You can make software piracy irrelevant

Software piracy is a problem. It has been an issue from the day one. As soon as people started selling software, others started copying it illegally. It’s funny, but we have built computers in a way that makes software easy to copy and easy to tamper with. Anyone can launch a debugger and observe how running program modifies memory. Anyone can launch a hex editor and modify a binary file using the knowledge gained from the debugger output. No matter what you do, to prevent people from copying software, you will fail. There is just no amount of money or time you can spend to make un-crackable DRM. At least not with the technology we have today, and will have tomorrow.

We have been trying to stop piracy for almost 30 years now. Millions of dollars were spent on copy protection software, hundreds of people made careers out of building DRM systems. And yet, we are not much better off today, than we were in the “don’t copy that floppy era”. In fact, we are worse off, because of the internet which has proven to be excellent at assisting people in distributing illicit, cracked copies of commercial software. Every time there is a hot new release, it always ends up on torrent sites within a few days. Attacking this problem with technology has failed consistently for years. The only glimmer of hope DRM proponents have is trusted computing which will bring hardware into the equation.

But trusted computing is still far off, and it won’t eradicate piracy. It will only make it a bit harder – for example, aspiring scene members may have to pick up some soldering skills. As long as there is a way to run custom made software on your computer, software piracy will continue to thrive.

Combating it with technology is a dead end, because piracy is a social problem, not a technological one. People pirate because the risks are minimal, and no one gets hurt.

Should we stop trying to sell software then? Is there no hope? Of course not. You just need to find an angle that makes piracy irrelevant. The most successful software makers found a way to sell software without actually having to worry that much about pirates. And I’m not talking about Microsoft here because they are in a league of their own. If you are as big as Microsoft and you have an effective monopoly racket going on you can just force people to buy your stuff by making backroom deals with computer manufacturers. For example, did you notice that is is usually cheaper to buy a Dell computer with Windows than without it? This is the kind of stuff you can do once you corner the market.

Short of becoming a monopolistic giant however, there are other things you can do. One of these things is to attach a subscription service to your software, and then sell that. How do Anti-virus companies make money? They charge you a monthly fee for the privilege of receiving timely updates. Without these updates your AV software becomes useless. You can technically pirate an AV suite but it would be pointless as their main value is in the continuous updates that modifies not only the virus definition list, but also tweaks the detection routines and the application itself.

MMO makers are playing a similar game. Do you think these guys worry about piracy? Of course not. You are not really paying them for the software, but for keeping your account open. And since your account restrictions are stored on their servers, you can’t really make them go away with a crack or a patch.

If you can find a way to sell a service of some sort, rather than the software itself, then you are set for life. You will never have to worry about pirates again.

Barring that, you can probably fare pretty well if you find yourself a good niche. You want to target your software at a group which is big enough to support your operation, but small enough to generate little or no interest in the scene circles. A good example here is the Army Builder. It is a tool that allows you to build and print army rosters for tabletop games such as Wahammer and Warhammer 40k. People keep asking me where to find a cracked copy of the newest version roughly once a month, and they are always baffled when I inform them that no such thing exists. At least not that I know of. It just haven’t been cracked.

Army Builder doesn’t even use a complex, advanced DRM. I believe that all they use are unique license keys combined with online activation. They also have a subscription service going on. When they update their software, they sometimes change the format for the army list files (most of which are community built). Anyone running older version may eventually be unable to use the most up-to-date army list files that are targeted at the most recent release. For obvious reasons, these format changes don’t happen often so their subscription is not as crucial as that of a AV suite or MMO.

Still, there is no crack. Why? Probably no one cared enough about their software to make the effort. Their copy protection is crackable, but no one with the skill to do it can be bothered. There are bigger fish to catch out there – brand name games, and popular applications that have much larger user base. Thus, Army Builder has remained un-cracked fro several years now. I don’t know how well they are doing financially, but they can’t be hurting. Every Warhammer player that I ever talked to knows about this tool, and has used it in the past (probably back when cracked version was available). Nowadays, they either have to shell out few bucks for a legal copy, go without this very useful, but not-essential tool, or use the outdated version and rely on community effort to back-port the new army lists to the old format. Chances are that their sales have picked up a bit because of this. With such a small customer base, this may mean a decent chunk of change going their way.

But what if you are a big company which releases blockbuster games, or sought after applications? What should you do then? Obviously, the niche approach won’t work for you. Cracking your products is actually meaningful and worthwhile endeavor so you can count yourself lucky if all your products are not zero-day releases.

Here is a crazy idea: ignore it. Yep, your solution to piracy is to fucking ignore the shit out of it. Implement some rudimentary level of protection that you think will prevent users “lending” their copy to friends and family, and then stop. Your software will be cracked no matter what you do. Every dollar you spend developing or licensing DRM is a dollar lost. I am deathly serious – instead of hiring someone to write DRM for you, hire an intern and have him feed $1 bills into a paper shredder all day for 4-5 months. The net result will be the same.

Army Builder folks invested in DRM and likely picked up sales because no one sans Warhammer players to lazy to write army rosters by had gives a flying fuck about their products. You on the other hand are a big target. There is an army of people out there who itch to make a reputation for themselves by being the first to circumvent the same copy protection you spent thousands of dollars developing. And they have a leg up on you. You know why?

You actually paid someone to write this shit. You had bunch of dudes, sit in their cubicles in some crappy office hacking away on this thing 8 hours a day. They probably hated every minute of it, and they were probably cutting corners to meet crazy short deadlines.

The folks cracking your software on the other hand, do it for fun. They run on pure passion, energy drinks and ingenuity. They will take turns pulling all-nighters if that’s what it takes to accomplish their goal. They will get so into it, that they will forget to eat or drink while they are disemboweling your software. They will take their laptop to the bathroom with them, so they can keep cracking while they take a shit! You just can’t buy that level of devotion, and personal investment in the project. These people live to crack your software. They can’t wait to do it.

So the best thing you can do is to cut your losses. If you don’t waste money on DRM, your bottom line goes up and your sales remain the same cause it would get cracked on release day anyway. Ignore piracy and it becomes irrelevant. Pirates are not your customers. They will likely never be your customers. If you could design a perfect, un-crackable DRM you could probably convert 5-10% of them to customers. And that is a very optimistic estimate. For Army Builder folks this might actually be a huge sales increase since they don’t have that many customers to begin with. For you, this is chump change. But this is a moot point because you won’t design perfect DRM. It’s impossible. If it was possible, someone would have don it by now.

The lost sales doctrine is bullshit and you know that. Ignoring the problem is hardly ever a solution – but in this case it is. It is a social problem, so the only way you can gain customers is to convince people that buying your software gives them more value than pirating it. How do you do that? I wrote about this before. Capitalize on as many of Kevin Kelly’s 8 generatives as possible (not surprisingly, subscription service is one of them). If you do that, you will offer people something more than they could get from a torrent site. Piracy will become irrelevant for you.

You just can’t sell software the way you sell cars or cupcakes – that’s really what all of this boils down to. If you want to make money on software, you need to figure out a way to take piracy out of the equation.

This entry was posted in Uncategorized. Bookmark the permalink.



18 Responses to You can make software piracy irrelevant

  1. Nathan UNITED STATES Mozilla Firefox Windows says:

    [quote post=”2868″]If you could design a perfect, un-crackable DRM you could probably convert 5-10% of them to customers. And that is a very optimistic estimate. For Army Builder folks this might actually be a huge sales increase since they don’t have that many customers to begin with. For you, this is chump change.[/quote]
    Your math and logic are both broken.

    You assert that Army Builder doesn’t see much piracy. Thus, if you convert 5-10% of the (small number of) pirates, that will equate to almost nothing–chump change, as you would say.

    However, take a commercial game. Let’s say your game sells for fifty bucks and it has 100,000 players. Stats on piracy are all over the place, but let’s say that 30% of those copies are pirated, for a total of 30,000 pirated copies. If you convert 10% of those to legitimate players, that’s 3,000 new players, which at fifty bucks each is $150,000–hardly chump change. If you can purchase a license for this hypothetical unbreakable copy protection for $25,000 and pay someone to integrate it for $10,000 then you still come out ahead to the tune of $115k.

    Obviously I pulled all these numbers out of my ass, but you can see where this is going–your assertion seems to contradict the point of your post.

    Reply  |  Quote
  2. Luke Maciak UNITED STATES Mozilla Firefox Ubuntu Linux Terminalist says:

    @Nathan: No, no. It goes like this:

    You could convert 5-10% of pirates into customers IF AND ONLY IF your DRM was uncrackable.

    Army Builder used to have a lot of piracy. Most of it’s user base was composed of pirates. Then they released the new version with stronger protection, and it has not been cracked as of yet. Hence, some of the prates who relied on their tool before might have felt compelled to buy the software after they figured out a crack is probably not going to be released anything soon. So, Army Builder might have picked up sales.

    Since they probably don’t have that many customers to begin with, every sale counts.

    Now let’s take major game retailer. The point is moot here, because they won’t release a game with un-crackable DRM. There is just to much interest in cracking it. They will NEVER, EVER get that 5-10%. The people who would normally buy the game, will buy it. The people who would normally pirate, will just wait for the crack. So they will spend the money for nothing.

    Not to mention the number of people they will lose to piracy due to restrictive DRM scheme that will lock them out of their game. If someone needs to download a crack to play a game they just bought, they probably won’t buy another one from you.

    I guess my point was that a small, niche company can try to play the DRM game and benefit from it just because there is no one to really sit down and crack it’s software. Big company has no such luxury – they will always lose.

    Reply  |  Quote
  3. Nathan UNITED STATES Mozilla Firefox Windows says:

    I certainly agree with your main point–beyond a certain basic level (to prevent casual piracy), DRM is difficult to justify.

    However, I still think your reasoning is flawed. Let’s say that in the example I give above, the company uses an extremely draconian but still crackable piracy system that gets 2% of the pirates to buy a legal copy. They’ve about broken even (they actually made $1000, but as you say the lost revenue from the people they pissed off will probably come out to about that, if not more).

    I’m just saying that financial arguments can easily be turned against you. Let’s say I used the numbers from World of Goo and set the piracy rate to 90%. How quickly would DRM pay for itself? Pretty darn quickly, it seems to me. Let’s not kid ourselves: companies look at the bottom line, and if DRM was really that harmful to their revenue, they probably wouldn’t do it.

    Reply  |  Quote
  4. Mart SINGAPORE Mozilla Firefox Windows Terminalist says:

    Hah! Yet another piracy rant! How interesting that it seems to be around the same time as TPB’s trial is ending! :D

    Even MMOs are pirated. There are a number of private servers around for popular ones. It’s actually quite easy to run a private WoW server. I’ve tried it before, and it’s actually quite fun to play it as a single player game, with the occasional busybody younger brother wanting to join me. (Ok I’m digressing.. :P ) However, a private server does not guarantee continuity and a sense of attachment to your characters that MMOs bring to the player. Thus, only the truly hardcore-emotionless gamer will play MMOs off private servers.

    As for Army Builder, I’m guessing that it was cracked at one point, but no one bothered to seed. Googling for its torrent, there seemed to be a few, but with no seeders. Like you said, the niche genre really helped.

    Ignoring the piracy issue seemed to be in line with what Stardock is doing. Sure, you could download a copy of GalCiv 2 or Sins, but to get any updates or join in the community forums, a serial key is needed. Pirates effectively get ignored. And with a DRM-free line of game products, they’re successful enough to open a second studio and hire more people. Which seems to be the opposite of what other big name publishers are going through.

    Oh, and I love this analogy of yours: DRM == interns shredding money.

    Now that all this rant about piracy is, more or less, done, can the next rant be about why purchasing digital media online is still being segregated by geography? I can’t seem to make sense of this. I want to be able to watch Hulu!

    Reply  |  Quote
  5. Luke Maciak UNITED STATES Mozilla Firefox Ubuntu Linux Terminalist says:

    @Nathan: Yeah, but how do you get that 2% if the cracked copy is on every torrent site, and every P2P network? My whole argument was that you MAY gain sales IF there is no crack available. If there is a crack, you WON’T see any increase in sales.

    But let’s assume that you can potentially get 2% increase in sales using DRM while a cracked copy is distributed via p2p. How? I don’t know – maybe because it is limiting “casual piracy” – stuff like me giving the game CD to my brother so he can install it and play it at the same time as me.

    I would argue that you could probably accomplish this with a good-old CD-check. Anyone smart enough to burn a CD and download a no-CD crack is probably smart enough to torrent the whole game anyway.

    That’s what in one of the next paragraphs I said – implement the basic level of protection you feel will prevent “casual piracy” and then fuck it. You don’t need secu-rom or 6 step online activation process. IMHO, CD check will do the job just fine.

    I offer no proof beyond simple logic: anyone determined to get the game for free, will get it off a torrent or via other p2p method. Anyone who consciously chooses not to pirate, will buy it. The only people you can hope to “catch” with your DRM are the folks who want the game for free but don’t know how to download a torrent, or apply a crack. That’s your 2% – or whatever the number really is.

    Honestly, I totally pulled the 5-10% out of my ass. I can’t really support it one way or the other. As far as I know the real number might be as small as 0.1% or as big as 20%. Or it might be 2% like you say.

    One more thing: you mentioned World of Goo. I think their case actually supports my argument. If I remember correctly, they said that DRM was irrelevant to their bottom line. They compared the numbers of their game with another product that did contain DRM and they both had just about the same customer-to-pirate ratios. Their conclusion was that despite the shocking ratio, they wouldn’t really benefit from adding DRM to their game.

    Reply  |  Quote
  6. Square UNITED STATES Mozilla Firefox Linux says:

    As I see it, there is somewhat of a chain that occurs will all of these sorts of pirating.

    1. People who are going to purchase will purchase the item.
    2.Some of those customers release pirated copies if possible.
    3. Pirates download pirated copies or go without.

    There is no step where a company loses money, ever. The company may think they are losing money, but the truth of the matter is that those pirates were never going to give money to the company anyhow. Not a chance. I think you touched on this quite a bit with the notion that they MAY gain a small, negligable percentage increase.

    I fully agree with persuading companies to see the light and not try to go full out with DRM, which is just spitting in the face of the customers from step one (see above). You have touched on this in the past as well. Then again…

    4. ???
    5. Profit.

    …this continuation must be somewhere in the company’s mind.

    Reply  |  Quote
  7. Luke Maciak UNITED STATES Mozilla Firefox Windows Terminalist says:

    @Square: Exactly!

    Btw, I really think the Video Game company execs really believe that this time – THIS TIME, their DRM will be un-crackable. It probably has something to do with how their internal teams or 3rd party DRM companies pitch their products to them.

    Reply  |  Quote
  8. Morghan UNITED STATES Epiphany Linux says:

    And whatever happened to things like the “spawned copies” of games like diablo. Let me install it on a friend’s computer, and they need to connect to me for a multiplayer game in order to use it. Most of my frustration is being able to install the game on both of the computers on my network, but not being able to play a multi-player game with my wife. I know I played a Diablo spawn before I ever even though about buying it. And as far as Piracy goes, I think it can be a good thing, at least in my case. I don’t have the cash supply to buy every game that comes out I might be interested in, and I learned long ago that people who review games don’t usually share my opinions on them, so if I can play a game for free by downloading it I can get a good fel for which ones are worth waht money I can spare from my budget for entertainment. Not only that, but I also figure out if I can get it working on wine, which is one of my major requirements for buying a game. I don’t have Windows on my computer and even my wife’s box has recently had it’s XP partition shrunk to a tiny little corner of her hard drive for the rare occasion where she really does need to use MS Office or that horrible IE only web site her school has. Really, out of the several dozen games I’ve taken the time to download, 8 of them are sitting in my bookshelf as retail copies, two are still on my buy list, and the rest either didn’t work with wine or were such horribly over-hyped games I would’ve been ranting on every review site I could finsd about how horrible they were if I had bought them without knowing what I was getting myself in to.

    Reply  |  Quote
  9. Mart SINGAPORE Mozilla Firefox Windows Terminalist says:

    How interesting that your rant against piracy seems to be around the same time as TPB’s trial is ending! :D

    Even MMOs are pirated. There are a number of private servers around for popular ones. It’s actually quite easy to run a private WoW server. I’ve tried it before, and it’s actually quite funny to play it as a single player game, with the occasional busybody younger brother wanting to join me. However, a private server does not guarantee continuity and a sense of attachment to your characters that MMOs bring to the player. Thus, only the truly hardcore-emotionless gamer will play MMOs off private servers.

    As for Army Builder, I’m guessing that it was cracked at one point, but no on bothered to seed. Googling for its torrent, there seemed to be a few, but with no seeders. Like you said, the niche genre really helped.

    Ignoring the piracy issue seemed to be in line with what Stardock is doing. Sure, you could download a copy of GalCiv 2 or Sins, but to get any updates or join in the community forums, a serial key is needed. Pirates effectively get ignored. And with a DRM-free line of game products, they’re successful enough to open a second studio and hire more people. Which seems to be the opposite of what other big name publishers are going through.

    Oh, and I love this analogy of yours: DRM == interns shredding money.

    Reply  |  Quote
  10. Luke Maciak UNITED STATES Mozilla Firefox Windows Terminalist says:

    @Mart: Actually, it’s completely unrelated. I knew the trial was going on, but I didn’t know it was wrapping up.

    Anyways, I hope the TPB guys win and get cleared of all the charges. I’m rooting for them all the way. :)

    As for Army Builder, the torrents you saw were for the old release. The 2.x version was widely pirated, and readily available via torrents. The newest version is 3.1c and it introduced many changes – including the new file format. As far as I can tell it has not been cracked yet.

    I know about the private WoW servers – there are actually even public-private servers out there – here is some page that ranks them. Still, if you want the genuine WoW experience you need to pay Blizzard.

    Reply  |  Quote
  11. Luke Maciak UNITED STATES Mozilla Firefox Windows Terminalist says:

    @Morghan: Yeah, all the games that did LAN based multiplayer used to have spawned copies thing. What happened to it? I guess they figured out that no one ever wants to do multiplayer this way and everyone just plays online.

    Reply  |  Quote
  12. Mart SINGAPORE Mozilla Firefox Windows Terminalist says:

    @Luke Maciak: Yup, MMOs is about the experience, not the fact that you have to pay to play, or login to some server. Thus, MMOs bring more value to a player if you pay to play it on official channels, rather than play it on private servers.

    Somehow, EA boss John Riccitiello doesn’t seem to get that. Monthly charges == DRM? :P

    “There are different ways to do DRM; the most successful is what WoW does. They just charge you by the month,” he said. “We’re going to see an evolution of these things. I wish we didn’t live in a world where we had to do these types of things. I want it to be seamless and easy – but I also don’t want to have a bonfire of money.”

    @Square: My attempts to convince my friends to buy a game can attest to your first 3 points. :D

    Reply  |  Quote
  13. Luke Maciak UNITED STATES Mozilla Firefox Windows Terminalist says:

    @Mart: No, you misunderstood him. He is just saying he would love to release single player games that require monthly subscription. You know – they would be like MMO’s but without any of the expenses related to running an MMO – like bandwidth, server upkeep, in world moderation and etc… :P

    Reply  |  Quote
  14. Mart SINGAPORE Mozilla Firefox Windows Terminalist says:

    @Luke Maciak: LOL..

    Eh but wait, haven’t single player games already started to move in that direction? What with all these micro-transactions and all. How long before we have to pay for extra weapons in FPSes, extra cars in racing games, extra teams in sports games, extra quests in RPGs? If I’m not wrong, the first and second are already happening. Lucky me, there’s still kick-ass indie titles out there. And GOG.com.

    Reply  |  Quote
  15. Luke Maciak UNITED STATES Mozilla Firefox Windows Terminalist says:

    @Mart: LOL, you are right. Fortunately all these things are just optional extras, and they are mostly targeted at the console market. The industry can’t stand the fact that there is a big second hand sale, and rental market there and they don’t see a penny from it.

    It’s actually quite ironic – they keep dumbing down PC games so they make good console ports. Then they try to move console games to a PC like model where you can’t do rentals or re-sell the game. It’s not surprising they got that whole racket with bonus weapons, quests and cars going. Now they are porting that to the PC.

    It seems that they are trying to find some convergence point at which games will have all the worst features from both world, and none of the good ones. :P

    Reply  |  Quote
  16. Pingback: DRM: The Programmers View « Terminally Incoherent UNITED STATES WordPress

  17. Chemaqua UNITED STATES Google Chrome Windows says:

    I whole-heartedly agree with you. Until a relatively cheap method is found to make DRM completely bulletproof, there’s no point in spending millions on anti-piracy software.

    Reply  |  Quote
  18. Pi SWITZERLAND Mozilla Firefox Windows says:

    GROUPAMA (a large French insurer) was caught in a $200m PIRACY case where it used “bank secrecy” to ask Police not to investigate its computers

    The fun part of the story is that the (Paris) General Prosecuter found no infraction in this (illegal) agreement!

    See the whole story on:

    http://remoteanything.com/archives/groupama.pdf

    Reply  |  Quote

Leave a Reply

Your email address will not be published. Required fields are marked *