Saturday, July 5, 2008

The future of computer software and piracy

Over the years, I have seen software companies (nearly) cripple their software with DRM and other similar technologies. The companies spend just as much money on the anti-piracy technologies as they do on the software using it. After they release their software, 0-day exploits and work-arounds are found, over and over again, causing the software company to constantly spend more and more money, time, and resources on a piece of technology that was originally meant to do the exact opposite. Yet software companies continue to think that this kind of business model is working (while it does to some extent, I can't imagine it will become easier to use this model, even in the near future).

IMO, within the next 10-20 years, the creation and selling of software won't be worth the time and trouble of coming up with "newer and better" anti-piracy technologies. Creating the software will cost a tenth of implementing any anti-piracy technology. Even now, my personal belief is that (even if your software isn't open source, but freeware), you will make just as much money from contracts and support (through companies and home alike). It may require a pretty hefty EULA (I don't speak legalese, so I am not sure what kind of things you would include in something like that compared to current EULA's), but many anti-malware companies such as Lavasoft, Grisoft, and Avira are already seeing this as a very marketable stance on software, giving away free personal licenses for their software, but charging for support.

I think watching the software industry for the next decade will be very interesting, to see the new ways they face piracy, whether it is crippling their software even more, or freeing it up (it isn't stealing if it is free!).

Any thoughts on this? Is there something I am missing or I should look at more closely? I am more than open to ideas and thoughts on this.


  1. My thoughts have gone exactly in a different direction than yours. I figured that anti-piracy measures would come to sort of the same place that internet encryption has come. The encryption is very easy to implement and is for all practical purposes, bullet-proof. least according to my best knowledge. Someone correct me if I'm wrong.

  2. The comparison to internet encryption misses the mark. The difference here is that SSL (my interpretation of "internet encryption") protects data in transit from being intercepted by a third party. That does not apply here because the user is not a third party but the second party, one of the endpoints in the transmission. Before DRM-protected content can be used (played, executed, whatever), it must be decrypted. You can't give the user encrypted content without somehow also providing the key to decrypt it. This is the fundamental, fatal weakness of DRM.

  3. Aren't the anti-piracy modules developed and sold by specialized companies these days? Thus implementing the (useless, pain-in-the-butt, paying-customer-annoying) copy protection shouldn't eat much resources from developing the actual products.
    Anyway, I'd love to see the day publishers quit worrying about these things. Too bad piracy is really hurting areas where oss can't really compete, (graphics heavy, story-driven) games for example.

  4. I am currently in China where IP (intellectual propery) virtually does not exist and where software is considered a free (as in free beer) product. It's almost impossible in China to make money with software at all. The software industry is totally crippled and dominated by a few outsourcing companies, and web services like online gaming, qq, sina and baidu. I am still trying to find out what this means for local the sofware industry as a whole. I just posted a few thoughts here.

  5. As more and more of the world gets permanently online, with high speed connections that are constantly on, I think the future of the fight against software piracy is in software that "phones home" (to check a license key, or some such). Sure, there's ways to crack/bypass that, but it's very effective at keeping honest people honest, you will never be able to prevent the determinedly dishonest from being dishonest, and it's very easy to implement. In fact, it's what many MMORPGs already use (they don't care if you copy the software, what you pay for is the account).