Developers of copy protection technologies often make huge efforts to
develop robust copy protection mechanisms. The problem is that a single
cracker can invalidate that entire effort by simply figuring out a way to defeat
the protection mechanism and publishing the results on the Internet. Publish-
ing such a crack not only means that the cracked program is now freely avail-
able online, but sometimes even that every program protected with the same
protection technology can now be easily duplicated.
As Chapter 11 demonstrates, cracking is a journey. Cracking complex pro-
tections can take a very long time. The interesting thing to realize is that if the
only outcome of that long fight was that it granted the cracker access to the
protected program, it really wouldn’t be a problem. Few crackers can deal
with the really complex protections schemes. The problem isn’t catastrophic as
long as most users still have to obtain the program through the legal channels.
The real problem starts when malicious crackers sell or distribute their work in
mass quantities.
Requirements
A copy protection mechanism is a delicate component that must be invisible to
legitimate users and cope with different software and hardware configura-
tions. The following are the most important design considerations for software
copy protection schemes.
Resistance to Attack It is virtually impossible to create a totally robust
copy protection scheme, but the levels of effort in this area vary greatly.
Some software vendors settle for simple protections that are easily crack-
able by professional crackers, but prevent the average users from ille-
gally using the product. Others invest in extremely robust protections.
This is usually the case in industries that greatly suffer from piracy, such
as the computer gaming industry. In these industries the name of the
game becomes: “Who can develop a protection that will take the longest
to crack”? That’s because as soon as the first person cracks the product,
the cracked copy becomes widely available.
End-User Transparency A protection technology must be as transpar-
ent to the legitimate end user as possible, because one doesn’t want
antipiracy features to annoy legitimate users.
Flexibility Software vendors frequently require flexible protections
that do more than just prevent users from illegally distributing a pro-
gram. For example, many software vendors employ some kind an online
distribution and licensing model that provides free downloads of a lim-
ited edition of the software program. The limited edition could either be
a fully functioning, time-limited version of the product, or it could just
be a limited version of the full software product with somewhat
restricted features.Piracy and Copy Protection 313