|
|
Piracy
Meet ANalias. He makes his living fighting software pirates in a high-stakes duel of wits and computer programming skills. Out there on the high seas of the Internet, a lot of very smart people are devoted to cracking software – stripping it of the mechanisms intended to prevent the making of unauthorized copies. ANalias’s job is to stay one step ahead of them, creating tamper-resistant systems to protect Microsoft’s investment in developing the software.
Obviously, ANalias’s parents didn’t name him ANalias, but he worries that if his real name were disclosed, he’d get nasty letters and phone calls from his adversaries. Some of them are just collectors who do it for the intellectual challenge. They post the programs they have cracked like trophies, and teach others how to do it. In past, Microsoft product groups designed their own security mechanisms. Now, these efforts are centered in the Cryptography Group at Microsoft Research, and ANalias is just one of the researchers working on the problem.
Then there are the real pirates, who crack software so they can make millions of copies to sell around the world. In 1998, the U.S. software industry lost over $2.9 billion in the U.S. and $11 billion in international sales from software theft. Microsoft says a significant number of U.S. software counterfeiting operations are controlled and financed at the highest levels by foreign crime syndicates tied to gunrunning, gambling, loan sharking and prostitution. ANalias does not think these people would bother to harm him, but he’d rather not chance it.
Microsoft protects its software from abuse by writing into the basic code protection mechanisms that, while the program is running, continually verify that it has not been tampered with. The program may “call” for the tamper protection mechanism every 40 clicks of the mouse, or every time a file is opened, and if the right response is not forthcoming, the program shuts down. The “call” is usually encrypted so that it cannot be detected or intercepted.
But given enough time to scour the operating code for the lines that operate the software’s defenses, a skilled cracker can always find them and remove or disable them no matter how carefully they are hidden and disguised. In the software piracy game, the attacker always has the advantage – he is invisible, he has as much time as he needs and he is often as skilled as the defender. The defender can watch how the cracker operates, learn from the way he exploits the code and close the holes he exposes, but because of the open nature of the personal computer it is next to impossible to design a piece of software that can never be cracked. The trick is to come up with new defenses that will be unfamiliar to crackers, to make cracking such a laborious, time consuming process that it takes weeks and weeks to find and disable every carefully hidden piece of code.
Content protection is especially critical in the case of games, which tend to have a very brief shelf life. “It’s important that people don’t crack them too quickly,” and post the cracked game on the Internet so people can download it for free instead of paying for it, ANalias says. Office productivity applications are generally a different story – people pay for legal copies because they want Microsoft to support them, and because they don’t want any trouble with the law.
So on and on the contest goes, and no matter how subtle ANalias makes his content protection mechanisms, he can be sure they will always be defeated. Often, he talks with his opponents via email and on Usenet bulletin boards, always using his alias. He says the rivalry is a friendly one. “There are no hostile intentions. Personally I view it as a good-natured sort of contest, although the general consensus in the industry is that pirates are bad and should be prosecuted. But I enjoy the challenge of reading how they crack software, and coming up with ways to defend against it.”
It keeps him busy. And as long as it goes on, he never has to worry about unemployment.
|
