300 (the program retails for $500) on eBay and various websites.  It is believed that Zamir earned about $750,000 since 2000.

This shows that its not only the popular desktop software is at risk for piracy, but business applications as well. It’s also another indication that businesses (the only ones interested in SQL Server enterprises) would purchase pirated software.

Methods to Reduce Game Piracy

Good discussion on methods to reduce Game piracy on Gameproducer.NET (http://www.gameproducer.net/2007/02/13/7-ways-to-prevent-piracy/#comment-54812).  There are some familiar points being raised for preventing piracy and applying software protection. For example, one reader said those that pirate software would not otherwise buy it or if was really good then they would buy it. I heard this same argument for high value software. Although you can't completely stop piracy you can make it difficult and that is important for recovering revenue. It may be that the person who initially cracked the game would never buy a legit copy, but the thousand who access the cracked version over P2P may. People in general will follow the path of least resistance and if it’s easier to download an illegal version versus pulling out a credit card and going through a tedious purchase process then that is an issue.

On Software Piracy

Michele Balistreri's “On software piracy” blog (http://briksoftware.com/blog/?p=15 ) discussed whether protection technology can be effective in combating piracy among other things. I do agree certain low dollar software titles, especially in the desktop space may not benefit from anti-piracy technology, but I believe it’s a must for high dollar products. Also, I disagree with idea that once someone circumvents software protection technology everyone can. This may have been true for licensing systems because the cracking teams were able to publish valid license key generators effective for all titles a specific vendor published –a “class break”. But protection technology can be implemented in such a way where a crack on one title could be used in another. In other words, the cracker would have to reverse engineer the protection scheme for each software title they wanted to enable piracy for.

Difference Between License management and Software protection

Matt Christiano’s blog (http://matt-on-software-licensing.blogspot.com/) has good article talking about the history of license management. In the discussion some points are made on the difference between license management and software protection technology. I think license management cannot be blamed completely on the overt pirating that has plaque certain segments of the ISV market. Because the cracking threat is based on sophisticated reverse engineering techniques, it requires a high degree of software protection specialization to deliver effective solution. License management system vendors like Reprise have their hands full on adding more flexibility for managing license use within legit customer environments.