Post Piracy damage control

You’ve spent months, possibly years working on what you think will be your virtual cash cow. Your software will take four hundred doohickeys and turn them into over fifty thousand thingamabobs without wasting a cpu cycle. In under ten seconds and affordably priced at a mere $49.95, you’re ready to make a killing on the internet selling your software. One day, while doing some web searches to find out how prolific your marketing efforts have been, you realize the brutal truth. Your software has been pirated.

It may just be some unlocking codes that are posted, or it could be a fully cracked program that’s ready to go. The typical responses include fear and anger. Who would do such a thing and why? The fact is that it doesn’t matter. The deed has been done, and you must act in order to minimize your losses. But first, you need to know what your options are.

A typical developer would do everything he can to track down the people who are responsible and make them pay. Let’s face it. If you’re developing software, you should be well aware that tracking someone down on the internet to file a lawsuit without the help of the FBI is going to be next to impossible. The RIAA had no trouble with Napster because they used centralized servers. With the advent of distributed file sharing networks like Kazaa, Gnutella spin offs, eDonkey and dozens of others, the RIAA doesn’t stand a chance at doing it in a cost effective manner, and neither do you.

If the pirates are hosting your files or codes on a website, it is often easy to shut them down by tracking down their ISP, sending a friendly email citing your software on the site in question, and asking to have the site shut down. Simple, but not very effective. It takes two or three days to get a new service provider. The pirates are back in business, you’re out a bunch of time and effort that could have been better spent. Worse yet, copying files is easy and pirated software can spread like wildfire. In five minutes your software can be on fifty sites instead of one.

Assuming you can get a contact email address, asking them to stop isn’t usually worth the effort. Someone who didn’t care that they are depriving you of your livelihood isn’t going to care that you might not get paid for every copy. After all, they are doing the world a favor by providing your software to people cheaper than you can. Many will cite the Free Software Foundation, various freeware utilities that are better, how much your software sucks, why you should be using the GPL licensing, and why your dog needs a tummy tuck. All that is assuming you get any response at all.

You do have some worthwhile options. First of all, before you release your software at all, make their lives difficult. Don’t use an off the shelf copy protection package. Almost every one of them has been cracked, and once one has been cracked, any other software using that system can also be cracked. Second, encrypt everything. The hard coded data, error messages, registration strings, etc. Everything you can encrypt in your files should be encrypted. Second, validate your data. Use checksums to ensure that none of your files have changed. If they have changed, your software has probably been hacked and should refuse to work properly. Third, change your copy protection for major version upgrades. This makes all of your future releases immune to previous cracks.

None of these procedures addresses what to do if you haven’t taken the necessary precautions prior to release. In truth, there is really only one thing you can do to protect your software after it has been released. Find out how it was cracked, fix the software so it can’t be done again, and release a new version. Many pirates will crack one version and move on, never to return because they have already won the challenge. If you’re lucky, they will not realize that things have changed since they last cracked it.

It’s important to note that it is not always in your best interest to track these people down, nor is it always in your best interest to make changes to your software to prevent it from being pirated.

Remember that there are three types of customers. Definitely buy, definitely not buy, and maybe buy. Your goal is to divert the ‘maybe’ group from using pirated versions. Give them reasons to buy it versus using a cracked version. Chances are, if they can’t find an up to date cracked version, they will grudgingly pull out their credit cards to get the latest and greatest because bigger version numbers correspond to better software.

How long will it take you to update your software? Bare minimum, it will be a day or so, and that assumes that it’s simply a leaked license key. That’s simple enough to ban inside the software. It certainly doesn’t help for all those copies that are floating around on Kazaa though. You didn’t really expect to track all those down as well did you? Chances are, you are going to want to be thorough