With over 20 years in this business, we have lost track of how many times someone has come to us to say, “I have an amazing software product and I want to make sure it can’t be hacked or copied… EVER!“
Throughout the industry we’re known for our amazing customer support and, as an extension of our reputation, we believe we are obligated to candidly respond to such declarations with these 5 blatant truths:
- An explosion of tools and technology has made it easier than ever for people to cheat software licenses and bypass copy-protection mechanisms. Let’s be real. All software copy-protection techniques can be circumvented — it’s simply a matter of how badly the hacker wants it, and the scope of resources he has available to get it done. This applies to all software-based licensing systems and hardware-based licensing systems (for example, hardware keys or dongles) that execute code on customer-owned equipment. Don’t let anyone tell you otherwise!
- As long as you understand that using a licensing or copy-protection system only helps you “keep honest people honest” and doesn’t build an impenetrable fortress around your software, you won’t be particularly shell-shocked when you discover it was “hacked.”
- The people who go to great lengths to circumvent copy-protection are generally not people who would purchase the software anyway. A determined hacker is unlikely ever going to “throw in the towel” and purchase your software. If they do, they will probably just use a stolen credit card to buy your software online — limiting your losses to time and money in credit card chargeback processing and fees.
- The most secure method of protecting software is keeping it hidden from the user. For example, you could create a Software as a Service (SaaS) version of your application that is accessed through a browser. Or, you could keep a proprietary algorithm (aka “secret sauce”) online and let your software access this algorithm over the Internet. In this case, all algorithms that drive your application are kept secret on your web servers. Your software never runs in an untrusted environment, such as customer-owned equipment.
- Despite truths 1-4 above, using a fully automated licensing system can still provide a valuable barrier of protection. Now, don’t let us catch you paying a premium for a system, expecting that your hard-earned money is buying you bulletproof protection. That’s a whole other way that you are getting hacked!
What We Know
In an anonymous and admittedly unscientific poll that we recently initiated through our newsletter, over 50% of the respondents admitted to “bending” software licenses. That likely means that roughly half the readers of this post have probably done it, too. What we do know for certain is that a gentle reminder to customers quite often prompts a legitimate purchase, thereby increasing revenues.
You don’t want your software stacked on a table next to potato chips and candy bars alongside a padlocked box bearing a “Pay Here” sign. Yet, a bank vault behind six feet of concrete and steel — and guarded by armed security — is overkill. Now, doesn’t a vending machine sound right for your security needs and budget?
Imagine seeing your software as you peer through the glass pane of a vending machine. Sure, someone can break the glass, shake the machine, or finagle their arms up through the delivery chute if they’re so inclined, but there is enough of a barrier to thwart temptation for most. When this degree of protection is applied to software piracy, it allows the interaction between the software provider and the end-user to remain automated, safe, and unencumbered. Remember, as technology evolves, better reinforcements can be made to the vending machine (code design), further mitigating potential theft through machine-shaking, glass-smashing, and the use of rubbery arms.
You want to find the solution that strikes the balance of easy implementation and the right amount of licensing control, flexibility and cost-effectiveness for your specific needs. SoftwareKey System customers enjoy tremendous value because our automated licensing system doesn’t require them to spend too much time or resources to achieve their goals. They get exactly what they need, including some peace of mind.
Related blog post: Why Software Licensing is a Smart Move
The Big Companies Must Know How to Do This Right. Right?
If the human mind can engineer a copy-protection mechanism, then a human mind can also reverse-engineer the same system, given enough time and effort. The largest technology companies invest vast amounts on anti-piracy measures but have yet to totally eliminate it. It’s shocking but true that a simple Google search will turn up information on big-name product key structures and free versions of all of their software products as well.
Consider the progression of protection mechanisms used to protect commercial DVDs and Blu-ray discs, a huge industry which finds itself still vulnerable to hacking. Hackers quickly broke the encryption used to copy-protect DVDs; in response, the Blu-ray consortium engaged senior engineers to come up with a new encryption standard for the Blu-ray disc format. Even though this newer encryption algorithm is much more sophisticated, all a hacker needed to do was compromise one “master key” — and now there are dozens of software tools available to break the encryption of Blu-ray discs!
We recently ran across a really good Ars Technica article entitled, “Can software be protected from piracy?” that drives the above point home. Here are a few notable quotes from the article:
“Code is data. When the code is runnable, a copy of that data is unprotected code. Unprotected code can be copied.” — Tim Williscroft
“Ultimately the big problem [with running software in an untrusted environment such as on customer-owned equipment] is that most software involves handing both the lock and the key to the potential attacker and hoping they don’t figure out how to put them together.”
Some Fun Good News
There are a myriad of risks and consequences associated with downloading pirated copies of software, but that’s a subject for another day — and another blog post! Modified cracked copies can function as a Trojan and that’s just the start of the ensuing misery. The FBI has even issued a consumer alert warning regarding embedded malware within pirated software.
Before you leave this page hating on hackers the world over, chew on this alternative perspective: This interesting TED talk offers a look through the lens of one leading cybersecurity expert’s appreciation for hackers and the “good” that some of them actually contribute.