Written by David Tebbutt, MicroScope 08/84 item 02 - scanned

PROTECTION AND YOUR PROGRAM (column)

Software copying is so easy that many people are not even conscious that they are in fact stealing. In the last Reflections I looked at the various users of software and their likely motivations. This week I'll look at strategies for minimising software theft. In order to cover as much ground as possible within the allotted space, I will keep my remarks as brief as possible.

For a start it would help if the whole exercise was denuded of its glamour by dropping the headline grabbing term 'Piracy'. We tend to think of pirates with affection but in the main (no pun intended) they were a bunch of sadistic thieves.

Now we have our very own pressure group, the Federation against Software Theft (FAST) pledged to explain the legal remedies currently available and to help bring into being new laws relating to software theft. FAST has found a champion in the form of Nicholas Lyell, QC and MP for mid Bedfordshire. At the time of writing, he was about to introduce a Software Copyright Bill under the ten-minute rule. When we have new, clear laws in place, the mere threat of legal action should be enough to diminish software theft.

Regardless of the possibility of effective criminal laws, software producers still need to take individual responsibility for minimising their exposure to software theft. Let's look at the options:

First the dongle - this occupies a machine port while the program is running. Disadvantages of this method are that some dongles prevent the port being used for anything else and if several concurrent applications require different dongles, where the heck do you plug them in? The dongle can be a good way of preventing theft but, apart from the drawbacks already mentioned, it is both costly to produce and irritating to use.

Copy protected disks can work well if the supplier provides two and guarantees to replace damaged ones. The usual protest is that the user must be free to make security copies of his or her programs. Given the two copies, I can't see the problem. It is however an impractical approach for users of hard disks and for those who want to run concurrent applications from copy proofed disks.

Vault Corporation's Prolok method physically damages a disk and embeds encryption details in the remainder of the damaged track. Programs are encrypted according to this code but they may be copied by the user. Rather like a dongle, the master disk must always be present when the program is running and, like the dongle, it prevents concurrent use of more than one or two Proloked programs.

Lavish documentation and packaging were introduced in a bid to make counterfeiting difficult and to induce a desire to own a product. Unfortunately, business software users are busy people and the less documentation they have to wade through, the better they like it. It certainly makes counterfeiting an expensive business but does little to stop the casual thief.

Some software contains hidden serial numbers which can be traced back to the supplier. This helps deter copying without inconveniencing the user. Registration cards which offer special deals on future products but threaten no support unless returned to the producer can also help. Of course neither approach works for games software (which seems beyond the pale anyway). The card has the added advantage to the producer of linking the serial number directly to the end user not the supplier.

In addition to its stated role perhaps FAST would consider an advertising campaign to encourage users and dealers to 'shop' software thieves. Dealers can report unfair competition and the users being offered software at a knock-down price could be given a free copy in exchange for a testimony.

In special recognition of the schools problem, perhaps the governing authority (district or county) could be offered special deals for bulk purchase covering all schools in the authority. Or cut down versions of each program could be offered fully functional but only capable of handling a certain number of records for example.

A common pricing system for multi-user sites would avoid a lot of confusion. At the moment some suppliers turn a blind eye and sell one copy of a program, others sell the square root of the expected number of users and still others simply charge double for the software and ignore how many people use it. Perhaps FAST would like to come up with a recommended approach to this growing problem. I seem to have run out of space and I've not even mentioned price reduction as a strategy, or well publicised raids, or a series of public service advertisements telling thieves how naughty they are. Briefly, I reject the first, accept the second and think the third is ridiculous.